quaertym / ember-cli-dependency-checker Goto Github PK
View Code? Open in Web Editor NEWEmber CLI addon for checking missing node and bower dependencies before running ember commands
License: MIT License
Ember CLI addon for checking missing node and bower dependencies before running ember commands
License: MIT License
The addon `ember-cli-pagination` requires the npm package `ember-cli` to be above 1.13.0, but you have 2.2.0-beta.1.
Error: The addon `ember-cli-pagination` requires the npm package `ember-cli` to be above 1.13.0, but you have 2.2.0-beta.1.
at DependencyVersionChecker.assertAbove (/Users/dsaenzt/Projects/js_image_client2/node_modules/ember-cli-pagination/node_modules/ember-cli-version-checker/index.js:81:18)
at Class.module.exports.init (/Users/dsaenzt/Projects/js_image_client2/node_modules/ember-cli-pagination/index.js:10:37)
at new Class (/Users/dsaenzt/Projects/js_image_client2/node_modules/ember-cli/node_modules/core-object/core-object.js:18:12)
at /Users/dsaenzt/Projects/js_image_client2/node_modules/ember-cli/lib/models/addons-factory.js:48:19
at visit (/Users/dsaenzt/Projects/js_image_client2/node_modules/ember-cli/lib/utilities/DAG.js:23:3)
at DAG.topsort (/Users/dsaenzt/Projects/js_image_client2/node_modules/ember-cli/lib/utilities/DAG.js:82:7)
at AddonsFactory.initializeAddons (/Users/dsaenzt/Projects/js_image_client2/node_modules/ember-cli/lib/models/addons-factory.js:44:9)
at Project.initializeAddons (/Users/dsaenzt/Projects/js_image_client2/node_modules/ember-cli/lib/models/project.js:376:36)
at Project.eachAddonCommand (/Users/dsaenzt/Projects/js_image_client2/node_modules/ember-cli/lib/models/project.js:427:10)
at module.exports (/Users/dsaenzt/Projects/js_image_client2/node_modules/ember-cli/lib/cli/lookup-command.js:33:13)
When I run any ember
command I get a long list of missing packages:
Missing npm-shrinkwrap packages:
Package: extend
Required by: mtv-cast-receiver / fsevents
* Specified: https://registry.npmjs.org/extend/-/extend-3.0.0.tgz
* Installed: 3.0.0
โฆ
Apparently, a bunch of the packages use the package download url as the version
in npm-shrinkwrap.json
, eg.:
"extend": {
"version": "https://registry.npmjs.org/extend/-/extend-3.0.0.tgz",
"integrity": "sha1-WkdDU7nzNT3dgXbf03uRyDpG8dQ=",
"dev": true,
"optional": true
},
As far as I can tell, it is allowed within the design of package locks, and needs to be handled here.
I suspect the solution would be to also do a check against the "_resolved"
field in the installed package.json
?
https://bower.io/blog/2017/how-to-migrate-away-from-bower/
ember-cli-dependency-checker attempts to validate these packages as npm packages. If they're bower-only packages it will fail due to the missing or incomplete package.json.
๐ Hey there! I wanted to open an issue to discuss adding peerDependencies
support to ember-cli-dependency-checker
.
I've gone around a few times with folks like @ef4 and @Turbo87 about the best way for addons to specify their dependencies. It seems peerDependencies
is semantically often what we want, but it's currently not really used or enforced by existing tooling.
If ember-cli-dependency-checker
failed builds if a peer dependency were missing, it would encourage addon authors to start using them more, and might make everyone's lives a little easier.
What do you think? Has there been priori discussion around this? I'm just learning about these issues, but often get recommended to consider using peerDependencies
even though it's not currently enforced anywhere. If this addon supported it, I think myself and others would be more incentivized to use it.
When pulling a bower dependancy from a git url like: git://github.com/amk221/my-thing.git _#master_
the dependancy is determined to be 'not installed' (therefore builds fail).
It works without the #tag
I'm basically proposing adding a ember fix-dependencies
command that does essentially the following:
rimraf('node_modules/<package-name>');
rimraf('bower_components/<package-name>');
npm install
bower install
This is essentially what we all have to do manually right now after seeing we have the wrong deps, it would be nice if the error that prints out today by the dep checker could include a reference to the command that would "fix" things...
