[Bug?]: <package> isn't supported by any available resolver - when migrating from yarn@1

[mcenkar]

Self-service

• [x] I'd be willing to implement a fix

Describe the bug

Hi,

we have internal artifactory, which mirrors external + publishes some @scoped packages. When following migration steps from https://yarnpkg.com/getting-started/migration I'm getting following error:

➤ YN0001: │ Error: @company/some-package@npm:^46.0.29: @company/some-package@npm:46.0.29::__archiveUrl=https%3A%2F%2Fartifactory.corp%3A443%2Fartifactory%2Fapi%2Fnpm%2Fvirtual-node%2F%40company%2Fsome-package%2F-%2F%40company%2Fsome-package-46.0.29.tgz%23 isn't supported by any available resolver
at zf.getResolverByDescriptor (.yarn/releases/yarn-3.3.1.cjs:391:1647)
at zf.getCandidates (.yarn/releases/yarn-3.3.1.cjs:391:1235)
at pb.getCandidates (.yarn/releases/yarn-3.3.1.cjs:435:3324)
at zf.getCandidates (.yarn/releases/yarn-3.3.1.cjs:391:1264)
at .yarn/releases/yarn-3.3.1.cjs:439:7695
at Ff (.yarn/releases/yarn-3.3.1.cjs:390:8965)
at ge (.yarn/releases/yarn-3.3.1.cjs:439:7675)

I have more or less managed to trace down issue to this line: https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/3.3.1/packages/yarnpkg-core/sources/LegacyMigrationResolver.ts#L20-L22

After applying following patch, building locally and replacing yarn.js I don't get this error anymore and everything works:

Index: packages/yarnpkg-core/tests/LegacyMigrationResolver.test.ts
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
diff --git a/packages/yarnpkg-core/tests/LegacyMigrationResolver.test.ts b/packages/yarnpkg-core/tests/LegacyMigrationResolver.test.ts
--- a/packages/yarnpkg-core/tests/LegacyMigrationResolver.test.ts   (revision 3246d10cdcdcb6ffdb297e09a360a311c951396a)
+++ b/packages/yarnpkg-core/tests/LegacyMigrationResolver.test.ts   (date 1671781469810)
@@ -18,13 +18,13 @@
     {
       version: `1.0.0`,
       resolved: `https://company.jfrog.io/company/api/npm/registry-name/@scope/package-name/-/@scope/package-name-1.0.0.tgz#eeeec1e4e8850bed0468f938292b06cda793bf34`,
-      expected: `npm:1.0.0::__archiveUrl=https%3A%2F%2Fcompany.jfrog.io%2Fcompany%2Fapi%2Fnpm%2Fregistry-name%2F%40scope%2Fpackage-name%2F-%2F%40scope%2Fpackage-name-1.0.0.tgz%23`,
+      expected: `npm:1.0.0`,
     },
     // https://github.com/yarnpkg/berry/pull/4702
     {
       version: `1.0.0`,
       resolved: `https://packages.example.com/artifactory/api/npm/registry-name/@scope/package-name/-/@scope/package-name-1.0.0.tgz#eeeec1e4e8850bed0468f938292b06cda793bf34`,
-      expected: `npm:1.0.0::__archiveUrl=https%3A%2F%2Fpackages.example.com%2Fartifactory%2Fapi%2Fnpm%2Fregistry-name%2F%40scope%2Fpackage-name%2F-%2F%40scope%2Fpackage-name-1.0.0.tgz%23`,
+      expected: `npm:1.0.0`,
     },
     // https://github.com/yarnpkg/berry/issues/902#issuecomment-732360991
     {
Index: packages/yarnpkg-core/sources/LegacyMigrationResolver.ts
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
diff --git a/packages/yarnpkg-core/sources/LegacyMigrationResolver.ts b/packages/yarnpkg-core/sources/LegacyMigrationResolver.ts
--- a/packages/yarnpkg-core/sources/LegacyMigrationResolver.ts  (revision 3246d10cdcdcb6ffdb297e09a360a311c951396a)
+++ b/packages/yarnpkg-core/sources/LegacyMigrationResolver.ts  (date 1671781469827)
@@ -19,7 +19,7 @@

