-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): specify versions for @types/express
and friends
#4493
Conversation
In 91b8839 @abernix updated package-lock for `@types/express` (something I had also noted happened on a branch I was working on). Soon after, in #4327, that line got dropped from package-lock.json. I'm guessing this caused the issue I started seeing soon afterwards, where I'd get lots of compile errors relating to `@types/express` and other DefinitelyTyped packages it depends on. Turns out the dependencies from `@types/express` are unversioned, but the latest versions of that type package depends on the latest versions of a bunch of other type packages. This commit seems to fix things for me.
- We don't directly depend on `@types/express-serve-static-core`, so I don't quite understand the addition of those. I seem to not have the flapping of deps without adding it! - We shouldn't need to package the `@types/qs` (or the aforementioned pkg) into the `apollo-server-express` package's non-dev deps because none of those types are exported from our emitted `d.ts` files. Those dependencies should be brought by the corresponding packages if there are transitive dep needs.
Hmm, it does suck that the dependencies from Thanks for explaining that the reason for |
FWIW when building an app depending on tarballs from #4453, I did run into errors due to the version of |
This is another attempt to solve the problem of #4493. The problem is that the new version of `@types/express` we use in this release actually does require a newer version of `@types/express-serve-static-core`, but it only uses `*` as a version constraint. So while from-scratch installs of `apollo-server-express` will pull in the newest version of `@types/express-serve-static-core`, upgrades will only bother to upgrade `@types/express` and TypeScript will fail.
...with a little extra help from @abernix because these types seem like they're acting up again. This time, I've found another issue on DefinitelyTyped that seems like it's prescribing a solution that was occurring in this particular attempt at updating the types, resulting in the error message of: Namespace 'serveStatic' has no exported member 'RequestHandlerConstructor' The (attempted, but seemingly working) fix was: npm update @types/express-serve-static-core --depth 2 npm update @types/serve-static --depth 2 Ref: DefinitelyTyped/DefinitelyTyped#49595 But also, in reverse chronological order at attempted resolution: Ref: 6e86f67 Ref: #4493 Ref: c67e8ec Cc: @glasser
...with a little extra help from @abernix because these types seem like they're acting up again. This time, I've found another issue on DefinitelyTyped that seems like it's prescribing a solution that was occurring in this particular attempt at updating the types, resulting in the error message of: Namespace 'serveStatic' has no exported member 'RequestHandlerConstructor' The (attempted, but seemingly working) fix was: npm update @types/express-serve-static-core --depth 2 npm update @types/serve-static --depth 2 Ref: DefinitelyTyped/DefinitelyTyped#49595 But also, in reverse chronological order at attempted resolution: Ref: 6e86f67 Ref: #4493 Ref: c67e8ec Cc: @glasser Co-authored-by: Jesse Rosenberger <git@jro.cc>
In 91b8839 @abernix updated package-lock for
@types/express
(something I hadalso noted happened on a branch I was working on). Soon after, in #4327, that
line got dropped from package-lock.json.
I'm guessing this caused the issue I started seeing soon afterwards, where I'd
get lots of compile errors relating to
@types/express
and otherDefinitelyTyped packages it depends on. Turns out the dependencies from
@types/express
are unversioned, but the latest versions of that type packagedepends on the latest versions of a bunch of other type packages.
This commit seems to fix things for me.