"Could not resolve the dependencies." for two modules with different version requirements

[bodgit]

Consider the following scenario:

Module A has the following dependencies:

• B >=1.0.0 <2.0.0
• C >=x.0.0 <y.0.0

Module C also has a dependency on the same module B but has a slightly more specific version requirement:

• B >=1.0.0 <1.9.0

If module B has versions 1.8.8, 1.8.9, 1.9.0, 1.9.1, etc. available and I install module A with librarian-puppet then it will choose 1.9.1+ for module B and then fail to resolve the dependencies for module C leading to the "Could not resolve the dependencies." error when it should choose 1.8.9 as that works for both modules.

[BarnumD]

I have a long list of modules with varying dependancies version requirements. I've tried the best I could to align all the versions so that there is overlap and the dependencies are listed with the exact version I need to match all of the parent modules. However, you're right - librarian is just grabbing the latest of the dependent module versions and then failing on subsequent modules.

Can we tell librarian not to manage dependencies?

[ekohl]

I think librarian should manage dependencies but in a smarter way. Sadly there hasn't been much love for librarian-puppet recently. I tend to work around it by ensuring all my modules work with the latest versions. https://github.com/ekohl/puppet_metadata_checker is a small helper I wrote that could use some documentation. You can point it to metadata.json files and it looks at the forge if any dependency doesn't allow the latest version.