feat: partial install with --frozen-lockfile (#433)

[zkochan]

Summary

Closes #433. Implements partial install with --frozen-lockfile:

• Read <virtual_store_dir>/lock.yaml at install start (Lockfile::load_current_from_virtual_store_dir), mirroring upstream pnpm v11's readCurrentLockfile.
• Skip any snapshot whose dependencies, optionalDependencies, and resolution.integrity match the current lockfile and whose virtual-store slot exists on disk. No fetch, no extract, no relink for skipped snapshots.
• Write <virtual_store_dir>/lock.yaml at end-of-install (atomically; deletes the file when the lockfile is empty), so the next install sees a fresh diff target.
• Emit pnpm:_broken_node_modules (BrokenModulesLog) when the slot is gone despite the cache key matching, then fall through to a full install for that snapshot.
• pnpm:context.currentLockfileExists now reflects reality (was hard-coded false); pnpm:stats.added reports the post-skip delta instead of the total snapshot count, matching upstream.
• Side-effects-cache prefetch still covers skipped snapshots so BuildModules's is_built gate fires on warm reinstalls — without this, packages with allowBuilds: true re-execute their lifecycle scripts every install (added in 1603f94 after benchmarking caught the regression — see benchmark comment).

Tracks pnpm v11 94240bc046 for readCurrentLockfile / writeCurrentLockfile / lockfileToDepGraph's per-depPath skip and isIntegrityEqual helper.

Performance

Two scenarios benchmarked against a 1352-package fixture, hyperfine --warmup 2 --runs 10.

Pure warm reinstall (every snapshot intact, full lock.yaml on disk):

	mean	sys time
baseline (main HEAD~2)	969 ms	985 ms
PR	896 ms	349 ms

PR is 1.08× faster, with ~65% less kernel work — the skip filter bypasses the warm-batch's per-snapshot syscalls (1352 → 0). Full breakdown + the regression we caught + fixed.

Non-up-to-date node_modules (N virtual-store slots deleted per iteration):

Damaged slots	PR	Baseline	PR/Baseline
0	581 ms	661 ms	1.14×
1	615 ms	707 ms	1.15×
10	660 ms	707 ms	1.07×
100	2.25 s	2.25 s	1.00×
500	6.13 s	7.93 s	1.29×

PR is consistently a small win and never a loss across the damage spectrum; _broken_node_modules debug events fire correctly for each missing slot. Full sweep + caveats.

Test plan

• just ready — 633 tests pass, lint clean.
• just dylint — perfectionist clean.
• taplo format --check — clean.
• Unit tests: snapshot_deps_equal, integrity_equal, BrokenModulesLog wire shape, Lockfile::is_empty, save_current_to_virtual_store_dir round-trip / empty-deletes-file / ENOENT-as-none.
• Integration tests in install/tests.rs:
  • warm_reinstall_skips_snapshot_when_current_lockfile_matches — proves the skip path short-circuits the fetch (the fixture points at a bogus URL; only the skip path makes the install succeed).
  • warm_reinstall_emits_broken_modules_when_dir_is_missing — asserts the _broken_node_modules debug event fires before the fetch.
  • warm_reinstall_reports_added_zero_and_emits_no_imported_events — asserts pnpm:stats.added: 0 and zero pnpm:progress imported events when the skip path drops every snapshot from the install graph.
  • context_log_reflects_current_lockfile_after_first_install — pnpm:context.currentLockfileExists flips false → true once lock.yaml is on disk, and lock.yaml is asserted present on disk after the first install (exercises the real write path).

Out of scope (tracked in #433)

• Workspace install (Add workspace support to pacquet install --frozen-lockfile #431): once landed, the write site must narrow to the filtered lockfile (selected importers × engine filter). For now we write the wanted lockfile unmodified — a checkbox in the issue description.
• GVS (Add global virtual store support to pacquet install --frozen-lockfile #432): the per-snapshot skip gains a .pnpm-needs-build marker check. The skip helper is structured so adding it is a small extension.
• Surplus / stale package cleanup (pruneVirtualStore).

