How to properly depend on a dependency of a dependent package

I suspect this is just another day in dependency hell, but here goes:

Assume I develop a package MyPackage which depends on another package A. Now, MyPackage would also want to use a package B. However, it turns out that A already depends on B.

In this case it seems beneficial to say that MyPackage shall depend on the same version of B as A does. If nothing else, it prevents downloading two different versions of the same package.

I guess first question is “do I really want this”? I suppose this is a special case and in the general case there are already several dependent packages which in turn depend on different versions of some package making the desire a bit self-contradictory.

Second question is then if there is some way to state "I want to depend on same version of B as package A"?

Just state that you depend on B, and the package manager will figure out which version. There is always just one version of a package so there will only be one version of B active.

1 Like


Does this mean that if A depends on version x of B, then add B in MyPackage will add a dependency to version x of B even if x is not the latest version?

I understand that packages can depend on different versions of the same package so I might be overthinking this.

One concrete case I can think of is time for CI. My CI jobs seem to spend about 95% of the time downloading/resolving dependencies. That leads me to think that I should try to limit the size of the dependency graph.

The general idea is that packages state which versions of their dependencies they are compatible with and it’s the job of the resolver to find a set of versions that works for all packages in the dependency chain. Another key idea is that only one version of each package can be loaded at a time, which is precisely the one that the resolver has chosen. If there are incompatible version requirements in the dependency chain the resolver will fail and you can’t load your package at all.

1 Like

Aha, now I understand. Thanks alot!