Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auth0 2.8.0 is unable to resolve dependencies #870

Open
6 tasks done
swizzlr opened this issue Sep 17, 2024 · 2 comments
Open
6 tasks done

Auth0 2.8.0 is unable to resolve dependencies #870

swizzlr opened this issue Sep 17, 2024 · 2 comments
Labels
bug This points to a verified bug in the code

Comments

@swizzlr
Copy link

swizzlr commented Sep 17, 2024

Checklist

Description

Auth0.swift/Package.swift

Line 13 in 0245032

.package(url: "https://github.com/auth0/SimpleKeychain.git", .upToNextMajor(from: "1.1.0")),

now resolves to SimpleKeychain 1.2.0. 2.8.0 supports iOS 13, but 1.2.0 supports iOS 14.

The workaround is to either update to 2.9.0 or manually fix a dependency on SimpleKeychain at 1.1.0. A previously pinned package will continue to work until either an attempt is made to resolve without pins or if the user attempts to update all package versions with Xcode (which does not support selectively updating the package.resolved).

The impact of this is that any CI processes that currently resolve to 2.8.0 (e.g. upToNextMinor) and have unpinned dependencies (such as internal packages) will now arbitrarily break.

Reproduction

  • Resolve a Swift package that depends on 2.8.0 (e.g. upToNextMinor or exact)
  • See that it doesn't

Additional context

No response

Auth0.swift version

2.8.0

Platform

iOS

Platform version(s)

n/a

Xcode version

n/a

Package manager

Swift Package Manager
@swizzlr swizzlr added the bug This points to a verified bug in the code label Sep 17, 2024
@desusai7
Copy link
Contributor

Hi @swizzlr,

We are working on fixing this

@desusai7
Copy link
Contributor

Hi @swizzlr,

Thank you so much for your patience! I'm happy to share that we've addressed this issue in our 2.9.0 release, which now pins dependencies to a specific version rather than allowing updates up to the next major release.

In the meantime, manually setting the dependency version should resolve the issue for you. Please let us know if you run into any further problems—we're always here to help!

@Kevin-J-Harrison Kevin-J-Harrison mentioned this issue Sep 23, 2024
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This points to a verified bug in the code
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@swizzlr @desusai7