---

Written by an agent (Claude Code, claude-opus-4-7).

[coderabbitai]

📝 Walkthrough

Walkthrough

Reads/writes a current lockfile at the virtual-store root, adds per-snapshot equality checks to skip unchanged snapshots when possible, emits a BrokenModules event for missing cached slots, and threads current-lockfile state through frozen-lockfile and install flows with tests.

Changes

Virtual-store lockfile persistence and snapshot skip filtering

Layer / File(s)	Summary
Lockfile API contracts and empty-check crates/lockfile/src/lib.rs	Adds CURRENT_FILE_NAME constant for lock.yaml, documents root-importer accessors, and introduces is_empty() to detect lockfiles with no specifiers/dependencies.
Lockfile load/save I/O with atomic writes crates/lockfile/src/load_lockfile.rs, crates/lockfile/src/save_lockfile.rs	Implements load_current_from_virtual_store_dir to read <virtual_store>/lock.yaml; implements save_current_to_virtual_store_dir which deletes when empty or atomically writes lock.yaml (via write_atomic); extends SaveLockfileError with CreateDir, RemoveFile, and RenameFile.
Lockfile I/O tests crates/lockfile/src/save_lockfile/tests.rs	Tests round-trip serialization, Ok(None) when missing, deletion when saving empty over an existing file, and no-op when saving empty into an absent virtual-store slot.
CreateVirtualStore inputs and plumbing crates/package-manager/src/create_virtual_store.rs	Adds current_snapshots/current_packages inputs and wires them into run to drive per-snapshot skip/filter logic.
Snapshot skip pass, helpers, and tests crates/package-manager/src/create_virtual_store.rs, crates/package-manager/src/create_virtual_store/tests.rs	Introduces a per-snapshot skip pass that uses snapshot_deps_equal and integrity_equal (absent-vs-empty semantics) and checks virtual-store slot existence; includes unit tests for dependency/integrity equality cases.
Warm-install restructuring crates/package-manager/src/create_virtual_store.rs	Restructures warm-install cache warm-up into two passes: skipped snapshots seed caches first, survivors drive warm/cold partitioning and linking.
BrokenModules reporter event and tests crates/reporter/src/lib.rs, crates/reporter/src/tests.rs	Adds LogEvent::BrokenModules(BrokenModulesLog) serialized as pnpm:_broken_node_modules with level and missing path, and a test validating the pnpm wire shape.
Install flow: load, propagate, save current lockfile crates/package-manager/src/install.rs	Install::run reads <virtual_store>/lock.yaml, sets ContextLog.current_lockfile_exists from the load result, forwards current state into frozen-lockfile flows, persists the materialized lockfile after install, and adds LoadCurrentLockfile/SaveCurrentLockfile InstallError variants.
Frozen-lockfile propagation crates/package-manager/src/install_frozen_lockfile.rs	Adds current_snapshots and current_packages fields and forwards them into CreateVirtualStore to enable per-snapshot skip decisions during frozen installs.
Integration tests for warm reinstall and skip behavior crates/package-manager/src/install/tests.rs	Integration tests for warm reinstall skipping, BrokenModules emission when slot is missing, context-log flip after first install writes lock.yaml, added: 0 reporting, and suppression of per-snapshot imported events for skipped snapshots.

Sequence Diagram(s)

sequenceDiagram
  participant Installer
  participant CreateVirtualStore
  participant FileSystem
  participant Reporter
  Installer->>CreateVirtualStore: provide current_snapshots/current_packages
  CreateVirtualStore->>CreateVirtualStore: snapshot_deps_equal / integrity_equal checks
  CreateVirtualStore->>FileSystem: stat virtual-store slot path
  FileSystem-->>CreateVirtualStore: exists / missing
  CreateVirtualStore->>Reporter: emit pnpm:_broken_node_modules when missing
  Installer->>FileSystem: save_current_to_virtual_store_dir (atomic write or delete)

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related issues

• Use pnpm's @pnpm/cli.default-reporter for terminal output (via NDJSON) #344: Related reporter LogEvent additions; overlaps on new pnpm:_broken_node_modules wire shape.
• chore(reporter): backfill missing log events in already-ported code #347: Related reporter event variant additions and tests.
• Proper optionalDependencies support — umbrella #434: Overlaps on persisting and consuming the current virtual-store lockfile and snapshot skip behavior.