My .bowerrc
:
{
"directory": "/bower_components"
}
I think broccoli will find these fine, because it looks in .bowerrc
for the bower directory. However, this package reports "Missing bower packages"
Not a all required, if you are interested ember-cli org now exists now and as this repo provides core functionality you are welcome to transition it to that org.
I will be sure you continue to maintain existing commits + ownership.
If at this point in time you would prefer not to, this is fine. But if in the future you no-longer want to maintain this project, I will then gladly welcome it on the org.
A try catch here would allow us to include which package failed.
The existing error message is as follows:
Invalid Version: *
TypeError: Invalid Version: *
at new SemVer (/Users/offirgolan/Documents/Projects/Ember-Components/ember-cp-validations/node_modules/ember-cli-dependency-checker/node_modules/semver/semver.js:295:11)
at Range.test (/Users/offirgolan/Documents/Projects/Ember-Components/ember-cp-validations/node_modules/ember-cli-dependency-checker/node_modules/semver/semver.js:1049:15)
at Function.satisfies (/Users/offirgolan/Documents/Projects/Ember-Components/ember-cp-validations/node_modules/ember-cli-dependency-checker/node_modules/semver/semver.js:1098:16)
at Function.VersionChecker.satisfies (/Users/offirgolan/Documents/Projects/Ember-Components/ember-cp-validations/node_modules/ember-cli-dependency-checker/lib/version-checker.js:31:17)
at Package.updateRequired (/Users/offirgolan/Documents/Projects/Ember-Components/ember-cp-validations/node_modules/ember-cli-dependency-checker/lib/package.js:21:26)
at Package.init (/Users/offirgolan/Documents/Projects/Ember-Components/ember-cp-validations/node_modules/ember-cli-dependency-checker/lib/package.js:15:27)
at new Package (/Users/offirgolan/Documents/Projects/Ember-Components/ember-cp-validations/node_modules/ember-cli-dependency-checker/lib/package.js:4:13)
at EmberCLIDependencyChecker.<anonymous> (/Users/offirgolan/Documents/Projects/Ember-Components/ember-cp-validations/node_modules/ember-cli-dependency-checker/lib/dependency-checker.js:122:12)
at Array.map (native)
at EmberCLIDependencyChecker.readDependencies (/Users/offirgolan/Documents/Projects/Ember-Components/ember-cp-validations/node_modules/ember-cli-dependency-checker/lib/dependency-checker.js:118:36)
Proposed error message:
Package: <Package Name> - <Reason>
Path: <Path>
# ... rest of stack trace
my incredibly version pedantic feedback.
DependencyError
isDependencyError
5b694d1 (please verify this is what you meant)Object.create(Error.prototype)
https://github.com/quaertym/ember-cli-dependency-checker/blob/v0.0.5/index.js#L151 5ab831cfunction isUnsatisfied(pkg) { ... }
6f6cfebbower link
or npm link
to different versions?project
instead project is also passed in as an argument. This goes to all instance methods, that also consume project. It is then unclear to me, if the project passed in can differ from the one passed to the constructor. And if that is the case, why bother with a stateful object at all? a436140It's possible (and not uncommon) to install packages using bower that don't have a bower.json. For example, Sinon.js doesn't provide a Bower package, so you install it using an HTTP URL:
"sinon": "http://sinonjs.org/releases/sinon-1.10.0.js",
This is reported as "(not installed)" by this module and prevents ember-cli from starting. The only workaround that I can see is to remove this module.
It would be good to be able to specify a "whitelist" of packages that should be ignored.
