-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Surprises around resolutions
#2202
Comments
This is expected - the
Indeed, we should remove this flag from the documentation for the time being (or implement it) 🤔 |
@arcanis thanks for the explanation. I get what you're saying but it still feels strange that Theoretically, could |
No; the |
Reopening for |
Oh, so the two are two different things? Even though the
This makes intuitive sense to me but it's possible that this docs suggest something that couldn't work / is wrong. |
This comment has been minimized.
This comment has been minimized.
What does a "--save" look like? I was playing around with adding save functionality, and the main issue is that if you're setting a resolution for a transitive dependency, you need to specify the full path as the resolution key in the package.json. We can't fallback to globs because that's been removed in yarn v2 (unless it were to be added back?). Is the idea to only support saving for direct dependencies, or do we need to somehow generate the patterns? I took a stab and trying to generate the patterns, however I don't think there's an existing function which given a descriptor, lists all packages that reference that descriptor? Also ran into an issue comparing descriptors because the |
It appears the |
It might be helpful if this is resolved aka faker.js and color.js |
The documentation is still incorrect/confusing. The -s / --save flag is still being shown even though it doesn't do anything which leads devs down a rabbit whole looking for a bug instead of just knowing there's an absent feature. |
I'm trying to use resolutions inside of a yarn workspaces repo, because it seems I have a problem with react 18 types clashing with 17 when attempting to use React 17 in a Nextjs 12 app, so this is what I've tried:
I've tried this in the root of the repo and inside the app workspace package, but I see no changes made to the lock file or any other file. Am I missing something? |
Found this issue after being very confused why
I'm also confused by this explanation. If they have different purposes, could you give an example of why you'd prefer to use one method over the other? If
|
Couldn't this be solved by not allowing incompatible range resolutions unless explicitly specified in resolutions, similar to what yarn 1 does? I'm assuming allowing incompatible ranges anywhere without resolutions is an intentional decision, what is the reasoning behind it? Alternatively could something like a |
As far as I can tell, the only thing that has changed since this issue was first posted in 2020, is that resolutions in My own results using Excerpt from my "resolutions": {
"@types/react": "17.0.43",
"uglify-js@npm:~1.2": "2.6.0",
"underscore@npm:~1.4.4": "1.12.1"
}, Output of
Excerpt from my "uglify-js@npm:^2.6.1":
version: 2.8.29
resolution: "uglify-js@npm:2.8.29"
dependencies:
source-map: ~0.5.1
uglify-to-browserify: ~1.0.0
yargs: ~3.10.0
dependenciesMeta:
uglify-to-browserify:
optional: true
bin:
uglifyjs: bin/uglifyjs
checksum: 24f2ae09b96bbb56cc3802f575ee2cdbc6822d942c6877ee4a5637e949f269e48f4baa8d193c47324cdfc1cc8e6853e1479d26e228be2412bc0da3649eaedb35
languageName: node
linkType: hard
"uglify-js@npm:^3.1.4":
version: 3.17.4
resolution: "uglify-js@npm:3.17.4"
bin:
uglifyjs: bin/uglifyjs
checksum: 7b3897df38b6fc7d7d9f4dcd658599d81aa2b1fb0d074829dd4e5290f7318dbca1f4af2f45acb833b95b1fe0ed4698662ab61b87e94328eb4c0a0d3435baf924
languageName: node
linkType: hard
"uglify-js@npm:~1.2":
version: 1.2.6
resolution: "uglify-js@npm:1.2.6"
bin:
uglifyjs: ./bin/uglifyjs
checksum: dbabf3ad42a226c1b70e799331f084f8b2ce7b013266565a4ea0b7cf461c09912dbbae07ac292480db4debc2777e14ab2c4e50eed8bba5e94efd1195052ef38d
languageName: node
linkType: hard As you can see, |
@gertsonderby I have had this issue before with yarn. My workaround was to not use semver ranges but use exact versions as reported by |
But why not mentioning that |
Ok so how can resolutions be enforced in Yarn v3? It's not clear from this conversation. Or can they not be enforced at all? |
This comment was marked as outdated.
This comment was marked as outdated.
That's incorrect. I mean, we even use them on this very repository. Since this issue is intended to be specifically about the |
I encountered a few "surprises" around
resolutions
– not sure if those are expected but since I couldn't find them mentioned on GitHub yet, here they go.Context
We're using graphql@14 in our project but one of the deep dependencies has a peerDependency on graphql@15, which results in a warning like this:
The actual package that has this peerDependency is relay-compiler@10.0.1. Since we cannot upgrade
graphql
in our project, the "solution" (though not great) is to downgrade relay-compiler to 9.x which has peerDependency on graphql@14.--save / -s
doesn't workI ran this command:
This updated
yarn.lock
like this (will be important later):But it didn't affect project-level
package.json
– I expected to findresolutions
field there. According to this Discord reply,-s
isn't implemented yet. Fair enough but I couldn't find the info here on GitHub so just want to mention it.resolutions
field inpackage.json
doesn't updateyarn.lock
?Since I wanted to have a mention of a version mapping in
package.json
and not just inyarn.lock
, I updated the manifest manually:I then reverted
yarn.lock
(I got rid of the changes done byyarn set resolution
) and ranyarn
(install
).At this point, I expected the
yarn.lock
to look exactly like above but this was the result instead:The key point is that @graphql-tools/relay-operation-optimizer depends on relay-compiler@10.0.1 but this version 10.0.1 is nowhere to be found in the lockfile – the only key there is
"relay-compiler@npm:9.1.0"
.I guess in this case, Yarn consults both
yarn.lock
andpackage.json#resolutions
to find out how to resolve relay-compiler but it feels strange to me – I'd expect the mapping to be obvious just from the lockfile itself.Again, not sure if those are issues or expected behavior but they surprised me.
The text was updated successfully, but these errors were encountered: