search

sumup-oss / foundry

A toolkit for building JavaScript & TypeScript applications.
Apache License 2.0
41 stars 9 forks source link

Fix "semantic-release/commit-analyzer" multiple versions issue #61

Closed voronianski closed 4 years ago

voronianski commented 4 years ago

Description

Current version of semantic-release package introduces additional duplicate of @semantic-release/commit-analyzer, e.g. lock file form website project -

"@semantic-release/commit-analyzer@^6.1.0":
  version "6.2.0"
  resolved "https://registry.yarnpkg.com/@semantic-release/commit-analyzer/-/commit-analyzer-6.2.0.tgz#5cd25ce67ba9ba5b46e47457505e63629e186695"
  integrity sha512-oUtPydYcbtJsEY6WCPi4wynTgRecK5zCkKaGmHi+9Xl7d6jGf7LomnJCg++6dNF1tyavrbGMSdXTCPH6Dx9LbA==
  dependencies:
    conventional-changelog-angular "^5.0.0"
    conventional-commits-filter "^2.0.0"
    conventional-commits-parser "^3.0.0"
    debug "^4.0.0"
    import-from "^3.0.0"
    lodash "^4.17.4"

"@semantic-release/commit-analyzer@^7.0.0-beta.1":
  version "7.0.0-beta-.2"
  resolved "https://registry.yarnpkg.com/@semantic-release/commit-analyzer/-/commit-analyzer-7.0.0-beta-.2.tgz#5f30919eabee8f876c5f80d270274dca34933f76"
  integrity sha512-tburFNeooqb8WrqTfkXroUpvb1jbRP15xugOcWdvnNOlDLHL5D//8BK2Q6TOY+G3RhrL1qaZIuoQ7paqia3x1A==
  dependencies:
    conventional-changelog-angular "^5.0.0"
    conventional-commits-filter "^2.0.0"
    conventional-commits-parser "^3.0.0"
    debug "^4.0.0"
    import-from "^2.1.0"
    lodash "^4.17.4"
    micromatch "^3.1.10"

This leads to issues during install when beta version tar is not possible to download from NPM e.g. error https://registry.yarnpkg.com/@semantic-release/commit-analyzer/-/commit-analyzer-7.0.0-beta-.2.tgz: Extracting tar content of undefined failed, the file appears to be corrupt: "Unexpected end of data

Solution

Possible way of fixing this is to clear this peer dependency hell related to semantic-release package. Is there any specific reason for using semantic-release's beta instead of stable version?

connor-baer commented 4 years ago

I've just released Foundry v1.6.1 which contains a lot of dependency upgrades. Could you please try this version and check if the issue still occurs? Removing and reinstalling Foundry could also help.

The reason why we use semantic-release's beta version is that it supports publishing from multiple branches, which the stable version doesn't. The beta has been in testing for over a year and is being used by many other users as well.

connor-baer commented 4 years ago

This should be fixed by #64, released in v2.0.0-beta.3.