Possibly related PRs

• pnpm/pacquet#375: Touches reporter event enum changes and pnpm-channel payload additions similar to this PR.
• pnpm/pacquet#424: Modifies CreateVirtualStore and intersects at package-manager install pipeline changes.

Poem

🐰 I hop through node_modules, neat and spry,

lock.yaml tucked where snapshots lie.
If deps and integrity agree,
I'll skip the fetch and set you free —
atomic writes and carrots in supply.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'feat: partial install with --frozen-lockfile (#433)' clearly summarizes the main change: implementing partial install capability with the frozen-lockfile mode.
Linked Issues check	✅ Passed	The PR successfully implements all core requirements from issue #433: reads current lockfile via load_current_from_virtual_store_dir, skips snapshots when dependencies/integrity match and slot exists, writes current lockfile atomically, emits BrokenModulesLog when slot is missing, and updates statistics/context-logging with accurate counts and existence flags. Comprehensive test coverage validates all scenarios.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to implementing partial install with frozen-lockfile (#433). Changes include lockfile reading/writing, skip logic with cache-key matching, broken-modules reporting, and statistics updates—all within PR objectives. Out-of-scope items (workspace filtering, GVS, pruning) are correctly deferred.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Description check	✅ Passed	The PR description comprehensively addresses all template requirements: it provides a clear summary of changes, references the closed issue (#433), links upstream pnpm commits, confirms pnpm behavior parity, notes testing completion, and includes a detailed rationale with performance benchmarks.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/433

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

❌ Patch coverage is 83.23353% with 28 lines in your changes missing coverage. Please review.
✅ Project coverage is 88.49%. Comparing base (b514929) to head (ee80c24).
⚠️ Report is 3 commits behind head on main.

Files with missing lines	Patch %	Lines
crates/lockfile/src/save_lockfile.rs	64.58%	17 Missing ⚠️
crates/package-manager/src/create_virtual_store.rs	89.88%	9 Missing ⚠️
crates/lockfile/src/load_lockfile.rs	77.77%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #442      +/-   ##
==========================================
+ Coverage   86.98%   88.49%   +1.50%     
==========================================
  Files          93       93              
  Lines        6647     6822     +175     
==========================================
+ Hits         5782     6037     +255     
+ Misses        865      785      -80     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull request overview

Implements pnpm-style “current lockfile” tracking (<virtual_store_dir>/lock.yaml) to enable warm, partial installs under --frozen-lockfile by skipping snapshots that are unchanged and still present on disk, while preserving pnpm reporter wire compatibility (including _broken_node_modules).

Changes:

• Add load/save support for the current lockfile (lock.yaml) in pacquet_lockfile, including Lockfile::is_empty and atomic-ish persistence behavior.
• Thread current-lockfile state through the frozen-lockfile install pipeline to skip unchanged snapshots, emit _broken_node_modules when a slot is missing, and report pnpm:stats.added based on the post-skip delta.
• Add/extend unit + integration coverage for skip behavior, broken-modules event shape, and current-lockfile read/write semantics.

Reviewed changes

Copilot reviewed 11 out of 11 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
crates/reporter/src/tests.rs	Adds a serialization test to pin pnpm:_broken_node_modules wire shape.
crates/reporter/src/lib.rs	Introduces LogEvent::BrokenModules + payload type for _broken_node_modules.
crates/package-manager/src/install/tests.rs	Adds integration tests covering skip path, broken-modules emission, context flag flip, and stats/progress behavior.
crates/package-manager/src/install.rs	Loads current lockfile for context + skip inputs; writes current lockfile at end of frozen installs.
crates/package-manager/src/install_frozen_lockfile.rs	Threads current snapshots/packages into the frozen-lockfile install runner.
crates/package-manager/src/create_virtual_store/tests.rs	Adds unit tests for snapshot dep equality + integrity equality helpers.
crates/package-manager/src/create_virtual_store.rs	Implements per-snapshot skip filtering and adjusts pnpm:stats.added based on filtered set.
crates/lockfile/src/save_lockfile/tests.rs	Adds tests for current-lockfile round-trip, ENOENT-as-None, and empty-lockfile delete semantics.
crates/lockfile/src/save_lockfile.rs	Implements writing/deleting <virtual_store_dir>/lock.yaml with a temp+rename helper.
crates/lockfile/src/load_lockfile.rs	Adds load_current_from_virtual_store_dir and refactors shared load-from-path logic.
crates/lockfile/src/lib.rs	Adds CURRENT_FILE_NAME constant and Lockfile::is_empty helper for suppressing stale current lockfiles.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

