When pruning yarn.lock file in pruneProjectGraph the findNodeMatchingVersion function does not handle packages installed based on Git branch/commit
sandinosaso opened this issue · comments
Current Behavior
When a package.json and the yarn.lock in a project contain a Npm package that is installed following the syntax <url>#<branch> (from a github repo branch/commit). When calling createLockFile from @nx/js this function attempt to prune the lock file to keep just dependencies that are actually used by the Project (based on the previous generated package.json). and fails with an error.
Expected Behavior
Such packages should be handled correctly when purging the yarn.lock
GitHub Repo
No response
Steps to Reproduce
- Add a package in package.json (root) that follow the format githubrepo#version (i.e "adyen-cse-js": "Adyen/CSE-JS#v0.1.24")
- Do not import that library on some App.
- Build the App in 2. using (generatePackageJson: true)
- When generating the Lock File you will see an error in the console
Nx Report
> NX Report complete - copy this into the issue template
Node : 18.15.0
OS : darwin-x64
yarn : 1.22.19
nx (global) : 18.0.4
nx : 18.0.2
@nx/js : 18.0.2
@nx/jest : 18.0.2
@nx/linter : 18.0.2
@nx/eslint : 18.0.2
@nx/workspace : 18.0.2
@nx/cypress : 18.0.2
@nx/devkit : 18.0.2
@nx/esbuild : 18.0.2
@nx/eslint-plugin : 18.0.2
@nx/node : 18.0.2
@nx/plugin : 18.0.2
@nx/react : 18.0.2
@nx/remix : 18.0.2
@nx/storybook : 18.0.2
@nrwl/tao : 18.0.2
@nx/vite : 18.0.2
@nx/web : 18.0.2
@nx/webpack : 18.0.2
typescript : 5.4.3
Local workspace plugins:
@pd-mfe/workspace-codeowners
@pd-mfe/workspace-dev-server
@pd-mfe/workspace-formatting
@pd-mfe/workspace-typescript
@pd-mfe/workspace-nx-plugin
@pd-mfe/workspace-graphql
@pd-mfe/workspace-docker
@pd-mfe/workspace-eslint
@pd-mfe/workspace-react
@pd-mfe/workspace-node
@pd-mfe/workspace-npm
@pd-mfe/workspace-s3Failure Logs
No response
Package Manager Version
1.22.19
Operating System
- macOS
- Linux
- Windows
- Other (Please specify)
Additional Information
In our team we fixed this using a patch (patch-package). In the file: nx/src/plugins/js/lock-file/project-graph-pruning.js we handle that scenario and instead of attempt to get a semversion of the package (which will fail) we just return the value we have in the graph.externalNodes (handled in the same way we do when version specified is *).
Patch:
function findNodeMatchingVersion(graph, packageName, versionExpr) {
if (versionExpr === '*') {
return graph.externalNodes[`npm:${packageName}`];
+ } else if (versionExpr.indexOf('#v') !== -1) {
+ // Cases when dependency is installed from a repository (i.e repositoryShortName#v1.1.24)
+ return graph.externalNodes[`npm:${packageName}`];
}
Can you provide a repo with a minimal reproduction of this issue?
We should have handling for github packages:
This issue has been automatically marked as stale because no reproduction was provided within 7 days.
Please help us help you. Providing a repository exhibiting the issue helps us diagnose and fix the issue.
Any time that we spend reproducing this issue is time taken away from addressing this issue and other issues.
This issue will be closed in 21 days if a reproduction is not provided.
If a reproduction has been provided, please reply to keep it active.
Thanks for being a part of the Nx community! 🙏
This issue has been closed for more than 30 days. If this issue is still occuring, please open a new issue with more recent context.