Say I have two repos: repoa and repob. I installed a package 3.1 ver from repoa. I have a newer version 3.2 in repob.
How could I upgrade the package from repob? I tried to yum upgrade, but looks it always stick to the original repo - repoa, and didn't look at the package in repob at all. I can use 'yum provides' to get the package information from two repose, but only repoa looks recognised.
I tried several things such as change the priority higher for repob, temporarily remove the repoa, but none of them working.
I guess I need to remove it then do reinstallation from repob.
Related
My repo in github show the following alert :
Dependabot cannot update ssri to a non-vulnerable version. The latest possible version that can be installed is 6.0.1 because of the following conflicting dependencies:
terser-webpack-plugin#2.3.8 requires ssri#^7.0.0 via cacache#13.0.1
webpack#4.46.0 requires ssri#^6.0.1 via a transitive dependency on
cacache#12.0.4
The earliest fixed version is 8.0.1.
As far as I known, I should update the root package (which is terser-webpack-plugin) in package.json to a newer version, but how to determine the minimum version that can support the non-vulnerable version of the dependency (in this case ssri 8.0.1) since I don't want to update to a too high version and risk breaking things. I am thinking of manually checking through all the release version of terser-webpack-plugin, but it's very tedious and seem wrong to check like that. Any suggestions ?
To speed up the process and save installing each version and its associated dependency tree, we can use npm-remote-ls (https://stackoverflow.com/a/26005786/2815338)
Firstly get the list of available versions:
> npm view terser-webpack-plugin versions
[
'1.0.0', '1.0.1', '1.0.2', '1.1.0', '1.2.0',
...
Then run npm-remote-ls for each version after your current one and filter on the relevant dependency, e.g.
> npm-remote-ls terser-webpack-plugin#3.0.0 | grep ' ssri#'
??? ?????? ssri#8.0.1
??? ??? ??? ?????? ssri#6.0.2
In this case terser-webpack-plugin#5.0.0 is the first with only fixed versions of ssri (8.0.1), and 5.1.0 appears to not include ssri at all, presumably due to webpack no longer depending on cacache.
N.B. the question marks appear to be due to encoding of characters that npm-remote-ls uses to display a tree structure. You could also use Select-String in PowerShell, but this appears to show different (incorrect) characters instead.
We had been using version 0.11.0 of angular-bootstrap from npmjs. It appears that version is no longer available on npmjs. From the commands below does this mean that someone actually unpublished the older packages?
prompt:~$ npm view angular-bootstrap time
{ modified: '2015-01-12T06:48:54.881Z',
created: '2014-01-29T21:54:32.213Z',
'0.0.1': '2014-01-29T21:54:37.589Z',
'0.0.2': '2014-01-29T22:03:08.814Z',
'0.0.3': '2014-01-29T22:51:49.998Z',
'0.0.4': '2014-02-11T15:14:17.078Z',
'0.11.0': '2014-06-24T07:06:56.435Z',
'0.13.0-SNAPSHOT': '2014-12-02T13:05:43.151Z',
'0.12.0': '2015-01-12T06:46:41.986Z' }
prompt:~$ npm view angular-bootstrap versions
0.12.0
I agree, the package seems to have been unpublished. You can still access it from the github history, as follows:
$ npm install "angular-ui/bootstrap#0.11.0"
(note that you may not need quoting, but some shells will interpret the # as a comment-begin character.) You can also use this syntax in dependencies inside package.json
If you have a project in production that depends on this, you should probably make a fork of the angular-ui/bootstrap repository and point towards that.
(I had some difficulty making this work on Windows, but it looks like you're on a Unixy system, so you should be fine.)
Ticket discussing this and the future is at https://github.com/angular-ui/bootstrap/issues/1636
I am trying to install TurboGear 2. I was following the steps given in this documentation. Link: http://toscawidgets.org/documentation/tw2.core/turbogears.html
On executing this command
pip install -e .
i got this error
No distributions at all found for repose.who-friendlyform>=1.0.4 (from example==0.1dev)
Then with this command
python setup.py develop
i got this error
Searching for repose.who-friendlyform>=1.0.4
Reading https://pypi.python.org/simple/repose.who-friendlyform/
Couldn't find index page for 'repose.who-friendlyform' (maybe misspelled?)
Scanning index of all packages (this may take a while)
Reading https://pypi.python.org/simple/
No local packages or download links found for repose.who-friendlyform>=1.0.4
error: Could not find suitable distribution for Requirement.parse('repose.who-friendlyform>=1.0.4')
I tried to install it with easy_install but it didn't work. How can i overcome this error?
The documentation you are pointing to is quite outdated, which TurboGears version are you trying to use? Latest TG versions don't depend on repoze.who-friendlyform anymore. Try to delete your virtualenv, recreate it and then install TurboGears with pip install tg.devtools.
You can find latest TG version documentation on http://turbogears.readthedocs.org/en/latest/#installing-turbogears with a tutorial on using ToscaWidgets at http://turbogears.readthedocs.org/en/latest/cookbook/TwForms.html
Also latest ToscaWidgets documentation has been moved at http://tw2core.readthedocs.org/en/latest/
If you want to experiment with TG2 and Forms there are also a bunch of runnables you can play with: http://runnable.com/TurboGears
I updated the SQL file for my module - how do i get it to automatically run again without creating a new version of it?
I am working on my first module and just need to tweak this one so it works on a new install for someone else.
When Magento automatically runs a SQL file for a setup resource, it makes an entry in the core_resource table.
mysql> SELECT code,version,data_version FROM core_resource;
adminnotification_setup 1.0.0 1.0.0
admin_setup 0.7.2 0.7.2
amazonpayments_setup 0.1.2 0.1.2
api_setup 0.8.1 0.8.1
backup_setup 0.7.0 0.7.0
bundle_setup 0.1.11 0.1.11
...
You'll need to remove the single row in this table that corresponds to your module, and then clear your Magento cache. This will let you re-run your setup resource SQL file.
ONLY remove that single row — if you remove rows for the core modules, there will be much breaking and weeping.
I have added a section in my buildout to install python-ldap as described here:
http://bluedynamics.com/articles/jens/python-ldap-as-egg-with-buildout
However my buildout fails with:
While:
Initializing.
Getting section buildout.
Initializing section buildout.
Getting option buildout:eggs.
Getting section python-ldap.
Initializing section python-ldap.
Installing recipe zc.recipe.egg.
Error: There is a version conflict.
We already have: zc.buildout 1.4.2
but zc.recipe.egg 1.3.2 requires 'zc.buildout>=1.5.0'.
Why is buildout trying to get the latest version of zc.recipe.egg for this particular part even though it is pinned to 1.2.2 in the versions para?
You can pin any and all eggs (regardless of what they are used for) with a versions section. You have to explicitly declare such a section, but then it applies to recipe eggs as well:
[buildout]
... # Other options in the buildout section omitted
versions = versions
[versions]
zc.recipe.egg = 1.2.2
You can name the part that specifies version pins any way you want, but most people just name it versions.
I just had the exact same problem, and solved it by uninstalling the python-zc.buildout Debian package which was installed on my machine with version 1.4.3.