   // These ones come from the npm registry
   // Note: /download/ is used by custom registries like Taobao
-  [/^https?:\/\/[^/]+\/(?:[^/]+\/)*(?:@.+(?:\/|(?:%2f)))?([^/]+)\/(?:-|download)\/\1-[^/]+\.tgz(?:#|$)/, version => `npm:${version}`],
+  [/^https?:\/\/[^/]+\/(?:[^/]+\/)*(@.+(?:\/|(?:%2f)))?([^/]+)\/(?:-|download)\/(\1\2|\2)-[^/]+\.tgz(?:#|$)/, version => `npm:${version}`],
   // The GitHub package registry uses a different style of URLs
   [/^https:\/\/npm\.pkg\.github\.com\/download\/(?:@[^/]+)\/(?:[^/]+)\/(?:[^/]+)\/(?:[0-9a-f]+)(?:#|$)/, version => `npm:${version}`],
   // FontAwesome too; what is it with these registries that made them think using a different url pattern was a good idea?

But as you see I had to change some existing assertions. (I can explain changes in regex, basically it's capturing @scope, and adding support if it's repeated in package name after /-/) Unfortunately I'm not familiar with codebase and cannot say if removing __archiveUrl is a good idea. Alternatively when debugging I spotted that https://github.com/yarnpkg/berry/blob/%40yarnpkg/cli/3.3.1/packages/plugin-npm/sources/NpmSemverResolver.ts#L19 this resolver returns false when passed range with __archiveUrl, which probably shouldn't happen reading https://github.com/yarnpkg/berry/blob/%40yarnpkg/cli/3.3.1/packages/plugin-npm/tests/NpmSemverResolver.test.ts#L7. However support there is only in getSatisfying, not in supportsDescriptor.

To reproduce

You need project with yarn@1, and dependency of following structure: https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/3.3.1/packages/yarnpkg-core/tests/LegacyMigrationResolver.test.ts#L20

https://company.jfrog.io/company/api/npm/registry-name/@scope/package-name/-/@scope/package-name-1.0.0.tgz
                                                                             ^^^^^^ needs to be repeated

Environment

System:
    OS: macOS 13.0
    CPU: (10) arm64 Apple M1 Max
  Binaries:
    Node: 14.20.1
    Yarn: 3.3.1
    npm: 6.14.17
  npmPackages:
    jest: ^27.1.0 => 27.5.1 

### Additional context

_No response_

[nettybun]

This looks great thanks for debugging! I'm sure the Yarn team would appreciate a PR. I think it's OK to drop the __archiveUrl as you have done in your test files.

[wuang1992]

i got the same issue, is there any solution to fix it ?

[mcenkar]

i got the same issue, is there any solution to fix it ?

You can try my patched version from https://github.com/yarnpkg/berry/issues/5085#issuecomment-1365827021

Please report if it worked for you 🙏🏻

[sargunv]

We've worked around it at Convoy by running the following find/replace on the v1 lockfile right before migrating it to Berry:

sed -i 's|/-/@company/|/-/|' yarn.lock

Of course, replace @company with your organization's internal package scope.

[sargunv]

I had attempted to resolve it here but I guess my fix didn't work as expected.

[xalechez]

Looks like I have the same error, but with public packages while using JFrog as proxy

I'm currently looking at using Yarn 4 in one of our projects. We have a private artifactory using JFrog that hosts our internal packages. I have to use it to as a proxy for public packages, as historically not all of our internal packages were scoped, so I can't configure npmScopes to resolve public packages using Yarn registry.

During first yarn install I get the following error:

➤ YN0000: · Yarn 4.4.0
➤ YN0000: ┌ Resolution step
➤ YN0001: │ Error: google-protobuf@~3.21.2, <4 isn't supported by any available resolver
    at yg.getResolverByDescriptor (/Users/username/.cache/node/corepack/yarn/4.4.0/yarn.js:141:1698)
    at yg.bindDescriptor (/Users/username/.cache/node/corepack/yarn/4.4.0/yarn.js:141:1083)
    at t.preparePackage (/Users/username/.cache/node/corepack/yarn/4.4.0/yarn.js:210:6173)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Z (/Users/username/.cache/node/corepack/yarn/4.4.0/yarn.js:210:7587)
    at async Promise.allSettled (index 20)
    at async _c (/Users/username/.cache/node/corepack/yarn/4.4.0/yarn.js:140:53121)
➤ YN0000: └ Completed in 2s 535ms
➤ YN0000: · Failed with errors in 2s 545ms

.yarnrc.yml:

npmAlwaysAuth: true
npmAuthIdent: "my-npm-credentials"
npmRegistryServer: "https://artifactory.companyname.com/.."

I've checked our artifactory for this package, and it obviously exists, and the version range above should resolve correctly, as we didn't have any such issues with npm and pnpm.

[clemyan]

@xalechez Looks like you have a dependency specified as "google-protobuf": "~3.21.2, <4" somewhere? That's not a valid semver range.

[xalechez]

Thanks @clemyan, haven't noticed that. After overriding this dependency everything works

[ReDrUm]

I'm seeing @types/node@^16.11.7 isn't supported by any available resolver after upgrading from Yarn 3 to Yarn 4.

Similar to @xalechez we're using Artifactory as a proxy for public packages.

➤ YN0001: │ Error: @types/node@^16.11.7 isn't supported by any available resolver
    at MultiResolver.getResolverByDescriptor (/path/to/.yarn/releases/yarn-4.4.0-git.20240811.hash-7fab4f1.cjs:32523:19)
    at MultiResolver.bindDescriptor (/path/to/.yarn/releases/yarn-4.4.0-git.20240811.hash-7fab4f1.cjs:32492:33)
    at _Project.preparePackage (/path/to/.yarn/releases/yarn-4.4.0-git.20240811.hash-7fab4f1.cjs:55671:36)
    at async startPackageResolution (/path/to/.yarn/releases/yarn-4.4.0-git.20240811.hash-7fab4f1.cjs:55728:27)
    at async Promise.allSettled (index 10)
    at async allSettledSafe (/path/to/.yarn/releases/yarn-4.4.0-git.20240811.hash-7fab4f1.cjs:26925:21)
    at async /path/to/.yarn/releases/yarn-4.4.0-git.20240811.hash-7fab4f1.cjs:55802:15
    at async StreamReport.startProgressPromise (/path/to/.yarn/releases/yarn-4.4.0-git.20240811.hash-7fab4f1.cjs:32348:20)
    at async _Project.resolveEverything (/path/to/.yarn/releases/yarn-4.4.0-git.20240811.hash-7fab4f1.cjs:55715:11)
    at async /path/to/.yarn/releases/yarn-4.4.0-git.20240811.hash-7fab4f1.cjs:56407:13

My lockfile has this preexisting resolved entry from Yarn 3:

__metadata:
  version: 6
  cacheKey: 8

"@types/node@npm:^16.11.7, @types/node@npm:^16.18.39":
  version: 16.18.96
  resolution: "@types/node@npm:16.18.96"
  checksum: c5b4c20868e1ecb2e3b975b37aeeb5790b3a4f1472b496fae779ac4f14ba4fb4c0e9ed8e9b6eb389e5a074371056130c9d6506705b144b4f6985ffa844556242
  languageName: node
  linkType: hard

Tracing out the resolving i can see two instances: @types/node@^16.11.7 and @types/node@npm:^16.11.7 (the latter doesn't exist in any package.json files), where the former has a resolved ident hash and the latter doesn't, yet its the former which is failing to resolve.

I'm getting similar issues in a few different repositories after attempting upgrading from Yarn 3 to 4, where it's a random open source package each time, and removing the problematic dep results in a different one claiming it fails to resolve.