CLI NPM package is on v4.0.0, package.json at 3.3.9, and all template packages have peer dependency pinned to ^3

Question

CLI NPM package is on v4.0.0, package.json at 3.3.9, and all template packages have peer dependency pinned to ^3

leegenes opened this issue a year ago · comments

Description

CLI package on NPM is v4.0.0 template, color, wallpaper packages have a peer dependency "themer": "^3" causing failure when installing.

v4.0.0 tag

Commit linked to the v4.0.0 tag , but it doesn't exist in history.

Current package.json with version 3.3.9 specified, and last commit date Sept 2021.

Seems like a force push or hard reset may have wiped it from history after the tag was created and package pushed to npm?

To reproduce

npm install themer
npm install @themerdev/{package}
see error

Expected behavior

Should be able to install packages. NPM version should be a valid version in the package's history.

Environment information

CLI

probably not relevant

Additional context

Error

❯ npm install themer                                                                                                                                       

added 12 packages in 1s

2 packages are looking for funding
  run `npm fund` for details

~/src/themer-bug 
❯ npm install @themerdev/alacritty                                                                                                                     
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: undefined@undefined
npm ERR! Found: themer@4.0.0
npm ERR! node_modules/themer
npm ERR!   themer@"^4.0.0" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer themer@"^3" from @themerdev/alacritty@1.0.1
npm ERR! node_modules/@themerdev/alacritty
npm ERR!   @themerdev/alacritty@"*" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.

Workaround

~/src/themer-bug ··········································································································································
❯ npm install themer@3.3.9                                                                                                                                 

added 6 packages, and audited 7 packages in 815ms

2 packages are looking for funding
  run `npm fund` for details

found 0 vulnerabilities

~/src/themer-bug ··········································································································································
❯ npm install @themerdev/alacritty                                                                                                                      

added 7 packages, and audited 14 packages in 4s

2 packages are looking for funding
  run `npm fund` for details

found 0 vulnerabilities

Matt Swensen · Answer 1 · Fri Jan 27 2023 22:10:25 GMT+0800 (China Standard Time)

Thanks @leegenes for the report. Yes, the 4.0.0 release is not on the main branch (it's on a different branch), which is why it's hard to find.

I got partway down the 4.0.0 path when I realized that there are a few other changes which will make themer much easier to use generally—so I'm working on that now and will get all this cleaned up soon.

In the meantime, you have a few options:

Install @3.3.9, as you've pointed out in your workaround.
Instruct npm to ignore failed peer dependency versions with the --legacy-peer-deps flag—themer@4.0.0 is still compatible with the various template and color packages.