Skip to content

chore: add adio and clean up transitive dependencies #202

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
TillaTheHun0 merged 2 commits into from
Jun 8, 2021
Merged

chore: add adio and clean up transitive dependencies #202

TillaTheHun0 merged 2 commits into from
Jun 8, 2021

Conversation

@TillaTheHun0
Copy link
Member

@TillaTheHun0 TillaTheHun0 commented Jun 7, 2021

Due to the way yarn workspaces hoists dependencies and in combination with node's module resolution strategy, it is easy to consume a dependency not specified in my own package.json if that dependency is declared by another package and then hoisted by yarn.

For example, package A and B could specify crocks as a dependency in their package.jsons. yarn will appropriately hoist this shared dependency to the root node_modules. However, this means package C can now require('crocks') without specifying crocks as a dependency in it's own package.json file. This is otherwise known as a "transitive dependency". This isn't exclusively an issue in a monorepo, it is just exacerbated by a monorepo and hoisting strategy like that used by yarn workspaces. The root cause is node's module resolution strategy. Both a boon and a curse ☹️

This PR mitigates the chances of using a transitive dependency by enforcing that each package specify any dependencies in its own package.json (what you would expect). This is accomplished by using adio. A pre-commit check is added to ensure no transitive dependencies are added in subsequent commits.

@TillaTheHun0 TillaTheHun0 requested review from tripott and twilson63 June 7, 2021 20:56
@TillaTheHun0
Copy link
Member Author

TillaTheHun0 commented Jun 7, 2021

since we are manually bumping package versions for now, this PR will wait on #200 and rebase off it when it is merged.

@TillaTheHun0 TillaTheHun0 changed the base branch from main to chore/lint June 8, 2021 02:39
Base automatically changed from chore/lint to main June 8, 2021 12:55
@TillaTheHun0 TillaTheHun0 merged commit 94282cf into main Jun 8, 2021
@TillaTheHun0 TillaTheHun0 deleted the chore/adio branch June 8, 2021 13:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@twilson63 twilson63 twilson63 approved these changes

@tripott tripott tripott approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@TillaTheHun0 @twilson63 @tripott