wayfair / one-version Goto Github PK
View Code? Open in Web Editor NEWImplementation of Google’s One Version Rule for JS monorepos
Home Page: https://www.npmjs.com/package/@wayfair/one-version
License: MIT License
Implementation of Google’s One Version Rule for JS monorepos
Home Page: https://www.npmjs.com/package/@wayfair/one-version
License: MIT License
The current behavior with --packageManager yarn
defaults to using yarn --silent workspaces info
which no longer exists/works with yarn berry (2.0 +). This breaks when adopting the one-version rule in yarn berry monorepos.
Introduce a berry
packageManager option, that uses yarn workspaces list --json
to determine the workspaces in the repo!
Have the default behavior of --packageManager yarn
assume yarn berry only and not yarn v1, but this seems overly restrictive if teams want to adopt this package in yarn v1 monorepos.
No response
Add an .npmignore
or files
config to remove extraneous files from the published package
To have the published package be as small as possible
We have a growing monorepo and are opting for a versioning strategy of pinning all workspace dependencies to exact versions. This makes it clear exactly what version of a dependency a package is using and also during upgrades what the new version is without needing to consult the lockfile or use package manager commands (yarn why
). We would like to enforce this versioning strategy in CI and it seems like it might be a good fit/complement to the one version verification.
One note is that it is generally better to opt for ranges with libraries but we are not publishing libraries from this monorepo and are using the one version rule to keep versions consistent between apps and libraries.
I think the version strategy could be configured in the one-version.config.json
config file. Also open to suggestions on format here:
{
"versionStrategy": "exact" // or "range", etc
}
In the case you need to opt out of the version strategy in extenuating circumstances, we can allow overrides:
{
"versionStrategy": {
"type": "exact",
"overrides": ["react"] // Allow React to be a range
}
}
While we could allow per-package overrides I think this conflicts with the goal of the one version rule in general (keeping versioning consistent across all packages in the monorepo).
The version strategy would then be validated during the one version check (one-version check
). For the exact
version strategy we would error on the baz
dependency in the following package:
{
"name": "foo",
"dependencies": {
"bar": "1.2.3",
"baz": "^1"
}
}
We've presently implemented this validation as a standalone script run as a separate step in CI, but thought it might make a good addition here.
No response
Before moving an existing application into a monorepo there's no automated way to check if the dependencies in the application will align with the existing dependency versions in the monorepo or if they'll cause the one-version check to fail.
Add a -f --file
option to the one-version check
command where we can pass an arbitrary (local) file path to check for one-version compatibility.
For example:
yarn one-version check -f /path/to/my/other/repo/package.json
This would allow us to preview the output as if we had already moved the new package.json
into the monorepo.
Manually move a package.json
into the monorepo and run yarn one-version check
to see which versions do not match.
No response
The release process is currently manual and triggered by creating a GH release tag, which kicks off an action to publish the npm package. Before this occurs, someone must update the version in package.json and update the changelog.
Automate as much of process as we can, including potentially:
[Unreleased]
section of changelog into a new section that matches the updated versionUpdating all the manifest's in a monorepo is really time consuming and annoying, we should make it faster
Add a set
/update
option to the one version rule script that will update all the pjson's (and lockfile if necessary) in the repo
When update
is selected, require any number of --dep
and --version
flags, i.e.
pnpm run one-version update --dep react --version ^16
pnpm run one-version update --dep react --version ^18 --dep react-dom --version ^18
I initially thought we should have a fix
command, but I think it would be difficult to determine what needs changing to "fix" something (i.e. if someone introduced an upgraded dependency, is the fix to downgrade it to match the rest of the repo, or to upgrade the rest of the repo?).
An update
/set
command could serve both purposes, since it would allow for easy mass-upgrades and "fixing" of single issues as well.
We could also make the script interactive, and prompt users for dependencies and versions 🤔
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
eslint
, jest
, markdownlint-cli
, yarn
)These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.
.github/workflows/pr-checks.yml
actions/checkout v3
actions/setup-node v3
actions/checkout v3
actions/setup-node v3
actions/checkout v3
actions/setup-node v3
actions/checkout v3
actions/setup-node v3
.github/workflows/release.yml
actions/checkout v3
actions/setup-node v3
JS-DevTools/npm-publish v2
.github/workflows/renovate_linting.yml
actions/checkout v3
suzuki-shunsuke/github-action-renovate-config-validator v0.1.3
.github/workflows/stale.yml
actions/stale v8
package.json
chalk ^4
commander ^10
eslint ^8.34.0
jest ^29.4.3
markdownlint-cli ^0.33.0
prettier ^2.8.4
node ^16 || ^18 || ^20
yarn 3.4.1
Node 14 is end-of-life, and 16 will become end of life in Sept 2023.
Upgrade node in engines config & ci to latest version allowed by all dependencies. Ensure all tests pass in CI.
Future contributors know how to make a new release (and publish to NPM) when necessary
Add a section to the Contributing guidelines for how the release workflow works
The rule currently only evaluates version specifiers across a workspace. This is sufficient for yarn
workspaces, but is not for pnpm
, as described here.
pnpm
workspaces do not have a flat lockfile, so the following is possible:
apps/workspace-a:
specifiers:
'@wayfair/ui': ^8
dependencies:
'@wayfair/ui': 8.0.0_66b146768d72279e63e637aae37792af
apps/workspace-b:
specifiers:
'@wayfair/ui': ^8
dependencies:
'@wayfair/ui': 8.0.1_b88fe22cf250f8fb4b578ded3c75a78e
The rule currently passes in the above scenario.
The check should fail in the above scenario, by checking the lockfile as well as the manifest specifiers.
👋 This repository is not currently configured for Renovate. This issue proposes the steps necessary to add Renovate to this project!
💡 Not familiar with Renovate, or are confused about what advantages it holds over GitHub's Dependabot? Learn more here!
renovate[bot]
account has already auto-filed a Configure Renovate
PR against this repository, feel free to reference the proposed changes in your own Pull Request. If you are contributing to this project as a Hacktoberfest participant, you must file your own PR in order to get credit for your contribution!.github/workflows/lint.yml
). See here for an example..github/dependabot.yml
file. See here for an example.renovate[bot]
account has already auto-filed a Configure Renovate
PR in this repository, I confirm that I will create a separate PR under my own GitHub account, using the initial PR as inspiration.Add a packageManager
field to the one-version.config.json
configuration.
Merge this configuration option with the -p
, --packageManager
flag passed directly to the command. Determine & document which should take precedence.
Make it easier for folks to configure the package manager in a single place, instead of passing it as an option to every command.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.