Closed voxpelli closed 1 month ago
We'll need to cache latest
onto the latest Version
for each package (new boolean column, updated after each time package is synced).
And then tweak the logic of fetching dependent_packages to only consider versions where latest is true: https://github.com/ecosyste-ms/packages/blob/main/app/models/package.rb#L128
Then add a latest
parameter to the dependent packages endpoint: https://github.com/ecosyste-ms/packages/blob/main/app/controllers/api/v1/packages_controller.rb#L106
Deploying a first pass at the code now, it's going to take a few hours to update the latest
field on 100 million version records, I will prioritize the dependents of standard
so you can do some testing.
@andrew Trying it out now! Thanks for impressively quick turnaround :)
Thanks! The code change was quick but it's going to take quite a few hours to update the new latest
field on all packages, let me know if there are any other packages you'd like prioritized.
Worked for all modules I needed it to work on, thanks! As far as I'm concerned this issue can be considered fixed :)
(I haven't yet made the repository public where I use these modules of mine, but I will soon)
List from @voxpelli of packages (github repo names provided) that should be listed in https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@voxpelli/eslint-config/dependent_packages?latest=true&per_page=100&page=1 but are not, that are listed in https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@voxpelli/eslint-config/dependent_packages?per_page=100&page=1 to investigate:
The yikesable/fastify-acl
was included, it was me that was accidentally filtering it client side π
There's a couple there that have prerelease versions published to npm with @voxpelli/eslint-config as a dependency, but ecosyste.ms ignores preleases whn calculating the "latest" version.
There's also a few repos you link to that have @voxpelli/eslint-config as a dependency that have not been published to npm, the packages service only looks at versions published to npm, to get data on those you'll need to fetch dependent repository data from https://repos.ecosyste.ms/ instead
@andrew Oh, so sorry for that π¬ Evidently I have a backlog of projects to do (stable) releases for, which I have forgot to do releases for
This is entirely upon me then, sorry for wasting your time, I should have dug deeper into it myself first π
@voxpelli no worries, I just wanted to make sure there wasn't something wrong in the detection
Right now the list of "dependent packages" is a list of packages which in any of their historic version has depended on the module.
At least in the case of
npm
that's less interesting. The more interesting data is who are currently depending on a package β not who have done so historically.A package that was highly dependent upon but which the community have moved on from should in my opinion have a small list of dependent modules, not a large list.
For
npm
its quite easy: Limit the version of dependents to that matching thelatest
tag onnpm
. The version number for that tag is already available inlatest_release_number
in: https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/installed-checkOpening this issue after speaking about it with @andrew on Mastodon and he suggested opening an issue: https://mastodon.social/@andrewnez/112433091250034050
Me personally would use it for my https://github.com/voxpelli/list-dependents / https://github.com/voxpelli/list-dependents-cli modules
Upvote & Fund