web: downgrade dependencies by checking out an old version #78
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The upgraded dependencies have exposed an issue in the way package names are handled in the bitbake npm package fetcher. The issue being that the names '@types/ramda' and 'types-ramda' are mangled into the same name, which results in their tar archives being called the same if the versions match as well, resulting in one overwriting the other. There is a fix for this, which made it into poky master[1] but not into scarthgap (yet). Getting it into scarthgap is the ultimate goal, but right now it is holding us back from rolling a new release. Undo the the dependency updates for now, so we can roll a new meta-lxatac release. We can re-do the updates once the fix is backported to scarthgap. This resets the package-lock.json to how it was before commit cee818c ("tacd: update dependencies via cargo update"). In this package-lock.json the '@types/ramda' and 'types-ramda' packages have different version numbers, which means the tar archives have different names. [1]: yoctoproject/poky@ee6bf28 Signed-off-by: Leonard Göhrs <[email protected]>
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The upgraded dependencies have exposed an issue in the way package names are handled in the bitbake npm package fetcher.
The issue being that the names '@types/ramda' and 'types-ramda' are mangled into the same name, which results in their tar archives being called the same if the versions match as well, resulting in one overwriting the other.
There is a fix for this, which made it into poky master but not into scarthgap (yet).
Getting it into scarthgap is the ultimate goal, but right now it is holding us back from rolling a new release.
Undo the the dependency updates for now, so we can roll a new meta-lxatac release. We can re-do the updates once the fix is backported to scarthgap.
This resets the package-lock.json to how it was before commit cee818c ("tacd: update dependencies via cargo update").
In this package-lock.json the '@types/ramda' and 'types-ramda' packages have different version numbers, which means the tar archives have different names.