After having linked a local module for development, and forgetting I had done so, I was left with this unhelpful message:
~/Code/project (develop *)$ ember dependency-lint
Invalid Version: *
TypeError: Invalid Version: *
at new SemVer (/Users/pcm/Code/web-directory/node_modules/ember-cli-dependency-checker/node_modules/semver/semver.js:295:11)
at Range.test (/Users/pcm/Code/web-directory/node_modules/ember-cli-dependency-checker/node_modules/semver/semver.js:1049:15)
at Function.satisfies (/Users/pcm/Code/web-directory/node_modules/ember-cli-dependency-checker/node_modules/semver/semver.js:1098:16)
at Function.VersionChecker.satisfies (/Users/pcm/Code/web-directory/node_modules/ember-cli-dependency-checker/lib/version-checker.js:31:17)
at Package.updateRequired (/Users/pcm/Code/web-directory/node_modules/ember-cli-dependency-checker/lib/package.js:21:26)
at Package.init (/Users/pcm/Code/web-directory/node_modules/ember-cli-dependency-checker/lib/package.js:15:27)
at new Package (/Users/pcm/Code/web-directory/node_modules/ember-cli-dependency-checker/lib/package.js:4:13)
at EmberCLIDependencyChecker.<anonymous> (/Users/pcm/Code/web-directory/node_modules/ember-cli-dependency-checker/lib/dependency-checker.js:133:12)
at Array.map (native)
at EmberCLIDependencyChecker.readDependencies (/Users/pcm/Code/web-directory/node_modules/ember-cli-dependency-checker/lib/dependency-checker.js:129:36)
By following that stacktrace though to here I just threw in this:
try {
return new Package(name, versionSpecified, versionInstalled, path);
} catch (e) {
console.error('Error mapping package', name, versionSpecified, versionInstalled, path);
throw(e);
}
Which gave me a much more helpful
Error mapping package SimpleWebRTC ~2.2.0 * bower_components/SimpleWebRTC
If you'd be amenable to this change, or even just a helpful console log if versionSpecified or versionInstalled is '*'
I'll open a PR.
I haven't dug in yet, but we should definitely start researching exactly how to leverage yarn.lock
for dependency validation.
I'm not sure if this is new or related to #50, but...
My shrinkwrap file includes fsevents with "optional": true
and so naturally npm doesn't install it on linux where it's not supported. But when running ember exam, I get:
Missing npm-shrinkwrap packages:
Package: fsevents
Required by: pagerduty
* Specified: 1.1.1
* Installed: (not installed)
Run `rm -rf node_modules/ && npm install` to install missing dependencies.
The optional
attribute was just added to npm shrinkwrap around the end of last year, so I wouldn't be surprised if it's not supported here yet, but it probably should be?
Temporary workaround might be just removing that bit from the npm shrinkwrap file for now.
The addon currently displays "Missing npm packages" and "Run npm install
to install missing dependencies" (same with Bower). However, the error might be a bit misleading because sometimes, the packages are installed; they're just not the right version.
Also, I realize this is a bit subjective, but it'd be nice to minimize the colors used in the error message (replace green with white?):
Version 1.2.0 is causing the following error
DEPRECATION: Overriding init without calling this._super is deprecated. Please call
this._super.init && this._super.init.apply(this, arguments);
addon:ember-cli-dependency-checker
Commit 6c05a33 fixes this. Can we get a new release out?
Hi, it doesn't work correctly with Yarn workspaces... Here is the issues: yarnpkg/yarn#4503 (same as yarnpkg/yarn#4081). All other apps works fine, they search for node_modules
in root dir instead of current dir if they don't find it, but Ember just search it in current dir...
This addon has been extremely helpful to all ember-cli users for quite some time. Since this is somewhat fundamental to newly generated ember-cli applications, I'd like to reduce bus factor and get a few of the ember-cli core team members added to npm
for releasing updates and fixes.
The following would be a great start:
npm owner add stefanpenner ember-cli-dependency-checker
npm owner add rwjblue ember-cli-dependency-checker
npm owner add turbo87 ember-cli-dependency-checker
/cc @quaertym
I just installed Block UI via bower. There version it specifies in its bower.json
is 2.70
without a patch version. This causes the cli to tell me:
Invalid Version: 2.70
TypeError: Invalid Version: 2.70
at new SemVer (/Users/will.henry/Desktop/unikitty/core/smallbiz/node_modules/ember-cli-dependency-checker/node_modules/semver/semver.js:295:11)
If I manually change it to 2.70.0
all is well. But I don't want to do that. How do I ignore this check for blockUI
? The "whitelist" issue only checked if a dependency didn't have a bower.json
?
