What are the Slack Archives?

It’s a history of our time together in the Slack Community! There’s a ton of knowledge in here, so feel free to search through the archives for a possible answer to your question.

Because this space is not active, you won’t be able to create a new post or comment here. If you have a question or want to start a discussion about something, head over to our categories and pick one to post in! You can always refer back to a post from Slack Archives if needed; just copy the link to use it as a reference..

Hello! I have a question regarding the _spryker/state-machine_ package. In version 2.15.1 the _pack

U038BHQ0QKY
U038BHQ0QKY Posts: 5 πŸ§‘πŸ»β€πŸš€ - Cadet
edited August 2022 in Help

Hello!

I have a question regarding the spryker/state-machine package. In version 2.15.1 the package-lock.json in assets/Zed got removed. Please note that version 2.15.0 still has it. This change causes the vendor/bin/console frontend:zed:install-dependencies command to fail with an exception when installing the dependencies in "/data/vendor/spryker/state-machine/assets/Zed" (cipm can only install packages with an existing package-lock.json or npm-shrinkwrap.json with lockfileVersion >= 1. Run an install with npm@5 or later to generate it, then try again).

Therefore, there is a PATCH update from version 2.15.0 to 2.15.1 that has a breaking change which caused our pipeline and subsequently deploy to start failing after this small update.

I see this as a problem and a violation of Semantic Versioning.

How can it be fixed? Is there a better place to report this issue?

Thanks!

https://github.com/spryker/state-machine/commit/89daede7e09d26a7aa7eb83ad683dbb04a6e71b7

Comments

  • Valerii Trots
    Valerii Trots SRE @ Spryker Sprykee Posts: 1,654 ✨ - Novice

    This release was a part of https://api.release.spryker.com/release-group/4173.
    One can argue if this should be a major version or not probably.
    To fix this, please roll back the change or migrate from Yarn to NPM.

  • U038BHQ0QKY
    U038BHQ0QKY Posts: 5 πŸ§‘πŸ»β€πŸš€ - Cadet
    edited August 2022

    Thank you for your answer, @valerii.trots!

    I don't believe there is an argument here.

    Spryker's documentation clearly states that "The Spryker Commerce OS versioning of modules relies on the semantic versioning approach, which implies a clear set of rules and requirements that dictate how version numbers are assigned and incremented." (https://docs.spryker.com/docs/scos/dev/architecture/module-api/semantic-versioning-major-vs.-minor-vs.-patch-release.html).

    Removing an asset is considered as a non-backward-compatible change and therefore requires a major version.

    I would like to report this violation and ask for a fix. Can you please let me know can I do that?

    Thank you!

  • Valerii Trots
    Valerii Trots SRE @ Spryker Sprykee Posts: 1,654 ✨ - Novice

    Didn't find anything about assets in mentioned document. But I'm not a dev, sorry if I don't get obvious for devs things.
    @UN6T8SEM7 are you able to take a look and express your opinion here? πŸ™‚

  • U038BHQ0QKY
    U038BHQ0QKY Posts: 5 πŸ§‘πŸ»β€πŸš€ - Cadet

    The specific place where this is mentioned and where the violation occurs is in https://docs.spryker.com/docs/scos/dev/architecture/module-api/declaration-of-module-apis-public-and-private.html#public-api ("In general, there is a BC break whenever an existing contract is changed. A contract is what the user of the API expects. This includes the signature of methods as well as the expected behavior.").

    The expected behavior of the Spryker\Zed\SetupFrontend\Business\SetupFrontendFacadeInterface's installZedDependencies method is broken since it states that "Installs needed Zed dependencies.". However, migrating from 2.15.0 to 2.15.1 for the state-machine package causes this method to not behave as expected since it locates the json file that got removed, thus making that removal backward INcompatible.

  • Aleksander Kovalenko
    Aleksander Kovalenko Sprykee Posts: 45 πŸ§‘πŸ»β€πŸš€ - Cadet
    edited August 2022

    From one perspective we don’t have an agreement on frontend public API for Zed, but from another - it’s a BC break in a patch release, so I assume it have to be a major or a minor with migration guide. I think @UQRP02SP2 was taking care about this release, so maybe he has some insights.

  • Unknown
    Unknown

    We discussed this internally and came to the conclusion that those files should be left for BC. We will prepare patch releases shortly to bring them back for all those modules.
    Thank you for bringing this BC break to our attention.

  • U038BHQ0QKY
    U038BHQ0QKY Posts: 5 πŸ§‘πŸ»β€πŸš€ - Cadet

    Thank you!

  • Unknown
    Unknown

    Please check if https://api.release.spryker.com/release-group/4354 solves it for you.

  • U038BHQ0QKY
    U038BHQ0QKY Posts: 5 πŸ§‘πŸ»β€πŸš€ - Cadet

    It does! Thank you for addressing this in such a short time! πŸ™‚

  • UPWG9AYH2
    UPWG9AYH2 Posts: 509 πŸ§‘πŸ»β€πŸš€ - Cadet
    edited September 2022

    Seems to be a similar issue on my side

    [info] Install dependencies in β€œ/data/vendor/spryker/gui/assets/Zed”
    [info] npm ERR! cipm can only install packages when your package.json and package-lock.json or npm-shrinkwrap.json are in sync. Please update your lock file with npm install before continuing.
    npm ERR!
    [info]
    npm ERR!
    npm ERR! Missing: autonumeric@~4.6.0
    npm ERR!

    Seems to be autonumeric package was added in spryker/gui in version 3.45.0 two days ago … any idea?

  • UPWG9AYH2
    UPWG9AYH2 Posts: 509 πŸ§‘πŸ»β€πŸš€ - Cadet
    edited September 2022

    Okay, package-lock.json does not seem to include the new autonumeric package … i think it was just missed to generate the package.lock again.

    I successfully tried to execute npm install in the spryker/gui vendor folder and it did the trick. Should i create a ticket?

Categories