Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

vscode setting packageManager in package.json unconditionally #210556

Closed
frankli0324 opened this issue Apr 17, 2024 · 17 comments · Fixed by #210601
Closed

vscode setting packageManager in package.json unconditionally #210556

frankli0324 opened this issue Apr 17, 2024 · 17 comments · Fixed by #210601
Assignees
Labels
bug Issue identified by VS Code Team member as probable bug insiders-released Patch has been released in VS Code Insiders verified Verification succeeded
Milestone

Comments

@frankli0324
Copy link
Contributor

frankli0324 commented Apr 17, 2024

Type: Bug

open a package.json file and wait, packageManager appeared as "[email protected]+sha256.7cb31c0a881964a22577fd84e5a9a5b11e6f49ef8aa0893036b0b68015056252". "npm.packageManager" setting doesn't provide a "none" option.

this is happening with all extensions disabled.

VS Code version: Code 1.88.1 (Universal) (e170252, 2024-04-10T17:42:52.765Z)
OS version: Darwin arm64 23.1.0
Modes: Unsupported

A/B Experiments
vsliv368cf:30146710
vspor879:30202332
vspor708:30202333
vspor363:30204092
vscorecescf:30445987
vscod805:30301674
binariesv615:30325510
vsaa593cf:30376535
py29gd2263:30899288
c4g48928:30535728
azure-dev_surveyone:30548225
962ge761:30959799
pythongtdpath:30769146
welcomedialogc:30910334
pythonidxpt:30866567
pythonnoceb:30805159
asynctok:30898717
pythontestfixt:30902429
pythonregdiag2:30936856
pyreplss1:30897532
pythonmypyd1:30879173
pythoncet0:30885854
h48ei257:31000450
pythontbext0:30879054
accentitlementst:30995554
dsvsc016:30899300
dsvsc017:30899301
dsvsc018:30899302
cppperfnew:31000557
d34g3935:30971562
fegfb526:30981948
bg6jg535:30979843
ccp2r3:30993541
dsvsc020:30976470
pythonait:31006305
666c4381:30973075
gee8j676:31009558
chatpanelc:31018788
dsvsc021:30996838
f3je6385:31013174

@frankli0324
Copy link
Contributor Author

frankli0324 commented Apr 17, 2024

I know it may have been a feature, yet it doesn't meet expectations. what's more, the behavior modifies and saves a project file without any prompt and attempts to overwrite repeatedly, which clearly exceeds what an editor should do, I believe that categorizes this as a bug.

@meganrogge
Copy link
Contributor

sounds like something that's coming from an extension. you can set your package manager with this setting

npm.packageManager

@frankli0324
Copy link
Contributor Author

sounds like something that's coming from an extension.

as I said, all extensions were disabled

you can set your package manager with this setting

as I said, "npm.packageManager" setting doesn't provide a "none" option.

@meganrogge
Copy link
Contributor

meganrogge commented Apr 17, 2024

Why is that a problem for you?

@frankli0324
Copy link
Contributor Author

frankli0324 commented Apr 17, 2024

do I really have to repeat everything I wrote in the issue?

the behavior modifies and saves a project file without any prompt and attempts to overwrite repeatedly

seriously, I have multiple js environments in my environment, both corepack and very old package manager versions. I prefer not to use corepack in my old project for better collaboration with others, however vscode forces me to do so since package managers would refuse to run if packageManager field specified toolchain mismatches. This is annoying at most, but my core concern is that how am I going to trust vscode with my other project configuration files if that "isn't a problem"?

could you re-open this issue? actually why are you closing this issue in the first place without confirming that it's solved? Issues are not oncalls!

@meganrogge
Copy link
Contributor

I closed because I do not plan to fix this.

