Switch to yarn berry

[codecov[bot]]

Codecov Report

Merging #53 into master will decrease coverage by 0.17%. The diff coverage is n/a.

@@            Coverage Diff             @@
##           master      #53      +/-   ##
==========================================
- Coverage   29.12%   28.95%   -0.18%     
==========================================
  Files          25       26       +1     
  Lines         333      335       +2     
  Branches       43       43              
==========================================
  Hits           97       97              
- Misses        236      238       +2     

Impacted Files	Coverage Δ
src/cli/index.ts	0.00% <0.00%> (ø)
src/server/index.ts	0.00% <0.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 33302dc...87a09c5. Read the comment docs.

[juanpicado]

Nice move :) ... could you share a quick guide?

[n4bb12]

@juanpicado I'm still figuring it out but here's what I got so far:

• npm install -g yarn to update the global yarn version to latest v1
• Go to project directory and perform the below steps
• yarn set version berry to enable v2 https://yarnpkg.com/getting-started/install
• Decide whether you want zero-install and if not, whether you want at least plugins committed to the repo, and configure gitignore accordingly https://yarnpkg.com/advanced/qa/#which-files-should-be-gitignored
• Commit the changes so far (berry.js, yarn config)
• yarn to re-install the repo
• Commit the packages in .yarn (if using zero-install)
• yarn dlx @yarnpkg/pnpify --sdk vscode to add VSCode support, (install and commit all of them if using zero-install and you want contributors to not need to do this themselves) https://yarnpkg.com/advanced/editor-sdks
• in VSCode, switch the TypeScript version to "workspace"
• yarn plugin import interactive-tools if you want the upgrade-interactive comand https://yarnpkg.com/cli/upgrade-interactive/#gatsby-focus-wrapper
• Visit https://yarnpkg.com/api/globals.html to see what other official plugins exist and might be useful
• Commit the yarn plugins
• If you relied on any settings from .npmrc, you'll need to replicate those into the new config format since v2 no longer reads the npm config

Now you have a working yarn v2 setup but your repository might still be very much incompatible. Some things you'll need to change:

• There is no node_modules folder and no .bin folder. Anything that relied on these needs to be changed to run through yarn instead.
• Replace any calls to node that are not inside a yarn script with yarn node
• Custom pre-hooks (e.g. prestart) need to be called manually now

All of this is and more is documented in the migration guide https://yarnpkg.com/advanced/migration

There might be more, e.g. you'll need to change the yarn cache config for CI if you were caching node_modules. It might not work with webpack 4, in which case you'll need a bridge plugin. You might need the node-modules plugin as a last resort https://yarnpkg.com/advanced/migration#if-required-enable-the-node-modules-plugin

Hope that helps! 😃

[lgtm-com[bot]]

This pull request introduces 27 alerts when merging 1735fa4fc7a2b7cc6449c3e500c7caa11a0447f1 into 33302dc628f76819d6b6c9b506c493643782c22c - view on LGTM.com

new alerts:

• 14 for Unused variable, import, function or class
• 11 for Useless assignment to local variable
• 1 for Useless conditional
• 1 for Comparison between inconvertible types

[lgtm-com[bot]]

This pull request introduces 27 alerts when merging d537001e3e962bf920ad7452680ff6f8b0eee1c9 into 33302dc628f76819d6b6c9b506c493643782c22c - view on LGTM.com

new alerts:

• 14 for Unused variable, import, function or class
• 11 for Useless assignment to local variable
• 1 for Useless conditional
• 1 for Comparison between inconvertible types

[lgtm-com[bot]]

This pull request introduces 27 alerts when merging 87a09c594a93f487dfd0fac2807e654bb0989f89 into 33302dc628f76819d6b6c9b506c493643782c22c - view on LGTM.com

new alerts:

• 14 for Unused variable, import, function or class
• 11 for Useless assignment to local variable
• 1 for Useless conditional
• 1 for Comparison between inconvertible types

[n4bb12]

Keeping this for future reference, I'll not migrate this project for now and work on https://github.com/n4bb12/verdaccio-auth or verdaccio 5 instead.

