Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wrong dependency version for picomatch #196

Closed
anilanar opened this issue Feb 15, 2020 · 6 comments
Closed

Wrong dependency version for picomatch #196

anilanar opened this issue Feb 15, 2020 · 6 comments

Comments

@anilanar
Copy link

anilanar commented Feb 15, 2020
edited

micromatch has a dependency of picomatch@^2.0.5.

Using the below code snippet with various matching picomatch versions:

const micromatch = require('micromatch');

console.log('Has parts?', micromatch.scan('*.js', { parts: true }).parts !== undefined);

Results:

// picomatch@2.0.5
false

// picomatch@2.0.6
false

// ...everything in between...
false

// picomatch@2.2.0
true

So, shouldn't the dependency be picomatch@^2.2.0?

Regression downstream:

mrmlnc/fast-glob#253

Or is parts a private API of micromatch?
@jonschlinkert
Copy link
Member

Only create one issue, on one repository.

@anilanar
Copy link
Author

And which repository do you think is a better fit for this?

@jonschlinkert
Copy link
Member

And which repository do you think is a better fit for this?

I'm really not sure, but it seems like fast-glob is a good start, since the breakage is happening there. We all collaborate often, and I'd be happy to help debug.

FWIW, when you create the same issue on multiple repositories (specifically, before figuring out exactly what the issue is), you end up creating a scenario where no one knows who is tackling the issue or spending there time debugging, and no one wants to duplicate efforts.

@anilanar
Copy link
Author

anilanar commented Feb 15, 2020
edited

I understand your initial reaction, creating issues in multiple repos probably isn't very helpful in most circumstances. However, I think I've done my homework good and every repo is aware of what might be going wrong and who is responsible for it.

I've come here from graphql-code-generator -> globby -> fast-glob -> micromatch -> picomatch, debugging every layer and interaction between deps with multiple versions, finally nailed down the exact problem. You see, the problem doesn't occur with every version combination. It's basically about luck how yarn/npm hoists dependencies which depends on a lot of factors such as the state of package-lock or yarn-lock before adding a dependency that causes the error.

Reported to each repo with the source of regression; so that users/library maintainers using any of them don't spend as much time as I did.

Just glad that micromatch and fast-glob can sort this out very soon.

@jonschlinkert
Copy link
Member

Reported to each repo with the source of regression; so that users/library maintainers using any of them don't spend as much time as I did.

Fair enough, that makes sense, and given the amount of time and attention you've given this, it seems I was hasty in my assumptions. I appreciate it, thank you.

@mrmlnc mrmlnc mentioned this issue Feb 16, 2020
Merged
@anilanar anilanar mentioned this issue Feb 16, 2020
Closed
@danez
Copy link
Member

danez commented Apr 9, 2021

Release in 4.0.3

@danez danez closed this as completed Apr 9, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@danez @jonschlinkert @anilanar