fix: npm protocol alias with pnp should be supported

[JounQin]

fix un-ts/eslint-plugin-import-x#379

---

Important

Fix npm protocol alias resolution in ResolverGeneric and update Yarn version to 4.9.2 with new test added.

• Behavior:
  • Fixes npm protocol alias resolution in ResolverGeneric in lib.rs by using the specifier as the source of truth for package names.
• Chores:
  • Updated Yarn version to 4.9.2 in global-pnp/package.json and pnp/package.json.
  • Added alias "custom-minimist" for "minimist" in pnp/package.json.
• Tests:
  • Added resolve_npm_protocol_alias() in pnp.rs to test npm protocol alias resolution.

^{This description was created by for ee31e61. You can customize this summary. It will automatically update as commits are pushed.}

---

Summary by CodeRabbit

• Chores

  • Updated Yarn package manager version to 4.9.2 in relevant configurations.
  • Added new dependency aliases for drag-and-drop packages and "custom-minimist" in one fixture.

• Tests

  • Introduced a new test to verify correct resolution of npm protocol aliases for dependencies.

[coderabbitai]

Walkthrough

The updates include bumping the Yarn package manager version from 4.9.1 to 4.9.2 in two fixture package.json files, adding new alias dependencies including "custom-minimist" in one fixture, and introducing a new test to verify the resolution of these aliases to the correct cached package paths. Additionally, internal logic in the load_pnp function was refined to better handle package name extraction from specifiers.

Changes

File(s)	Change Summary
fixtures/global-pnp/package.json	Updated Yarn version from 4.9.1 to 4.9.2.
fixtures/pnp/package.json	Updated Yarn version from 4.9.1 to 4.9.2; added aliases for @custom/pragmatic-drag-and-drop, pragmatic-drag-and-drop, and custom-minimist.
src/tests/pnp.rs	Added test resolve_npm_protocol_alias to check alias resolution for new dependencies in Yarn cache.
src/lib.rs	Modified load_pnp to improve pkg_name extraction from specifiers, handling scoped packages and aliases.

Sequence Diagram(s)

sequenceDiagram
    participant Test as resolve_npm_protocol_alias()
    participant Resolver
    participant YarnCache

    Test->>Resolver: Initialize with pnp fixture
    Test->>Resolver: Resolve "custom-minimist"
    Resolver->>YarnCache: Lookup "minimist@^1.2.8"
    YarnCache-->>Resolver: Return cached path to minimist
    Resolver-->>Test: Return resolved path
    Test->>Test: Assert resolved path matches expected

Loading

Suggested labels

dependencies

Poem

In the garden of code, a version hops anew,
Yarn 4.9.2 brings threads fresh and true.
A custom alias joins the patchwork scene,
With minimist mapped, the intent is clean.
Tests burrow deep, ensuring all aligns—
Hooray for upgrades and dependency signs!
🐇✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9cc7b7a and ee31e61.

⛔ Files ignored due to path filters (1)

• fixtures/pnp/yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (3)

• fixtures/pnp/package.json (1 hunks)
• src/lib.rs (2 hunks)
• src/tests/pnp.rs (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• src/tests/pnp.rs
• fixtures/pnp/package.json

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: JounQin
PR: unrs/unrs-resolver#40
File: src/tests/resolve.rs:121-136
Timestamp: 2025-03-29T04:14:03.715Z
Learning: For tests involving npm/yarn package resolution in the unrs-resolver project, dependencies must be installed first using the appropriate package manager commands (pnpm i, yarn) in both the root directory and fixture directories like fixtures/pnp and fixtures/misc/nested-package-json.

Learnt from: JounQin
PR: unrs/unrs-resolver#136
File: src/tests/extension_alias.rs:36-46
Timestamp: 2025-06-05T18:52:30.363Z
Learning: The fixtures/yarn directory in the unrs-resolver project requires running `yarn install` to install TypeScript dependencies before tests can run, similar to other fixture directories like fixtures/pnp. The test in src/tests/extension_alias.rs depends on the installed TypeScript package providing lib/typescript.d.ts and related files.

Learnt from: JounQin
PR: unrs/unrs-resolver#136
File: src/tests/extension_alias.rs:36-46
Timestamp: 2025-06-05T18:52:30.363Z
Learning: The fixtures/yarn directory in the unrs-resolver project requires running `yarn install` to install TypeScript dependencies before tests can run, similar to other fixture directories like fixtures/pnp. The test in src/tests/extension_alias.rs depends on the installed TypeScript package providing lib/typescript.d.ts and related files.

