oven-sh / bun

Incredibly fast JavaScript runtime, bundler, test runner, and package manager – all in one
https://bun.sh
Other
74.31k stars 2.78k forks source link

Deduplicate / dedupe command for bun install #1343

Open ArnaudBarre opened 2 years ago

ArnaudBarre commented 2 years ago

What is the problem this feature will solve?

Reduce the total number of installed dependencies after a adding/bumping a dependency.

Example: First installed: module-a request esbuild ^0.15.7, module-b request esbuild ^0.15.8 esbuild v0.15.10 is installed

Few days later, bumping module-a, still request esbuild ^0.15.7 Both esbuild v0.15.10 and esbuild v0.15.11 are installed

What is the feature you are proposing to solve the problem?

Builtin version of https://github.com/scinos/yarn-deduplicate

We could also have installation algorithms that prioritise installed version over last available version (related to https://github.com/oven-sh/bun/issues/118)

What alternatives have you considered?

On small projects, I delete the lock and start from a fresh install. On larger project with tens of dependencies used in production, I keep using yarn so that I can safely bump a dev dependency and then deduplicate the install of esbuild for example without touching the exact version of my UI dependencies.

steinybot commented 3 months ago

I can't seem to upgrade React because of this. I want to upgrade to 18.3.1 but something else is pulling in 18.2.0.

Having 2 reacts fails rather spectacularly with things like: Screenshot 2024-08-06 at 2 45 02 PM

Writing the dependencies back out to yarn format has:

react@*, "react@0.14 - 18", react@>=16.0.0, react@>=16.11.0, react@>=16.13.1, react@>=16.8, react@>=16.8.4, react@>=16.9.0, "react@^16.13.1 || ^17.0.0 || ^18.0.0", "react@^16.8 || ^17 || ^18", "react@^16.8.0 || 17.x", "react@^16.8.0 || ^17.0.0 || ^18.0.0", "react@^16.9.0 || ^17", react@^18.2.0:
  version "18.2.0"
  resolved "https://registry.npmjs.org/react/-/react-18.2.0.tgz"
  integrity sha512-/3IjMdb2L9QbBdWiW5e3P2/npwMBaU9mHCSCUzNln0ZCYbcfTsGbTJrU/kGemdH2IWmB2ioZ+zkxtmq6g09fGQ==
  dependencies:
    loose-envify "^1.1.0"

react@18.3.1, react@^18.3.1:
  version "18.3.1"
  resolved "https://registry.npmjs.org/react/-/react-18.3.1.tgz"
  integrity sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==
  dependencies:
    loose-envify "^1.1.0"

I don't understand why a package manager would do this (well not just one but all of them copy each others insane behaviour).

Dedupe should not be a command. There should be no duplicates in the first place.

kravetsone commented 1 month ago

A lot of types bugs i get with elysia or gramio.dev...

Please fix it