I have this in a package:
api.use([
'kestanous:herald#1.1.3',
'kestanous:herald-email',
]);
As expected, Meteor uses version 1.1.3 of the Herald package.
If I remove the #1.1.3 version, the package's versions.json doesn't change.
But now if I run meteor update kestanous:herald, here's what I get:
$ meteor update kestanous:herald
Changes to your project's package version selections from updating package versions:
kestanous:herald downgraded from 1.1.3 to 1.0.1
It doesn't make sense to me that upgrading a package would actually downgrade it. Especially since kestanous:herald is used nowhere else in the app. Even stranger, there are still no changes to the package's versions.json file despite the message.
So it seems either I don't understand how package versioning works, or else something is not working correctly?
I'm not sure if i'm right on this 100% because the system used is quite weird & has changed so many times until very recently.
Meteor's new package system works on a constraint solver. Each package declares the version of Meteor its designed for, e.g if you designed it for Meteor 0.9.2 and you run it on Meteor 0.1.0 there is a slight difference in the blaze package.
So if a package one of your other packages is dependent on has uses this older version of blaze then the other packages will be downgraded so that it can match this constraint, such that the latest versions of all included packages are used as long as the constraint is matched.
So this can happen if herald has a constraint on it of some older Meteor package or version, or has a dependency on some older package.
While the package doesn't have to be defined explicitly it can be defined implicitly from api.versionsFrom("XXX") too.
Meteor then upgrades or downgrades the packages accordingly.
Additionally there is a "leeway" allowed with the packages allowed depending on the semver spec, minor package version updates are okay, but the major ones force a downgrade, since the new version is deemed incompatible. There's a bit of a discussion on this too.
This is the package.js file for the package for kestanous:herald:
api.versionsFrom('METEOR#0.9.2');
api.use(['check', 'underscore', 'tracker','accounts-base', 'blaze', 'artwells:queue#0.0.3']);
This means that all packages in your meteor project will attempt to be downgraded so that all of them can be compatible with these other dependencies.
If you upgraded the versionsFrom, then meteor would be more accepting to newer versions in other packages.
https://github.com/Meteor-Reaction/Herald/blob/master/package.js#L9
Related
How does R handle dependencies when 2 or more packages have a common dependency, when using install.packages() to install from CRAN?
I understand the general default is to assume that the most recent version of a package on CRAN works with the other most recent packages on CRAN.
But what happens if:
I install package_1 from CRAN, which depends on dependency_1 v 1.0, so I have both these on my system.
Sometime later I try to install package_2, which also depends on dependency_1 version >=2.0, which is now available on CRAN.
I assume doing this would try to update dependency_1 to v 2.0
At this point my installed version of package_1 is now out of date with CRAN, where package_1 now has dependency_1 version >=2.0 also.
Unfortunately, this means my installed version of package_1 is relying on certain behaviour from dependency_1 which isn't present in v2.0, and so consequently won't work any more
At this point, will R:
Check package_1 is up to date, and update it accordingly along with dependency_1, when installing package_2?
Identify the potential conflict, and fail to install package_2?
Install package_2, update dependency_1, and leave me to find the conflict between my version of package_1 and dependency_1?
Do something else I haven't thought of?!
I have a meteor application with the following packages:
$ meteor list
accounts-password 1.5.3 Password support for accounts
accounts-ui 1.3.1 Simple templates to add login widget...
blaze-html-templates 1.1.2 Compile HTML templates into reactive...
ecmascript 0.14.2 Compiler plugin that supports ES201...
es5-shim 4.8.0 Shims and polyfills to improve ECMAS...
fourseven:scss 4.12.0 Style with attitude. Sass and SCSS ...
iron:router 1.1.2 Routing specifically designed for Me...
jquery 1.11.11* Manipulate the DOM using CSS selec...
meteor-base 1.4.0 Packages that every Meteor app needs
mobile-experience 1.0.5 Packages for a great mobile user exp...
mongo 1.8.1 Adaptor for using MongoDB and Minimo...
reactive-var 1.0.11 Reactive variable
shell-server 0.4.0 Server-side component of the `meteor...
standard-minifier-css 1.6.0 Standard css minifier used with Mete...
standard-minifier-js 2.6.0 Standard javascript minifiers used w...
tracker 1.2.0 Dependency tracker to allow reactive...
typescript 3.7.5 Compiler plugin that compiles TypeSc...
* New versions of these packages are available! Run 'meteor update'
to try to update those packages to their latest versions. If your
packages cannot be updated further, try typing
`meteor add <package>#<newVersion>` to see more information.
The atmosphere package jquery is available with version 3.0.0. I had that until installing iron-router. I was able to successfully get iron-router installed by following this advice: https://forums.meteor.com/t/iron-router-jquery-dependency/51374 (specifically meteor add iron:router --allow-incompatible-update).
I'd like to use the newer 3.0.0. I don't get the impression there is any true incompatibility within iron-router.
However, if I try to add it, I get:
$ meteor add jquery#3.0.0
-error: Conflict: Constraint jquery#1.0.0 is not satisfied by jquery
3.0.0.
