fix: lockfile v6 on projects with patched deps#5979
Merged
Conversation
Member
Author
|
@valeneiko what was your issue with this change? it seems to work fine. |
|
@zkochan I was looking at the wrong package: |
chris-olszewski
added a commit
to vercel/turborepo
that referenced
this pull request
Mar 16, 2023
### Description Fixes #4133 (huge thanks to @shawnmcknight for the reproduction) The crux of the issue was that if a dependency is patched and peer dependencies than both get encoded into the lockfile key. We can't construct a full expected lockfile key from the patch entry anymore as the patch entry doesn't contain information about peer dependencies. To circumvent this we now scan through the entire package list, parse the key, extract the patch hash (if present), and then check if it matches a patch listed in `patchedDependencies`. Notes for reviewers: - A large portion of this PR is actually porting the lockfile key parsing logic that pnpm itself uses so we can extract the individual pieces that we care about. This logic is in a slightly messy state as the pnpm codebase is currently in a state where it supports v5 and v6 lockfiles. As mentioned in pnpm/pnpm#5810 once pnpm@8 lands this code will start to be refactored. I tried to keep the Go port as 1:1 as possible in hopes to make future maintenance easier. - This PR includes new logic for v6 as pnpm now encodes patches in lockfile keys: pnpm/pnpm#5979 ### Testing Instructions Added new packages to the pnpm lockfile fixtures that are patched *and* have peer dependencies. Also verify that the changes work as expected with the provided repro: - `make turbo` - Clone https://github.com/shawnmcknight/turbo-pnpm-patch-repro - Remove private dependency: `pushd packages/test && pnpm rm @sheet/core && popd` - `turbo_dev --skip-infer prune --scope=test` - Verify that `out/pnpm-lock.yaml` contains a `patchedDependencies` section with both `@types/jsonwebtoken@8.5.9` and `moleculer@0.14.28` as entries
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
close #5967