achingbrain
commented
1 year ago The version range in the package.json will pull in the correct version. You may need to delete your lockfile or otherwise update your dependencies.
% npm ls @libp2p/interface-peer-id@1
libp2p@0.42.1 /Users/alex/Documents/Workspaces/libp2p/js-libp2p
└── (empty)% npm ls @libp2p/interface-peer-id@2
libp2p@0.42.1 /Users/alex/Documents/Workspaces/libp2p/js-libp2p
├─┬ @chainsafe/libp2p-noise@11.0.0
│ └── @libp2p/interface-peer-id@2.0.0 deduped
├─┬ @libp2p/daemon-client@4.0.1
│ └── @libp2p/interface-peer-id@2.0.0 deduped
├─┬ @libp2p/daemon-server@4.0.1
│ └── @libp2p/interface-peer-id@2.0.0 deduped
... lots of outputWe've considered adding some sort of automation to bump the minor/patch versions of dependent modules on every release of the @multiformats/*, @ipld/* and @libp2p/* ecosystems but the sheer amount of PR and release noise this would create makes it unfeasible. It also means you essentially treat all minor/patch versions as breaking changes which need new releases of dependent projects which defeats part of the point of using semver in the first place.
marcus-pousette
Severity:
High
Description:
I am seeing dependencies on both "@libp2p/interface-peer-id" "^1.0.0" and "@libp2p/interface-peer-id" "^2.0.0"
It most likely is due to below dependency is old
@libp2p/interface-connection-manager@1.1.1should be@libp2p/interface-connection-manager@1.3.6There might be more libs that needs to be updated, like @libp2p/crypto
Due to this I am seeing type errors for PeerId when trying to setting the connectionEncryption property of libp2p with a noise protocol that depends on "@libp2p/interface-peer-id" "^2.0.0"
Steps to reproduce the error:
Install latest version and inspect package-lock.json or yarn.lock