flex icon indicating copy to clipboard operation
flex copied to clipboard
verified publisher icon symfony

Don't update package.json or controllers.json if vendor not updated

Open jmsche opened this issue 3 years ago • 1 comments

Hi,

Currently Flex seems to keep changing the values we set manually in package.json or controllers.json to the ones provided by the vendors we install (eg. https://github.com/symfony/ux/pull/394).

Maybe this package.json/controllers.json update behaviour should only happen if the given vendor has just been installed/updated, and not all the time?

jmsche avatar Jul 14 '22 06:07 jmsche

yes, flex is basically rolling back my manual changes every time any composer install/update command completes. this doesn't happen with any other receipe, which is confusing:

image

bendavies avatar Sep 01 '22 08:09 bendavies

this is quite annoying

I have "@hotwired/turbo": "^7.2.2" and each composer update (e.g. resolving conflict after merge) flex is downgrading it to "@hotwired/turbo": "^7.1.0"

oleg-andreyev avatar Nov 01 '22 20:11 oleg-andreyev

Btw, a pragmatic, and perhaps easier-to-implement, solution would be this: only update the user's version in package.json if the version in the package is HIGHER than the one in package.json.

So, for example, suppose the user has "tom-select": "^2.0.2" and Flex wants to update this to ^2.0.1. In this case, do NOT do the update. However, if Flex wants to update to ^2.1.0, then YES do the update.

The composer/semver package (which is already available inside Flex) should have some tools to compare these... though I'm not sure the exact method/class to use.

weaverryan avatar Nov 28 '22 15:11 weaverryan

Be careful. composer/semver parses Composer constraints. npm constraints are not exactly the same syntax (for instance, https://github.com/symfony/webpack-encore/releases/tag/v4.1.1 was caused by such a mistake, where the dev used a syntax supported in Composer but not in npm).

stof avatar Nov 28 '22 15:11 stof

Good point, but it's probably "close enough". And if we're wrong because the user has some fancier syntax, making the "wrong" decision is not a huge deal. In other words, we might do the wrong thing in some edge cases vs doing the wrong thing in ALL cases like right now :)

weaverryan avatar Dec 01 '22 15:12 weaverryan

Btw, a pragmatic, and perhaps easier-to-implement, solution would be this: only update the user's version in package.json if the version in the package is HIGHER than the one in package.json.

So, for example, suppose the user has "tom-select": "^2.0.2" and Flex wants to update this to ^2.0.1. In this case, do NOT do the update. However, if Flex wants to update to ^2.1.0, then YES do the update.

The composer/semver package (which is already available inside Flex) should have some tools to compare these... though I'm not sure the exact method/class to use.

Hi @weaverryan, I tried to implement your idea : https://github.com/symfony/flex/pull/965 Is there something i could improve in this PR ?

smnandre avatar Jan 23 '23 11:01 smnandre