Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(core): ensure correct package name matching when parsing pnpm lock file #17613

Merged
merged 1 commit into from
Jun 21, 2023
Merged

fix(core): ensure correct package name matching when parsing pnpm lock file #17613

merged 1 commit into from
Jun 21, 2023

Conversation

meeroslav
Copy link
Contributor

Current Behavior

Package name matcher in the pnpm-parser will match key to alias name if found, and ignore the potential full name match.

  # ...
  /@isaacs/[email protected]:
    dependencies:
      string-width: 5.1.2
      string-width-cjs: /[email protected] # alias for string-width: 4.2.3  

  /[email protected]:
    dependencies:
      string-width: 4.2.3   
   # ...
 
  /[email protected]:
     # ...

  /[email protected]:
     # ...
 # ...

The above yaml would match 2 packages:

  • string-width @ 5.1.2
  • string-width-cjs @ 4.2.3
    While skipping the:
  • string-width @ 4.2.3

Expected Behavior

If same package version is used in the original form and as an alias, both variants should be saved to graph, so that we can track them when finding dependency subgraph and pruning.

Related Issue(s)

Fixes #17492

@meeroslav meeroslav self-assigned this Jun 15, 2023
@meeroslav meeroslav requested a review from a team as a code owner June 15, 2023 09:52
@meeroslav meeroslav requested a review from AgentEnder June 15, 2023 09:52
@vercel
Copy link

vercel bot commented Jun 15, 2023
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
nx-dev ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jun 15, 2023 9:54am

meeroslav
meeroslav commented Jun 15, 2023
View reviewed changes
packages/nx/src/plugins/js/lock-file/pnpm-parser.ts
@@ -18,7 +18,7 @@ import {
ProjectGraph,
ProjectGraphExternalNode,
} from '../../../config/project-graph';
import { fileHasher, hashArray } from '../../../hasher/file-hasher';
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unused import

meeroslav
meeroslav commented Jun 15, 2023
View reviewed changes
packages/nx/src/plugins/js/lock-file/pnpm-parser.ts
@@ -43,39 +43,40 @@ function addNodes(
const nodes: Map<string, Map<string, ProjectGraphExternalNode>> = new Map();

Object.entries(data.packages).forEach(([key, snapshot]) => {
const packageName = findPackageName(key, snapshot, data);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of single value we return an array

@nx-cloud
Copy link

nx-cloud bot commented Jun 15, 2023
edited
Loading

☁️ Nx Cloud Report

CI is running/has finished running commands for commit 7001f3c. As they complete they will appear below. Click to see the status, the terminal output, and the build insights.

📂 See all runs for this branch

✅ Successfully ran 8 targets

Sent with 💌 from NxCloud.

meeroslav
meeroslav commented Jun 15, 2023
View reviewed changes
packages/nx/src/plugins/js/lock-file/pnpm-parser.ts
}
}
return extractNameFromKey(key);
if (packageNames.size === 0) {
packageNames.add(originalPackageName);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Package can be overridden in the version meta which we don't parse at the moment (version 5.x has this info hashed) so we add this explicitly if not found otherwise:

The following line says that despite dependency is [email protected] we will use 4.8.4 so that would end up being the only installed version:

  /@phenomnomnominal/[email protected]([email protected]):
    resolution: {integrity: sha512-jjMmK1tnZbm1Jq5a7fBliM4gQwjxMU7TFoRNwIyzwlO+eHPRCFv/Nv+H/Gi1jc3WR7QURG8D5d0Tn12YGrUqBQ==}
    peerDependencies:
      typescript: ^3 || ^4
    dependencies:
      esquery: 1.5.0
      typescript: 4.8.2

@meeroslav meeroslav added scope: core core nx functionality type: bug labels Jun 15, 2023
@FrozenPandaz FrozenPandaz merged commit 53a37d4 into nrwl:master Jun 21, 2023
meeroslav added a commit to ericyd/nx that referenced this pull request Jun 23, 2023
@meeroslav
fix(core): ensure correct package name matching when parsing pnpm loc…
aa69ae5 
…k file (nrwl#17613)
@timonmasberg timonmasberg mentioned this pull request Jun 24, 2023
Merged
@github-actions github-actions bot mentioned this pull request Jun 24, 2023
Closed
@github-actions
Copy link

This pull request has already been merged/closed. If you experience issues related to these changes, please open a new issue referencing this pull request.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 27, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@FrozenPandaz FrozenPandaz FrozenPandaz approved these changes

@AgentEnder AgentEnder Awaiting requested review from AgentEnder AgentEnder is a code owner automatically assigned from nrwl/nx-core-reviewers

Assignees

@meeroslav meeroslav

Labels
scope: core core nx functionality type: bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Broken generated pnpm lock file (ERR_PNPM_ERR_PNPM_LOCKFILE_MISSING_DEPENDENCY)
2 participants
@meeroslav @FrozenPandaz