fix(update): read the production/dev/optional options from the CLI input only (#3544)

.changeset/young-kiwis-suffer.md

@@ -0,0 +1,5 @@
+---
+"@pnpm/plugin-commands-installation": major
+---
+
+The update command reads the production/dev/optional options from the cliOptions. So when the settings are set via the config file, they are ignored by the update command.

packages/plugin-commands-installation/package.json

@@ -35,6 +35,7 @@
     "@pnpm/lockfile-types": "workspace:3.0.0",
     "@pnpm/logger": "^4.0.0",
     "@pnpm/matcher": "workspace:2.0.0",
+    "@pnpm/modules-yaml": "workspace:9.0.2",
     "@pnpm/prepare": "workspace:0.0.24",
     "@pnpm/test-fixtures": "workspace:*",
     "@types/is-ci": "^3.0.0",

packages/plugin-commands-installation/src/update/index.ts

@@ -173,11 +173,7 @@ async function interactiveUpdate (
   input: string[],
   opts: UpdateCommandOptions
 ) {
-  const include = {
-    dependencies: opts.production !== false,
-    devDependencies: opts.dev !== false,
-    optionalDependencies: opts.optional !== false,
-  }
+  const include = makeIncludeDependenciesFromCLI(opts.cliOptions)
   const projects = (opts.selectedProjectsGraph != null)
     ? Object.values(opts.selectedProjectsGraph).map((wsPkg) => wsPkg.package)
     : [
@@ -245,10 +241,11 @@ async function update (
   dependencies: string[],
   opts: UpdateCommandOptions
 ) {
-  const includeDirect = {
-    dependencies: opts.production !== false,
-    devDependencies: opts.dev !== false,
-    optionalDependencies: opts.optional !== false,
+  const includeDirect = makeIncludeDependenciesFromCLI(opts.cliOptions)
+  const include = {
+    dependencies: opts.rawConfig.production !== false,
+    devDependencies: opts.rawConfig.dev !== false,
+    optionalDependencies: opts.rawConfig.optional !== false,
   }
   const depth = opts.depth ?? Infinity
   return installDeps({
@@ -256,6 +253,7 @@ async function update (
     allowNew: false,
     depth,
     includeDirect,
+    include,
     update: true,
     updateMatching: (dependencies.length > 0) && dependencies.every(dep => !dep.substring(1).includes('@')) && depth > 0 && !opts.latest
       ? matcher(dependencies)
@@ -263,3 +261,15 @@ async function update (
     updatePackageManifest: opts.save !== false,
   }, dependencies)
 }
+
+function makeIncludeDependenciesFromCLI (opts: {
+  production?: boolean
+  dev?: boolean
+  optional?: boolean
+}) {
+  return {
+    dependencies: opts.production === true || (opts.dev !== true && opts.optional !== true),
+    devDependencies: opts.dev === true || (opts.production !== true && opts.optional !== true),
+    optionalDependencies: opts.optional === true || (opts.production !== true && opts.dev !== true),
+  }
+}

packages/plugin-commands-installation/test/fetch.ts

@@ -1,9 +1,9 @@
 import path from 'path'
+import { promisify } from 'util'
 import { install, fetch } from '@pnpm/plugin-commands-installation'
 import prepare from '@pnpm/prepare'
 import { REGISTRY_MOCK_PORT } from '@pnpm/registry-mock'
 import rimraf from 'rimraf'
-import { promisify } from 'util'
 
 const REGISTRY_URL = `http://localhost:${REGISTRY_MOCK_PORT}`
 

packages/plugin-commands-installation/test/update/interactive.ts

@@ -191,14 +191,16 @@ test('interactive update of dev dependencies only', async () => {
   await update.handler({
     ...DEFAULT_OPTIONS,
     allProjects,
-    dev: true,
+    cliOptions: {
+      dev: true,
+      optional: false,
+      production: false,
+    },
     dir: process.cwd(),
     interactive: true,
     latest: true,
     linkWorkspacePackages: true,
     lockfileDir: process.cwd(),
-    optional: false,
-    production: false,
     recursive: true,
     selectedProjectsGraph,
     storeDir,

packages/plugin-commands-installation/test/update/recursive.ts

@@ -1,6 +1,7 @@
 import PnpmError from '@pnpm/error'
 import { readProjects } from '@pnpm/filter-workspace-packages'
 import { Lockfile } from '@pnpm/lockfile-types'
+import * as modulesYaml from '@pnpm/modules-yaml'
 import { install, update } from '@pnpm/plugin-commands-installation'
 import { preparePackages } from '@pnpm/prepare'
 import { addDistTag } from '@pnpm/registry-mock'
@@ -79,6 +80,7 @@ test('recursive update prod dependencies only', async () => {
     allProjects,
     dir: process.cwd(),
     lockfileDir: process.cwd(),
+    optional: false,
     recursive: true,
     selectedProjectsGraph,
     workspaceDir: process.cwd(),
@@ -90,11 +92,17 @@ test('recursive update prod dependencies only', async () => {
   await update.handler({
     ...DEFAULT_OPTS,
     allProjects,
-    dev: false,
+    cliOptions: {
+      dev: false,
+      optional: false,
+      production: true,
+    },
     dir: process.cwd(),
     lockfileDir: process.cwd(),
-    optional: false,
-    production: true,
+    rawConfig: {
+      ...DEFAULT_OPTS.rawConfig,
+      optional: false,
+    },
     recursive: true,
     selectedProjectsGraph,
     workspaceDir: process.cwd(),
@@ -106,6 +114,12 @@ test('recursive update prod dependencies only', async () => {
   ).toStrictEqual(
     ['/bar/100.0.0', '/foo/100.1.0']
   )
+  const modules = await modulesYaml.read('./node_modules')
+  expect(modules?.included).toStrictEqual({
+    dependencies: true,
+    devDependencies: true,
+    optionalDependencies: false,
+  })
 })
 
 test('recursive update with pattern', async () => {

pnpm-lock.yaml

@@ -1782,6 +1782,7 @@ importers:
       '@pnpm/logger': ^4.0.0
       '@pnpm/manifest-utils': workspace:2.0.2
       '@pnpm/matcher': workspace:2.0.0
+      '@pnpm/modules-yaml': workspace:9.0.2
       '@pnpm/outdated': workspace:8.0.12
       '@pnpm/package-store': workspace:12.0.9
       '@pnpm/parse-wanted-dependency': workspace:2.0.0
@@ -1868,6 +1869,7 @@ importers:
       '@pnpm/lockfile-types': link:../lockfile-types
       '@pnpm/logger': 4.0.0
       '@pnpm/matcher': link:../matcher
+      '@pnpm/modules-yaml': link:../modules-yaml
       '@pnpm/plugin-commands-installation': 'link:'
       '@pnpm/prepare': link:../../privatePackages/prepare
       '@pnpm/test-fixtures': link:../../privatePackages/test-fixtures