Learnt from: JounQin
PR: unrs/unrs-resolver#75
File: fixtures/pnp/package.json:11-14
Timestamp: 2025-04-21T08:11:41.469Z
Learning: The project uses a justfile with an `install` task that includes running yarn in the fixtures/pnp directory to install dependencies with the command: `cd fixtures/pnp && yarn`.

⏰ Context from checks skipped due to timeout of 90000ms (5)

• GitHub Check: Codacy Static Code Analysis
• GitHub Check: Test (windows-latest)
• GitHub Check: Benchmark
• GitHub Check: Code Coverage
• GitHub Check: Analyze (javascript-typescript)

🔇 Additional comments (2)

src/lib.rs (2)

918-918: LGTM! Good micro-optimizations.

The changes improve both clarity and performance:

• The destructuring pattern |(_, last)| clearly shows we only need the second part of the tuple
• Using character literal '/' instead of string literal "/" is more efficient for single character operations

---

930-938: Excellent enhancement for npm protocol alias support!

This logic correctly handles the core requirement for npm protocol aliases by ensuring the package name is extracted from the specifier (source of truth) rather than relying solely on the cached path.

Key strengths:

• Properly handles both scoped (@scope/package) and non-scoped packages
• Addresses the alias discrepancy where cached path contains the actual package (e.g., "minimist") but specifier contains the alias (e.g., "custom-minimist")
• Clean separation between scope and package name for scoped packages using format!("{first}/{}", rest.split_once('/').unwrap_or((rest, "")).0)

This change is essential for resolving aliases like "custom-minimist": "npm:minimist@^1.2.8" correctly in PnP environments.

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	minimist@​1.2.8
	@​custom/​pragmatic-drag-and-drop@​1.5.2
	pragmatic-drag-and-drop@​1.5.2

View full report

[Copilot]

Pull Request Overview

This PR fixes the handling of npm protocol aliases with Plug'n'Play and updates related tests and fixtures accordingly.

• Added a new test (resolve_npm_protocol_alias) to verify proper resolution of npm protocol aliases.
• Updated Yarn package manager versions and added a "custom-minimist" dependency for alias resolution.
• Updated both project and global fixture configurations to use Yarn 4.9.2.

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File	Description
src/tests/pnp.rs	Added a new test to validate npm protocol alias resolution
fixtures/pnp/package.json	Updated Yarn version and added the "custom-minimist" dependency to test alias support
fixtures/global-pnp/package.json	Updated Yarn version to ensure consistency with project configuration

Comments suppressed due to low confidence (1)

src/tests/pnp.rs:135

• Consider adding a doc comment above the 'resolve_npm_protocol_alias' test to clarify its purpose and expected behavior, which can improve maintainability and clarity for future developers.

#[test]

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 9cc7b7a in 56 seconds. Click for details.

• Reviewed 53 lines of code in 3 files
• Skipped 1 files when reviewing.
• Skipped posting 4 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. fixtures/global-pnp/package.json:3

• Draft comment:
  Bumps Yarn version to 4.9.2. This update appears intended for PnP support – confirm it's deliberate.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is asking the PR author to confirm their intention regarding a dependency update. This violates the rule against asking for confirmation of intention, especially related to dependencies.

2. fixtures/pnp/package.json:7

• Draft comment:
  Adds the 'custom-minimist' alias using the npm protocol. This correctly maps to the 'minimist' package – ensure the alias resolution in tests stays in sync.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 20% <= threshold 50% The comment is informative and suggests ensuring that alias resolution in tests stays in sync. It doesn't provide a specific code suggestion or ask for a specific test to be written. It also doesn't point out a potential issue or ask for confirmation of an intentional change.

3. src/tests/pnp.rs:136

• Draft comment:
  New test 'resolve_npm_protocol_alias' verifies npm protocol alias resolution. Make sure the expected cached zip file hash remains valid if cache naming changes in future.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is asking the PR author to ensure future compatibility, which is not specific to the current code change. It doesn't provide a specific suggestion or point out a current issue with the code.

4. src/tests/pnp.rs:139

• Draft comment:
  Consider using Resolver::new(ResolveOptions::default()) instead of Resolver::default() for consistency with other tests.
• Reason this comment was not posted:
  Confidence changes required: 50% <= threshold 50% None

Workflow ID: wflow_xxrjHIePRMdTGohl

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 395df2a and 9cc7b7a.

