fix(pacquet): record catalog snapshot for npm-aliased catalog deps#12274
Conversation
… deps
`build_catalog_snapshots` read the resolved version via
`ImporterDepVersion::as_regular`, which returns `None` for `npm:`-aliased
deps (stored as `ImporterDepVersion::Alias`). So a catalog entry like
`js-yaml: npm:@zkochan/js-yaml@0.0.11` was silently dropped from the
`catalogs:` lockfile section — pnpm records `{ specifier:
npm:@zkochan/js-yaml@0.0.11, version: 0.0.11 }`.
Read the version via `ver_peer` instead, which returns the alias's suffix
(`0.0.11`) for `Alias` and the plain version for `Regular`. On the pnpm
monorepo this restores all 8 dropped aliased catalog entries (lockfile diff
vs fresh pnpm 2,191 -> 2,167); a single-entry catalog now matches pnpm
byte-for-byte.
Refs #12266.
Code Review by Qodo🐞 Bugs (0) 📘 Rule violations (0) 📎 Requirement gaps (0)
Great, no issues found!Qodo reviewed your code and found no material issues that require reviewPrevious review resultsReview updated until commit e2c1a8d Results up to commit 261daee
Great, no issues found!Qodo reviewed your code and found no material issues that require review |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (1)
✅ Files skipped from review due to trivial changes (1)
📜 Recent review details⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)
📝 WalkthroughWalkthroughThis PR fixes catalog snapshot generation for dependencies resolved through npm aliases. The change updates ChangesCatalog Snapshot Fix for npm-Aliased Dependencies
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related issues
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Micro-Benchmark ResultsLinux |
Notes that catalogs.ts:789 "catalog entry using npm alias can be reused" is covered: its `catalogs:` snapshot assertion by the new `aliased_catalog_dependency_records_catalog_snapshot` unit test, its reuse half by the existing single-importer reuse test (the two-project shape needs workspaces). Also flags the still-unported general catalogs.ts install/workspace integration cases. Refs #12266.
|
Code review by qodo was updated up to the latest commit e2c1a8d |
PR Summary by Qodo
Fix catalog snapshots for npm-aliased catalog dependencies
🐞 Bug fix🧪 Tests🕐 20-40 MinutesWalkthroughs
User Description
What
Part of the lockfile-parity work (#12266, category 2 —
npm:aliases). Fixes a catalog entry resolved through annpm:alias being dropped from the lockfile'scatalogs:section.build_catalog_snapshotsread the resolved version viaImporterDepVersion::as_regular, which returnsNonefornpm:-aliased deps (stored asImporterDepVersion::Alias). So an entry likejs-yaml: npm:@zkochan/js-yaml@0.0.11was silently dropped — pnpm records{ specifier: npm:@zkochan/js-yaml@0.0.11, version: 0.0.11 }.How
Read the version via
ImporterDepVersion::ver_peer, which returns the alias's suffix (0.0.11) forAliasand the plain version forRegular.Verification
js-yaml: npm:@zkochan/js-yaml@0.0.11) is now byte-identical to pnpm 11.5.2.aliased_catalog_dependency_records_catalog_snapshot, verified to fail without the fix.cargo nextest(graph-to-lockfile + catalog suites) green; clippy + fmt clean.Note
While investigating category 2, I found the remaining override-related symptoms (
catalog:-valued overrides, transitively-overriddenjs-yaml) are not annpm:alias problem — pacquet doesn't applypnpm.overridesduring fresh resolution at all. Filed separately so this PR stays scoped.Refs #12266.
Written by an agent (Claude Code, claude-opus-4-8).
AI Description
• Preserve catalogs: lockfile entries for catalog: deps resolved via npm: aliases. • Use ImporterDepVersion::ver_peer to read resolved versions for alias and regular deps. • Add a regression test ensuring aliased catalog entries record { specifier, version }.Diagram
graph TD A["dependencies_graph_to_lockfile.rs"] --> B["build_catalog_snapshots()"] --> E[("Lockfile catalogs snapshot")] B --> F[("Catalogs input map")] B --> C[("ProjectSnapshot deps")] C --> D["ImporterDepVersion::ver_peer()"] --> E T["tests.rs: aliased catalog test"] --> AHigh-Level Assessment
The chosen fix is appropriate:
ImporterDepVersion::ver_peeris the API that intentionally abstracts over Regular vs Alias version extraction, preventing silent drops that occur withas_regular. Adding a targeted regression test is sufficient to guard the parity behavior.File Changes
Bug fix (1)
Tests (1)
Summary by CodeRabbit
Release Notes
Bug Fixes
Tests
Documentation