rich-markdown-editor icon indicating copy to clipboard operation
rich-markdown-editor copied to clipboard

Published 20 hours ago verified publisher icon outline

Impossible to install via `npm` due to conflicting and duplicating dependencies.

Open arslancharyev31 opened this issue 2 years ago • 10 comments

rich-markdown-editor version: 11.17.0

rich-markdown-editor defines an explicit dependency on prosemirror-tables, which at the moment resolves to 1.1.1. However, rich-markdown-editor also defines an explicit dependency on prosemirror-utils , which at the moment resolves to 0.9.6. The problem is that [email protected] also defines an explicit dependency on prosemirror-tables, which resolves to 0.9.5. The following tree illustrates the resulting dependency graph:

[email protected] /path/to/project
└─┬ [email protected]
  ├── [email protected]
  └─┬ [email protected]
    └── [email protected]

This results in RangeError: Duplicate use of selection JSON ID cell exception being thrown since prosemirror-tables tries to define some unique element twice (correct me if I'm wrong here).

And no, this is not an issue with "unique package situation", as was suggested in https://github.com/outline/rich-markdown-editor/issues/412#issuecomment-803216815. On yarn this issue can be somewhat mitigated through "selective dependency resolutions". (Update: I just checked, and apparently in yarn all packages resolve to [email protected], hence manual resolution is not required here). But npm provides no such mechanism at the moment (its counterpart, overrides, is an approved but not yet implemented rfc). Of course one could manually edit the package-lock.json to resolve it, but this is a highly suboptimal solution for self-evident reasons. Therefore, this issue has to be fixed either in upstream or in this repository.

The good news is that this issue is fixed in [email protected], which no longer defines an explicit dependency on prosemirror-tables, which should, in theory, fix this issue. The bad news is that 1.0.0-0 is tagged as release candidate, which may or may not be acceptable to maintainers of rich-markdown-editor.

Finally, having said all that, would you consider upgrading the problematic prosemirror-utils package to v1, so that npm users can use rich-markdown-editor?

arslancharyev31 avatar Aug 03 '21 20:08 arslancharyev31

Unfortunately it's not possible to upgrade to 1.0.0-0 as it removes a number of methods for dealing with tables that this project uses. I guess that's why the dependency was removed

tommoor avatar Aug 05 '21 23:08 tommoor

Unfortunately it's not possible to upgrade to 1.0.0-0 as it removes a number of methods for dealing with tables that this project uses. I guess that's why the dependency was removed

That is indeed unfortunate. I suppose at the very least it should be stated in the README that npm is not supported for reasons that were described in my original post. At the very least it would definitely save time for future developers who are trying to install it according to the instructions but are met with really bizarre errors.

arslancharyev31 avatar Aug 06 '21 20:08 arslancharyev31

Got the same problem when trying to load this into Deno via esm.sh

guiguan avatar Aug 16 '21 13:08 guiguan

We have the same problem, temporarily solved by using yarn for the deploy, ignoring the package-lock file.

colmanhumphrey avatar Aug 17 '21 18:08 colmanhumphrey

#535 is a duplicate of this.

alexef avatar Sep 23 '21 09:09 alexef

Unfortunately it's not possible to upgrade to 1.0.0-0 as it removes a number of methods for dealing with tables that this project uses. I guess that's why the dependency was removed

By the way, this issue is a textbook example of what eventually happens when a project relies on transitive dependencies.

arslancharyev31 avatar Sep 23 '21 11:09 arslancharyev31

Any possible solution to this bug?

DhawalAgrawal avatar Nov 28 '21 17:11 DhawalAgrawal

Someone would need to figure out what changed in prosemirror-transform that causes the weird behavior in newer versions.

Once that's addressed the dep locking is no longer needed

tommoor avatar Nov 28 '21 18:11 tommoor

I think having a dependency on yarn over npm is not a good situation. If that is accepted as a minor evil, that should be clearly stated in the installation instructions on the readme, at least.

For anyone trying to use this from npm, the only fix right now is to add this to your package.json:

"overrides": {
  "prosemirror-tables": "^1.1.1"
}

Then, delete your package-lock.json file and node_modules folder, and run npm install.

adrm avatar Jan 09 '22 17:01 adrm

I think having a dependency on yarn over npm is not a good situation. If that is accepted as a minor evil, that should be clearly stated in the installation instructions on the readme, at least.

For anyone trying to use this from npm, the only fix right now is to add this to your package.json:

"overrides": {
  "prosemirror-tables": "^1.1.1"
}

Then, delete your package-lock.json file and node_modules folder, and run npm install.

Thanks! This worked for me. :)

ariane-codes avatar Jan 14 '22 00:01 ariane-codes