Misuse of semantic versioning are breaking project installation/maintenance

[bookert921]

I found this issue mentioned in one other post that was closed (#453) but the issue seems to persist.

The related issue I am facing is that I am trying to install dependencies for a project I wanted to help maintain for the company I work for. Here's the list of dependencies for the project:

  "dependencies": {
    "@angular/animations": "^17.3.7",
    "@angular/common": "^17.3.7",
    "@angular/compiler": "^17.3.7",
    "@angular/core": "^17.3.7",
    "@angular/fire": "^17.0.1",
    "@angular/forms": "^17.3.7",
    "@angular/google-maps": "^17.3.7",
    "@angular/platform-browser": "^17.3.7",
    "@angular/platform-browser-dynamic": "^17.3.7",
    "@angular/pwa": "^17.3.7",
    "@angular/router": "^17.3.7",
    "@angular/service-worker": "^17.3.7",
    "@fortawesome/fontawesome-free": "^6.5.2",
    "@popperjs/core": "^2.11.8",
    "@stripe/stripe-js": "^3.4.0",
    "animate.css": "^4.1.1",
    "bootstrap": "^5.3.3",
    "chart.js": "^3.9.1",
    "chartjs-adapter-date-fns": "^3.0.0",
    "date-fns": "^3.6.0",
    "file-saver": "^2.0.5",
    "firebase": "^10.11.1",
    "handlebars": "^4.7.8",
    "jwt-decode": "^4.0.0",
    "ng2-charts": "^6.0.0",
    "ngx-stripe": "^17.2.0",
    "ngx-wow": "^2.0.1",
    "papaparse": "^5.4.1",
    "rxjs": "~7.8.0",
    "stripe": "^15.7.0",
    "tslib": "^2.3.0",
    "wowjs": "^1.1.3",
    "zone.js": "~0.14.3"
  },
  "devDependencies": {
    "@angular-devkit/build-angular": "^17.3.7",
    "@angular/cli": "^17.3.7",
    "@angular/compiler-cli": "^17.3.7",
    "@angular/language-service": "^17.3.7",
    "@angular-devkit/architect": "^17.3.7",
    "@angular-devkit/core": "^17.3.7",
    "@angular-devkit/schematics": "^17.3.7",
    "@schematics/angular": "^17.3.7",
    "@types/chart.js": "^2.9.41",
    "@types/file-saver": "^2.0.7",
    "@types/jasmine": "~5.1.0",
    "@types/papaparse": "^5.3.14",
    "jasmine-core": "~5.1.0",
    "karma": "~6.4.0",
    "karma-chrome-launcher": "~3.2.0",
    "karma-coverage": "~2.2.0",
    "karma-jasmine": "~5.1.0",
    "karma-jasmine-html-reporter": "~2.1.0",
    "typescript": "~5.4.2"
  }

When trying to install the project locally I get an error:

npm error code ERESOLVE
npm error ERESOLVE unable to resolve dependency tree
npm error
npm error While resolving: the-new-sixteen@1.3.28
npm error Found: @angular/common@17.3.12
npm error node_modules/@angular/common
npm error   @angular/common@"^17.3.7" from the root project
npm error   peer @angular/common@">=17.0.0" from ng2-charts@6.0.1
npm error   node_modules/ng2-charts
npm error     ng2-charts@"^6.0.0" from the root project
npm error
npm error Could not resolve dependency:
npm error peer @angular/common@"^19.0.0 || ^20.0.0" from @angular/cdk@19.2.7
npm error node_modules/@angular/cdk
npm error   peer @angular/cdk@">=17.0.0" from ng2-charts@6.0.1
npm error   node_modules/ng2-charts
npm error     ng2-charts@"^6.0.0" from the root project

The issue could be easily resolved if you changed your semvers from something like >=17.0.0 to something like ^17.0.0 or ~17.0.0.

As you can see from the images attached above, the broad ranges for semvers (done for every release) assume that everyone using ng2-chats will be using the latest versions of its peerDependencies.

Please fix this. Maintainers of other source code literally have 3 options:

1. Drop ng2-charts and rewrite EVERYTHING that's using ng2-charts, or

2. Ensure @angular/* is ALWAYS kept up to date.

3. Wait for ng2-charts maintainers to fix the issue.

Hopefully, this provides the issue clear enough for future maintenance.

[rickfleming]

It's not optimal but I was able to workaround this issue in a project that uses Angular v19 by adding the following to the package.json:

  "overrides": {
    "ng2-charts": {
      "@angular/cdk": "^19.0.0"
    }
  }