Duplicated dependencies in the package overview page

[tchoutri]

In @cardano/ouroboros-network we can see that bytestring is listed twice as a dependency in the deps overview.

This is caused because we take all the library components of a release

select distinct dependency.namespace, dependency.name, req.requirement
from requirements as req
inner join packages as dependency on dependency.package_id = req.package_id
inner join package_components as pc ON pc.package_component_id = req.package_component_id
      and (pc.component_type = 'library') <-- ⚠️
inner join releases as rel on rel.release_id = pc.release_id
where rel."release_id" = ?
order by dependency.namespace desc

Listing the components of ouroboros-network shows that we have the following components

select component_name, component_type from package_components where release_id = 'f4eaaa9b-a268-303e-88da-31b0382cbf6a';
  component_name   | component_type 
-------------------+----------------
 demo-chain-sync   | executable
 io-tests          | test
 sim-benchmarks    | benchmark
 sim-tests-lib     | library
 ouroboros-network | library
 sim-tests         | test

It would make more sense to take the component that has the same name as the library.

One problem is that it returns no dependency at all for packages containing only an executable. So we would have to determine which query to use:

• Either the package has a main library component, and we proceed with the query
• Or the package has no main library component, one or more executables, and so we have to create a heuristic for this:
  • Either an executable with the same name as the package exists, and then we use it
  • Or we take dependencies from all components and order them without further processing.

[tchoutri]

closed by #492