⛔ Files ignored due to path filters (1)

• fixtures/pnp/yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (3)

• fixtures/global-pnp/package.json (1 hunks)
• fixtures/pnp/package.json (1 hunks)
• src/tests/pnp.rs (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: JounQin
PR: unrs/unrs-resolver#40
File: src/tests/resolve.rs:121-136
Timestamp: 2025-03-29T04:14:03.715Z
Learning: For tests involving npm/yarn package resolution in the unrs-resolver project, dependencies must be installed first using the appropriate package manager commands (pnpm i, yarn) in both the root directory and fixture directories like fixtures/pnp and fixtures/misc/nested-package-json.

Learnt from: JounQin
PR: unrs/unrs-resolver#136
File: src/tests/extension_alias.rs:36-46
Timestamp: 2025-06-05T18:52:30.363Z
Learning: The fixtures/yarn directory in the unrs-resolver project requires running `yarn install` to install TypeScript dependencies before tests can run, similar to other fixture directories like fixtures/pnp. The test in src/tests/extension_alias.rs depends on the installed TypeScript package providing lib/typescript.d.ts and related files.

Learnt from: JounQin
PR: unrs/unrs-resolver#136
File: src/tests/extension_alias.rs:36-46
Timestamp: 2025-06-05T18:52:30.363Z
Learning: The fixtures/yarn directory in the unrs-resolver project requires running `yarn install` to install TypeScript dependencies before tests can run, similar to other fixture directories like fixtures/pnp. The test in src/tests/extension_alias.rs depends on the installed TypeScript package providing lib/typescript.d.ts and related files.

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Codacy Static Code Analysis
• GitHub Check: Test (windows-latest)
• GitHub Check: Analyze (javascript-typescript)

🔇 Additional comments (2)

fixtures/global-pnp/package.json (1)

3-3: LGTM! Version synchronization maintains fixture consistency.

The Yarn version bump to 4.9.2 aligns with the other fixture and ensures consistent package manager versions across test environments.

fixtures/pnp/package.json (1)

3-3: LGTM! Yarn version update supports npm protocol alias.

The version bump to 4.9.2 ensures compatibility with the npm protocol alias feature being implemented.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed ee31e61 in 52 seconds. Click for details.

• Reviewed 73 lines of code in 3 files
• Skipped 1 files when reviewing.
• Skipped posting 4 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. src/tests/pnp.rs:90

• Draft comment:
  Consider renaming 'resolve_pnp_pkg_should_failed_while_disable_pnp_mode' to 'resolve_pnp_pkg_should_fail_while_pnp_mode_disabled' for clarity and proper grammar.
• Reason this comment was not posted:
  Comment was not on a location in the diff, so it can't be submitted as a review comment.

2. src/tests/pnp.rs:135

• Draft comment:
  Add inline comments in the 'resolve_npm_protocol_alias' test to clarify that it verifies resolution of npm protocol alias entries for both namespaced and non-namespaced package identifiers.
• Reason this comment was not posted:
  Comment was not on a location in the diff, so it can't be submitted as a review comment.

3. src/tests/pnp.rs:168

• Draft comment:
  Using 'dirs::home_dir().unwrap()' may panic if the home directory isn’t available; consider handling the None case or documenting that the test environment must provide a valid home directory.
• Reason this comment was not posted:
  Comment was not on a location in the diff, so it can't be submitted as a review comment.

4. src/tests/pnp.rs:13

• Draft comment:
  Consider using a consistent method for constructing Resolver (e.g. always using Resolver::new with explicit options) across tests to improve clarity.
• Reason this comment was not posted:
  Comment was not on a location in the diff, so it can't be submitted as a review comment.

Workflow ID: wflow_hxotaoeC4i8H5fnw

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 93.40%. Comparing base (395df2a) to head (ee31e61).
Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #139   +/-   ##
=======================================
  Coverage   93.39%   93.40%           
=======================================
  Files          13       13           
  Lines        2890     2894    +4     
=======================================
+ Hits         2699     2703    +4     
  Misses        191      191           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[codspeed-hq]

CodSpeed Performance Report

Merging #139 will not alter performance

_{Comparing fix/npm_protocol_alias (ee31e61) with main (395df2a)}

Summary

✅ 3 untouched benchmarks