Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG]: Published package still require @octokit/core@5, which breaks peer dependency #622

Closed
1 task done
siketyan opened this issue Jul 1, 2024 · 10 comments · Fixed by #623
Closed
1 task done
Labels
released Type: Bug Something isn't working as documented

Comments

@siketyan
Copy link

siketyan commented Jul 1, 2024

What happened?

Though

"@octokit/core": ">=6"
specifies @octokit/core@>=6 as peer dependency, the published package still require @octokit/core@5. This breaks peer dependency on our environment.

 ERR_PNPM_PEER_DEP_ISSUES  Unmet peer dependencies

.
├ @octokit/rest 21.0.0
├─┬ @octokit/plugin-paginate-rest 11.3.1
│ └── ✕ unmet peer @octokit/core@5: found 6.1.2 in @octokit/rest
└─┬ @octokit/plugin-rest-endpoint-methods 13.2.2
  └── ✕ unmet peer @octokit/core@^5: found 6.1.2 in @octokit/rest
❯ pnpm show @octokit/[email protected]

@octokit/[email protected] | MIT | deps: 1 | versions: 109
Octokit plugin to paginate REST API endpoint responses
https://github.com/octokit/plugin-paginate-rest.js#readme

keywords: github, api, sdk, toolkit

dist
.tarball: https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-11.3.1.tgz
.shasum: fe92d04b49f134165d6fbb716e765c2f313ad364
.integrity: sha512-ryqobs26cLtM1kQxqeZui4v8FeznirUsksiA+RYemMPJ7Micju0WSkv50dBksTuZks9O5cg4wp+t8fZ/cLY56g==
.unpackedSize: 203.5 kB

(omit)
❯ curl -sL https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-11.3.1.tgz | tar -xf -
❯ cat package/package.json | jq '.peerDependencies'
{
  "@octokit/core": "5"
}

Versions

Node.js v20.15.0
pnpm v9.4.0

@octokit/core 6.1.2
@octokit/rest 21.0.0
@octokit/plugin-paginate-rest 11.3.1

Relevant log output

No response

Code of Conduct

  • I agree to follow this project's Code of Conduct
@siketyan siketyan added Status: Triage This is being looked at and prioritized Type: Bug Something isn't working as documented labels Jul 1, 2024
Copy link
Contributor

github-actions bot commented Jul 1, 2024

👋 Hi! Thank you for this contribution! Just to let you know, our GitHub SDK team does a round of issue and PR reviews twice a week, every Monday and Friday! We have a process in place for prioritizing and responding to your input. Because you are a part of this community please feel free to comment, add to, or pick up any issues/PRs that are labeled with Status: Up for grabs. You & others like you are the reason all of this works! So thank you & happy coding! 🚀

@github-project-automation github-project-automation bot moved this to 🆕 Triage in 🧰 Octokit Active Jul 1, 2024
@wolfy1339
Copy link
Member

Please don't use 11.3.1

It's a special back port release for CJS users, which is not published to the main npm tag

The proper release to use is 11.3.0

@viceice
Copy link

viceice commented Jul 1, 2024

@wolfy1339 that didn't solve anything. the package managers will resolve it to version v11.3.1 (at least pnpm)

@kfcampbell kfcampbell moved this from 🆕 Triage to 🔥 Backlog in 🧰 Octokit Active Jul 1, 2024
@kfcampbell kfcampbell removed the Status: Triage This is being looked at and prioritized label Jul 1, 2024
wolfy1339 added a commit that referenced this issue Jul 1, 2024
There are no changes in this release
Fixes #622
@github-project-automation github-project-automation bot moved this from 🔥 Backlog to ✅ Done in 🧰 Octokit Active Jul 1, 2024
@wolfy1339
Copy link
Member

You can force your package manager to use whichever version you want. In the end you can manually edit your lockfile and package.json to suit your needs.

I triggered a new release that should fix the issue

Copy link
Contributor

github-actions bot commented Jul 1, 2024

🎉 This issue has been resolved in version 11.3.3 🎉

The release is available on:

Your semantic-release bot 📦🚀

@siketyan
Copy link
Author

siketyan commented Jul 2, 2024

Thank you for quick response and the new release!

Writing overrides in package.json resolved the problem for now:

{
  "pnpm": {
    "overrides": {
      "@octokit/plugin-paginate-rest": "11.3.0",
      "@octokit/plugin-rest-endpoint-methods": "13.2.1"
    }
  }
}

The new release also works.
A new release for plugin-rest-endpoint-methods would also be helpful.

@wolfy1339
Copy link
Member

fyi, @viceice it's probable best not to have semantic-release in your dependencies, but rather use a tool like npx

It avoids all issues like this and any compability issues that arise when you use different Octokit versions that what semantic-release usees

@viceice
Copy link

viceice commented Jul 4, 2024

fyi, @viceice it's probable best not to have semantic-release in your dependencies, but rather use a tool like npx

It avoids all issues like this and any compability issues that arise when you use different Octokit versions that what semantic-release usees

That would make things more complicated, because we need a lot plugins, which are not installed by default.

@wolfy1339
Copy link
Member

We install plugins as devDependencies but not the core semantic-release packages here in Octokit

@gr2m
Copy link
Contributor

gr2m commented Jul 10, 2024

That would make things more complicated, because we need a lot plugins, which are not installed by default.

I install plugins as needed as part of the release workflow. I wish there was something like releaseDependencies

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
released Type: Bug Something isn't working as documented
Projects
Archived in project
Development

Successfully merging a pull request may close this issue.

5 participants