[arcanis]

@n4bb12 do you have some feedback to share? what were the main blockers? In any case, I took the liberty of integrating your comment https://github.com/n4bb12/verdaccio-github-oauth-ui/pull/53#issuecomment-671027621 with a few minor tweaks into our migration guide (here) - thanks for doing this, it's really useful as it's often difficult for us to get the right perspective!

[n4bb12]

@arcanis wow how did you find this 😵

I didn't give up on v2 by closing this, I just thought that it might not be worth doing it in this repo because I'm moving efforts to a successor.

The docs helped me get my head around the concept and configuring everything, but I'm still struggling.

Some things I hit my foot against:

A) parcel had this error building with yarn2. I ended up switching to microbundle to work around it.

B) Randomly I got "EISDIR: illegal operation on a directory, read" when trying to install a new package (don't remember which). It went away by deleting the local .yarn/cache and re-installing. Gladly only had this once.

Logs

``` yarn ➤ YN0000: ┌ Resolution step ➤ YN0060: │ microbundle@npm:0.12.3 provides rollup@npm:1.32.1 with version 1.32.1 which doesn't satisfy ^2.3.4 requested by @rollup/plugin-commonjs@npm:13.0.2 ➤ YN0000: └ Completed in 0.29s ➤ YN0000: ┌ Fetch step ➤ YN0001: │ Error: pretty-format@npm:25.5.0: EISDIR: illegal operation on a directory, read ➤ YN0001: │ Error: pretty-format@npm:25.5.0: EISDIR: illegal operation on a directory, read ➤ YN0000: └ Completed in 1.02s ➤ YN0000: Failed with errors in 1.32s ```

C) I got this by just expanding the .yarn/cache folder in VSCode. Locked files are a common issue with VSCode on Windows for some tools, but I don't remember yarn1 having this problem with node_modules and VSCode. Usually I resolve VSCode locking issues by putting things on search and watch exclude, but this was already the case for .yarn, so I'm trying not to open that folder and mostly I don't need to, so it's not a biggie.

Logs

