Skip to content
This repository was archived by the owner on Sep 13, 2020. It is now read-only.

Import npm dependencies of packages from Bower with a package.json#5

Draft
kl0tl wants to merge 6 commits intospacchetti:masterfrom
kl0tl:import-npm-dependencies
Draft

Import npm dependencies of packages from Bower with a package.json#5
kl0tl wants to merge 6 commits intospacchetti:masterfrom
kl0tl:import-npm-dependencies

Conversation

@kl0tl
Copy link
Copy Markdown

@kl0tl kl0tl commented Jun 14, 2020

Here’s my stab at purescript/registry#20. I wasn’t able to test this because of #4 but the logic should already be reviewable.

PacchettiBotti.Registry.Bower.writeMissingBowerManifests now downloads releases tarballs and parse foreign modules to infer their npm dependencies. We can‘t trust package.json files because not all packages mention their npm dependencies (react-basic for instance doesn’t mention react nor react-dom) and some packages saved their development dependencies as runtime ones (mysql for instance).

Two rules are enforced:

  • Packages required from foreign modules of the src target must be saved under the "dependencies" field of a package.json.
  • Packages required from foreign modules of the test target only (and not of the src target) must be saved under the "devDependencies" field of a package.json.

Do they seem sensible to you? What should we do when they‘re broken? Should the release be rejected or should registry trustees update the manifest afterwards?

@kl0tl kl0tl marked this pull request as draft June 14, 2020 17:46
@kl0tl kl0tl force-pushed the import-npm-dependencies branch 2 times, most recently from a13d74d to f6ef857 Compare June 14, 2020 20:26
f-f
f-f approved these changes Jun 21, 2020
View reviewed changes
Copy link
Copy Markdown
Member

@f-f f-f left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for this @kl0tl, and sorry for the delay in looking at it!
Looks amazing, I really like the approach. Left some small comments, mostly about having some docstrings, but otherwise we're basically good to go 🙂

Comment thread src/Language/JavaScript/Dependencies.hs
Comment thread src/Language/JavaScript/Dependencies.hs
Comment thread src/Language/JavaScript/Dependencies.hs
Comment thread src/PacchettiBotti/Registry/Bower.hs
@kl0tl kl0tl force-pushed the import-npm-dependencies branch from f6ef857 to e47c1a9 Compare June 28, 2020 16:28
@f-f
Copy link
Copy Markdown
Member

f-f commented Jul 3, 2020

@kl0tl this looks good to me, so I'll merge sometime in the next days. Thank you! 👏

@f-f f-f mentioned this pull request Oct 24, 2020
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@f-f f-f f-f approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kl0tl @f-f