fix(pacquet): resolve catalog: in pnpm.overrides before freshness check#11820
Conversation
The frozen-lockfile freshness check compared the lockfile's overrides map (with `catalog:` already expanded by pnpm) against the raw config map (still containing `catalog:` strings), so every catalog-backed override surfaced as `ERR_PNPM_OUTDATED_LOCKFILE` on every install. Mirror pnpm's `parseOverrides(overrides, catalogs)` → `createOverridesMapFromParsed` pipeline: thread `&Catalogs` through `parse_overrides[_iter]`, resolve each value via `resolve_from_catalog`, and flatten the resolved entries into the map handed to `check_lockfile_settings`.
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Plus Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (6)
📜 Recent review details⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
🧰 Additional context used📓 Path-based instructions (1)pacquet/**/*.rs📄 CodeRabbit inference engine (pacquet/AGENTS.md)
Files:
🧠 Learnings (2)📚 Learning: 2026-05-20T19:40:55.051ZApplied to files:
📚 Learning: 2026-05-20T23:07:58.444ZApplied to files:
🔇 Additional comments (15)
📝 WalkthroughWalkthroughThis PR integrates workspace catalog resolution into the ChangesCatalog-aware Override Parsing and Integration
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related issues
Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #11820 +/- ##
==========================================
+ Coverage 87.48% 87.50% +0.01%
==========================================
Files 202 202
Lines 23704 23706 +2
==========================================
+ Hits 20737 20743 +6
+ Misses 2967 2963 -4 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Qodo reviews are paused for this user.Troubleshooting steps vary by plan Learn more → On a Teams plan? Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center? |
Micro-Benchmark ResultsLinux |
Integrated-Benchmark Report (Linux)Scenario: Frozen Lockfile
BENCHMARK_REPORT.json{
"results": [
{
"command": "pacquet@HEAD",
"mean": 2.3782681426000005,
"stddev": 0.05768248618204182,
"median": 2.4039782557000002,
"user": 2.7692648399999995,
"system": 3.5912003599999998,
"min": 2.2921900712000003,
"max": 2.4694069072000002,
"times": [
2.4694069072000002,
2.3218523252,
2.2921900712000003,
2.3991416852,
2.3282957122,
2.4093059022000003,
2.3208332692,
2.4183735732000002,
2.4144671542,
2.4088148262
]
},
{
"command": "pacquet@main",
"mean": 2.3427117605000003,
"stddev": 0.07661538173271001,
"median": 2.3022536247000005,
"user": 2.8017439399999993,
"system": 3.5520532599999997,
"min": 2.2676004262,
"max": 2.4707277362,
"times": [
2.4707277362,
2.3655274242,
2.2924404462,
2.2961008172,
2.3030020982000003,
2.4614883472,
2.3015051512,
2.3978329312,
2.2708922272,
2.2676004262
]
},
{
"command": "pnpm",
"mean": 4.4808144297000005,
"stddev": 0.050710333085436425,
"median": 4.471877983200001,
"user": 7.541953339999999,
"system": 4.004540260000001,
"min": 4.4049835822,
"max": 4.5987212402,
"times": [
4.4539627322,
4.4771616502,
4.5137415802000005,
4.4049835822,
4.4556919622,
4.4665943162,
4.4597151472,
4.5003474202,
4.5987212402,
4.4772246662
]
}
]
}Scenario: Frozen Lockfile (Hot Cache)
BENCHMARK_REPORT.json{
"results": [
{
"command": "pacquet@HEAD",
"mean": 0.7070619548000001,
"stddev": 0.04685218367037381,
"median": 0.6898108915000001,
"user": 0.37054997999999995,
"system": 1.58553824,
"min": 0.684830967,
"max": 0.8388487800000001,
"times": [
0.8388487800000001,
0.6900566180000001,
0.695436151,
0.689394822,
0.689565165,
0.684830967,
0.7086005790000001,
0.68668375,
0.699582159,
0.687620557
]
},
{
"command": "pacquet@main",
"mean": 0.7194739968999999,
"stddev": 0.05342156001019935,
"median": 0.694613791,
"user": 0.37726297999999997,
"system": 1.58806384,
"min": 0.670987467,
"max": 0.8262223710000001,
"times": [
0.762012986,
0.670987467,
0.8262223710000001,
0.699475209,
0.685848785,
0.697306024,
0.79024463,
0.687803091,
0.682917848,
0.691921558
]
},
{
"command": "pnpm",
"mean": 2.5381664750999997,
"stddev": 0.11275012779958085,
"median": 2.5202176465,
"user": 2.94659998,
"system": 2.20554694,
"min": 2.3973100179999998,
"max": 2.826099866,
"times": [
2.4876655100000002,
2.523814514,
2.464574399,
2.826099866,
2.562361825,
2.516620779,
2.3973100179999998,
2.500008711,
2.533881537,
2.569327592
]
}
]
} |
Summary
The frozen-lockfile freshness check compared the lockfile's
overridesmap (where pnpm has already expandedcatalog:to a concrete specifier) against the raw config map (still holding the literalcatalog:strings). Every catalog-backed override therefore surfaced asERR_PNPM_OUTDATED_LOCKFILEon every install, with output like:Fix
Mirror pnpm's
parseOverrides(overrides, catalogs)→createOverridesMapFromParsedpipeline:pacquet-config-parse-overrides::parse_overrides[_iter]now takes&Catalogsand runs each value throughresolve_from_catalog—Foundswaps in the resolved specifier,Unusedkeeps the original value,Misconfigurationsurfaces asERR_PNPM_CATALOG_IN_OVERRIDESwith the resolver's own error message (closer to upstream than the old hardcoded message).create_overrides_map_from_parsedhelper mirroring upstream.Install::runparsesconfig.overridesonce with the workspace catalogs before the freshness check, hands the resolved map tocheck_lockfile_settings, and reuses the same parsed slice forVersionsOverrider(no double parsing).Test plan
frozen_lockfile_resolves_catalog_protocol_in_overrides_before_freshness_check: workspace catalog definesplaceholder: 1.0.0, manifest declaresplaceholder: ^9,pnpm.overridesisplaceholder: catalog:, lockfile records the resolvedoverrides.placeholder: 1.0.0. Install must accept the lockfile.OverridesChanged { lockfile: {"placeholder": "1.0.0"}, config: {"placeholder": "catalog:"} }.parse_overridesandVersionsOverridertests updated to pass an empty catalogs map; two new tests covercatalog:andcatalog:<name>resolution.cargo nextest run -p pacquet-config-parse-overrides -p pacquet-package-manager --lib→ 293/293 pass.cargo clippy -p pacquet-config-parse-overrides -p pacquet-package-manager --all-targets -- --deny warningsclean.Written by an agent (Claude Code, claude-opus-4-7).
Summary by CodeRabbit
catalog:andcatalog:<name>references being automatically resolved from workspace catalogs.