Sometimes a dependency is removed from bower.json
or package.json
and it stays installed on the developer machine. This addon can warn developer when that happens. In this case, developer can run prune
command or manifest that dependency.
Could this be done, possibly, by altering line 90 of dependency-checker.js as follows?
var dependencies = this.project.dependencies(undefined,process.env.NODE_ENV==='production');
people may be having issues with optional deps not being installed, but validated...
I just upgraded to Ember 1.10 beta by adding "ember": "~1.10.0"
to bower.json
. I ran bower install
, and everything installed. But the dependency checker fails when I try to start ember-cli:
$ ember s
version: 0.1.4
Missing bower packages:
Package: ember
* Specified: ~1.10.0
* Installed: 1.10.0-beta.3
Please recognize packages that are correctly installed and meet the requested dependencies.
(tested on ember-cli-dependency-checker version 0.0.6 and 0.0.7)
I love the way this package works inside of ember cli. I would really like to have similar functionality in another non-ember application (a simple node.js server project). I've only quickly scanned the code here, but it seems like it wouldn't be too hard to split this into two separate npm packages. One being a generic package that does the version checking in an ember agnostic way and the second still being called ember-cli-dependency-checker which would consume the first. I envision the first package returning some sort of json structure that describes what packages are missing and/or need updating.
Do you think this could be done without too much pain and suffering? If you had the time and interest to create such a package, I may be willing to trade you for my left kidney. If not, I would be willing to attempt using your code to create such a package (assuming you think it's do-able and I have your blessing). However, I do have a looming deadline at the moment so it would be a few weeks before I could look into it.
given:
and
symlink node_modules/broccoli-merge-trees @ 1.x
node_modules/foo/node_modules/bar which depends on broccoli-merge-trees @ 0.2.x
the symlink does not correctly put the dep checker into warn only mode for that version mismatch.
Not trivial I realize, but tests seem fairly important to make sure we deal with the edge cases.
As you can specify a node and npm version in the engines
part of the package.json
, can this addon be use to warn if an incompatible version is being used?
"engines": {
"node": "5.0.0",
"npm": "3.3.12"
},
If a dependency has a version of "*" then the dependency checker throws an exception, and doesn't indicate where the dependency is coming from.
Invalid Version: *
TypeError: Invalid Version: *
at new SemVer (terminal/node_modules/ember-cli-dependency-checker/node_modules/semver/semver.js:273:11)
at Range.test (terminal/node_modules/ember-cli-dependency-checker/node_modules/semver/semver.js:998:15)
at Function.satisfies (terminal/node_modules/ember-cli-dependency-checker/node_modules/semver/semver.js:1047:16)
at Package.updateRequired (terminal/node_modules/ember-cli-dependency-checker/lib/package.js:35:18)
at new Package (terminal/node_modules/ember-cli-dependency-checker/lib/package.js:7:27)
at EmberCLIDependencyChecker.<anonymous> (terminal/node_modules/ember-cli-dependency-checker/lib/dependency-checker.js:85:12)
at Array.map (native)
at EmberCLIDependencyChecker.readBowerDependencies (terminal/node_modules/ember-cli-dependency-checker/lib/dependency-checker.js:82:36)
at EmberCLIDependencyChecker.checkDependencies (terminal/node_modules/ember-cli-dependency-checker/lib/dependency-checker.js:28:24)
at new EmberCLIDependencyChecker (terminal/node_modules/ember-cli-dependency-checker/lib/dependency-checker.js:19:8)
I have a dependency which I would like to track master branch on github:
"devDependencies": { ...
"ember-cli-smenu": "shaunc/ember-smenu"
}
When I try to install another addon, I can't because dependency check fails.
Perhaps in this and similar cases, you could ignore (or warn) on check?
Alternatively (or in addition), in .ember-cli
or in own config package, there could be a list of dependencies to skip.
overall the dependency checking is extremely valuable, except when developing a module via npm link
.
Using SKIP_DEPENDENCY_CHECKER=true
in this scenario is actually an anti-pattern, as it is insufficiently granular.