Constraints on package "jquery":
* jquery#3.0.0 <- top level
* jquery#1.11.9 || 3.0.0 <- blaze 2.3.4 <- accounts-base 1.5.0 <-
accounts-password 1.5.3
* jquery#1.11.9 || 3.0.0 <- blaze 2.3.4 <- blaze-html-templates
1.1.2
* jquery#1.0.0 <- iron:dynamic-template 1.0.12 <- iron:controller
1.0.12 <- iron:router 1.1.2
* jquery#1.0.0 <- iron:location 1.0.11 <- iron:router 1.1.2
Initially, I had a hard time seeing where it was getting 1.0.0 from for the iron:* dependencies since there was no explicit version listed:
https://github.com/iron-meteor/iron-dynamic-template/blob/devel/package.js#L14
https://github.com/iron-meteor/iron-location/blob/master/package.js#L13
Then I found this in the documentation for api.versionsFrom(meteorRelease):
Use versions of core packages from a release. Unless provided, all packages will default to the versions released along with meteorRelease. This will save you from having to figure out the exact versions of the core packages you want to use. For example, if the newest release of meteor is `METEOR#0.9.0 and it includes jquery#1.0.0, you can write api.versionsFrom('METEOR#0.9.0') in your package, and when you later write api.use('jquery'), it will be equivalent to api.use('jquery#1.0.0').
So that seems to be what is happening -- jquery#1.0.0 was tied to METEOR#0.9.2.
So... aside from the option of checking out the iron-* packages into my local project as custom packages to override the api.versionsFrom(meteorRelease) in a custom fork to a modern release (or rather specify a specific jquery version since I believe it is no longer a core package)... is there any way forcefully update to jquery#3.0.0 despite what it thinks is a conflict?
Unfortunately --allow-incompatible-update does not seem to work in this instance.
This a bit of opinionated but if you want to have a router without dependencies to outdated packages you should go with ostrio:flow-router-extra which allows you even to omit jQuery or install jQuery using the npm package.
Since Meteor 1.8.3 there is also no hard dependency between Blaze and jQuery, allowing to install the latest jQuery from npm registry, which is important from a security perspective.
Check out:
https://github.com/VeliovGroup/flow-router
https://github.com/meteor/meteor/blob/devel/History.md
Use #= to install a specific pkg version. You'll need to remove the npm jquery pkg if you downgrade.
meteor add jquery#=1.11.11
meteor npm remove jquery
meteor add iron:router
Is it possible to check all available versions of an atmospherejs package?
For example, I am trying to install the twbs:bootstrap#=4.0.0-alpha.4 following their github page
But this does not install giving error:
no such version twbs:bootstrap#=4.0.0-alpha.4
Hence I am looking to find a way to check which versions are available for any given atmospherejs meteor package.
You can use
meteor show twbs:bootstrap
or
meteor show --show-all twbs:bootstrap
for older or pre-released versions. Latest available version is 4.0.0-alpha2
I'm trying to create a Meteor package, which has, as a dependency the package ian:accounts-ui-bootstrap-3. I added the dependency in my package.js like this:
Package.onUse(function(api) {
api.versionsFrom('1.1.0.2');
api.use(['ian:accounts-ui-bootstrap-3'], 'client');
api.addFiles('package-name.js');
});
After I add my package in the console, the following packages are added to the project:
accounts-base added, version 1.2.0
me:my-package-name added, version 0.0.1
handlebars added, version 1.0.3
ian:accounts-ui-bootstrap-3 added, version 1.0.7
localstorage added, version 1.0.3
service-configuration added, version 1.0.4
stylus added, version 1.0.7
The issue is that the accounts system is not working. In the browser I get this error:
Uncaught TypeError: Cannot read property 'push' of undefined
'push' being the property of
Template.__body__.__contentParts
If I add the ian:accounts-ui-bootstrap-3 manually it works fine, I don't get the error. But when I do that, the packages which are installed on the project are a little different:
accounts-base added, version 1.2.0
anti:i18n added, version 0.4.3
ian:accounts-ui-bootstrap-3 added, version 1.2.59
localstorage added, version 1.0.3
service-configuration added, version 1.0.4
stylus added, version 1.0.7
As you can see I don't have handlebars anymore but instead anti:i18n. I tried to install the anti:i18n as a dependency in my package but I got the same browser error.
Can anyone say, what I'm doing wrong and why the package behaves like that when is installed differently (manual vs dependency).
To give you this example I just created an empty package, with only this dependency, so nothing else can affect the number of packages being installed.
Try using 'imply' instead of 'use'. This exposes the package to the global scope. Without much more in details of your problem this is probably most likely to solve the issue (I hope):
api.imply(['ian:accounts-ui-bootstrap-3']);
Instead of
api.use(['ian:accounts-ui-bootstrap-3'], 'client');
I found the issue. When installed as a dependency the package: ian:accounts-ui-bootstrap-3 will install version 1.0.7 which is an old one.
When it is installed manually, it installs version 1.2.59 and this one has the features I want.
So to solve the issue I just specified the needed version in the dependency using '#'.
I think this have to be changed, like when you install a package via a dependency, it should install the latest version and an older one only if is specified by #.
Currently the latest public version of the Spiderable package is 1.0.7 (atmosphere link). However on Github the version has been bumped to 1.0.8 (4 days ago).
I need the features from the 1.0.8 update. What's the best way for me to use the 1.0.8 version? I've tried:
meteor add spiderable#1.0.8
But it didn't work, the output was: error: no such version spiderable#1.0.8 .
This version of spiderable has not yet been published by MDG. This is why it says no such version.
While a package is being developed the version may be higher than the version available for use. When it has been tested its usually published along the next meteor version.
There may still be more changes to the package until its published.
If you want to use the package anyway you can copy the spiderable directory from github into a packages/spiderable directory. This may not work with certain dependency errors depending on whether another package using spiderable is required.
The second is to use the github version of meteor. Which is to clone the meteor project using git clone https://github.com/meteor/meteor then use the meteor binary (with the full absolute path) to run your project instead of meteor on its own.