Skip to content

Force use of unmanaged ajv-cli version as required #245

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 5, 2022
Merged

Force use of unmanaged ajv-cli version as required #245

merged 2 commits into from
Jul 5, 2022

Conversation

per1234
Copy link
Contributor

@per1234 per1234 commented Jul 4, 2022
edited
Loading

Background

The ajv-cli command line tool is used for validating data files against their JSON schema.

In general, it is preferable (for some schemas even mandatory) to use the modern versions of ajv-cli. However, support for the "Draft 4" schema specification was dropped in avj version 7.0.0, introduced into ajv-cli at version 4.0.0. So when working with JSON schemas that specify that draft, it is necessary to use ajv-cli 3.3.0, the last compatible version.

This means that some projects may have dependencies on multiple versions of ajv-cli.

Overview

The ajv-cli package is distributed via the npm registry. We are now using npm for management of such dependencies (#240). Unfortunately, npm does not have support for managing multiple versions of a binary dependency.

npm's "alias" feature seems ideal:

https://docs.npmjs.com/cli/v8/commands/npm-install#:~:text=npm%20install%20%3Calias%3E%40npm%3A%3Cname%3E

  • npm install <alias>@npm:<name>:

Install a package under a custom alias. Allows multiple versions of a same-name package side-by-side

However, this is only suitable for code dependencies. There is no special handling of providing access via npx to the binary of the aliased package:

$ npm install --save-dev prettier1@npm:prettier@^1.0.0 prettier@^2.0.0
[...]

$ npx prettier1 --version
npm ERR! code E404
npm ERR! 404 Not Found - GET https://registry.npmjs.org/prettier1 - Not found
npm ERR! 404
npm ERR! 404  'prettier1@latest' is not in this registry.
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.

npm ERR! A complete log of this run can be found in:
npm ERR!     C:\Users\per\AppData\Local\npm-cache\_logs\2022-07-04T19_20_39_998Z-debug-0.log

$ npx prettier1@npm:prettier --version
2.7.1

(Prettier is used for the demos because ajv-cli doesn't have a version command)

So the only reasonable option is to manage only one of the two tool versions. Since the "Draft 4" compatible version of the tool (3.3.0) will never have an available update, managing only the modern ajv-cli dependency is no hardship.

Problem

Selectively running commands with the unmanaged version of the tool should be a simple matter of specifying the version of the package: npx [email protected]:

https://docs.npmjs.com/cli/v8/commands/npx#description

Package names with a specifier will only be considered a match if they have the exact same name and version as the local dependency.

Unfortunately, a bug in npx (npm/cli#3210) causes the version specifier to be ignored when the managed version is already installed:

$ npm install --save-dev prettier@^2.0.0
[...]

$ npx prettier@^1.0.0 --version
2.7.1

This bug is reportedly fixed, but that fix is not in a Node.js release yet, and even after that it may take us quite some time to upgrade to the version of Node.js which contains the fix (our current approach is to use the Node.js "LTS" version, which is currently at 16.x, while the fix will only be available from >18.4.0).

Solution

The workaround implemented here is to run the unmanaged tool command from outside the project folder:

$ npm install --save-dev prettier@^2.0.0
[...]

$ cd "$(mktemp --directory --tmpdir npx-bug-XXXXXXXX)"

$ npx prettier@^1.0.0 --version
1.19.1

per1234 added 2 commits July 4, 2022 11:18
@per1234
Use a global workflow variable to define the "Draft 4" compatible ver…
dd2f46d 
…sion of ajv-cli

The ajv-cli tool is used for validation of data files against their JSON schema.

In general, it is preferable, and for some schemas even mandatory, to use the modern versions of ajv-cli. However,
support for the "Draft 4" schema specification was dropped in ajv-cli version 4.0.0. So when working with JSON schemas
that specify that draft, it is necessary to use ajv-cli 3.3.0, the last compatible version.

Such schemas are relatively common, likely partly due to the Schema Store's policy that "Draft 4" be used whenever
possible. Having this version defined in a single place makes taskfiles with multiple tasks subject to this somewhat
esoteric (and thus requiring an explanatory comment) information a bit cleaner.
@per1234
Force use of unmanaged ajv-cli version as required
06ebd8d 
The ajv-cli command line tool is used for validating data files against their JSON schema.

In general, it is preferable, and for some schemas even mandatory, to use the modern versions of ajv-cli. However,
support for the "Draft 4" schema specification was dropped in ajv-cli version 4.0.0. So when working with JSON schemas
that specify that draft, it is necessary to use ajv-cli 3.3.0, the last compatible version.

This means that some projects may have dependencies on multiple versions of ajv-cli. This package is distributed via the
npm registry. Unfortunately, npm does not have support for managing multiple versions of a binary dependency.

npm's "alias" feature seems ideal:

https://docs.npmjs.com/cli/v8/commands/npm-install

> npm install <alias>@npm:<name>:
> Install a package under a custom alias. Allows multiple versions of a same-name package side-by-side

However, this is only suitable for code dependencies. There is no special handling of providing access via npx to the
binary of the aliased package.

So the only reasonable option is to manage only one of the two tool versions. This should be a simple matter of
specifying the version of the package in the commands using the unmanaged tool: `npx [email protected]`:

https://docs.npmjs.com/cli/v8/commands/npx#description

> Package names with a specifier will only be considered a match if they have the exact same name and version as the
> local dependency.

Unfortunately, a bug in npm causes the version specifier to be ignored when the managed version is already installed.
This bug is reportedly fixed, but the fix is not in a Node.js release yet, and even after that it may take us quite some
time to upgrade to the version of Node.js which contains the fix.

The workaround implemented here is to run the unmanaged tool command from outside the project folder.
@per1234 per1234 added type: imperfection Perceived defect in any part of project topic: code Related to content of the project itself topic: infrastructure Related to project infrastructure labels Jul 4, 2022
@per1234 per1234 requested review from cmaglie and umbynos July 4, 2022 19:39
@per1234 per1234 self-assigned this Jul 4, 2022
@per1234 per1234 merged commit fb8f8ac into arduino:main Jul 5, 2022
@per1234 per1234 deleted the fix-npx branch July 5, 2022 11:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@umbynos umbynos umbynos approved these changes

@cmaglie cmaglie Awaiting requested review from cmaglie

Assignees

@per1234 per1234

Labels
topic: code Related to content of the project itself topic: infrastructure Related to project infrastructure type: imperfection Perceived defect in any part of project
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@per1234 @umbynos