Micro-Benchmark Results

Linux

group                          main                                   pr
-----                          ----                                   --
tarball/download_dependency    1.06     17.3±0.65ms   251.1 KB/sec    1.00     16.2±0.31ms   267.1 KB/sec

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@crates/package-manager/src/create_virtual_store.rs`:
- Around line 252-257: The loop currently calls snapshot_cache_key for every
entry in snapshots before applying the current-lockfile skip filter, causing
UnsupportedResolution for unchanged directory-backed snapshots; change the logic
so you first run the skip filter to produce the subset of snapshots that
survive, then derive cache keys only for those survivors (i.e., apply
snapshot_cache_key only after filtering). Update the code that builds
all_snapshot_entries (the mapping over snapshots and the call to
snapshot_cache_key) to operate on the filtered collection so existing
materialized slots can be reused instead of failing early.

In `@crates/package-manager/src/install.rs`:
- Around line 244-257: The current code persists the current lockfile early (the
if frozen_lockfile && let Some(lockfile) {
lockfile.save_current_to_virtual_store_dir(...) ... }) which can leave a new
lock.yaml on disk if subsequent steps like write_modules_manifest fail; move
this persistence so it runs only after the install is fully committed (i.e.,
after write_modules_manifest returns successfully and any final commit steps
complete) and keep the same error mapping to InstallError::SaveCurrentLockfile;
ensure the condition still checks frozen_lockfile && let Some(lockfile) and
invoke lockfile.save_current_to_virtual_store_dir(&config.virtual_store_dir)
only on the successful path.

In `@crates/package-manager/src/install/tests.rs`:
- Around line 941-1054: The test currently bypasses the write path by using an
empty Lockfile first and then pre-seeding the virtual store before the second
Install::run; change the first run to use a non-empty fixture (e.g., parse
PARTIAL_INSTALL_LOCKFILE into the initial Lockfile instead of the empty one) so
the install must persist a non-empty current lockfile, and remove the manual
call to partial.save_current_to_virtual_store_dir(&virtual_store_dir) (and any
unnecessary seed_placeholder_virtual_store_slot call) so the second Install::run
exercises the read-after-write path rather than relying on pre-seeded state.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 9b4f9a4b-6503-4319-941d-2b0e2283b27e

📥 Commits

Reviewing files that changed from the base of the PR and between b514929 and e6fae21.

📒 Files selected for processing (11)

• crates/lockfile/src/lib.rs
• crates/lockfile/src/load_lockfile.rs
• crates/lockfile/src/save_lockfile.rs
• crates/lockfile/src/save_lockfile/tests.rs
• crates/package-manager/src/create_virtual_store.rs
• crates/package-manager/src/create_virtual_store/tests.rs
• crates/package-manager/src/install.rs
• crates/package-manager/src/install/tests.rs
• crates/package-manager/src/install_frozen_lockfile.rs
• crates/reporter/src/lib.rs
• crates/reporter/src/tests.rs

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Agent
• GitHub Check: Run benchmark on ubuntu-latest
• GitHub Check: Run benchmark on ubuntu-latest
• GitHub Check: Lint and Test (macos-latest)
• GitHub Check: Lint and Test (windows-latest)
• GitHub Check: Code Coverage

🧰 Additional context used

📓 Path-based instructions (1)

