Inspecting dependency package version at runtime

mike_bianco · August 4, 2019, 4:52pm

Hello!

New to Elixir & Phoenix. Really incredible work here—thanks for all of the amazing efforts to make an amazing language!

I’m coming from the Ruby & Rails community. Right now, I’m working on upgrading the geoip package to support a more recent version of poison to eliminate a dependency conflict.

In ruby-land, many times you’ll check the version of dependency and modify the package logic to avoid forcing users to upgrade another package to use the latest version of a different package. For example:

if SomeGemName::VERSION > 3.0
  do_it_this_way
else
  do_it_that_way
end

Here’s the questions I can’t seem to find an answer to:

I haven’t seen this pattern in the (limited) elixir code I’ve read—is this something that isn’t done in the Elixir community? What’s the best practice here?
I can’t figure out how to inspect a package version at runtime. Poison.Mixfile.project[:version] doesn’t seem to be available during runtime and I can’t find any other interfaces to inspect a package version.

Really appreciate everyone’s help here!

danschultzer · August 4, 2019, 6:02pm

I prefer to either force developers to update their dependencies, or find alternative ways to make the code work independently of the dependency.

In the case of poison requirement, I would guess a better solution would be to just relax requirement in mix.exs, or make it so geoip doesn’t care whether poison is there, and instead you can switch out the json decoder the same way as in Phoenix and e.g. use jason instead.

If I got no other options, then I would do the following (this is from Pow):

  @spec dependency_vsn_match?(atom(), binary()) :: boolean()
  def dependency_vsn_match?(dep, req) do
    case :application.get_key(dep, :vsn) do
      {:ok, actual} ->
        actual
        |> List.to_string()
        |> Version.match?(req)

      _any ->
        false
    end
  end

I can then check the dependency version requirement like this:

if Pow.dependency_vsn_match?(:ecto, "< 3.0.0"), do: Mix.Ecto, else: Mix.EctoSQL

I use the above only in mix tasks or at compile time, since the dependency version is fixed at compile. I wouldn’t do this at runtime.

mike_bianco · August 5, 2019, 2:45am

Really appreciate the reply! For some reason, it looks like this data isn’t available when running tests in the geoip gem:

pry(4)> :application.get_key :poison, :vsn
:undefined

However, the Poison module is properly loaded and seems to have a vsn attribute:

[
  module: Poison,
  exports: [
    __info__: 1,
    decode: 1,
    decode: 2,
    decode!: 1,
    decode!: 2,
    encode: 1,
    encode: 2,
    encode!: 1,
    encode!: 2,
    module_info: 0,
    module_info: 1
  ],
  attributes: [
    vsn: [60514922806871968504020252179505777070],
    external_resource: ["/Users/mike/Projects/elixir/geoip/deps/poison/README.md"]
  ],
  compile: [
    version: '7.4.4',
    options: [:no_spawn_compiler_process, :from_core, :no_auto_import],
    source: '/Users/mike/Projects/elixir/geoip/deps/poison/lib/poison.ex'
  ],
  native: false,
  md5: <<45, 134, 192, 12, 142, 147, 138, 46, 55, 106, 164, 227, 14, 62, 137,
    174>>
]

Any ideas why this could be the case?

Also, do you know if there’s a way to define an exact version for the local package build for testing purposes but keep the version definition in the mix.exs loose?

For instance, I want:

{:poison, "~> 2.0 or ~> 3.0 or ~> 4.0"}

In deps but use version ~> 4.0 for the tests in the package.

Thanks again!

danschultzer · August 5, 2019, 3:11am

You can just set it up like that, and run mix deps.update poison. It’ll fetch the most recent 4.x version.

If you need to test different versions in CI, then I would add a second mix.lock file, and do it similar to how Phoenix does it: phoenix/mix.exs at f3fe0188aaa53bfa10d7750cffe5008d211756bf · phoenixframework/phoenix · GitHub

That error would mean that Poison isn’t loaded before you run :application.get_key/2 in the current process. Have you checked that it’s loaded just before calling :application.get_key/2?

mike_bianco · August 8, 2019, 2:00pm

@danschultzer thanks for the detailed help here, really appreciate it!

For anyone who runs into the unloaded package issue in the future: the reason why :poison wasn’t loaded is because it wasn’t included in the package’s mix.exs application list. The solution was to remove application altogether and replace it with extra_applications.