Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependency Issue: Installation via npm fails #2123

Open
pano9000 opened this issue Dec 7, 2022 · 10 comments · May be fixed by #2131 or #2400
Open

Dependency Issue: Installation via npm fails #2123

pano9000 opened this issue Dec 7, 2022 · 10 comments · May be fixed by #2131 or #2400
Labels
🐛 bug maintenance

Comments

@pano9000
Copy link
Contributor

pano9000 commented Dec 7, 2022

Describe the bug
Trying to run npm install with from current main/master fails due to some dependency issues

Examples

npm install

npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR!
npm ERR! While resolving: rollup-plugin-babel@4.4.0
npm ERR! Found: rollup@0.47.6
npm ERR! node_modules/rollup
npm ERR!   dev rollup@"^0.47.0" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer rollup@">=0.60.0 <3" from rollup-plugin-babel@4.4.0
npm ERR! node_modules/rollup-plugin-babel
npm ERR!   dev rollup-plugin-babel@"^4.0.1" from the root project
npm ERR! 
npm ERR! Conflicting peer dependency: rollup@2.79.1
npm ERR! node_modules/rollup
npm ERR!   peer rollup@">=0.60.0 <3" from rollup-plugin-babel@4.4.0
npm ERR!   node_modules/rollup-plugin-babel
npm ERR!     dev rollup-plugin-babel@"^4.0.1" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.

Additional context
Validator.js version: main/master
Node.js version: 16
OS platform: windows
@WikiRik
Copy link
Member

WikiRik commented Dec 7, 2022

Yeah, the dependencies could use some updating. I think the easiest way to solve this one however is to update the following line to get rollup@^0.60.0;

validator.js/package.json

Line 52 in 531dc7f

"rollup": "^0.47.0",

According to semver this can cause some breaking changes, but we'll probably notice those along the way. There is a PR to update rollup (among other things), but it hasn't really been worked on over the last months; #1869

@pano9000
Copy link
Contributor Author

pano9000 commented Dec 7, 2022

thanks for the reply, updating the version to 0.60.0 does make it install now, (but shows a few "high" severity issues, related to some other outdated packages - but as you said, that would need some major updates).

bit off topic:
the more time I spend on validator.js the more I get a feeling like this poject is kind of semi-abandoned, even though there seems to be quite big interesst and also contributions to it :-( a bit of a shame really...

@pano9000 pano9000 mentioned this issue Dec 8, 2022
Closed
@pano9000 pano9000 linked a pull request Dec 19, 2022 that will close this issue
Open
1 task
@pano9000 pano9000 mentioned this issue Jan 23, 2023
Closed
@pixelbucket-dev pixelbucket-dev mentioned this issue Feb 5, 2023
Draft
3 tasks
@pixelbucket-dev
Copy link
Contributor

What about just removing the rollup devDependency and just let rollup-plugin-babel deal with the dependency chain? It should know best what it needs.

@WikiRik
Copy link
Member

WikiRik commented Feb 5, 2023

That will install v2 of rollup which does not support Node 6 and does not work with our current config (v0.48 had some breaking changes I believe so that's why we are using v0.47 still). So we'll have to do a bit more than that either way.

I think that we can start with a PR to upgrade rollup to v0.60 and then continue from there. Considering that we might start migrating parts of the codebase to TypeScript soon (see #1271) I think we'll overhaul the build tooling not too far from now and that will also fix this issue

@WikiRik WikiRik mentioned this issue Sep 20, 2023
Closed
@profnandaa
Copy link
Member

@WikiRik -- that's correct, there will be some more work to be done to stablize our npm install. In the meantime, I will just work with --legacy-peer-deps option.

@rubiin
Copy link
Member

rubiin commented May 9, 2024

@profnandaa we can switch from npm to perhaps yarn or pnpm. I prefer to use pnpm and its almost compatible with npm (most commands are alike), so the transition will be seemless

@profnandaa
Copy link
Member

What's the upsides of using pnpm or yarn over npm? I'm also thinking we can now retire Node 6 and 8?

@rubiin
Copy link
Member

rubiin commented May 9, 2024

Pnpm is “performant” version of npm, hence the name pnpm.
I think this should list everything good about it. https://refine.dev/blog/pnpm-vs-npm-and-yarn/#migrating-from-npmyarn-to-pnpm

@WikiRik
Copy link
Member

WikiRik commented May 9, 2024

I would retire anything under Node 18 for the next major release since those are not supported anymore. If people want we can still support Node 1 but that version already has been unsupported for over 6 months.
See https://nodejs.org/en/about/previous-releases

@rubiin
Copy link
Member

rubiin commented May 9, 2024
edited
Loading

Yeah that is what I was thinking . Supporting anything below 18 is just not worth it as they are all EOL and every platform(vercel , netlify to name a few) has already dropped them in favor of LTS and current.
This would also mean not requiring things like babel or polyfills for backward compatibility as 18+ supports most JS features

@rubiin rubiin linked a pull request May 10, 2024 that will close this issue
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐛 bug maintenance
Projects
None yet
Milestone
No milestone
5 participants
@profnandaa @rubiin @pixelbucket-dev @WikiRik @pano9000