Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Expanded test coverage for pnpm lockfile processing #2004

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Expanded test coverage for pnpm lockfile processing #2004

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b7c53b5
Expanded test coverage for pnpm lockfile processing
Silic0nS0ldier Oct 29, 2024
a3ec740
Merge remote-tracking branch 'origin/main' into expanded-npm-translat…
Silic0nS0ldier Oct 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .bazelignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,3 +23,4 @@ node_modules/
npm/private/test/node_modules/
npm/private/test/npm_package/node_modules/
npm/private/test/npm_package_publish/node_modules
.git
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think I've ever seen this in any bazel repo, do you have any more info on this?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bazel does not ignore .git by default, meaning commands like bazel build //... also search in .git for BUILD files.

This is bad for performance (especially in a large repository with a long history).

Additionally while rare, a .git directory could have a file Bazel will attempt to process. For example a branch called BUILD would create a file .git/refs/remotes/origin/BUILD containing the hash of the commit it current points to. Utter nonsense to Bazel that will fail the build/query/etc.

2 changes: 1 addition & 1 deletion npm/private/npm_translate_lock_generate.bzl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,7 @@ sh_binary(
dep_path = helpers.link_package(root_package, dep_version[len("file:"):])
dep_key = "{}+{}".format(dep_package, dep_version)
if not dep_key in fp_links.keys():
msg = "Expected to file: referenced package {} in first-party links".format(dep_key)
msg = "Expected to find: referenced package {} in first-party links".format(dep_key)
fail(msg)
fp_links[dep_key]["link_packages"][link_package] = True
elif dep_version.startswith("link:"):
Expand Down
41 changes: 32 additions & 9 deletions npm/private/pnpm.bzl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,11 +28,33 @@ def _new_import_info(dependencies, dev_dependencies, optional_dependencies):
"optional_dependencies": optional_dependencies,
}

# Metadata about a package.
#
# Metadata may come from different locations depending on the lockfile, this struct should
# have data normalized across lockfiles.
def _new_package_info(id, name, dependencies, optional_dependencies, dev, has_bin, optional, requires_build, version, friendly_version, resolution):
"""
Metadata about a package.

Metadata may come from different locations depending on the lockfile, this struct should
have data normalized across lockfiles.

Args:
id: The package id, if present.
TODO Remove. Used for to resolve path of local packages, however `resolution` is a better source of truth.
name: The package name.
dependencies: A map of package dependencies.
optional_dependencies: A map of optional package dependencies.
dev: True if the package is a dev dependency, None otherwise.
has_bin: True if the package has a bin field.
optional: True if the package is an optional dependency.
Determines if package should be omitted `no_optional = True` specified.
requires_build: True if the package requires a build.
NOTE: With pnpm v9, this cannot be known ahead of time.
version: The resolved package version.
e.g. `file:packages/a`, `1.2.3`, `1.2.3_at_scope_peer_2.0.2`.
friendly_version: The package version, normalized for users. Used to target patches, etc.
e.g. `file:packages/a`, `1.2.3`.
resolution: The package resolution.
e.g. { integrity: "..." }
e.g. { type: "directory", directory: "packages/a" }
"""
return {
"id": id,
"name": name,
Expand Down Expand Up @@ -218,20 +240,20 @@ def _convert_pnpm_v6_v9_version_peer_dep(version):
# with rules_js.
#
# Examples:
# 1.2.3
# 1.2.3(@scope/[email protected])(@scope/[email protected])
# 4.5.6(patch_hash=o3deharooos255qt5xdujc3cuq)
# 1.2.3 -> 1.2.3
# 1.2.3(@scope/[email protected])(@scope/[email protected]) -> 1.2.3_2001974805
# 4.5.6(patch_hash=o3deharooos255qt5xdujc3cuq) -> 4.5.6_o3deharooos255qt5xdujc3cuq
if version[-1] == ")":
# Drop the patch_hash= not present in v5 so (patch_hash=123) -> (123) like v5
version = version.replace("(patch_hash=", "(")

# There is a peer dep if the string ends with ")"
# There is a peer dep (or patch) if the string ends with ")"
peer_dep_index = version.find("(")
peer_dep = version[peer_dep_index:]
if len(peer_dep) > 32:
# Prevent long paths. The pnpm lockfile v6 no longer hashes long sequences of
# peer deps so we must hash here to prevent extremely long file paths that lead to
# "File name too long) build failures.
# "File name too long" build failures.
peer_dep = utils.hash(peer_dep)
else:
peer_dep = peer_dep.replace("(@", "(_at_").replace(")(", "_").replace("@", "_").replace("/", "_")
Expand Down Expand Up @@ -603,4 +625,5 @@ pnpm = struct(
# Exported only to be tested
pnpm_test = struct(
strip_v5_peer_dep_or_patched_version = _strip_v5_peer_dep_or_patched_version,
convert_pnpm_v6_v9_version_peer_dep = _convert_pnpm_v6_v9_version_peer_dep,
)
Loading
Loading