fix: don't create broken symlinks during hoisting

ref #2916 PR #3062
2026-03-24 01:51:41 -04:00 · 2021-01-10 18:12:25 +02:00
parent d5ef7958ab
commit 672c27cfe6
3 changed files with 24 additions and 13 deletions
--- a/.changeset/poor-points-poke.md
+++ b/.changeset/poor-points-poke.md
@@ -0,0 +1,5 @@
+---
+"supi": patch
+---
+
+Don't create broken symlinks to skipped optional dependencies, when hoisting. This issue was already fixed in pnpm v5.13.7 for the case when the lockfile is up-to-date. This fixes the same issue for cases when the lockfile need updates. For instance, when adding a new package.
--- a/packages/supi/src/install/link.ts
+++ b/packages/supi/src/install/link.ts
@@ -231,8 +231,15 @@ export default async function linkPackages (

  let newHoistedDependencies!: HoistedDependencies
  if ((opts.hoistPattern != null || opts.publicHoistPattern != null) && (newDepPaths.length > 0 || removedDepPaths.size > 0)) {
+    // It is important to keep the skipped packages in the lockfile which will be saved as the "current lockfile".
+    // pnpm is comparing the current lockfile to the wanted one and they should much.
+    // But for hoisting, we need a version of the lockfile w/o the skipped packages, so we're making a copy.
+    const hoistLockfile = {
+      ...currentLockfile,
+      packages: R.omit(Array.from(opts.skipped), currentLockfile.packages),
+    }
    newHoistedDependencies = await hoist({
-      lockfile: currentLockfile,
+      lockfile: hoistLockfile,
      lockfileDir: opts.lockfileDir,
      privateHoistedModulesDir: opts.hoistedModulesDir,
      privateHoistPattern: opts.hoistPattern ?? [],
--- a/packages/supi/test/install/hoist.ts
+++ b/packages/supi/test/install/hoist.ts
@@ -502,28 +502,27 @@ test('should recreate node_modules with hoisting', async () => {

 test('hoisting should not create a broken symlink to a skipped optional dependency', async () => {
  const project = prepareEmpty()
+  const rootModules = assertProject(process.cwd())

-  await install({
+  const manifest = {
+    dependencies: {
+      'is-positive': '1.0.0',
+    },
    optionalDependencies: {
      'not-compatible-with-any-os': '*',
    },
-  }, await testDefaults({ publicHoistPattern: '*' }))
+  }
+
+  await install(manifest, await testDefaults({ publicHoistPattern: '*' }))

  await project.hasNot('dep-of-optional-pkg')
+  expect(await rootModules.readCurrentLockfile()).toStrictEqual(await rootModules.readLockfile())

  // Verifying the same with headless installation
  await rimraf('node_modules')

-  await install({
-    optionalDependencies: {
-      'not-compatible-with-any-os': '*',
-    },
-  }, await testDefaults({ publicHoistPattern: '*' }))
+  await install(manifest, await testDefaults({ publicHoistPattern: '*' }))

  await project.hasNot('dep-of-optional-pkg')
-
-  const rootModules = assertProject(process.cwd())
-  const currentLockfile = await rootModules.readCurrentLockfile()
-  const wantedLockfile = await rootModules.readLockfile()
-  expect(currentLockfile).toStrictEqual(wantedLockfile)
+  expect(await rootModules.readCurrentLockfile()).toStrictEqual(await rootModules.readLockfile())
 })