E14
How to properly deal with Elixir version restrictions of dependencies
So, consider I want to target my library foo as Elixir ~> 1.12
This has a dependency bar, which in v1 has a dependency to Elixir~> 1.10, but in v2 it has a dependency to Elixir ~> 1.18. This is totally fine so far.
But when I use mix to lock the dependencies (mix deps.get), it will always generate a mix.lock file using the newest version (v2), and naturally when I run CI using my target minimum Elixir version of 1.12, CI fails because standard lib functions are used that do not exist in 1.12.
Now, most of this is still correct - I target Elixir ~> 1.12, so it is correct to retrieve the newest compatible dependency for the given version, because Elixir 1.18 does match ~> 1.12.
But not, if I’m running it using an Elixir 1.12 toolchain, which I am.
How do I deal with this properly? Maybe I’m missing something?
Currently I have to manually search through every revision of every direct dependency to find a useable version, then do the same for every single transitive dependency, and then manually set said version. That’s quite the effort for something the dependency solver already does for every dependency (except Elixir itself)
Most Liked
LostKobrakai
I don’t think elixir versions are checked for dependency resolution. Afaik they’re just used to warn people once they try using something not supported by their current version of elixir. So to support an older elixir version you’d need to explicitly restrict the dependency to supported versions. You could use CI to detect this early if that’s what you’re wondering about.
benwilson512
I mean I realize this isn’t the question you are asking but this is ANCIENT and a security issue as this doesn’t get patched and hasn’t in years. I would start by picking an Elixir version at least as new as 1.17 and going from there.
Asd
You just have to do mix deps.get in CI. When you have a dependency, you also usually specify the range like bar >= v1. If you call mix deps.get with elixir 1.12, you will have bar v1 in lock, but if with elixir 1.18, you will have bar v2 in lock.
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #elixirconf-us
- #advent-of-code
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #hex









