Added meteor update --all-packages to update indirect dependencies

See #7495. Still some decisions to be made: - Should we make --all-packages the default? - How should we deal with *new* indirect dependencies? - Should we do anything about underpinning indirect dependencies when updating?
2026-05-02 03:01:46 -04:00 · 2016-08-16 17:20:27 +10:00
parent f9f94e21d1
commit 01e1dbf352
9 changed files with 91 additions and 6 deletions
--- a/tools/cli/commands-packages.js
+++ b/tools/cli/commands-packages.js
@@ -1546,7 +1546,8 @@ main.registerCommand({
  options: {
    patch: { type: Boolean },
    "packages-only": { type: Boolean },
-    "allow-incompatible-update": { type: Boolean }
+    "allow-incompatible-update": { type: Boolean },
+    "all-packages": { type: Boolean }
  },
  // We have to be able to work without a release, since 'meteor
  // update' is how you fix apps that don't have a release.
@@ -1611,13 +1612,28 @@ main.registerCommand({
  // args), take patches to indirect dependencies.
  var upgradeIndirectDepPatchVersions = false;
  if (options.args.length === 0) {
-    projectContext.projectConstraintsFile.eachConstraint(function (constraint) {
-      if (! compiler.isIsobuildFeaturePackage(constraint.package)) {
-        upgradePackageNames.push(constraint.package);
-      }
-    });
+    var allDependencies = _.keys(projectContext.packageMapFile._versions);
+
+    // "all-packages" means update every package we depend on. The default
+    // is to tend to leave indirect dependencies (i.e. things not listed in
+    // `.meteor/packages`) alone.
+    if (options["all-packages"] && allDependencies.length > 0) {
+      upgradePackageNames = allDependencies;
+    } else {
+      projectContext.projectConstraintsFile.eachConstraint(function (constraint) {
+        if (! compiler.isIsobuildFeaturePackage(constraint.package)) {
+          upgradePackageNames.push(constraint.package);
+        }
+      });
+    }
    upgradeIndirectDepPatchVersions = true;
  } else {
+    if (options["all-packages"]) {
+      Console.error("You cannot both specify a list of packages to"
+       + " update and pass --all-packages.");
+       exit(1)
+    }
+
    upgradePackageNames = options.args;
  }

--- a/tools/tests/apps/app-with-indirect-dependencies/.meteor/.gitignore
+++ b/tools/tests/apps/app-with-indirect-dependencies/.meteor/.gitignore
@@ -0,0 +1 @@
+local
--- a/tools/tests/apps/app-with-indirect-dependencies/.meteor/.id
+++ b/tools/tests/apps/app-with-indirect-dependencies/.meteor/.id
@@ -0,0 +1,7 @@
+# This file contains a token that is unique to your project.
+# Check it into your repository along with the rest of this directory.
+# It can be used for purposes such as:
+#   - ensuring you don't accidentally deploy one app on top of another
+#   - providing package authors with aggregated statistics
+
+1wehy3x1n3lcvy1v8vllm
--- a/tools/tests/apps/app-with-indirect-dependencies/.meteor/packages
+++ b/tools/tests/apps/app-with-indirect-dependencies/.meteor/packages
@@ -0,0 +1,6 @@
+# Meteor packages used by this project, one per line.
+#
+# 'meteor add' and 'meteor remove' will edit this file for you,
+# but you can also edit it by hand.
+
+tmeasday:direct-dependency@=1.0.0
--- a/tools/tests/apps/app-with-indirect-dependencies/.meteor/platforms
+++ b/tools/tests/apps/app-with-indirect-dependencies/.meteor/platforms
@@ -0,0 +1,2 @@
+browser
+server
--- a/tools/tests/apps/app-with-indirect-dependencies/.meteor/release
+++ b/tools/tests/apps/app-with-indirect-dependencies/.meteor/release
@@ -0,0 +1 @@
+none
--- a/tools/tests/apps/app-with-indirect-dependencies/.meteor/versions
+++ b/tools/tests/apps/app-with-indirect-dependencies/.meteor/versions
@@ -0,0 +1,11 @@
+babel-compiler@6.9.0
+babel-runtime@0.1.10
+ecmascript@0.5.7
+ecmascript-runtime@0.3.13
+meteor@1.2.16
+modules@0.7.5
+modules-runtime@0.7.5
+promise@0.8.3
+tmeasday:direct-dependency@1.0.0
+tmeasday:indirect-dependency@1.0.0
+underscore@1.0.9
--- a/tools/tests/apps/app-with-indirect-dependencies/app-with-indirect-dependencies.js
+++ b/tools/tests/apps/app-with-indirect-dependencies/app-with-indirect-dependencies.js
@@ -0,0 +1 @@
+// This app doesn't do anything, we just check versions
--- a/tools/tests/update-tests.js
+++ b/tools/tests/update-tests.js
@@ -51,3 +51,43 @@ selftest.define("'meteor update' alters constraints in `.meteor/packages`", () =
    selftest.fail("Failed to update the version specifier for the `meteor-base` package");
  }
 });
+
+selftest.define("'meteor update' updates indirect dependencies with patches", () => {
+  const s = new Sandbox();
+
+  s.createApp("myapp", "app-with-indirect-dependencies", {
+    release: DEFAULT_RELEASE_TRACK + '@v1'
+  });
+  s.cd("myapp");
+
+  var run = s.run("--prepare-app");
+  // our .meteor/versions contains a version of this so we shouldn't change it
+  run.forbid(/indirect-dependency/);
+  run.expectExit(0);
+
+  var update = s.run("update");
+  // we have direct-dependency@=1.0.0, which depends on indirect@1.0.0
+  // we should update to 1.0.1 (only take patches to indirect dependencies)
+  update.match(/indirect-dependency.*1.0.1/);
+  update.expectExit(0);
+});
+
+selftest.define("'meteor update --update-all' updates indirect dependencies to latest, within constraints", () => {
+  const s = new Sandbox();
+
+  s.createApp("myapp", "app-with-indirect-dependencies", {
+    release: DEFAULT_RELEASE_TRACK + '@v1'
+  });
+  s.cd("myapp");
+
+  var run = s.run("--prepare-app");
+  // our .meteor/versions contains a version of this so we shouldn't change it
+  run.forbid(/indirect-dependency/);
+  run.expectExit(0);
+
+  var update = s.run("update", "--all-packages");
+  // we have direct-dependency@=1.0.0, which depends on indirect@1.0.0
+  // we should update to 1.1.0 but not 2.0.0
+  update.match(/indirect-dependency.*1.1.0/);
+  update.expectExit(0);
+});
				`@@ -0,0 +1 @@`
				`// This app doesn't do anything, we just check versions`