``` yarn ➤ YN0000: ┌ Resolution step ➤ YN0060: │ microbundle@npm:0.12.3 provides rollup@npm:1.32.1 with version 1.32.1 which doesn't satisfy ^2.3.4 requested by @rollup/plugin-commonjs@npm:13.0.2 ➤ YN0000: └ Completed in 0.3s ➤ YN0000: ┌ Fetch step ➤ YN0013: │ concat-map@npm:0.0.1 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ configstore@npm:5.0.1 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ crypto-random-string@npm:2.0.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ debug@npm:3.2.6 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ dot-prop@npm:5.2.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: anymatch@npm:3.1.1: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\anymatch-npm-3.1.1-7dcfa6178a-cf61bbaf7f.zip' ➤ YN0001: │ Error: balanced-match@npm:1.0.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\balanced-match-npm-1.0.0-951a2ad706-f515a605fe.zip' ➤ YN0001: │ Error: binary-extensions@npm:2.0.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\binary-extensions-npm-2.0.0-8343f65d59-76cc6a33dc.zip' ➤ YN0013: │ fill-range@npm:7.0.1 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: braces@npm:3.0.2: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\braces-npm-3.0.2-782240b28a-f3493181c3.zip' ➤ YN0001: │ Error: configstore@npm:5.0.1: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\configstore-npm-5.0.1-739433cdc5-81dd877bf7.zip' ➤ YN0001: │ Error: brace-expansion@npm:1.1.11: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\brace-expansion-npm-1.1.11-fb95eb05ad-4c878e25e4.zip' ➤ YN0001: │ Error: crypto-random-string@npm:2.0.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\crypto-random-string-npm-2.0.0-8ab47992ef-7bc19f6caf.zip' ➤ YN0013: │ glob-parent@npm:5.1.1 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ graceful-fs@npm:4.2.4 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: debug@npm:3.2.6: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\debug-npm-3.2.6-6214e40f12-619feb53b1.zip' ➤ YN0001: │ Error: chokidar@npm:3.4.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\chokidar-npm-3.4.0-766ff1ac39-e190168a59.zip' ➤ YN0013: │ has-flag@npm:3.0.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: concat-map@npm:0.0.1: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\concat-map-npm-0.0.1-85a921b7ee-554e28d9ee.zip' ➤ YN0001: │ Error: dot-prop@npm:5.2.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\dot-prop-npm-5.2.0-195360fa83-d2f62e0b5e.zip' ➤ YN0013: │ ignore-by-default@npm:1.0.1 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ import-lazy@npm:2.1.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ imurmurhash@npm:0.1.4 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: ci-info@npm:2.0.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\ci-info-npm-2.0.0-78012236a1-553fe83c08.zip' ➤ YN0013: │ is-extglob@npm:2.1.1 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ is-glob@npm:4.0.1 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ is-npm@npm:4.0.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ is-number@npm:7.0.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ is-obj@npm:2.0.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: fill-range@npm:7.0.1: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\fill-range-npm-7.0.1-b8b1817caa-efca43d59b.zip' ➤ YN0013: │ is-typedarray@npm:1.0.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: glob-parent@npm:5.1.1: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\glob-parent-npm-5.1.1-57b061cd88-2af6e196fb.zip' ➤ YN0001: │ Error: graceful-fs@npm:4.2.4: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\graceful-fs-npm-4.2.4-734467635f-d095ee4dc6.zip' ➤ YN0001: │ Error: has-flag@npm:3.0.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\has-flag-npm-3.0.0-16ac11fe05-63aade480d.zip' ➤ YN0001: │ Error: ignore-by-default@npm:1.0.1: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\ignore-by-default-npm-1.0.1-78ea10bc54-c5c70afd7c.zip' ➤ YN0001: │ Error: import-lazy@npm:2.1.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\import-lazy-npm-2.1.0-b128ce6959-4907a2ddbe.zip' ➤ YN0001: │ Error: imurmurhash@npm:0.1.4: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\imurmurhash-npm-0.1.4-610c5068a0-34d414d789.zip' ➤ YN0001: │ Error: is-binary-path@npm:2.1.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\is-binary-path-npm-2.1.0-e61d46f557-49a1446a3c.zip' ➤ YN0001: │ Error: is-ci@npm:2.0.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\is-ci-npm-2.0.0-8662a0f445-09083018ed.zip' ➤ YN0013: │ make-dir@npm:3.1.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: is-glob@npm:4.0.1: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\is-glob-npm-4.0.1-341760116f-98cd4f715f.zip' ➤ YN0001: │ Error: is-npm@npm:4.0.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\is-npm-npm-4.0.0-86d312340b-94ab2edae3.zip' ➤ YN0001: │ Error: is-number@npm:7.0.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\is-number-npm-7.0.0-060086935c-eec6e506c6.zip' ➤ YN0001: │ Error: is-obj@npm:2.0.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\is-obj-npm-2.0.0-3d95e053f4-ffa67ed5df.zip' ➤ YN0013: │ minimatch@npm:3.0.4 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: is-typedarray@npm:1.0.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\is-typedarray-npm-1.0.0-bbd99de5b6-4e21156e73.zip' ➤ YN0013: │ ms@npm:2.1.2 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ normalize-path@npm:3.0.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ picomatch@npm:2.2.2 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: is-extglob@npm:2.1.1: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\is-extglob-npm-2.1.1-0870ea68b5-ca623e2c56.zip' ➤ YN0001: │ Error: make-dir@npm:3.1.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\make-dir-npm-3.1.0-d1d7505142-54b6f186c2.zip' ➤ YN0013: │ prettier@npm:2.0.5 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: pretty-format@npm:25.5.0: EISDIR: illegal operation on a directory, read ➤ YN0001: │ Error: pretty-format@npm:25.5.0: EISDIR: illegal operation on a directory, read ➤ YN0013: │ pstree.remy@npm:1.1.8 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: minimatch@npm:3.0.4: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\minimatch-npm-3.0.4-6e76f51c23-47eab92639.zip' ➤ YN0013: │ query-string@npm:6.13.1 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: ms@npm:2.1.2: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\ms-npm-2.1.2-ec0c1512ff-9b65fb709b.zip' ➤ YN0013: │ readdirp@npm:3.4.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0001: │ Error: normalize-path@npm:3.0.0: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\normalize-path-npm-3.0.0-658ba7d77f-215a701b47.zip' ➤ YN0001: │ Error: picomatch@npm:2.2.2: EPERM: operation not permitted, mkdir 'D:\Projects\n4bb12\verdaccio-auth\.yarn\cache\picomatch-npm-2.2.2-1ce736a913-20fa75e0a5.zip' ➤ YN0013: │ semver@npm:5.7.1 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ semver@npm:6.3.0 can't be found in the cache and will be fetched from the remote registry ➤ YN0013: │ signal-exit@npm:3.0.3 can't be found in the cache and will be fetched from the remote registry ➤ YN0000: ⠋ ====================================================================----------- ```

