search

0x80 / isolate-package

Isolate a monorepo package with its internal dependencies to form a self-contained directory with a pruned lockfile
MIT License
121 stars 13 forks source link

Where pnpm is the package manager for the repo, would it makes sense to use 'pnpm pack' instead of 'npm pack'? #43

Closed johndunderhill closed 8 months ago

johndunderhill commented 9 months ago

We are trying to train people to use pnpm, and one of my devops guys inserted a script that intercepts npm (even though it's installed). That results in this:

(venv) gitpod /workspace/costvine/jspackages/server (dev) $ isolate
error The response from pack could not be resolved to an existing file: /workspace/costvine/jspackages/server/isolate/__tmp/Use pnpm instead of npm :)
Error: ENOENT: no such file or directory, open '/workspace/costvine/jspackages/server/isolate/__tmp/Use pnpm instead of npm :)'

I know npm pack will probably work just as well here, but I'm thinking maybe it would be cleaner to use pnpm pack in this case.

This is really just a prompt for possible discussion. I'm going to try to work around it. I ran into similar problems with the Firebase emulator, but it still worked in our pnpm monorepo, with only a bundler, despite tripping over the fake npm command. I've left the stub for npm in there partly just to see what's calling it, which is more things than I expected.

But I don't want Firebase deploy using npm to install my dependencies, and I need that lockfile to make absolutely sure it builds what we tested. If I could just generate that pruned lockfile, I could probably do the rest with esbuild. There's an old project in the pnpm repository to generate stand-alone lock files, but it's deprecated, and didn't work for me, for different reasons. The instructions say to use pnpm deploy instead, but I can't figure out any way to get that to generate a lock file.

0x80 commented 9 months ago

Thanks for reporting, I will look into it.

Isolate is already supposed to use pnpm pack if pnpm is the package manager. I found that it is quite a bit faster than npm pack.

I recently removed the option "avoidPnpmPack", because I don't think it's something you'd ever want to use, but maybe it messed something up...

0x80 commented 9 months ago

I don't see where this could originate from. If you set logLevel to debug in the isolate configuration you should see

Using PNPM pack instead of NPM pack

It is printed when usePnpmPack is true which then leads to this code

So maybe you can try again with debug logging enabled, and see what it reports?

johndunderhill commented 9 months ago

Ok, I see in your code where you're selecting either pnpm or npm, based on a flag passed to the pack routine.

The message 'Use pnpm instead of npm :)' comes from my environment. Sorry if I didn't make that clear. There was an alias for npm in my environment that prints this message, which blocks npm from running. This was created by one of my devops guys.

That's probably not a good idea, but in this case it worked--something tried to call npm. I have pnpm installed and am using it as my primary package manager. How does your program 'detect' pnpm to set this flag? What if both are available?

0x80 commented 9 months ago

From the top of my head, it detects the package manager by lockfile on disc, and might have a fallback on the manifest "packageManager" field.

0x80 commented 6 months ago

@johndunderhill Recently a bug was discovered showing that npm pack was used once even after pnpm pack was detected. Now pnpm is used consistently. See #74

johndunderhill commented 6 months ago

@0x80 Thank you, great job.