**/*.rs

📄 CodeRabbit inference engine (AGENTS.md)

**/*.rs: Preserve existing method chains and pipe-trait chains; do not break them into intermediate let bindings unless there is a concrete justification such as a compilation failure, borrow checker rejection, meaningful performance improvement, or other technical necessity. Refactoring for style alone is not sufficient justification.
Choose owned vs. borrowed parameters to minimize copies; prefer borrowed types (&Path over &PathBuf, &str over &String) when it does not force extra copies.
Prefer Arc::clone(&x) and Rc::clone(&x) over x.clone() for reference-counted types to make the cost visible at the call site.
Do not use star imports inside module bodies. Write use super::{Foo, bar} instead of use super::*; for any glob whose target is a module you control. External-crate preludes (e.g., use rayon::prelude::*;) and root-of-module re-exports (e.g., pub use submodule::*; in lib.rs) are exceptions.
Follow Rust API Guidelines for naming, as documented in https://rust-lang.github.io/api-guidelines/naming.html.
Declare a newtype wrapper for any branded string type being ported from TypeScript pnpm. Do not collapse the brand into a plain String or &str; give the type its own struct so misuse is a type error.
When porting branded string types where upstream TypeScript always validates before construction, validate in the Rust port too. Construct the wrapper only via TryFrom<String> and/or FromStr; do not provide an infallible public constructor that takes an arbitrary string.
For branded string types where upstream TypeScript never validates (used purely for type-safety to prevent confusion between string slots), expose an infallible From<String> and From<&str> constructor in the Rust wrapper.
When upstream TypeScript occasionally constructs a branded type without validation (via bare as assertion), add a from_str_unchecked (or similarly named) constructor on the Rust side. Keep the validating constructor as well; `from_str_u...

Files:

• crates/reporter/src/lib.rs
• crates/lockfile/src/lib.rs
• crates/package-manager/src/install_frozen_lockfile.rs
• crates/lockfile/src/save_lockfile/tests.rs
• crates/package-manager/src/create_virtual_store/tests.rs
• crates/reporter/src/tests.rs
• crates/package-manager/src/install.rs
• crates/lockfile/src/load_lockfile.rs
• crates/lockfile/src/save_lockfile.rs
• crates/package-manager/src/install/tests.rs
• crates/package-manager/src/create_virtual_store.rs

🧠 Learnings (3)

📚 Learning: 2026-05-07T23:19:08.272Z

Learnt from: KSXGitHub
Repo: pnpm/pacquet PR: 401
File: tasks/integrated-benchmark/src/work_env.rs:343-344
Timestamp: 2026-05-07T23:19:08.272Z
Learning: When reviewing Rust code in pnpm/pacquet for deprecated API usage, do not automatically treat `serde_saphyr::to_string` as deprecated. In `serde-saphyr` v0.0.25, `serde_saphyr::to_string` has no `#[deprecated]` attribute (the `#[deprecated]` later in `serde-saphyr-0.0.25/src/lib.rs` applies to a different function). Only flag `serde_saphyr::to_string` as deprecated if the resolved dependency version’s source shows `#[deprecated]` on that specific function.

Applied to files:

• crates/reporter/src/lib.rs
• crates/lockfile/src/lib.rs
• crates/package-manager/src/install_frozen_lockfile.rs
• crates/lockfile/src/save_lockfile/tests.rs
• crates/package-manager/src/create_virtual_store/tests.rs
• crates/reporter/src/tests.rs
• crates/package-manager/src/install.rs
• crates/lockfile/src/load_lockfile.rs
• crates/lockfile/src/save_lockfile.rs
• crates/package-manager/src/install/tests.rs
• crates/package-manager/src/create_virtual_store.rs

📚 Learning: 2026-05-01T10:01:33.766Z

Learnt from: zkochan
Repo: pnpm/pacquet PR: 349
File: crates/reporter/src/tests.rs:121-121
Timestamp: 2026-05-01T10:01:33.766Z
Learning: In Rust test code, follow the repo’s CODE_STYLE_GUIDE test-logging rule: add logging (e.g., `eprintln!`/`eprintln!(...)`) so that useful diagnostic values are printed when a test fails, unless the assertion is `assert_eq!` (where the differing values are already included). Concretely, if you use assertions like `assert!`, `assert_ne!`, etc., ensure the test logs the relevant actual/expected values (or context) before/around the assertion so failures can be diagnosed without rerunning.

