Hey @inner flare (I think you're the one in charge of npm packages -- correct me if I'm wrong). I use yarn outdated in my CI script to check for outdated deps, and I noticed that it's reporting the @dev version as outdated for some reason. Any idea why this is?
https://asciinema.org/a/ul1muK7UmyepN2HXUk8484wFD
#`yarn outdated` flags dev tag as outdated
grave hazel
inner flare
Looks more like yarn being yarn than anything else
Or it reads from the package.json
grave hazel
Maybe if the version format was switched to 13.0.0-dev.{timestamp}.{commit} it would be ordered?
inner flare
Either way, yarn add discord.js@dev should always install latest
grave hazel
I think it might be because it's not sequential
inner flare
The reason it's timestamp after commit IS so its ordered
grave hazel
but commit is random
inner flare
Since timestamps are sequential after all
grave hazel
the commit sha makes it unordered
inner flare
Yet the timestamp makes it ordered
and fixed several tools with that issue
grave hazel
No, because the commit comes first?
inner flare
It fixed dependabot not recognizing changes
grave hazel
13.0.0-dev-1234567.0000000001 < 13.0.0-dev-abcdef1.0000000002
inner flare
thats not how its checked
grave hazel
even though 1234567 might be made after a...
It seems like that's how yarn outdated checks it
How does dependabot check it?
inner flare
npm works fine
yarn doesn't
so its a yarn issue
grave hazel
Shouldn't it not be displaying in npm at all?
if it's truly latest
inner flare
??
well, it's probably getting confused because its a tagged release
grave hazel
I thought outdated returned no output if everything is up to date
inner flare
its not "latest"
its "dev"
grave hazel
Hmm, okay
inner flare
Best shot is setting discord.js to dev in package.json
grave hazel
Won't that make my local install inconsistent with the CI then?
Like, the actual version installed locally could be a totally different @dev release than the one the CI gets
inner flare
thats why caches exist
grave hazel
hm alright
inner flare
Also, technically I'm not the one in charge of npm, thats more of a Crol question
grave hazel
Ah, gotcha 
grave hazel
Maybe if the version format was switched to `13.0.0-dev.{timestamp}.{commit}` it...
just btw @hushed rampart do you know if the version format can be changed to be sequential? (i.e. timestamp-commitsha instead of commitsha-timestamp)?
hushed rampart
I don't see how this will prevent anything
🤔
but if you want, flip it
idc
grave hazel
I think it's because yarn is checking for sequentially newer packages
hushed rampart
yarn is dumb
I dont want to cater to it
inner flare
I think it's because yarn is checking for sequentially newer packages
Commits aren't inheritedly sequential lmao
grave hazel
that's why I think timestamp needs to be first??
rn commit is first which makes no sense
inner flare
Its a build of a commit at that timestamp
grave hazel
but shouldn't the latest published version be the largest sequential version number, per semver?
inner flare
No matter if you order it as number.commit or commit.number, you'll have the same issue
This is strictly a yarn issue
grave hazel
I guess I don't see how that wouldn't make a difference... The build with the largest timestamp is the latest build, so putting the timestamp first would make it sort as the largest, right?
Sorry if I'm just missing something here, I hope this isn't naive
inner flare
Well find out. Take two of the dev releases, compare them, then inverse the values and see id they return the same
grave hazel
> older_release = '13.0.0-dev.fe6cc0c.1625227356'
'13.0.0-dev.fe6cc0c.1625227356'
> newer_release = '13.0.0-dev.2675b08.1627646567'
'13.0.0-dev.2675b08.1627646567'
> newer_release > older_release
false
> older_release > newer_release
true
Not inverse like that
Inverse commit and timestamp
grave hazel
older_release = '13.0.0-dev.fe6cc0c.1625227356'
> newer_release = '13.0.0-dev.2675b08.1627646567'
> newer_release > older_release
false
> older_release > newer_release
true
> older_release_2 = '13.0.0-dev.1625227356.fe6cc0c'
> newer_release_2 = '13.0.0-dev.1627646567.2675b08'
> newer_release_2 > older_release_2
true
> older_release_2 > newer_release_2
false
>
with timestamp first they sort correctly
because timestamps always increment
inner flare
Yeah but i doubt that's how npm and probably pnpm sort
grave hazel
How else would they sort? If they sort by publish time then there wouldn't be an issue
But there is an issue
inner flare
Its an issue on yarn
grave hazel
I think this is the relevant code
Because it falls back to a string sort
As does NPM
Since the latest version reported by the API is not in the 13.x semver range
inner flare
And yet npm hasn't this issue
grave hazel
I think npm does, because it shouldn't be showing any output at all, and yet it complains that discord.js isn't latest
Even though it exits with 0, it still shouldn't be marking it as old
hushed rampart
yes
thats normal
that happens with any dependency thats not on @latest
so @next, @beta, @dev etc
are you sure that wont break npm
👀
grave hazel
it shouldn't seeing as commit shas have letters in them
so there's really no change as far as NPM would be concerned
hushed rampart
can u make a PR right after this one is merged
removing the t
thx
grave hazel
yea
grave hazel
can u make a PR right after this one is merged
shouldnt the pr also change this line:
run: npm deprecate discord.js@"~13.0.0-dev" "no longer supported" || true
that seems problematic seeing as the other one uses package.json version
hushed rampart
what other one
grave hazel
npm version --git-tag-version=false $(jq --raw-output '.version' package.json).$(date +%s).$(git rev-parse --short HEAD)
i mean sure
grave hazel
it uses jq
hushed rampart
sure
published a new dev release btw
does that fix it now
grave hazel
sec lemme check
yes
fixed
hushed rampart
wait what
are you saying we have to stick with the t for now lol