fix: Install an exact version of @github/prettier-config

[hashtagchris]

This matches what I've seen us install in practice. See

template-oss/package.json

Line 70 in 4ef5cf6

"@github/prettier-config": "0.0.6",

and

template-oss/test/apply/lint.js

Lines 50 to 52 in b35bca5

	prettier: '^3.0.0',
	'eslint-config-prettier': '^9.0.0',
	'@github/prettier-config': '0.0.6',

Sample postlint guidance

Instead of @github/prettier-config@*, it tells you to install @github/[email protected] with the --save-exact flag.

% npm uninstall prettier && npm uninstall @github/prettier-config
...

% npm run postlint
> @npmcli/[email protected] postlint
> template-oss-check


Some problems were detected:

-------------------------------------------------------------------

The following required devDependencies were not found:

  prettier
  @github/[email protected]

To correct it: npm rm prettier @github/prettier-config && npm i prettier@* --save-dev && npm i @github/[email protected] --save-dev --save-exact

-------------------------------------------------------------------

Exact version enforcement

semver range

% npm i @github/prettier-config@latest --save-dev
...

% npm pkg get devDependencies."@github/prettier-config" 
"^0.0.6"

% npm run postlint                                     

> @npmcli/[email protected] postlint
> template-oss-check


Some problems were detected:

-------------------------------------------------------------------

The following required devDependencies were not found:

  @github/[email protected]

To correct it: npm rm @github/prettier-config && npm i @github/[email protected] --save-dev --save-exact

-------------------------------------------------------------------

Exact version

% npm i @github/[email protected] --save-dev --save-exact
...

% npm pkg get devDependencies."@github/prettier-config"
"0.0.6"
% npm run postlint

> @npmcli/[email protected] postlint
> template-oss-check

% 

References

Follow-up to #447

[wraithgar]

disregard this approval, I didn't see it was done w/ a hard config to a specific version. That's not how this is done.

[wraithgar]

We usually don't bake versions into this package itself.

[hashtagchris]

We usually don't bake versions into this package itself.

I see we typically don't specify versions of dependencies, not even major versions. However why is there support for exact versions in template-oss if we should never use it?

template-oss/lib/check/check-required.js

Line 29 in 4ef5cf6

const [exactSpecs, saveSpecs] = partition(specs, s => s.type === 'version')

template-oss/lib/check/check-required.js

Line 40 in 4ef5cf6

installCommand(exactSpecs, [locationFlag, '--save-exact']),

And why does /test/apply/lint.js test with a version of @github/prettier-config without a caret?

[wraithgar]

The exact version specification appears to be for template-oss itself, which takes the version from its own package.json.

It does not look like we've baked into template-oss the ability to enforce no prefixes for other dependencies. I know we'd talked about it for the linting rules packages, but I don't think it's been done.

[hashtagchris]

To correct it: ... npm i @github/[email protected] --save-dev --save-exact

I now understand that we should avoid hardcoding versions in this repo, as its too much trouble to update them later. Ideally we'd want a way to indicate which dependencies should be installed as an exact versions, and template-oss would output something like To correct it: ... npm i @github/prettier-config@* --save-dev --save-exact.

I don't know if we'd actually want or need to migrate to a eventual newer release of @github/prettier-config, but I'll assume that's true for this or another dependency.