Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [wildwebdeveloper-dev] Workflow to update node dependencies


First, I forget to answer to one question about npm / node.
Here is the question from Mickael :

" Do you know if it's possible to get multiple versions of the same module in node_modules and to have node picking some dependencies that seem more safely compatible?"

In fact by default, npm will try to use the same version of a transitive dependency. But sometimes, it's not possible. So npm use the old mecanism of dependency management. It will create a node_modules folder in one or each dependency which use the transitive dependency. In this node_modules, you will find the right version of the dependency.

To be clear, it already the case for some transitive dependencies like "jsonc-parser".
In the top level node_modules, you will find jsonc-parser version 1.0.3  and in the yaml-language-server dependency, you will find another node_modules. In this last folder jsonc-parser version is 2.1.0.

About package-lock.json. We should use the file because it's the only way to reproduce the build. For that we should use npm ci instead of npm install in the maven build. I will provide a patch just after this mail.

For upgrading a dependency, I already answer this question here.
I know we have some troubles. I'm not sure why yet.

Here are some personnal thoughts:
  • We should ask vscode team to publish each language servers on npm.
    • We download a packaged version of vscode, extract the needed langage servers and then install them is not really efficient.
    • Maybe (I have no clue about it) it will help for dependency resolving.
  • We need to use npm ci instead of npm install when we build wildwebdeveloper (patch incoming)
  • Vscode plugins use differents folder for each extensions. So language servers are independant. Maybe we should start to seperate some langage servers from each others.
    • One plugin with all language servers from vscode distribution.
    • One plugin per other language server.

Have a nice day.


Le jeu. 25 juil. 2019 à 17:44, Mickael Istria <mistria@xxxxxxxxxx> a écrit :
Hi Alex, hi all,

I see you (Alex) managed to update some node dependencies successfully recently. That's cool.
However, for the few updates I have pending, I always get some test failures when updating those dependencies, and this was also the case some time ago when I tried to update similar ones as the one you did update.
So I'm thinking that it's my workflow and my lack of knowledge in npm that can cause the failures on my side.

How do you deal with the package-lock.json? Do you keep it, do you remove it... before updating dependencies and calling `npm install ...`? Is there anything magic that you have in mind can make me more successful on that topic?

Thanks in advance.

Mickael Istria
Eclipse IDE developer, for Red Hat Developers
wildwebdeveloper-dev mailing list
To change your delivery options, retrieve your password, or unsubscribe from this list, visit

Back to the top