C) I'm trying to start up verdaccio with my locally built plugin. Previously I was able to do it in various ways, e.g. by copying it into node_modules or loading it from a plugins directory that verdaccio can be configured to load from. With v2 any dependencies used by the built plugin are not found by any of these mechanisms. Verdaccio require's plugins, so I just need to find a way to make built plugins visible to yarn's module resolution AND also having it resolve the module's dependencies. My next attempt will be to pack the built plugin and copy it into the yarn cache folder. I couldn't find anything useful on GitHub or in the docs but it's also probably not a mainstream issue.

Thanks for going through the hurdles required to move something like yarn berry forward. 🍻

[merceyz]

A) parcel had this error building with yarn2. I ended up switching to microbundle to work around it.

They've fixed these issues / added PnP compatibility in V2 (parcel@next)

B) Randomly I got "EISDIR: illegal operation on a directory, read" when trying to install a new package (don't remember which). It went away by deleting the local .yarn/cache and re-installing. Gladly only had this once.

We've seen this issue before but been unable to reproduce, thanks to those logs in point C I was able to figure out why it was happening. Turns out we already fixed it in https://github.com/yarnpkg/berry/pull/1674 which hasn't been released yet, but now we know why it was happening so thank you! :+1:

C) I got this by just expanding the .yarn/cache folder in VSCode. Locked files are a common issue with VSCode on Windows for some tools, but I don't remember yarn1 having this problem with node_modules and VSCode. Usually I resolve VSCode locking issues by putting things on search and watch exclude, but this was already the case for .yarn, so I'm trying not to open that folder and mostly I don't need to, so it's not a biggie.

This was improved / fixed in https://github.com/yarnpkg/berry/pull/1593, also not released yet.

The correct error is actually EPERM: operation not permitted, copyfile but before the bugfix in https://github.com/yarnpkg/berry/pull/1674 it was EPERM: operation not permitted, mkdir

C) I'm trying to start up verdaccio with my locally built plugin. Previously I was able to do it in various ways, e.g. by copying it into node_modules or loading it from a plugins directory that verdaccio can be configured to load from. With v2 any dependencies used by the built plugin are not found by any of these mechanisms. Verdaccio require's plugins, so I just need to find a way to make built plugins visible to yarn's module resolution AND also having it resolve the module's dependencies. My next attempt will be to pack the built plugin and copy it into the yarn cache folder. I couldn't find anything useful on GitHub or in the docs but it's also probably not a mainstream issue.

