Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@yarnpkg/core

Package Overview
Dependencies
Maintainers
5
Versions
158
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@yarnpkg/core - npm Package Compare versions

Comparing version 2.0.0-rc.14 to 2.0.0-rc.15

lib/LegacyMigrationResolver.d.ts
lib/LegacyMigrationResolver.js
lib/ProtocolResolver.d.ts
lib/ProtocolResolver.js
lib/semverUtils.d.ts
lib/semverUtils.js

8

lib/Configuration.d.ts

@@ -8,2 +8,3 @@ /// <reference types="node" />

import { Report } from './Report';
import { Package } from './types';
export declare const ENVIRONMENT_PREFIX = "yarn_";

@@ -13,2 +14,3 @@ export declare const DEFAULT_RC_FILENAME: Filename;

export declare enum SettingsType {
ANY = "ANY",
BOOLEAN = "BOOLEAN",

@@ -43,3 +45,3 @@ ABSOLUTE_PATH = "ABSOLUTE_PATH",

export declare type MapSettingsDefinition = BaseSettingsDefinition<SettingsType.MAP> & {
valueDefinition: SettingsDefinition;
valueDefinition: SettingsDefinitionNoDefault;
};

@@ -51,2 +53,3 @@ export declare type SimpleSettingsDefinition = BaseSettingsDefinition<Exclude<SettingsType, SettingsType.SHAPE | SettingsType.MAP>> & {

};
export declare type SettingsDefinitionNoDefault = MapSettingsDefinition | ShapeSettingsDefinition | Omit<SimpleSettingsDefinition, 'default'>;
export declare type SettingsDefinition = MapSettingsDefinition | ShapeSettingsDefinition | SimpleSettingsDefinition;

@@ -73,2 +76,3 @@ export declare type PluginConfiguration = {

invalid: Map<string, string>;
private packageExtensions;
/**

@@ -143,2 +147,4 @@ * Instantiate a new configuration object exposing the configuration obtained

getLinkers(): import("./Linker").Linker[];
refreshPackageExtensions(): void;
normalizePackage(original: Package): Package;
triggerHook<U extends any[], V, HooksDefinition = Hooks>(get: (hooks: HooksDefinition) => ((...args: U) => V) | undefined, ...args: U): Promise<void>;

@@ -145,0 +151,0 @@ triggerMultipleHooks<U extends any[], V, HooksDefinition = Hooks>(get: (hooks: HooksDefinition) => ((...args: U) => V) | undefined, argsList: Array<U>): Promise<void>;

93

lib/Configuration.js

@@ -19,9 +19,10 @@ "use strict";

const is_ci_1 = __importDefault(require("is-ci"));
const semver_1 = __importDefault(require("semver"));
const stream_1 = require("stream");
const supports_color_1 = __importDefault(require("supports-color"));
const tmp_1 = require("tmp");
const Manifest_1 = require("./Manifest");
const MultiFetcher_1 = require("./MultiFetcher");
const MultiResolver_1 = require("./MultiResolver");
const SemverResolver_1 = require("./SemverResolver");
const TagResolver_1 = require("./TagResolver");
const ProtocolResolver_1 = require("./ProtocolResolver");
const VirtualFetcher_1 = require("./VirtualFetcher");

@@ -53,2 +54,3 @@ const VirtualResolver_1 = require("./VirtualResolver");

(function (SettingsType) {
SettingsType["ANY"] = "ANY";
SettingsType["BOOLEAN"] = "BOOLEAN";

@@ -204,2 +206,7 @@ SettingsType["ABSOLUTE_PATH"] = "ABSOLUTE_PATH";

},
enableTransparentWorkspaces: {
description: `If false, Yarn won't automatically resolve workspace dependencies unless they use the \`workspace:\` protocol`,
type: SettingsType.BOOLEAN,
default: true,
},
// Settings related to network access

@@ -248,2 +255,11 @@ enableMirror: {

},
// Package patching - to fix incorrect definitions
packageExtensions: {
description: `Map of package corrections to apply on the dependency tree`,
type: SettingsType.MAP,
valueDefinition: {
description: ``,
type: SettingsType.ANY,
},
},
};

@@ -295,2 +311,4 @@ function parseBoolean(value) {

switch (definition.type) {
case SettingsType.ANY:
return value;
case SettingsType.SHAPE:

@@ -341,3 +359,6 @@ return parseShape(configuration, path, value, definition, folder);

const subPath = `${path}['${propKey}']`;
result.set(propKey, parseValue(configuration, subPath, propValue, definition.valueDefinition, folder));
// @ts-ignore: SettingsDefinitionNoDefault has ... no default ... but
// that's fine because we're guaranteed it's not undefined.
const valueDefinition = definition.valueDefinition;
result.set(propKey, parseValue(configuration, subPath, propValue, valueDefinition, folder));
}

@@ -422,2 +443,3 @@ return result;

this.invalid = new Map();
this.packageExtensions = new Map();
this.startingCwd = startingCwd;

@@ -430,4 +452,2 @@ this.projectCwd = projectCwd;

throw new Error(`Cannot redefine settings "${name}"`);
else if (name in this)
throw new Error(`Settings named "${name}" conflicts with an actual property`);
this.settings.set(name, definition);

@@ -612,7 +632,13 @@ this.values.set(name, getDefaultValue(this, definition));

projectCwd = currentCwd;
const topLevelFound = lockfileFilename !== null
? fslib_1.xfs.existsSync(fslib_1.ppath.join(currentCwd, lockfileFilename))
: projectCwd !== null;
if (topLevelFound)
break;
if (lockfileFilename !== null) {
if (fslib_1.xfs.existsSync(fslib_1.ppath.join(currentCwd, lockfileFilename))) {
projectCwd = currentCwd;
break;
}
}
else {
if (projectCwd !== null) {
break;
}
}
nextCwd = fslib_1.ppath.dirname(currentCwd);

@@ -683,2 +709,5 @@ }

this.sources.set(key, source);
if (key === `packageExtensions`) {
this.refreshPackageExtensions();
}
}

@@ -723,4 +752,3 @@ }

new WorkspaceResolver_1.WorkspaceResolver(),
new SemverResolver_1.SemverResolver(),
new TagResolver_1.TagResolver(),
new ProtocolResolver_1.ProtocolResolver(),
...pluginResolvers,

@@ -747,2 +775,43 @@ ]);

}
refreshPackageExtensions() {
this.packageExtensions = new Map();
for (const [descriptorString, extensionData] of this.get(`packageExtensions`)) {
const descriptor = structUtils.parseDescriptor(descriptorString, true);
if (!semver_1.default.validRange(descriptor.range))
throw new Error(`Only semver ranges are allowed as keys for the lockfileExtensions setting`);
const extension = new Manifest_1.Manifest();
extension.load(extensionData);
miscUtils.getArrayWithDefault(this.packageExtensions, descriptor.identHash).push({
range: descriptor.range,
patch: pkg => {
pkg.dependencies = new Map([...pkg.dependencies, ...extension.dependencies]);
pkg.peerDependencies = new Map([...pkg.peerDependencies, ...extension.peerDependencies]);
pkg.dependenciesMeta = new Map([...pkg.dependenciesMeta, ...extension.dependenciesMeta]);
pkg.peerDependenciesMeta = new Map([...pkg.peerDependenciesMeta, ...extension.peerDependenciesMeta]);
},
});
}
}
normalizePackage(original) {
const pkg = structUtils.copyPackage(original);
// We use the extensions to define additional dependencies that weren't
// properly listed in the original package definition
const extensionList = this.packageExtensions.get(original.identHash);
if (typeof extensionList !== `undefined`) {
const version = original.version;
if (version !== null) {
const extensionEntry = extensionList.find(({ range }) => {
return semver_1.default.satisfies(version, range);
});
if (typeof extensionEntry !== `undefined`) {
extensionEntry.patch(pkg);
}
}
}
// We sort the dependencies so that further iterations always occur in the
// same order, regardless how the various registries formatted their output
pkg.dependencies = new Map(miscUtils.sortMap(pkg.dependencies, ([, descriptor]) => descriptor.name));
pkg.peerDependencies = new Map(miscUtils.sortMap(pkg.peerDependencies, ([, descriptor]) => descriptor.name));
return pkg;
}
async triggerHook(get, ...args) {