Applied to files:

• crates/lockfile/src/save_lockfile/tests.rs
• crates/package-manager/src/create_virtual_store/tests.rs
• crates/reporter/src/tests.rs
• crates/package-manager/src/install/tests.rs

📚 Learning: 2026-05-01T10:01:33.766Z

Learnt from: zkochan
Repo: pnpm/pacquet PR: 349
File: crates/reporter/src/tests.rs:121-121
Timestamp: 2026-05-01T10:01:33.766Z
Learning: In this repo’s Rust tests (run via `cargo nextest`), stdout/stderr from passing tests is captured and is only shown when a test fails. As a result, `eprintln!` (and similar stderr logging) in these tests should generally not be flagged as CI “noise” on the happy path; CI output should only appear for failing tests.

Applied to files:

• crates/reporter/src/tests.rs

🔇 Additional comments (9)

crates/reporter/src/lib.rs (1)

166-177: LGTM!

Also applies to: 600-608

crates/reporter/src/tests.rs (1)

8-12: LGTM!

Also applies to: 639-658

crates/lockfile/src/lib.rs (1)

78-85: LGTM!

Also applies to: 95-108

crates/lockfile/src/load_lockfile.rs (1)

8-9: LGTM!

Also applies to: 33-34, 36-54, 56-63

crates/lockfile/src/save_lockfile.rs (2)

4-99: LGTM!

Also applies to: 102-117

---

118-123: std::fs::rename on Windows correctly replaces existing destination files—no issue here.

The Rust standard library explicitly documents that rename(src, dst) replaces dst if it already exists; on Windows this is implemented via MoveFileEx or equivalent APIs with MOVEFILE_REPLACE_EXISTING semantics. Warm installs (when lock.yaml already exists) will succeed as intended. The atomic write pattern used here (write to temp, rename in place) matches best practices and pnpm's approach.

Note: The caveat on Windows is that dst must not be a directory; this is not an issue for a file like lock.yaml.

crates/lockfile/src/save_lockfile/tests.rs (1)

102-175: LGTM!

crates/package-manager/src/install_frozen_lockfile.rs (1)

39-47: LGTM!

Also applies to: 101-103, 128-129

crates/package-manager/src/create_virtual_store/tests.rs (1)

1-4: LGTM!

Also applies to: 6-6, 8-36, 78-168

[github-actions]

Integrated-Benchmark Report (Linux)

Scenario: Frozen Lockfile

Command	Mean [s]	Min [s]	Max [s]	Relative
pacquet@HEAD	2.563 ± 0.065	2.445	2.712	1.01 ± 0.03
pacquet@main	2.529 ± 0.049	2.465	2.604	1.00
pnpm	6.134 ± 0.039	6.061	6.178	2.43 ± 0.05

BENCHMARK_REPORT.json

{
  "results": [
    {
      "command": "pacquet@HEAD",
      "mean": 2.56256568508,
      "stddev": 0.0649922598002834,
      "median": 2.55277171568,
      "user": 2.55223742,
      "system": 3.6237814799999994,
      "min": 2.44498583968,
      "max": 2.71194252668,
      "times": [
        2.57929243468,
        2.55732040168,
        2.54889673568,
        2.58620045168,
        2.71194252668,
        2.55144151668,
        2.55191891268,
        2.55362451868,
        2.54003351268,
        2.44498583968
      ]
    },
    {
      "command": "pacquet@main",
      "mean": 2.52900869648,
      "stddev": 0.049042433018348444,
      "median": 2.5190278686800003,
      "user": 2.5496613200000007,
      "system": 3.5801888799999992,
      "min": 2.46488060768,
      "max": 2.6039298626800003,
      "times": [
        2.51841525568,
        2.51964048168,
        2.5068641076800002,
        2.5719856826800003,
        2.57080810368,
        2.49190751668,
        2.6039298626800003,
        2.46488060768,
        2.57617166268,
        2.46548368368
      ]
    },
    {
      "command": "pnpm",
      "mean": 6.13421727698,
      "stddev": 0.03853284854194687,
      "median": 6.14298718268,
      "user": 8.965209519999998,
      "system": 4.53997508,
      "min": 6.06143088668,
      "max": 6.17841032168,
      "times": [
        6.12231688868,
        6.14744765568,
        6.17412955168,
        6.11826475568,
        6.15252013368,
        6.08328323668,
        6.06143088668,
        6.16584262968,
        6.17841032168,
        6.13852670968
      ]
    }
  ]
}

