-
-
Notifications
You must be signed in to change notification settings - Fork 671
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Compiler should refuse to publish a package that uses a dev-dependency in its source #3143
Comments
|
@lpil hm but how? it's not listed under dependencies? https://github.com/JonasGruenwald/chrobot/blob/v1.0.0/gleam.toml#L12 If I create a new project right now and add to my gleam.toml [dependencies]
gleam_stdlib = ">= 0.34.0 and < 2.0.0"
chrobot = "1.0.0" And run I get: error: Unknown module
┌─ /Users/jonas/Projects/temp/issue_3143/build/packages/chrobot/src/chrobot/internal/download_protocol.gleam:9:1
│
9 │ import gleam/http/request
│ ^^^^^^^^^^^^^^^^^^^^^^^^^
No module has been found with the name `gleam/http/request`.
This is on version 1.0.0 of chrobot, I had fixed it in the version after. |
Is it the manifest file that has this information? |
As the warning there says it is transitive. I would recommend not publishing a package that had warnings. |
It does say that, I don't see how that would be possible, since if the dep was transitive it would still be installed alongside my package and not cause this error, also I can't see any of my dependencies depending on it unless I'm missing something. But anyways nevermind, I agree that it was my mistake to ignore the warning, was just told specifically to open this issue so I did :) |
Oh! Then there is a bug somewhere. I am rather confused since |
Alright :) Here are some proper steps to reproduce, seems to actually not be related to me messing with the
// src/issue_3143.gleam
import gleam/io
import justin
pub fn main() {
io.println(justin.snake_case("HelloWorld"))
}
Output: ~/Projects/temp/issue_3143 → gleam publish
The repository configuration in your `gleam.toml` file does not appear to be
valid, https://github.com/JonasGruenwald/issue_3143 returned status 404 Not Found
Do you wish to continue? [y/n]: y
Compiling gleam_stdlib
Compiling gleeunit
Compiling justin
Compiling issue_3143
warning: Transitive dependency imported
┌─ /Users/jonas/Projects/temp/issue_3143/src/issue_3143.gleam:2:1
│
2 │ import justin
│ ^^^^^^^^^^^^^
The module `justin` is being imported, but `justin`, the package it belongs
to, is not a direct dependency of your package.
In a future version of Gleam this may become a compile error.
Run this command to add it to your dependencies:
gleam add justin
Compiled in 0.68s
Generating documentation
Generated files:
- src/issue_3143.app.src
- src/issue_3143.erl
Source files:
- README.md
- gleam.toml
- src/issue_3143.gleam
Name: issue_3143
Version: 1.0.0
Do you wish to publish this package? [y/n]: y
https://hex.pm username:
https://hex.pm password (will not be printed as you type):
# I left the fields empty so it failed to publish at that point, but I believe it should not get to there? Expected Behaviour
Actual BehaviourGleam warns that the added dev dependency is a transitive dependency, which is not true, and does not prevent publishing. |
I mistakenly published a package including modules that import dev-dependencies, as I didn't know I had to put them under the
/test
directory.During publishing I got these warnings
But the package was published regardless.
According to @hayleigh-dot-dev on discord:
The text was updated successfully, but these errors were encountered: