From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 1EFE81382C5 for ; Tue, 20 Mar 2018 20:44:35 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 97956E0A07; Tue, 20 Mar 2018 20:44:28 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 3C6A9E0824 for ; Tue, 20 Mar 2018 20:44:28 +0000 (UTC) Received: from [192.168.1.100] (c-98-218-46-55.hsd1.md.comcast.net [98.218.46.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mjo) by smtp.gentoo.org (Postfix) with ESMTPSA id E6378335C09 for ; Tue, 20 Mar 2018 20:44:26 +0000 (UTC) Subject: Re: [gentoo-dev] [RFC] Begin a dev-libs/nodejs category? To: gentoo-dev@lists.gentoo.org References: <6d081572-1b9a-663e-5993-8143518cf0cd@gmail.com> <534f8dd2-2174-0ca4-1493-c55c35bfa4c8@gentoo.org> From: Michael Orlitzky Message-ID: Date: Tue, 20 Mar 2018 16:44:19 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Archives-Salt: 344f5c09-06a1-4f61-955c-d01c15a38c3e X-Archives-Hash: d9ac59628385af0804a6144654febff7 On 03/20/2018 04:14 PM, Herb Miller Jr. wrote: > That is scary. I hadn't noticed there are node_modules directories under > many node modules and that npm list outputs different versions of the > same dependency. To help me better understand the situation, when you > see this happen does "bar-1.0" normally depend on "baz-1.0" because... > > A) There is some huge technical hurdle in upgrading to "baz-2.0"? > B) I was too lazy or didn't care to upgrade to "baz-2.0"? > C) My package.json is outdated? > > If A, can you point me to a good example I can take a look at? It's usually B or C, but I hit several cases where there was a real incompatibility. When I opened Github issues, I got a lot of WONTFIX responses telling me that I have to use npm. No particular examples come to mind, though -- this was about 2.5 years ago.