Scenario: Frozen Lockfile (Hot Cache)

Command	Mean [ms]	Min [ms]	Max [ms]	Relative
pacquet@HEAD	700.3 ± 68.9	650.1	884.7	1.01 ± 0.14
pacquet@main	695.9 ± 72.0	649.2	892.0	1.00
pnpm	2701.7 ± 96.5	2554.6	2903.9	3.88 ± 0.43

BENCHMARK_REPORT.json

{
  "results": [
    {
      "command": "pacquet@HEAD",
      "mean": 0.7002537486200001,
      "stddev": 0.06893507490107097,
      "median": 0.6766295647200001,
      "user": 0.37144222000000005,
      "system": 1.48132798,
      "min": 0.6500868692200001,
      "max": 0.8846893432200001,
      "times": [
        0.8846893432200001,
        0.6713135302200001,
        0.6732437792200001,
        0.6629906412200001,
        0.6862435972200001,
        0.6711381622200001,
        0.6800153502200001,
        0.6833265392200001,
        0.6500868692200001,
        0.7394896742200001
      ]
    },
    {
      "command": "pacquet@main",
      "mean": 0.6958914008200001,
      "stddev": 0.07201546264807367,
      "median": 0.68032391822,
      "user": 0.34649251999999997,
      "system": 1.48458168,
      "min": 0.6491565092200001,
      "max": 0.8920035132200002,
      "times": [
        0.8920035132200002,
        0.6774449012200001,
        0.6518815692200001,
        0.6845115092200001,
        0.7113252122200001,
        0.6533833732200001,
        0.6491565092200001,
        0.6582650392200001,
        0.6977394462200001,
        0.6832029352200001
      ]
    },
    {
      "command": "pnpm",
      "mean": 2.7017339414199997,
      "stddev": 0.09653537302219489,
      "median": 2.7058586492199996,
      "user": 3.16220812,
      "system": 2.27416038,
      "min": 2.55458438822,
      "max": 2.90393533522,
      "times": [
        2.74079652522,
        2.55458438822,
        2.6174519722199996,
        2.7574112172199996,
        2.6231852502199997,
        2.70216760822,
        2.70954969022,
        2.6631325312199996,
        2.90393533522,
        2.74512489622
      ]
    }
  ]
}

[zkochan]

Benchmark results

Ran a warm-reinstall benchmark to verify the PR's performance impact. Fixture: a 1352-package lockfile (one of the larger real-world fixtures I have), warm CAFS, warm node_modules, hyperfine --warmup 2 --runs 10.

Round 1 — found a regression

	mean	range	sys time
baseline (main HEAD~2)	816 ms	683-1010 ms	770 ms
PR (initial)	2.65 s	2.43-2.88 s	801 ms

PR was 3.25× slower. Bisected the cause:

[BENCH] read_current_lockfile: 12 ms       ← negligible
[BENCH] skip_filter:           7 ms        ← negligible
[BENCH] CreateVirtualStore::run: 8 ms      ← saved 330 ms vs full graph
[BENCH] SymlinkDirectDependencies::run: 14 ms
[BENCH] LinkVirtualStoreBins::run: 22 ms
[BENCH] BuildModules::run:    3,053 ms     ← +2.5 s vs full graph
[BENCH] write_current_lockfile: 19 ms

Root cause: the skip filter ran before snapshot_cache_key derivation, so the side-effects-cache prefetch only covered survivors. With 0 survivors on a warm reinstall, side_effects_maps_by_snapshot was empty, BuildModules's is_built gate missed, and the 3 packages with allowBuilds: true re-executed their lifecycle scripts every install.

