这是indexloc提供的服务,不要输入任何密码
Skip to content

fix(packages): no longer match versionless packages #10056

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Mar 4, 2025
Merged

fix(packages): no longer match versionless packages #10056

merged 2 commits into from
Mar 4, 2025

Conversation

chris-olszewski
Copy link
Member

Description

Previously we had matched version constraints on workspace packages that didn't have versions. This did not match actual package manager implementations.

To give a concrete example:

[0 olszewski@macbookpro] /tmp/pnpm-prune-test $ tree
.
├── node_modules
├── package.json
├── packages
│   ├── a
│   │   ├── node_modules
│   │   │   └── b -> ../../../node_modules/.pnpm/b@2.0.1/node_modules/b
│   │   └── package.json
│   └── b
│       └── package.json
├── pnpm-lock.yaml
└── pnpm-workspace.yaml
[0 olszewski@macbookpro] /tmp/pnpm-prune-test $ cat packages/a/package.json 
{"name": "a", "dependencies": {"b": "2.0.1"}}
[0 olszewski@macbookpro] /tmp/pnpm-prune-test $ cat packages/b/package.json
{"name": "b"}
[0 olszewski@macbookpro] /tmp/pnpm-prune-test $ cat pnpm-lock.yaml 
lockfileVersion: '6.0'

settings:
  autoInstallPeers: true
  excludeLinksFromLockfile: false

importers:

  .: {}

  packages/a:
    dependencies:
      b:
        specifier: 2.0.1
        version: 2.0.1

  packages/b: {}

packages:

  /b@2.0.1:
    resolution: {integrity: sha512-JBWAj6f91ocNLbdg1jCGrxHXSWbQDsxgqVmKeO0TellEcq9LCvJ97iWG6p3otCt/v08/hHrWwAB9vNYS9y70IQ==}
    engines: {node: '>= 0.8.0'}
    dev: false

As you can see a is using a b from the NPM registry and not the workspace package b that does not have a version.

Testing Instructions

Added red -> green unit test

I spot checked and all of the following would not match a versionless workspace dependency when provided a constraint:

  • npm 8,9,10
  • yarn 1, 3, 4
  • pnpm 8, 9, 10

@vercel Vercel
Copy link

vercel bot commented Feb 27, 2025

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
examples-basic-web ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 27, 2025 11:14pm
examples-designsystem-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 27, 2025 11:14pm
examples-gatsby-web ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 27, 2025 11:14pm
examples-kitchensink-blog ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 27, 2025 11:14pm
examples-native-web ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 27, 2025 11:14pm
examples-nonmonorepo ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 27, 2025 11:14pm
examples-svelte-web ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 27, 2025 11:14pm
examples-tailwind-web ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 27, 2025 11:14pm
examples-vite-web ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 27, 2025 11:14pm

@chris-olszewski chris-olszewski marked this pull request as ready for review February 27, 2025 23:20
@chris-olszewski chris-olszewski requested a review from a team as a code owner February 27, 2025 23:20
@chris-olszewski chris-olszewski merged commit e85b0d3 into main Mar 4, 2025
39 checks passed
@chris-olszewski chris-olszewski deleted the chrisolszewski/turbo-4448-fix-invalid-lockfile-issue-with-turbo-prune-on-api-services branch March 4, 2025 19:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anthonyshew anthonyshew anthonyshew approved these changes

@tknickman tknickman Awaiting requested review from tknickman tknickman is a code owner automatically assigned from vercel/turbo-oss

@NicholasLYang NicholasLYang Awaiting requested review from NicholasLYang NicholasLYang is a code owner automatically assigned from vercel/turbo-oss

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@chris-olszewski @anthonyshew