fix: --allow-build=<pkg> overlaps with ignoredBuiltDependencies (#9105)

* fix: `--allow-build=<pkg>` overlaps with `ignoredBuiltDependencies` * feat: update * fix: update * test: update * fix: add hint to the error message * test: fix * docs: update changeset --------- Co-authored-by: Zoltan Kochan <z@kochan.io>
2025-12-24 23:58:07 -05:00 · 2025-02-17 05:07:52 +08:00
parent 3a71df0588
commit 546ab377de
3 changed files with 27 additions and 0 deletions
--- a/.changeset/little-peas-smell.md
+++ b/.changeset/little-peas-smell.md
@@ -0,0 +1,7 @@
+---
+"@pnpm/plugin-commands-installation": patch
+"@pnpm/exec.build-commands": patch
+"pnpm": patch
+---
+
+Throws an error when the value provided by the `--allow-build` option overlaps with the `pnpm.ignoredBuildDependencies` list [#9105](https://github.com/pnpm/pnpm/pull/9105).
--- a/pkg-manager/plugin-commands-installation/src/add.ts
+++ b/pkg-manager/plugin-commands-installation/src/add.ts
@@ -217,6 +217,14 @@ export async function handler (
    optionalDependencies: opts.optional !== false,
  }
  if (opts.allowBuild?.length) {
+    if (opts.rootProjectManifest?.pnpm?.ignoredBuiltDependencies?.length) {
+      const overlapDependencies = opts.rootProjectManifest.pnpm.ignoredBuiltDependencies.filter((dep) => opts.allowBuild?.includes(dep))
+      if (overlapDependencies.length) {
+        throw new PnpmError('OVERRIDING_IGNORED_BUILT_DEPENDENCIES', `The following dependencies are ignored by the root project, but are allowed to be built by the current command: ${overlapDependencies.join(', ')}`, {
+          hint: 'If you are sure you want to allow those dependencies to run installation scripts, remove them from the pnpm.ignoredBuiltDependencies list.',
+        })
+      }
+    }
    opts.rootProjectManifest = opts.rootProjectManifest ?? {}
    opts.rootProjectManifest.pnpm = opts.rootProjectManifest.pnpm ?? {}
    opts.rootProjectManifest.pnpm.onlyBuiltDependencies = Array.from(new Set([
--- a/pnpm/test/install/lifecycleScripts.ts
+++ b/pnpm/test/install/lifecycleScripts.ts
@@ -186,6 +186,18 @@ test('selectively allow scripts in some dependencies by --allow-build flag', asy
  expect(manifest.pnpm?.onlyBuiltDependencies).toStrictEqual(['@pnpm.e2e/install-script-example'])
 })

+test('selectively allow scripts in some dependencies by --allow-build flag overlap ignoredBuiltDependencies', async () => {
+  prepare({
+    pnpm: {
+      ignoredBuiltDependencies: ['@pnpm.e2e/install-script-example'],
+    },
+  })
+  const result = execPnpmSync(['add', '--allow-build=@pnpm.e2e/install-script-example', '@pnpm.e2e/pre-and-postinstall-scripts-example@1.0.0', '@pnpm.e2e/install-script-example'])
+
+  expect(result.status).toBe(1)
+  expect(result.stdout.toString()).toContain('The following dependencies are ignored by the root project, but are allowed to be built by the current command: @pnpm.e2e/install-script-example')
+})
+
 test('use node versions specified by pnpm.executionEnv.nodeVersion in workspace packages', async () => {
  const projects = preparePackages([
    {