Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change jade dependency to pug after their renaming #2200

Closed
astorije opened this issue Apr 11, 2016 · 30 comments
Closed

Change jade dependency to pug after their renaming #2200

astorije opened this issue Apr 11, 2016 · 30 comments

Comments

@astorije
Copy link
Contributor

It was already mentioned in #1811, and the original discussion comes from pugjs/pug#2184.

At the moment, installing the latest mocha (2.4.5), we get the following warning:

npm WARN deprecated jade@0.26.3: Jade has been renamed to pug, please install the latest version of pug instead of jade

I wanted to take a shot at it but realized you've been using a 2012-old version of jade for reasons, and it looks like they haven't released old versions under the new name, so unless they do, it's not a trivial change.
Maybe a start could be requesting them to publish specific versions considering they have git tags for them...

@boneskull
Copy link
Contributor

We cannot upgrade to pug atm as this would cause old versions of npm to fail. For now we support Node.js v0.8.x out of the box. Support will be dropped @ next major.

@silkentrance
Copy link

@boneskull Please be more specific. How can this break old versions of npm?

@danielstjules
Copy link
Contributor

If a dependency or nested dependency uses tildes/carets in their package.json, it breaks old npm support. Check here for an example: #2121 (comment)

Using npm 1.2.30, I get several failures since they can't resolve versions with ^

npm ERR! Error: No compatible version found: pug-error@'^1.3.0'
npm ERR! Valid install targets:
npm ERR! ["0.0.0","1.3.0"]

@donaldpipowitch
Copy link

Support will be dropped @ next major.

Is there an estimated date for this?

@dasilvacontin
Copy link
Contributor

@donaldpipowitch There's lots to fix before dropping support for v0.8.x. Is this just because of the warning, or?

@donaldpipowitch
Copy link

No, just a general question :) I was a little surprised that 0.8.x is still so important?

@dasilvacontin
Copy link
Contributor

I think @boneskull has a better insight regarding 0.8 usage.

@mitselek
Copy link

it just sucks getting this warning message every time I like to use mocha.
I understand there are IT-restrictions and good reasons and what not - it just looks plain ugly and renaming happened a while ago.
Do something about it. Figure it out and fix it, please :) You can't postpone it till "next major" because next major is not about resolving jade issue, package renaming is absolutely irrelevant in next major - weak excuse.

And cheers - I love your work!

@dasilvacontin
Copy link
Contributor

@mitselek The only acceptable option is to upgrade the dependency in the next major version, it's not a weak excuse.

pug uses ^ in its package.json, which is not supported in older versions of npm, e.g. the one that comes with node 0.8. Therefore, you wouldn't be able to use Mocha with node 0.8 anymore, which is a breaking change, and, as any breaking change, it must be introduced with a major version: http://semver.org/.

Cheers!

@mitselek
Copy link

mitselek commented Apr 30, 2016

Actually I fail to understand, how would it be breaking change in this particular case.
We are talking about users, who doesnot had caret in versions, so their code could only follow the versions to next MINOR. So it can't actually break anything for them if you introduce caret in next MINOR?

@astorije
Copy link
Contributor Author

astorije commented Apr 30, 2016

Well, I didn't expect this issue to trigger so many opinions :-)

I understand both sides. Yes, maintaining compatibility of old versions of Node.js/npm is important (even though this shows that v0.8 is well buried, I fully understand it cannot be removed before next major bump of Mocha). Yes, this warning is indeed annoying.

So, what about nicely requesting @pugjs to npm publish version 0.26.3, which is tagged on GitHub anyway, and pointing to this one on Mocha's package.json in a new patch release?
It's not much of an improvement when you think of it, but compatibility is maintained and warning is removed...
Woud that solve this issue?

@ScottFreeCode
Copy link
Contributor

@mitselek, it wouldn't break automatic updates to Mocha as a dependency using the caret, but (at least according to the documentation for the old version of npm in question) it would still break updates using > or >= or .x.x, and even if it didn't it would also break manual updates (which matters inasmuch as A] people might be using manual updating in the absence of a suitable automatic updating feature, B] semantic versioning is meant to help convey intended compatibility even in the absence of automatic updating, and/or C] people might want their versions locked down rather than automatically updating but still want to update in a more controlled fashion).

@donaldpipowitch
Copy link

I don't understand the caret problem. It depends on npm and not Node or am I wrong? 0.8 Node users can use the newest npm.

@boneskull
Copy link
Contributor

Let me clear up any confusion:

  1. Node.js 0.8x ships with a version of npm which does not support carets.
  2. If a caret is present in any dependency of mocha, or any dependency of dependency of mocha, or any dependency of dependency of dependency of mocha, ad nauseam, mocha will fail to install with this version of npm.
  3. In practice, this means that even if pug eliminates carets from its package.json, if it depends on another package that uses carets, mocha will fail to install with this version of npm.
  4. Node.js 0.8x users of Mocha may or may not be able to upgrade npm in their environment. We cannot expect them to.
  5. Upgrading before a major release would break semver, regardless of whether these users would immediately be affected.