Let me propose instead, npm link
'ed modules that do not satisfy the version contraints by default merely warn.
note: https://github.com/quaertym/ember-cli-dependency-checker/blob/master/lib/dependency-checker.js#L31
cc @rwjblue
This addon should not be checking dependencies for commands that aren't test
serve
or build
. By doing so it breaks many commands that still valid, and likely even what the user needs at that moment in time, such as ember install
or ember update
.
One of the things I'm doing with ember-cli-toolbelts
is enabling easier dependency maintenance, but this addon conflicts with that.
Part of ember-cli PnP meta issue (ember-cli/ember-cli#8164).
We need to update this code (and any other that uses resolve.sync
):
We can do either of the following:
useProcessResolution
to the resolve.sync
call.this.project.resolveSync
(and assume that ember-cli will address as part of ember-cli/ember-cli#8164).I would suggest swapping to this.project.resolveSync
since it works for older ember-cli versions and allows us to move forward immediately...
Hey, could you please release so the following goes out #31 ? we would like to include this in the next release of ember-cli which will be out today (hopefully)
Erroring out on missing dependencies is useful, erroring out on incorrect dependencies is a PITA. Often a dependency is mismatched because a new version is being trialed, and often it's a more recent version than the one in package.json. Warning would be much more useful.
My package.json contains this line: "ember-cli-sass": "^3.0.3",
. Trying to run ember build
results in this message:
Missing npm packages:
Package: ember-cli-sass
* Specified: ^3.0.3
* Installed: 3.1.0-beta
Run `npm install` to install missing dependencies.
According to the node-semver documentation about prereleases, version 3.1.0-beta
does in fact satisfy the specifier ^3.0.3
. Pretty sure it is right, because npm install
installed version 3.1.0-beta
. Please either follow the specifier rules used by the package managers or change the error message to explain why you don't follow them and how to fix the problem. The error message says to run npm install
, and that is just flat out wrong.
I've run into a problem that I suspect is related to ember-cli-dependency-checker
:
adopted-ember-addons/ember-electron#355 (comment)
Basically we are installing a package via the npm install <tarball file>
syntax (to work around a caching problem and a symlink problem), but the dependency checker seems to get confused about this and think the wrong package is installed:
Missing npm packages:
Package: ember-electron
* Specified: file:../../tmp-2580rXGPRrApjWO8/ember-electron-cachebust.tgz
* Installed: file:C:/Users/appveyor/AppData/Local/Temp/1/tmp-2580rXGPRrApjWO8/ember-electron-cachebust.tgz
Run `npm install` to install missing dependencies.
Does make sense to ember-cli-dependency-checker
warns when node_modules
or bower_components
are not present?
For instance running some ember-cli command in a project without node_modules
will throw Error: Cannot find module 'ember-cli/lib/broccoli/ember-app'
. I think we could show a better message like: No dependencies installed. Run
npm installand
bower install to install missing dependencies
.
This is related to ember-cli/ember-cli#3961, but I think this kind of check belongs here.
Thoughts?
//cc @stefanpenner @quaertym
Thanks for this addon. I've been needing something like this for a while now. Any chance an option be added to error out of the command if missing dependencies are detected?
The application shouldn't work anyway so I think this would be reasonable.
It would be nice to not have the error message for missing dependencies say to use npm install
when you're using yarn in that project. Developers who are not familiar with what's going on will just trust the error message instead of realizing that they should actually have run yarn install
.
included
is only called when building.
Checking for package deps on addon init will ensure that for non build related commands you still get checking.
Might need to be a 0.1.0 to signify that there are relatively large changes (I'm thinking of the shrinkwrap work), but either way I'd love to have a new version to start testing/playing with.
Ultimately, this is a bug in ember-cli, but I would prefer to not check for errors twice when running ember build
.
As discussed in this issue, it seems that the deployment steps described in the README are confusing and won't work well. I'd suggest just advising to always delete the node_versions directory.
I have dev dependencies such as http-proxy, express in package.json. I can use "npm install --production" to install all production dependencies, but I can't deploy using ember deploy b/c the dependency checker will flag those missing dependencies.
If possible, this addon should ignore the ember install
command (as well as install:npm
and install:bower
) since that command is used to update dependencies.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.