@@ -749,0 +818,0 @@ for (const plugin of this.plugins.values()) {

1

lib/index.d.ts

@@ -10,2 +10,3 @@ import * as execUtils from './execUtils';

export { Cache } from './Cache';
export { DEFAULT_RC_FILENAME, DEFAULT_LOCK_FILENAME } from './Configuration';
export { Configuration, FormatType, PluginConfiguration, ProjectLookup, SettingsDefinition, SettingsType } from './Configuration';

@@ -12,0 +13,0 @@ export { Fetcher, FetchOptions, FetchResult, MinimalFetchOptions } from './Fetcher';

11

lib/index.js

@@ -29,6 +29,9 @@ "use strict";

var Configuration_1 = require("./Configuration");
exports.Configuration = Configuration_1.Configuration;
exports.FormatType = Configuration_1.FormatType;
exports.ProjectLookup = Configuration_1.ProjectLookup;
exports.SettingsType = Configuration_1.SettingsType;
exports.DEFAULT_RC_FILENAME = Configuration_1.DEFAULT_RC_FILENAME;
exports.DEFAULT_LOCK_FILENAME = Configuration_1.DEFAULT_LOCK_FILENAME;
var Configuration_2 = require("./Configuration");
exports.Configuration = Configuration_2.Configuration;
exports.FormatType = Configuration_2.FormatType;
exports.ProjectLookup = Configuration_2.ProjectLookup;
exports.SettingsType = Configuration_2.SettingsType;
var Installer_1 = require("./Installer");

@@ -35,0 +38,0 @@ exports.BuildType = Installer_1.BuildType;

10

lib/LockfileResolver.js

@@ -18,3 +18,3 @@ "use strict";

// Ex: foo depends on bar@^1.0.0 that we resolved to foo@1.1.0, then we add a package qux that depends on foo@1.1.0 (without the caret)
if (opts.project.storedPackages.has(structUtils.convertDescriptorToLocator(descriptor).locatorHash))
if (opts.project.originalPackages.has(structUtils.convertDescriptorToLocator(descriptor).locatorHash))
return true;

@@ -24,3 +24,3 @@ return false;

supportsLocator(locator, opts) {
if (opts.project.storedPackages.has(locator.locatorHash))
if (opts.project.originalPackages.has(locator.locatorHash))
return true;

@@ -36,3 +36,3 @@ return false;

async getCandidates(descriptor, opts) {
let pkg = opts.project.storedPackages.get(structUtils.convertDescriptorToLocator(descriptor).locatorHash);
let pkg = opts.project.originalPackages.get(structUtils.convertDescriptorToLocator(descriptor).locatorHash);
if (pkg)

@@ -43,3 +43,3 @@ return [pkg];

throw new Error(`Expected the resolution to have been successful - resolution not found`);
pkg = opts.project.storedPackages.get(resolution);
pkg = opts.project.originalPackages.get(resolution);
if (!pkg)

@@ -50,3 +50,3 @@ throw new Error(`Expected the resolution to have been successful - package not found`);

async resolve(locator, opts) {
const pkg = opts.project.storedPackages.get(locator.locatorHash);
const pkg = opts.project.originalPackages.get(locator.locatorHash);
if (!pkg)

@@ -53,0 +53,0 @@ throw new Error(`The lockfile resolver isn't meant to resolve packages - they should already have been stored into a cache`);

22

lib/Manifest.js

@@ -65,3 +65,3 @@ "use strict";

try {
data = JSON.parse(text || `{}`);
data = JSON.parse(stripBOM(text) || `{}`);
}

@@ -79,3 +79,3 @@ catch (error) {

try {
data = JSON.parse(content || `{}`);
data = JSON.parse(stripBOM(content) || `{}`);
}

@@ -173,7 +173,3 @@ catch (error) {

if (typeof data.peerDependencies === `object` && data.peerDependencies !== null) {
for (const [name, range] of Object.entries(data.peerDependencies)) {
if (typeof range !== 'string') {
errors.push(new Error(`Invalid dependency range for '${name}'`));
continue;
}
for (let [name, range] of Object.entries(data.peerDependencies)) {
let ident;

@@ -187,2 +183,6 @@ try {

}
if (typeof range !== 'string' || !semver_1.default.validRange(range)) {
errors.push(new Error(`Invalid dependency range for '${name}'`));
range = `*`;
}
const descriptor = structUtils.makeDescriptor(ident, range);

@@ -514,1 +514,9 @@ this.peerDependencies.set(descriptor.identHash, descriptor);

}
function stripBOM(content) {
if (content.charCodeAt(0) === 0xFEFF) {
return content.slice(1);
}
else {
return content;
}
}

4

lib/MessageName.d.ts

@@ -60,3 +60,5 @@ export declare enum MessageName {

INVALID_MANIFEST = 57,
PACKAGE_PREPARATION_FAILED = 58
PACKAGE_PREPARATION_FAILED = 58,
INVALID_RANGE_PEER_DEPENDENCY = 59,
INCOMPATIBLE_PEER_DEPENDENCY = 60
}

2

lib/MessageName.js

@@ -67,3 +67,5 @@ "use strict";

MessageName[MessageName["PACKAGE_PREPARATION_FAILED"] = 58] = "PACKAGE_PREPARATION_FAILED";
MessageName[MessageName["INVALID_RANGE_PEER_DEPENDENCY"] = 59] = "INVALID_RANGE_PEER_DEPENDENCY";
MessageName[MessageName["INCOMPATIBLE_PEER_DEPENDENCY"] = 60] = "INCOMPATIBLE_PEER_DEPENDENCY";
})(MessageName = exports.MessageName || (exports.MessageName = {}));
;

6

lib/MultiResolver.js

@@ -10,4 +10,2 @@ "use strict";

Object.defineProperty(exports, "__esModule", { value: true });
const MessageName_1 = require("./MessageName");
const Report_1 = require("./Report");
const structUtils = __importStar(require("./structUtils"));

@@ -51,3 +49,3 @@ class MultiResolver {

if (!resolver)
throw new Report_1.ReportError(MessageName_1.MessageName.RESOLVER_NOT_FOUND, `${structUtils.prettyDescriptor(opts.project.configuration, descriptor)} isn't supported by any available resolver`);
throw new Error(`${structUtils.prettyDescriptor(opts.project.configuration, descriptor)} isn't supported by any available resolver`);
return resolver;

@@ -64,3 +62,3 @@ }

if (!resolver)
throw new Report_1.ReportError(MessageName_1.MessageName.RESOLVER_NOT_FOUND, `${structUtils.prettyLocator(opts.project.configuration, locator)} isn't supported by any available resolver`);
throw new Error(`${structUtils.prettyLocator(opts.project.configuration, locator)} isn't supported by any available resolver`);
return resolver;

@@ -67,0 +65,0 @@ }

20

lib/Project.d.ts

@@ -20,2 +20,12 @@ import { PortablePath } from '@yarnpkg/fslib';

readonly cwd: PortablePath;
/**
* Is meant to be populated by the consumer. Should the descriptor referenced
* by the key be requested, the descriptor referenced in the value will be
* resolved instead. The resolved data will then be used as final resolution
* for the initial descriptor.
*
* Note that the lockfile will contain the second descriptor but not the
* first one (meaning that if you remove the alias during a subsequent
* install, it'll be lost and the real package will be resolved / installed).
*/
resolutionAliases: Map<DescriptorHash, DescriptorHash>;

@@ -30,2 +40,3 @@ workspaces: Array<Workspace>;

storedChecksums: Map<LocatorHash, string>;
originalPackages: Map<LocatorHash, Package>;
optionalBuilds: Set<LocatorHash>;