If I understand this correctly i'll point you to this section in the docs

Tip: Yarn 2 implements support for self-references, making the link: protocol unneeded in most cases. Any file that's part of a package will always be able to import any file from its own package using the package name - even the top-level project! Just add a "name": "app" field into your top-level package.json, and you'll be able to use import 'app/Toolbar' without further ado. https://yarnpkg.com/features/protocols/#why-is-the-link-protocol-recommended-over-aliases-for-path-mapping

[n4bb12]

@merceyz thanks for the info and for processing all this 🖐

The link protocol brought me a step further. (I used it in devDependencies since it's only for local testing and shouldn't be published.)

"verdaccio-auth": "link:./plugins/verdaccio-auth"

Unfortunately I'm now here

(node:1072) [MODULE_NOT_FOUND] Error: verdaccio tried to access verdaccio-auth, but it isn't declared in its dependencies; this makes the require call ambiguous and unsound.

I set pnpMode: loose but it didn't do the trick.

What would be the intended way to load arbitrary plugins when plugins by their nature are not declared as dependencies?

[merceyz]

Unfortunately I'm now here (node:1072) [MODULE_NOT_FOUND] Error: verdaccio tried to access verdaccio-auth, but it isn't declared in its dependencies; this makes the require call ambiguous and unsound. I set pnpMode: loose but it didn't do the trick.

This is actually just a warning, though you're only supposed to see it in pnpMode: loose, this has been fixed in master. You can test with master using

yarn set version from sources

What would be the intended way to load arbitrary plugins when plugins by their nature are not declared as dependencies?

Loading them on behalf of the config that declares it using createRequire. This isn't PnP specific though, everything should do this to not rely on hoisting. Could you provide a reproduction for this so that I can fix it in verdaccio?

[n4bb12]

@merceyz I think this would be the essence of how verdaccio loads plugins. Dependencies are checked in, so you only need to checkout the yarn1/yarn2 branches and run node app:

https://github.com/n4bb12/minimal-plugin-example/tree/yarn1

$ node app
hello world

https://github.com/n4bb12/minimal-plugin-example/tree/yarn2

$ node app
internal/modules/cjs/loader.js:1083
  throw err;
  ^

Error: Cannot find module 'lodash.lowercase'
Require stack:
- D:\Projects\n4bb12\minimal-plugin-example\plugins\foo\foo.js
- D:\Projects\n4bb12\minimal-plugin-example\app\index.js
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:1080:15)
    at Function.Module._load (internal/modules/cjs/loader.js:923:27)
    at Module.require (internal/modules/cjs/loader.js:1140:19)
    at require (internal/modules/cjs/helpers.js:75:18)
    at Object.<anonymous> (D:\Projects\n4bb12\minimal-plugin-example\plugins\foo\foo.js:1:19)
    at Module._compile (internal/modules/cjs/loader.js:1251:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1272:10)
    at Module.load (internal/modules/cjs/loader.js:1100:32)
    at Function.Module._load (internal/modules/cjs/loader.js:962:14)
    at Module.require (internal/modules/cjs/loader.js:1140:19) {
  code: 'MODULE_NOT_FOUND',
  requireStack: [
    'D:\\Projects\\n4bb12\\minimal-plugin-example\\plugins\\foo\\foo.js',
    'D:\\Projects\\n4bb12\\minimal-plugin-example\\app\\index.js'
  ]
}

With yarn1 the following is possible:

• both verdaccio and plugins are installed globally
• verdaccio loads plugins from an arbitrary directory (e.g. from a local yarn project with all the plugins as local dependencies). verdaccio itself is installed somewhere else (e.g. globally)
• both verdaccio and plugins are dependencies of the same local project
• the plugins are direct dependencies of verdaccio and therefore not installed separately

You can find the corresponding verdaccio code here: https://github.com/verdaccio/verdaccio/blob/master/src/lib/plugin-loader.ts#L14