Closed bodgit closed 2 years ago
I have a long list of modules with varying dependancies version requirements. I've tried the best I could to align all the versions so that there is overlap and the dependencies are listed with the exact version I need to match all of the parent modules. However, you're right - librarian is just grabbing the latest of the dependent module versions and then failing on subsequent modules.
Can we tell librarian not to manage dependencies?
I think librarian should manage dependencies but in a smarter way. Sadly there hasn't been much love for librarian-puppet recently. I tend to work around it by ensuring all my modules work with the latest versions. https://github.com/ekohl/puppet_metadata_checker is a small helper I wrote that could use some documentation. You can point it to metadata.json files and it looks at the forge if any dependency doesn't allow the latest version.
Consider the following scenario:
Module A has the following dependencies:
>=1.0.0 <2.0.0
>=x.0.0 <y.0.0
Module C also has a dependency on the same module B but has a slightly more specific version requirement:
>=1.0.0 <1.9.0
If module B has versions 1.8.8, 1.8.9, 1.9.0, 1.9.1, etc. available and I install module A with librarian-puppet then it will choose 1.9.1+ for module B and then fail to resolve the dependencies for module C leading to the "Could not resolve the dependencies." error when it should choose 1.8.9 as that works for both modules.