Upgrading to Yarn v1.7.0 causes failure for new installs

[kahboom]

NOTE: The following only applies if you are using Node 10 (not LTS) + Yarn v1.7.0. The second error will also occur if upath is somewhere in the dependency tree.

This is a...

[ ] Feature request
[ ] Regression (a behavior that used to work and stopped working in a new release)
[x] Bug report  
[ ] Documentation issue or request

The problem

Was just minding my business, installing some new packages with my legacy Yarn, and got prompted by Yarn to upgrade to v1.7.0. I usually hesitate, but said, hey, why not, life's too short..

Suddenly, yarn install started failing any time you add a new package to package.json, which was sad for me because that's exactly what I needed to do.

The errors/warnings:

(node:20616) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.

error upath@1.0.4: The engine "node" is incompatible with this module. Expected version ">=4 <=9".
error Found incompatible module.

Huh? I don't know even this module, and it's already telling me what Node engine version I need to use, so much that it is telling Yarn not to install anything until I do what it says.

Expected behavior

No errors on yarn install? The first was just a deprecation warning and likely wasn't failing the install, but was still driving me crazy. The second one, well,yarn install should install npm packages without failing, despite whatever engine version is specified.

As Jan says in this issue anodynos/upath#14 (comment):

Also please never ever purposefully break forward compatibility by enforcing something like node <= X.

Just stop it, people.

Tasks involved / Steps to Reproduce

Test with v.1.2.0 or whatever I was using before, and see no problems.

1. Upgrade to Yarn v.1.7.0, the latest and greatest.
2. Pretend to add a new package to package.json. Okay, actually add it.
3. Run yarn install.

Solutions/Workarounds

First Error:

No idea, but using yarn from npm seemed to fix it completely: npm i -g yarn && yarn install

Btw, this error wasn't even super obvious that it was related to Webpack until I did NODE_OPTIONS=--trace-warnings yarn outdated.

Second Error:

1. Downgrade to v1.6.0 or whatever version you were using that worked.

• If you use Homebrew, you need to look at the commit history for the Ruby file for the formula if you don't already have that version installed (my most "recent" was v1.2.0, so was looking for something more.. modern). Also, not every formula supports multiple versions. AND you may need to unlink to then be able to switch symlinks using brew switch yarn@<version>. Anyway, nty..

2. Nuke everything. rm yarn.lock && rm -rf node_modules && yarn cache clean, then yarn install and pray to Lady Gaga that it all works..
3. Directly edit the yarn.lock file by removing the portion that references upath if you are not really using the module. But then again, why are we editing yarn.lock manually?
4. Tell Yarn globally that it should know better: yarn config set ignore-engines true -g
5. Tell Yarn locally that it should know better.

The third one seems to work fine, but I'm testing out the 4th option, which may involve adding a .yarnrc to the UI root.

tl;dr

So, for now, 1) install using yarn from npm to get rid of the deprecation warning, 2) set Yarn global configuration setting to ignore engines, then you can yarn install like normal again.

[gashcrumb]

Probably worth mentioning that some of this is also related to whatever node version you have installed, i.e. 10.x. On an LTS (8.x) version of node this doesn't seem to happen, or at least I haven't run into it...

[kahboom]

Good point, will do that now.

[zregvart]

Seems to work OK for me with:

➜ yarn --version
1.7.0
➜ node --version
v8.11.2

[kahboom]

@zregvart - This is because you are on node v8, not v10.x. But there is a workaround with yarn install --force. Not ideal, but to me is better than modifying the yarn.lock manually, or running some weird Yarn commands to only upgrade those dependencies.

Closing for now as this isn't a big deal, just run yarn install --force if you upgrade Node to resolve this and then run into some node-sass issues when running yarn install.