How to resolve diamond-shaped dependency with package lock file #440
-
|
Hi, I'm new to CPM and considering introducing this tool into my projects. In the README document, there is a description about "First version used" which is saying that diamond-shaped dependency can be resolved by introducing a package lock file. But as far as I tried, CPM didn't generate the package lock file specifying the newest version of the nested dependencies. (The first version added is emitted instead.) Right now, do I need to edit the package lock file and write the newest version manually? If so, do you have any plan to add a feature to do that automatically? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Correct, currently the package lock still requires manual updating and currently is mainly a convenience feature for overriding versions for nested dependencies. In the future it would be great to expand this to allow automatic updates and detecting version mismatches etc (see #99). However as CPM doesn't use a central package registry this is a more complex feature as we cannot easily determine requirements for nested dependencies before actually downloading the dependencies. |
Beta Was this translation helpful? Give feedback.
Correct, currently the package lock still requires manual updating and currently is mainly a convenience feature for overriding versions for nested dependencies. In the future it would be great to expand this to allow automatic updates and detecting version mismatches etc (see #99). However as CPM doesn't use a central package registry this is a more complex feature as we cannot easily determine requirements for nested dependencies before actually downloading the dependencies.