@meganrogge meganrogge added the *as-designed Described behavior is as designed label Apr 17, 2024
@frankli0324
Copy link
Contributor Author

good for you then

@frankli0324
Copy link
Contributor Author

I take back the "trust issues" narrative, however this behavior is still surprising. take a look at the PR please

@meganrogge meganrogge reopened this Apr 17, 2024
@meganrogge meganrogge added bug Issue identified by VS Code Team member as probable bug and removed *as-designed Described behavior is as designed labels Apr 17, 2024
@meganrogge meganrogge added this to the April 2024 milestone Apr 17, 2024
@frankli0324
Copy link
Contributor Author

I should have attached a screenshot and describe the steps I tried to pin point the issue

20240418065545_rec_

I encountered this issue in an empty folder containing a single package.json, an old project, and a newly created project with yarn create

I apologize for my moody expression

@vscodenpa vscodenpa added unreleased Patch has not yet been released in VS Code Insiders insiders-released Patch has been released in VS Code Insiders and removed unreleased Patch has not yet been released in VS Code Insiders labels Apr 18, 2024
@aeschli
Copy link
Contributor

aeschli commented Apr 25, 2024

I could not reproduce that npm view --json updates the packageManager property
I tried from the command line with node 20.12.2 / npm 10.5.0

  • corepack use yarn
  • npm view --json

@frankli0324 Do you have the steps to reproduce this from the command line?

@aeschli
Copy link
Contributor

aeschli commented Apr 25, 2024

Verified the fix in code

@aeschli aeschli added the verified Verification succeeded label Apr 25, 2024
@frankli0324
Copy link
Contributor Author

frankli0324 commented Apr 25, 2024

the minimum path from a clean install would be:

brew install corepack
corepack enable npm
npm view --json

and by now this should be true:

➜ head $(which npm)
#!/usr/bin/env node
process.env.COREPACK_ENABLE_DOWNLOAD_PROMPT??='1'
require('./lib/corepack.cjs').runMain(['npm', ...process.argv.slice(2)]);

@aeschli
Copy link
Contributor

aeschli commented Apr 26, 2024

corepack is part of node 20, so I used it directly, not using brew (which I don't have on my system)
What's your verion of node?

I kind of think having npm view --json making a modification is a bug in npm.
Not seeing that myself could mean it has been fixed.

@frankli0324
Copy link
Contributor Author

frankli0324 commented Apr 26, 2024

➜  ~ node -v
v21.7.3

have you enabled the npm pm globally using corepack? that links a npm wrapper to where corepack binary is located, and that wrapper, not npm itself, would overwrite the package json content

see [corepack README]:

https://github.com/nodejs/corepack#:~:text=prevent%20Corepack%20from%20updating%20the%20packageManager%20fieldplease copy and paste since GitHub seems to eat up the text location indication

@frankli0324
Copy link
Contributor Author

frankli0324 commented Apr 26, 2024

it seems that many other projects including pnpm also ran into similar issues and some debate is still ongoing

https://github.com/pnpm/pnpm/pull/7747/files
nodejs/corepack#419
nodejs/corepack#407
nodejs/node#50963 (comment)

@aeschli
Copy link
Contributor

aeschli commented Apr 26, 2024

Ah, the aliases. They were probably not used when I tested it.

@karladler
Copy link

karladler commented May 22, 2024

I don't really get what's the issue here, but I know, that always, when VScode is open, there is a new line added to my package.json
Is there any way I can stop this madness?

"packageManager": "[email protected]+sha512.2dc70be5fce9f66756d25b00a888f3ca66f86b502b76750e72ba54cec89da767b938c54124595e26f868825688e0fe3552c26c76a330673343057acadd5cfcf2"
}

edit. ok, I added export COREPACK_ENABLE_AUTO_PIN=0 to my ~/.zshrc that seems to work.
I am still confused why vscode seems to trigger this.

@microsoft microsoft locked and limited conversation to collaborators Jun 5, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug Issue identified by VS Code Team member as probable bug insiders-released Patch has been released in VS Code Insiders verified Verification succeeded
Projects
None yet
Development

Successfully merging a pull request may close this issue.

6 participants