If it becomes critical to upgrade to pug before the next planned major, we'll address it. It remains a warning, and while it may be "ugly" or bothersome, it doesn't break your npm install mocha.

Workaround 1

Fork mocha, upgrade the dependency, and publish it under your npm user's namespace, install from there, or just install from GitHub.

Workaround 2

Change the log level of npm to error as per npm configuration. Behold the miracle as no warnings appear when installing mocha.

For the skeptics: Need convincing? Try npm install mocha --loglevel=error!


@mitselek: Your demands that we "fix" this issue are not well-received; it makes you sound spoiled. Please understand that this is an open-source project, and you are not entitled to support.

@boneskull
Copy link
Contributor

(linking to pugjs/pug#2184)

@boneskull
Copy link
Contributor

(also #1887)

@mitselek
Copy link

mitselek commented May 1, 2016

@boneskull I apologise for my semi-intentional unpolite language. I encounter closed-source coding on daily basis so I really do appreciate quality and commitment so abundant in open-source world.

For some reason I do have greatly higher expectations for support even acknowledging that I do not have any legal basis. Maybe thats because I love to point corporate coders to open-source community, where lots of effort is put into "thinking before acting" versus just spit it out and let the customer to suck it up.

So I want to make sure we have thought about every possible solution to not show unnecessary warning messages in install procedures to millions of users every month.

I can't emphasise enough how thankful I am for existence of projects like this.

@iknowcss
Copy link

Looks like no one has taken @astorije 's advice yet so I opened an issue on pug's tracker: pugjs/pug#2384

@astorije
Copy link
Contributor Author

Thanks @iknowcss!

@mike-lang
Copy link

mike-lang commented May 20, 2016

> If it becomes critical to upgrade to pug before the next planned major, we'll address it.

Reading the document that the jade/pug maintainer has been asked to sign suggests that jade will disappear from npm shortly. Specifically the section of this comment that states:

> For the avoidance of doubt, references to JADE on the website https://www.npmjs.com are permissible during the period ending six months after the date of these Undertakings. Upon the expiry of the six month period, I will make no further use of the sign "JADE" in any context.

This was posted January 29th. Is the next major release expected to happen between now and august?

Nevermind

@dasilvacontin
Copy link
Contributor

I believe I read somewhere that npm learnt from past mistakes (left-pad) and will not allow unpublishing of packages that have been longer than 12h in the registry or had any downloads. But someone should confirm this.

On 20 May 2016, at 23:17, Michael Lang notifications@github.com wrote:

If it becomes critical to upgrade to pug before the next planned major, we'll address it.

Reading the document that the jade/pug maintainer has been asked to sign suggests that jade will disappear from npm shortly. Specifically the section of this comment that states:

For the avoidance of doubt, references to JADE on the website https://www.npmjs.com are permissible during the period ending six months after the date of these Undertakings. Upon the expiry of the six month period, I will make no further use of the sign "JADE" in any context.

This was posted January 29th. Is the next major release expected to happen between now and august?


You are receiving this because you commented.
Reply to this email directly or view it on GitHub

@mike-lang
Copy link

mike-lang commented May 20, 2016

@dasilvacontin - @TimothyGu confirmed on another thread that despite what that post said, old versions of jade will not be unpublished from npm regardless of whether npm would heed such a request anyway

@boneskull
Copy link
Contributor

yes, another left-pad-gate would likely be avoided. jade shouldn't be removed from npm.

@TimothyGu
Copy link
Contributor

As I mentioned in the Pug issue, the Jade version used by Mocha is extremely old. Is there a specific reason/issue holding back the update?

@iknowcss
Copy link

It would break old versions of node as per this comment:
#2200 (comment)

Seems it might be updated in the next major release of mochajs

@anthony-redFox
Copy link
Contributor

The jade/pug dependency was removed in v3 major version.
Should be closed favor #2356

ping @boneskull

@tripu
Copy link
Contributor

tripu commented Jul 26, 2016

v3 isn't published yet, right? This is still an issue until/unless #2356 is addressed.

mikermcneil added a commit to balderdashy/captains-log that referenced this issue Jul 26, 2016
@mikermcneil
Copy link

Looks like it's really close. In Sails, I'm just doing balderdashy/captains-log@f2fffc3 in the mean time. @boneskull Let me know if I can help.

mikermcneil referenced this issue in balderdashy/sails Jul 27, 2016
…. Bump mocha to 3.0 prerelease to get rid of deprecation msgs. Also loosen semver ranges on mp-fs/mp-process devDeps.
@boneskull
Copy link
Contributor

Right, v3.0.0 removes the jade/pug dependency altogether. I'll close this

@boneskull
Copy link
Contributor

See #2350 for status

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests