fix: reliable deletion of node_modules

[joheriks]

Do not set permissions nor follow symlinks when
deleting node_modules.

Fixes #12810

[Artur-]

This looks like a reversed approach i.e. fixing the issue after it has happened (files created without writable permission). What is causing the files to be created with the wrong permissions?

[joheriks]

This looks like a reversed approach i.e. fixing the issue after it has happened (files created without writable permission). What is causing the files to be created with the wrong permissions?

Actually, setting write permission in the initial pass is an additional measure. It works without it also in my tests, but I added it as I am not sure if pnpm / npm could ever create a file with no user write permission in node_modules. What caused the permissions to get set wrong was when the FileUtils-based deletion failed trying override the permissions of a symlink that pointed to a file that had been deleted.

[github-actions]

Unit Test Results

   774 files  +3     774 suites  +3   29m 44s ⏱️ + 5m 28s
5 757 tests +7  5 707 ✔️ +9  50 💤  - 1  0 ❌ ±0 
5 785 runs  +1  5 734 ✔️ +3  51 💤  - 1  0 ❌ ±0 

Results for commit 6fae721. ± Comparison against base commit 7ce3903.

♻️ This comment has been updated with latest results.

[Artur-]

Can this be unit tested?

[joheriks]

I will wing together a unit test that deletes a directory containing some internal symbolic links, though it may be hard to get it to actually fail with the previous impl as the file visiting order is non-deterministic.

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
2 Code Smells

No Coverage information
0.0% Duplication

[vaadin-bot]

This ticket/PR has been released with platform 23.0.0.alpha4 and is also targeting the upcoming stable 23.0.0 version.