@@ -54,3 +65,10 @@ static find(configuration: Configuration, startingCwd: PortablePath): Promise<{

findLocatorForLocation(cwd: PortablePath): Promise<Locator | null>;
resolveEverything({ cache, report, lockfileOnly }: InstallOptions): Promise<void>;
resolveEverything(opts: {
report: Report;
lockfileOnly: true;
} | {
report: Report;
lockfileOnly?: boolean;
cache: Cache;
}): Promise<void>;
fetchEverything({ cache, report, fetcher: userFetcher }: InstallOptions): Promise<void>;

@@ -57,0 +75,0 @@ linkEverything({ cache, report }: InstallOptions): Promise<void>;

6

lib/Resolver.d.ts
import { FetchOptions } from './Fetcher';
import { Project } from './Project';
import { Report } from './Report';
import { Descriptor, Locator, Package } from './types';

@@ -8,3 +9,6 @@ export declare type MinimalResolveOptions = {

};
export declare type ResolveOptions = MinimalResolveOptions & FetchOptions;
export declare type ResolveOptions = MinimalResolveOptions & {
fetchOptions?: FetchOptions | null;
report: Report;
};
/**

@@ -11,0 +15,0 @@ * Resolvers are the components that do all the lifting needed in order to

4

lib/RunInstallPleaseResolver.d.ts

@@ -8,6 +8,6 @@ import { Resolver, ResolveOptions, MinimalResolveOptions } from './Resolver';

supportsLocator(locator: Locator, opts: MinimalResolveOptions): boolean;
shouldPersistResolution(locator: Locator, opts: MinimalResolveOptions): never;
bindDescriptor(descriptor: Descriptor, fromLocator: Locator, opts: MinimalResolveOptions): never;
shouldPersistResolution(locator: Locator, opts: MinimalResolveOptions): boolean;
bindDescriptor(descriptor: Descriptor, fromLocator: Locator, opts: MinimalResolveOptions): Descriptor;
getCandidates(descriptor: Descriptor, opts: ResolveOptions): Promise<never>;
resolve(locator: Locator, opts: ResolveOptions): Promise<never>;
}

14

lib/RunInstallPleaseResolver.js
"use strict";
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
result["default"] = mod;
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
const MessageName_1 = require("./MessageName");
const Report_1 = require("./Report");
const structUtils = __importStar(require("./structUtils"));
class RunInstallPleaseResolver {

@@ -24,6 +16,6 @@ constructor(resolver) {

shouldPersistResolution(locator, opts) {
throw new Error(`Unreachable`);
return this.resolver.shouldPersistResolution(locator, opts);
}
bindDescriptor(descriptor, fromLocator, opts) {
throw new Report_1.ReportError(MessageName_1.MessageName.MISSING_LOCKFILE_ENTRY, `A dependency (${structUtils.prettyDescriptor(opts.project.configuration, descriptor)}) cannot be retrieved from the lockfile; try to make an install to update your resolutions`);
return this.resolver.bindDescriptor(descriptor, fromLocator, opts);
}

@@ -34,5 +26,5 @@ async getCandidates(descriptor, opts) {

async resolve(locator, opts) {
throw new Error(`Unreachable`);
throw new Report_1.ReportError(MessageName_1.MessageName.MISSING_LOCKFILE_ENTRY, `This package doesn't seem to be present in your lockfile; try to make an install to update your resolutions`);
}
}
exports.RunInstallPleaseResolver = RunInstallPleaseResolver;

12

lib/scriptUtils.js

@@ -81,12 +81,4 @@ "use strict";

const { logFile, stdout, stderr } = configuration.getSubprocessStreams(cwd, { report });
const { code } = await execUtils.pipevp(`yarn`, [`install`], { cwd, env, stdin, stdout, stderr });
const { code } = await execUtils.pipevp(`yarn`, [`pack`, `--install-if-needed`, `--filename`, fslib_2.npath.fromPortablePath(outputPath)], { cwd, env, stdin, stdout, stderr });
if (code !== 0) {
throw new Report_1.ReportError(MessageName_1.MessageName.PACKAGE_PREPARATION_FAILED, `Installing the package dependencies failed (exit code ${code}, logs can be found here: ${logFile})`);
}
}
{
const stdin = null;
const { logFile, stdout, stderr } = configuration.getSubprocessStreams(cwd, { report });
const { code } = await execUtils.pipevp(`yarn`, [`pack`, `--filename`, fslib_2.npath.fromPortablePath(outputPath)], { cwd, env, stdin, stdout, stderr });
if (code !== 0) {
throw new Report_1.ReportError(MessageName_1.MessageName.PACKAGE_PREPARATION_FAILED, `Packing the package failed (exit code ${code}, logs can be found here: ${logFile})`);

