search

mcataford / yarn-plugin-new-dependency-check

📦 Never accidentally pull in a billion new dependencies again.
MIT License
0 stars 0 forks source link

`resolveEverything` fails with unpublished local tarball #2

Open mcataford opened 1 year ago

mcataford commented 1 year ago 
          Outstanding problem: the tests require a network call due to `Project.resolveEverything` and the usage of a sample package for installs (i.e. `ansicolor`, picked randomly). Ideally, the tests would install a prebuilt tarball of the package itself to avoid the need for network, but the resolution step is still a problem.

Originally posted by @mcataford in https://github.com/mcataford/yarn-plugin-new-dependency-check/issues/1#issuecomment-1636640111

The root cause seems to be the use of lockfileOnly when resolving future dependencies -- the tarball can't be resolved because it only exists locally (hot guess), which fails.

mcataford commented 1 year ago

While digging a bit into #6, it looks like extra steps are needed to introspect into those tarballs, resolveEverything alone doesn't do the trick.