Support for semver ranges? #95
Comments
|
Agreed. pnpm v7 was released just yesterday and I'd hoped to use corepack moving forward instead of manually installing it for all of our workflows. This is probably done so along the lines of "pin your dependencies," but doesn't meet all needs. |
|
Would this need to perform a network request every time you do |
Good question. I think some sort of "check every X time window" would be acceptable. Similar to https://github.com/ohmyzsh/ohmyzsh/blob/d41ca84af1271e8bfbe26f581cebe3b86521d0db/oh-my-zsh.sh#L59-L62 |
|
It looks like this was originally possible, and was removed in #18. |
|
This seems kind of odd to restrict matching on exact version when one can provide any dist-tag instead (which can be moved around at will). Reverting the restriction would help my use case: use corepack to test or try something on a package manager where only the major version matters. I have sinking feeling my use case is out of scope... |
|
@boneskull The restriction only applies to the |
|
that wasn't working as of a couple hours ago. |
|
wrapping |
|
@boneskull are you using an old version of Corepack maybe? For me, running |
|
@aduh95 I wonder if the env var was the problem. Seems to work now, thanks. |
|
Totally agree. The exact version of the package manager prevents me from working on different projects. I don't think most projects need an exact package manager. corepack should introduce the semver strategy likes dependencies management do. |
|
I always want to use the latest version of my package manager. The exception usually is on a new major release, when I first have to run a few validations. With the current restrictions to only exact versions, I have to make a change every time I want to update the version of the package manger. Worst case, this needs to be done through a PR and I need to bother a co-worker with a review. |
|
@mrgrain Couldn't you use a dist tag? e.g., |
I don't think dist tags are supported either? If they are, that would certainly be better than nothing. However the problem with dist tags is a) it's usually b) since a dist tag points to a specific version, we still impose an upgrade to the user. |
|
Hi! I'm curious whether a decision has been reached to add the functionality back for supporting semver ranges? |
|
This would be great to implement this before calling it stable. |
|
I'm still not convinced this is a good idea:
You can already use |
|
What i would like the default behavior to be given version of Node.js 22, is that corepack is enabled by default and |
These are vary valid concerns and I understand that we should encourage explicit versions as the best practice. However I believe that many projects do not currently see this as a major concern, otherwise we would see a lot of very specific engines declaration. The other use case is really around validation. If corepack already has a version of pnpm installed that satisfies the constraint |
…#528) [`react-rails` now supports other package managers](reactjs/react-rails#1306) using `package_json`, meaning it now defaults to `npm` if a package manager is not explicitly set in `package.json`, causing a stray `package-lock.json` to be created. I've specified an exact version because currently `corepack` requires that ([ranges are not yet supported](nodejs/corepack#95)) but we're not actually expecting anyone to be using `corepack` and we're definitely not using it in production (not explicitly at least...) so in theory this shouldn't cause problems and it means `package.json` conforms to the JSON schema - it'll also help to flush out any potential problems early before(/if) `corepack` becomes more mainstream.
|
+1 |
Remove the packageManager field from the package.json due to nodejs/corepack#95
|
Every well known package manager supported by the experimental packageManager field uses semver (and most large opensource projects in general). From that perspective where semver is usually expected, it's common sense that it should be possible to restrict to a major version. If the maintainers of a package manager introduce a breaking change for an existing major version by accident and it breaks our installations, so be it, if someone is that worried about that there should simply be a way of specifying an exact version. |
Yeah, this is common practice literally everywhere. If you care about getting exact versions, you specify the exact version. If you do not, you specify a range. I don't really understand how you can make a field that looks like it's a semver specifier, in a file full of semver specifiers, and then not actually make it semver. Like, wut? |
## PR Checklist - [x] Addresses an existing open issue: fixes #1513 - [x] That issue was marked as [`status: accepting prs`](https://github.com/JoshuaKGoldberg/create-typescript-app/issues?q=is%3Aopen+is%3Aissue+label%3A%22status%3A+accepting+prs%22) - [x] Steps in [CONTRIBUTING.md](https://github.com/JoshuaKGoldberg/create-typescript-app/blob/main/.github/CONTRIBUTING.md) were taken ## Overview Right now, trying to use `create-typescript-app` with anything but the _exact correct pnpm major.minor.patch version_ installed produces an error. That's very annoying. Pending nodejs/corepack#95, removes usage of the [experimental `package.json` `packageManager` field](https://nodejs.org/api/packages.html#packagemanager).
|
+1 |
|
What is the current best practice for this? Remove the entry in the package.json? |
You can run |
I'd like to write a
package.jsonlike:{ "packageJson": "pnpm@6" }Or maybe
pnpm@^6.32.2, etc.As it stands, adding a package manager to
package.jsonrequires a full specified version. This adds more maintenance overhead.I think this is related to #93.
The text was updated successfully, but these errors were encountered: