From 4d34684f1f78aba330c8144b3f3dd93abb7f2da0 Mon Sep 17 00:00:00 2001 From: Jake Livak Date: Tue, 19 Dec 2023 15:18:07 -0700 Subject: [PATCH] fix: bundledDependencies field is not always respected (#7411) (#7412) * fix: check for both bundleDependencies and bundledDependencies (#7411) update to code that didn't correctly check both bundleDependencies and bundledDependencies * fix: support boolean value for bundleDependencies (#7411) fix so that a 'true' value in the bundleDependencies field is correctly interpreted (as meaning all dependencies are bundled) close #7411 * fix: allow saving of boolean bundledDependencies values updates prior fix to allow saving booleans to bundledDependencies field. * fix: add test coverage for bundledDependencies fixes (#7411) add local tarball test and bundledDependencies=true test update existing tests to confirm that bundled dependencies aren't installed * fix: update registry-mock * docs: update changeset * fix: update bundleDependencies tests * Revert "fix: update registry-mock" This reverts commit 0c4b7ede213561fbc6411f93fbe299ee86d4ed10. * Revert "Revert "fix: update registry-mock"" This reverts commit 9828dfce916628522c3926bfbac5ab2d060e3b3d. * test: update integrities in test lockfiles * test: retry twice * test: move bundle deps test to separate file --------- Co-authored-by: Zoltan Kochan --- .changeset/olive-files-admire.md | 8 ++ lockfile/lockfile-types/src/index.ts | 2 +- packages/types/src/package.ts | 4 +- ...kg-with-bundle-dependencies-true-1.0.0.tgz | Bin 0 -> 524 bytes .../pkg-with-bundled-dependencies-1.0.0.tgz | Bin 0 -> 531 bytes .../core/test/install/bundledDependencies.ts | 101 ++++++++++++++++++ pkg-manager/core/test/install/misc.ts | 41 ------- .../src/getNonDevWantedDependencies.ts | 7 +- .../src/resolveDependencies.ts | 4 +- .../src/updateLockfile.ts | 3 +- 10 files changed, 121 insertions(+), 49 deletions(-) create mode 100644 .changeset/olive-files-admire.md create mode 100644 pkg-manager/core/test/fixtures/pkg-with-bundle-dependencies-true/pkg-with-bundle-dependencies-true-1.0.0.tgz create mode 100644 pkg-manager/core/test/fixtures/pkg-with-bundled-dependencies/pkg-with-bundled-dependencies-1.0.0.tgz create mode 100644 pkg-manager/core/test/install/bundledDependencies.ts diff --git a/.changeset/olive-files-admire.md b/.changeset/olive-files-admire.md new file mode 100644 index 0000000000..43112f7f75 --- /dev/null +++ b/.changeset/olive-files-admire.md @@ -0,0 +1,8 @@ +--- +"@pnpm/resolve-dependencies": patch +"@pnpm/lockfile-types": patch +"@pnpm/types": patch +"pnpm": patch +--- + +Added support for boolean values in 'bundleDependencies' package.json fields when installing a dependency. Fix to properly handle 'bundledDependencies' alias [#7411](https://github.com/pnpm/pnpm/issues/7411). diff --git a/lockfile/lockfile-types/src/index.ts b/lockfile/lockfile-types/src/index.ts index 8548bab90b..a00a1b4ba4 100644 --- a/lockfile/lockfile-types/src/index.ts +++ b/lockfile/lockfile-types/src/index.ts @@ -116,7 +116,7 @@ export interface PackageSnapshot { } } transitivePeerDependencies?: string[] - bundledDependencies?: string[] + bundledDependencies?: string[] | boolean engines?: Record & { node: string } diff --git a/packages/types/src/package.ts b/packages/types/src/package.ts index 52c00acd28..29f2a11671 100644 --- a/packages/types/src/package.ts +++ b/packages/types/src/package.ts @@ -82,8 +82,8 @@ export interface BaseManifest { peerDependencies?: Dependencies peerDependenciesMeta?: PeerDependenciesMeta dependenciesMeta?: DependenciesMeta - bundleDependencies?: string[] - bundledDependencies?: string[] + bundleDependencies?: string[] | boolean + bundledDependencies?: string[] | boolean homepage?: string repository?: string | { url: string } scripts?: PackageScripts diff --git a/pkg-manager/core/test/fixtures/pkg-with-bundle-dependencies-true/pkg-with-bundle-dependencies-true-1.0.0.tgz b/pkg-manager/core/test/fixtures/pkg-with-bundle-dependencies-true/pkg-with-bundle-dependencies-true-1.0.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..c5a4ad78fd38bbbf02a823b0888a250480e66175 GIT binary patch literal 524 zcmV+n0`vVJiwFP!00002|Lv7cZ=5g?hB@;qCa#pERShN!MBUV4mFu`mVi z8r!l>K2+tuR|dLCqwOlINZYjHJpdZdhi&Guby=;;24kse{MM+8OALN zq3E?TqNXcLmt4kN)_4=GZ17|;#?G@0w%G^e41z_Lvn0uLmO{YJShmO@V8H>@TUVNZ zJ-gPp6xh7~5xqK!duw9(kg+GP|fMdN8bT3bimQc>oA!0UrF!H{}d6e ztddVgBTv&m@}HeA9`m0p@^t3^5c&}U5LtFe3Lv}wJ9+Cpuh3Yoq<2mt7O~MSUDL^Xl z17I~){5!|`lECpX;0kPzT*$R>D&(hlqU{ORjh!Jt-_J7sPk6uH%dQ^Vch1VDNt zyrp$c+ait|?%IACRjP~qMvV_=5aX`24o&Q*^NSC=We+dLJ@Zow@4^?w|Nd0(g~l%a z(~E+R4ahIc~L;lnl)?I Of%Fs6!kVZ65C8zrbp%fU literal 0 HcmV?d00001 diff --git a/pkg-manager/core/test/fixtures/pkg-with-bundled-dependencies/pkg-with-bundled-dependencies-1.0.0.tgz b/pkg-manager/core/test/fixtures/pkg-with-bundled-dependencies/pkg-with-bundled-dependencies-1.0.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..76325a5a387bccd722eb3de723af023a878d2ca9 GIT binary patch literal 531 zcmV+u0_^=CiwFP!00002|Lv9EZ__Xk$NSvB;ufS0Bpf?yl1hCV5=iiXc;StqDNT;X zt!rDhvmcuFzhft%`@yJMO&SB``;bKEJNspRV|+G zD1;&x%7}_AEtzvkxvcOqUfR*lVvJ3*3?8$$${CC%S$jG zrQzE3Bk!QE5xC&4h63u_9s)}Xo7uvL_m4OKl+N5uX8lme&Kn$B7aXyy6`V#Nj8SIh zdliHMuo_GLgJX3X!Qmm`C3lcSKJuoWP4E(>ZTI*2)7NeVgIZbcl)1XI$dzuL7TmQ? z-qaWoEVXmm&M5UGbu*7kwWi^qx`#7}bX{17hK6*0@nIi1!;|jJLTcli@r&Yrf2#LF zV;lczo;=_`NwRc0@c$S2*Q*5y@RE5WD}fcMP@{)bmK^Q2R`46U+OyWo1-JDVDFSYh zUjw-G$1VgA!WU8*Bz>GWNJaW$Btn&|Taf!y-rvn+2H(16wze+s^1W|V_hPSih}~@O VB~d$Q(4aw2*H0HQRNDX$006Hf2Ot0d literal 0 HcmV?d00001 diff --git a/pkg-manager/core/test/install/bundledDependencies.ts b/pkg-manager/core/test/install/bundledDependencies.ts new file mode 100644 index 0000000000..965d593999 --- /dev/null +++ b/pkg-manager/core/test/install/bundledDependencies.ts @@ -0,0 +1,101 @@ +import { prepareEmpty } from '@pnpm/prepare' +import { fixtures } from '@pnpm/test-fixtures' +import { addDependenciesToPackage } from '@pnpm/core' +import { testDefaults } from '../utils' + +const f = fixtures(__dirname) + +test('bundledDependencies (pkg-with-bundled-dependencies@1.0.0)', async () => { + const project = prepareEmpty() + + await addDependenciesToPackage({}, ['@pnpm.e2e/pkg-with-bundled-dependencies@1.0.0'], await testDefaults({ fastUnpack: false })) + + await project.isExecutable('@pnpm.e2e/pkg-with-bundled-dependencies/node_modules/.bin/hello-world-js-bin') + + const lockfile = await project.readLockfile() + expect( + lockfile.packages['/@pnpm.e2e/pkg-with-bundled-dependencies@1.0.0'].bundledDependencies + ).toStrictEqual( + ['@pnpm.e2e/hello-world-js-bin'] + ) + + expect( + lockfile.packages['/@pnpm.e2e/hello-world-js-bin@1.0.0'] + ).toBeUndefined() +}) + +// covers https://github.com/pnpm/pnpm/issues/7411 +test('local tarball with bundledDependencies', async () => { + const project = prepareEmpty() + + f.copy('pkg-with-bundled-dependencies/pkg-with-bundled-dependencies-1.0.0.tgz', 'pkg.tgz') + await addDependenciesToPackage({}, ['file:pkg.tgz'], await testDefaults({ fastUnpack: false })) + + const lockfile = await project.readLockfile() + expect( + lockfile.packages['file:pkg.tgz'].bundledDependencies + ).toStrictEqual( + ['@pnpm.e2e/hello-world-js-bin'] + ) + expect( + lockfile.packages['/@pnpm.e2e/hello-world-js-bin@1.0.0'] + ).toBeUndefined() +}) + +test('local tarball with bundledDependencies true', async () => { + const project = prepareEmpty() + + f.copy('pkg-with-bundle-dependencies-true/pkg-with-bundle-dependencies-true-1.0.0.tgz', 'pkg.tgz') + await addDependenciesToPackage({}, ['file:pkg.tgz'], await testDefaults({ fastUnpack: false })) + + const lockfile = await project.readLockfile() + expect( + lockfile.packages['file:pkg.tgz'].bundledDependencies + ).toStrictEqual( + true + ) + expect( + lockfile.packages['/@pnpm.e2e/hello-world-js-bin@1.0.0'] + ).toBeUndefined() +}) + +test('bundleDependencies (pkg-with-bundle-dependencies@1.0.0)', async () => { + const project = prepareEmpty() + + await addDependenciesToPackage({}, ['@pnpm.e2e/pkg-with-bundle-dependencies@1.0.0'], await testDefaults({ fastUnpack: false })) + + await project.isExecutable('@pnpm.e2e/pkg-with-bundle-dependencies/node_modules/.bin/hello-world-js-bin') + + const lockfile = await project.readLockfile() + expect( + lockfile.packages['/@pnpm.e2e/pkg-with-bundle-dependencies@1.0.0'].bundledDependencies + ).toStrictEqual( + ['@pnpm.e2e/hello-world-js-bin'] + ) + expect( + lockfile.packages['/@pnpm.e2e/hello-world-js-bin@1.0.0'] + ).toBeUndefined() +}) + +test('installing a package with bundleDependencies set to false (pkg-with-bundle-dependencies-false)', async () => { + const project = prepareEmpty() + + await addDependenciesToPackage({}, ['@pnpm.e2e/pkg-with-bundle-dependencies-false'], await testDefaults({ fastUnpack: false })) + + const lockfile = await project.readLockfile() + expect( + typeof lockfile.packages['/@pnpm.e2e/pkg-with-bundle-dependencies-false@1.0.0'].bundledDependencies + ).toEqual('undefined') +}) + +test('installing a package with bundleDependencies set to true (pkg-with-bundle-dependencies-true)', async () => { + const project = prepareEmpty() + + await addDependenciesToPackage({}, ['@pnpm.e2e/pkg-with-bundle-dependencies-true@1.0.0'], await testDefaults({ fastUnpack: false })) + + const lockfile = await project.readLockfile() + + expect( + lockfile.packages['/@pnpm.e2e/hello-world-js-bin@1.0.0'] + ).toBeUndefined() +}) diff --git a/pkg-manager/core/test/install/misc.ts b/pkg-manager/core/test/install/misc.ts index 80c0790039..9336f60298 100644 --- a/pkg-manager/core/test/install/misc.ts +++ b/pkg-manager/core/test/install/misc.ts @@ -510,47 +510,6 @@ test('big with dependencies and circular deps (babel-preset-2015)', async () => expect(typeof m).toEqual('object') }) -test('bundledDependencies (pkg-with-bundled-dependencies@1.0.0)', async () => { - const project = prepareEmpty() - - await addDependenciesToPackage({}, ['@pnpm.e2e/pkg-with-bundled-dependencies@1.0.0'], await testDefaults({ fastUnpack: false })) - - await project.isExecutable('@pnpm.e2e/pkg-with-bundled-dependencies/node_modules/.bin/hello-world-js-bin') - - const lockfile = await project.readLockfile() - expect( - lockfile.packages['/@pnpm.e2e/pkg-with-bundled-dependencies@1.0.0'].bundledDependencies - ).toStrictEqual( - ['@pnpm.e2e/hello-world-js-bin'] - ) -}) - -test('bundleDependencies (pkg-with-bundle-dependencies@1.0.0)', async () => { - const project = prepareEmpty() - - await addDependenciesToPackage({}, ['@pnpm.e2e/pkg-with-bundle-dependencies@1.0.0'], await testDefaults({ fastUnpack: false })) - - await project.isExecutable('@pnpm.e2e/pkg-with-bundle-dependencies/node_modules/.bin/hello-world-js-bin') - - const lockfile = await project.readLockfile() - expect( - lockfile.packages['/@pnpm.e2e/pkg-with-bundle-dependencies@1.0.0'].bundledDependencies - ).toStrictEqual( - ['@pnpm.e2e/hello-world-js-bin'] - ) -}) - -test('installing a package with bundleDependencies set to false (pkg-with-bundle-dependencies-false)', async () => { - const project = prepareEmpty() - - await addDependenciesToPackage({}, ['@pnpm.e2e/pkg-with-bundle-dependencies-false'], await testDefaults({ fastUnpack: false })) - - const lockfile = await project.readLockfile() - expect( - typeof lockfile.packages['/@pnpm.e2e/pkg-with-bundle-dependencies-false@1.0.0'].bundledDependencies - ).toEqual('undefined') -}) - test('compiled modules (ursa@0.9.1)', async () => { // TODO: fix this for Node.js v7 if (!isCI || IS_WINDOWS || semver.satisfies(process.version, '>=7.0.0')) { diff --git a/pkg-manager/resolve-dependencies/src/getNonDevWantedDependencies.ts b/pkg-manager/resolve-dependencies/src/getNonDevWantedDependencies.ts index 336570134f..c3ef6bcaa2 100644 --- a/pkg-manager/resolve-dependencies/src/getNonDevWantedDependencies.ts +++ b/pkg-manager/resolve-dependencies/src/getNonDevWantedDependencies.ts @@ -9,8 +9,11 @@ export interface WantedDependency { injected?: boolean } -export function getNonDevWantedDependencies (pkg: Pick) { - const bd = pkg.bundleDependencies ?? pkg.bundleDependencies +export function getNonDevWantedDependencies (pkg: Pick) { + let bd = pkg.bundledDependencies ?? pkg.bundleDependencies + if (bd === true) { + bd = pkg.dependencies != null ? Object.keys(pkg.dependencies) : [] + } const bundledDeps = new Set(Array.isArray(bd) ? bd : []) const filterDeps = getNotBundledDeps.bind(null, bundledDeps) return getWantedDependenciesFromGivenSet( diff --git a/pkg-manager/resolve-dependencies/src/resolveDependencies.ts b/pkg-manager/resolve-dependencies/src/resolveDependencies.ts index bae230921e..a94fe4a2e2 100644 --- a/pkg-manager/resolve-dependencies/src/resolveDependencies.ts +++ b/pkg-manager/resolve-dependencies/src/resolveDependencies.ts @@ -220,8 +220,8 @@ export interface ResolvedPackage { requiresBuild: boolean | SafePromiseDefer additionalInfo: { deprecated?: string - bundleDependencies?: string[] - bundledDependencies?: string[] + bundleDependencies?: string[] | boolean + bundledDependencies?: string[] | boolean engines?: { node?: string npm?: string diff --git a/pkg-manager/resolve-dependencies/src/updateLockfile.ts b/pkg-manager/resolve-dependencies/src/updateLockfile.ts index 829a86a14e..1cec185e99 100644 --- a/pkg-manager/resolve-dependencies/src/updateLockfile.ts +++ b/pkg-manager/resolve-dependencies/src/updateLockfile.ts @@ -152,7 +152,8 @@ function toLockfileDependency ( if (pkg.additionalInfo.libc != null) { result['libc'] = pkg.additionalInfo.libc } - if (Array.isArray(pkg.additionalInfo.bundledDependencies) || Array.isArray(pkg.additionalInfo.bundleDependencies)) { + if (Array.isArray(pkg.additionalInfo.bundledDependencies) || Array.isArray(pkg.additionalInfo.bundleDependencies) || + typeof pkg.additionalInfo.bundledDependencies === 'boolean' || typeof pkg.additionalInfo.bundleDependencies === 'boolean') { result['bundledDependencies'] = pkg.additionalInfo.bundledDependencies ?? pkg.additionalInfo.bundleDependencies } if (pkg.additionalInfo.deprecated) {