@@ -174,3 +166,3 @@ }

async function hasWorkspaceScript(workspace, scriptName) {
return await hasPackageScript(workspace.anchoredLocator, scriptName, { project: workspace.project });
return workspace.manifest.scripts.has(scriptName);
}

@@ -177,0 +169,0 @@ exports.hasWorkspaceScript = hasWorkspaceScript;

6

lib/Workspace.js

@@ -31,3 +31,5 @@ "use strict";

// @ts-ignore: It's ok to initialize it now
this.manifest = await Manifest_1.Manifest.find(this.cwd);
this.manifest = fslib_1.xfs.existsSync(fslib_1.ppath.join(this.cwd, Manifest_1.Manifest.fileName))
? await Manifest_1.Manifest.find(this.cwd)
: new Manifest_1.Manifest();
// We use ppath.relative to guarantee that the default hash will be consistent even if the project is installed on different OS / path

@@ -78,2 +80,4 @@ // @ts-ignore: It's ok to initialize it now, even if it's readonly (setup is called right after construction)

return semver_1.default.satisfies(this.manifest.version !== null ? this.manifest.version : `0.0.0`, pathname);
if (!this.project.configuration.get(`enableTransparentWorkspaces`))
return false;
if (this.manifest.version !== null)

@@ -80,0 +84,0 @@ return semver_1.default.satisfies(this.manifest.version, pathname);

25

package.json
{
"name": "@yarnpkg/core",
"version": "2.0.0-rc.14",
"version": "2.0.0-rc.15",
"main": "./lib/index.js",
"sideEffects": false,
"dependencies": {
"@yarnpkg/fslib": "2.0.0-rc.11",
"@yarnpkg/fslib": "2.0.0-rc.12",
"@yarnpkg/json-proxy": "2.0.0-rc.4",
"@yarnpkg/parsers": "2.0.0-rc.6",
"@yarnpkg/pnp": "2.0.0-rc.11",
"@yarnpkg/pnp": "2.0.0-rc.12",
"@yarnpkg/shell": "2.0.0-rc.4",

@@ -15,5 +15,5 @@ "agentkeepalive": "^4.0.2",

"chalk": "^2.4.1",
"clipanion": "^2.1.4",
"clipanion": "^2.1.5",
"cross-spawn": "^6.0.5",
"globby": "^8.0.1",
"globby": "^10.0.1",
"got": "^9.2.2",

@@ -36,5 +36,14 @@ "is-ci": "^2.0.0",

"devDependencies": {
"@yarnpkg/cli": "2.0.0-rc.15",
"@yarnpkg/plugin-link": "2.0.0-rc.4",
"@yarnpkg/plugin-pnp": "2.0.0-rc.8"
"@types/cross-spawn": "6.0.0",
"@types/got": "^8.3.4",
"@types/is-ci": "^2.0.0",
"@types/node": "^12.12.8",
"@types/semver": "^6.0.2",
"@types/supports-color": "^5.3.0",
"@types/tar": "^4.0.0",
"@types/tmp": "^0.0.33",
"@types/tunnel": "^0.0.0",
"@yarnpkg/cli": "2.0.0-rc.19",
"@yarnpkg/plugin-link": "2.0.0-rc.7",
"@yarnpkg/plugin-pnp": "2.0.0-rc.11"
},

@@ -41,0 +50,0 @@ "scripts": {

lib/SemverResolver.d.ts
lib/SemverResolver.js
lib/TagResolver.d.ts
lib/TagResolver.js
lib/YarnResolver.d.ts
lib/YarnResolver.js
lib/Project.js

Sorry, the diff of this file is too big to display

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc