update peer dependencies on upgrade and retry

[korelstar]

This is a follow-up of #869 and improves the situation, where updated packages have different peer dependencies. Here is an example:

The package ncu-test-peer-update is published with two versions:

• 1.0.0 has peer dependency "ncu-test-return-version": "1.0.x"
• 1.1.0 has peer dependency "ncu-test-return-version": "1.1.x"

Our test app has the following dependencies:

    "ncu-test-peer-update": "1.0.0",
    "ncu-test-return-version": "1.0.0"

Before (i.e. with ncu version 11.5.1)

A call of ncu --peer will propose the following updates:

 ncu-test-peer-update     1.0.0  →  1.1.0     
 ncu-test-return-version  1.0.0  →  1.0.1     

There is not update suggestion for ncu-test-return-version to 1.1.0, since the installed version of ncu-test-peer-update requires version 1.0.x. This means, I would have to run npm install afterwards and then again ncu --peer to get all updates.

After (i.e. with this PR)

Now, ncu will get the new peer dependencies from the registry and check again for updates. I.e., the resulting update suggestion will contain all compatible updates.

 ncu-test-peer-update     1.0.0  →  1.1.0     
 ncu-test-return-version  1.0.0  →  1.1.0     

Without --peer option

Just as comparison: without using the --peer option, ncu will suggest incompatible updates in both cases (with and without this PR):

 ncu-test-peer-update     1.0.0  →  1.1.0     
 ncu-test-return-version  1.0.0  →  2.0.0     

[raineorshine]

Thanks for the additional contribution and excellent explanation! Makes perfect sense. I'd love to add your description to a markdown file that documents for users how the --peer feature works.

I just have a few requests for some simplifications and conforming to a more functional programming paradigm. Thanks and let me know if you have any questions!

[raineorshine]

Thank you!

Published in v11.5.2

[korelstar]

@raineorshine : Are you interested in a functionality for ncu to show a list of ignored incompatible updates? This could look like this:

Example 1:

New versions of active modules available:

  ncu-test-peer-update      1.0.0   →   1.1.0 
  ncu-test-return-version   1.0.0   →   1.1.0 

Ignored incompatible updates (peer dependencies):

  ncu-test-return-version   1.0.0   →   2.0.0   reason: ncu-test-peer-update requires 1.1.x 

Example 2:

New versions of active modules available:

  @nextcloud/dialogs                ^3.1.1   →     ^3.1.2 
  @nextcloud/router                 ^1.2.0   →     ^2.0.0 
  @nextcloud/vue                    ^3.8.0   →     ^3.9.0 
  @nextcloud/webpack-vue-config     ^4.0.1   →     ^4.0.3 
  easymde                          ^2.14.0   →    ^2.15.0 
  markdown-it                      ^12.0.4   →    ^12.0.6 
  @babel/core                     ^7.13.14   →   ^7.13.16 
  @babel/preset-env               ^7.13.12   →   ^7.13.15 
  core-js                          ^3.10.0   →    ^3.11.0 
  eslint                           ^7.23.0   →    ^7.25.0 
  eslint-plugin-vue                 ^7.8.0   →     ^7.9.0 
  eslint-webpack-plugin             ^2.5.3   →     ^2.5.4 
  sass                             ^1.32.8   →   ^1.32.11 
  stylelint                       ^13.12.0   →   ^13.13.0 
  webpack                          ^5.28.0   →    ^5.35.1 

Ignored incompatible updates (peer dependencies):

  css-loader               ^4.3.0   →    ^5.2.4   reason: @nextcloud/webpack-vue-config requires ^4.3.0                                    
  eslint-plugin-promise    ^4.3.1   →    ^5.1.0   reason: @nextcloud/eslint-config requires ^4.2.1, eslint-config-standard requires ^4.2.1 
  sass-loader             ^10.1.1   →   ^11.0.1   reason: @nextcloud/webpack-vue-config requires ^10.0.5                                   

Background: I've made a PR for npm-upgrade (a tool which uses npm-check-updates for providing interactive updates) which generates such a list: th0r/npm-upgrade#59

I could move that code from npm-upgrade to npm-check-updates, if you want.

[raineorshine]

Looks nice!

• Is this intended to only occur with --peer?
• What's the difference between "Ignored incompatible updates (peer dependencies)" and "Ignored updates"?

[korelstar]

* Is this intended to only occur with `--peer`?

Yes.

* What's the difference between "Ignored incompatible updates (peer dependencies)" and "Ignored updates"?

Oh, sorry. The section "Ignored updates" is a special thing of npm-upgrade. It would not be there in ncu.

[raineorshine]

Yes, I like it!