Lockfiles for workspace pnpm projects containing file: entries cause parsing failures.
How To Reproduce
Using the isildurs_bane repo:
../isildurs_bane/pnpm_workspace 1 4 on master [?] is 📦 v1.0.0 via v20.8.1
❯ phylum --version
phylum v5.7.3
../isildurs_bane/pnpm_workspace 1 4 on master [?] is 📦 v1.0.0 via v20.8.1
❯ ls -alh
total 32
drwxr-xr-x 7 maxrake staff 224B Oct 5 11:17 .
drwxr-xr-x 24 maxrake staff 768B Oct 19 16:10 ..
-rw-r--r-- 1 maxrake staff 1.2K Oct 5 11:17 package-lock.json
-rw-r--r-- 1 maxrake staff 336B Oct 5 11:17 package.json
-rw-r--r-- 1 maxrake staff 890B Oct 5 11:17 pnpm-lock.yaml
-rw-r--r-- 1 maxrake staff 27B Oct 5 11:17 pnpm-workspace.yaml
drwxr-xr-x 3 maxrake staff 96B Oct 5 11:17 projects
../isildurs_bane/pnpm_workspace 1 4 on master [?] is 📦 v1.0.0 via v20.8.1
❯ phylum parse -t pnpm pnpm-lock.yaml
❗ Error: could not parse lockfile: pnpm-lock.yaml
Caused by:
0: Failed to parse lockfile
1: Dependency 'file:projects/workspace_member' is missing '/' prefix
Expected Behavior
Lockfiles created with pnpm, from workspace projects, are able to be parsed.
Additional Context
The pnpm-lock.yaml file was re-created with the package.json file by using the command pnpm install --lockfile-only --ignore-scripts and it ended up being exactly the same as the one that was already in the repo.
Overview
Lockfiles for workspace
pnpmprojects containingfile:entries cause parsing failures.How To Reproduce
Using the
isildurs_banerepo:Expected Behavior
Lockfiles created with
pnpm, from workspace projects, are able to be parsed.Additional Context
The
pnpm-lock.yamlfile was re-created with thepackage.jsonfile by using the commandpnpm install --lockfile-only --ignore-scriptsand it ended up being exactly the same as the one that was already in the repo.