Round 2 — after the fix

Commit 1603f94 derives cache keys for all snapshots (lenient for skipped ones), so the prefetch covers everyone the build phase might need to gate on. Warm/cold partitioning still operates only on survivors.

	mean	range	sys time
baseline (main HEAD~2)	969 ms	899-1035 ms	985 ms
PR (fixed)	896 ms	796-1004 ms	349 ms

PR is 1.08× faster than baseline on warm reinstall, with ~65% less kernel work. The big sys-time drop is the skip filter avoiding 1352 per-snapshot syscalls in the warm-batch CAFS link path.

The win is modest on this workload because pacquet's warm-batch was already cheap (~330 ms) when every per-snapshot operation collapses to AlreadyExists/NotFound short-circuits. The skip path's bigger benefit lands when:

• node_modules has partial damage (skip fires on intact slots, full install on missing ones — covered by the broken-modules test)
• The store is on a slower volume (per-snapshot syscalls cost more)
• Workspaces land (more snapshots → bigger absolute saving)

Test suite

All 633 tests still pass, lint + dylint + taplo clean. The fix didn't require any test changes — the existing warm_reinstall_* tests cover the skip-fires scenario; the should_install_dependencies test catches the cold-install path.

---

Written by an agent (Claude Code, claude-opus-4-7).

[Copilot]

Pull request overview

Copilot reviewed 11 out of 11 changed files in this pull request and generated 2 comments.

[zkochan]

Additional benchmark: non-up-to-date node_modules

Following up on the question of how the PR behaves when node_modules has partial damage (slots deleted from the virtual store between installs — antivirus quarantine, manual rm -rf, fresh git checkout from a branch that touched fewer packages, etc.). Same 1352-package fixture, hyperfine --warmup 2 --runs 10, --prepare deletes N stride-distributed slots before each run.

Damaged slots	PR mean	Baseline mean	PR/Baseline	PR sys time	Baseline sys time
0 (pure warm)	581 ms	661 ms	1.14× faster	327 ms	872 ms
1	615 ms	707 ms	1.15× faster	371 ms	769 ms
10	660 ms	707 ms	1.07× faster	428 ms	740 ms
100	2.25 s	2.25 s	1.00× (equivalent)	2.49 s	2.68 s
500	6.13 s	7.93 s	1.29× faster	10.4 s	10.4 s

Interpretation

• Low damage (N=0-10): PR's skip path bypasses 1342+ unchanged slots' per-snapshot syscalls; baseline walks the full graph and pays ~5× more sys time on the no-op AlreadyExists short-circuits. Wins are small in absolute wall time (50-90 ms) but consistent.
• Mid damage (N=100): per-slot install work dominates; both paths pay the same actual fetch+link cost for the damaged slots, and the skip savings on the unchanged majority get masked by the absolute install time.
• High damage (N=500): PR's skip path still saves the ~852 unchanged-slot link attempts the baseline does as no-ops. Even with the install path running for 500 slots, the 1.29× win shows up. Variance is high here (±1.3 s / ±2.5 s), so take with a grain of salt.

Caveats

• Workload-dependent. On a slower volume (HDD, network FS, container storage) per-snapshot syscalls cost more, so the relative wins should grow.
• Real-world "non-up-to-date" usually means the wanted lockfile changed, not node_modules has random damage. I can't easily simulate "lockfile changed" without breaking integrity checks, but the broken-modules scenario is the closest stand-in pacquet's frozen-lockfile path will accept.
• _broken_node_modules debug events fire correctly per the existing test (warm_reinstall_emits_broken_modules_when_dir_is_missing), so a reporter consumer would see one event per damaged slot.

Bottom line: the PR is consistently a small win and never a loss across the damage spectrum, in addition to the pure-warm 1.08× win in the original benchmark.

---

Written by an agent (Claude Code, claude-opus-4-7).