feat(import): convert package-lock.json to yarn.lock (#5745)

Adds the ability to yarn import using package-lock.json as the dependency-tree state. When one enters the yarn import command, if a package-lock.json file exists, yarn will attempt to import from it. If not, it will import from node_modules normally.

__tests__/commands/import.js

@@ -6,11 +6,13 @@ import * as importCmd from '../../src/cli/commands/import.js';
 import Lockfile from '../../src/lockfile';
 import * as fs from '../../src/util/fs.js';
 import {run as buildRun} from './_helpers.js';
+import semver from 'semver';
 
 const YARN_VERSION_REGEX = /yarn v\S+/;
 const YARN_VERSION = require('../../package.json').version;
 const NODE_VERSION_REGEX = /node \S+/;
 const NODE_VERSION = process.version;
+const nodeVersion = process.versions.node.split('-')[0];
 
 jasmine.DEFAULT_TIMEOUT_INTERVAL = 120000;
 
@@ -31,9 +33,17 @@ const reporterType = (reporter, type) => reporter.getBuffer().filter(d => d.type
 
 const reporterErrors = reporter => reporter.getBuffer().filter(d => d.error);
 
-const checkReporter = reporter => {
+const checkReporter = (reporter, importFrom) => {
   expect(reporterErrors(reporter)).toEqual([]);
-  expect(reporterType(reporter, 'info')).toEqual([]);
+  if (importFrom === 'package-lock.json') {
+    expect(reporterType(reporter, 'info')).toEqual([
+      {data: reporter.lang('importPackageLock'), error: false, type: 'info'},
+    ]);
+  } else {
+    expect(reporterType(reporter, 'info')).toEqual([
+      {data: reporter.lang('importNodeModules'), error: false, type: 'info'},
+    ]);
+  }
 };
 
 const checkLockfile = async (config, reporter) => {
@@ -53,33 +63,43 @@ const checkLockfileWithVersions = async (config, reporter) => {
   expect(lockfile.source).toEqual(imported);
 };
 
-const checkReporterAndLockfile = async (config, reporter) => {
-  checkReporter(reporter);
+const checkReporterAndLockfile = ({importFrom}) => async (config, reporter) => {
+  checkReporter(reporter, importFrom);
   await checkLockfile(config, reporter);
-  checkReporter(reporter);
+  checkReporter(reporter, importFrom);
 };
 
 test.concurrent('import shallow deps', () => {
-  return runImport([], {}, 'shallow', checkReporterAndLockfile);
+  const importFrom = 'node_modules';
+  return runImport([], {}, 'shallow', checkReporterAndLockfile({importFrom}));
 });
 
 test.concurrent('import deep deps', () => {
-  return runImport([], {}, 'deep', checkReporterAndLockfile);
+  const importFrom = 'node_modules';
+  return runImport([], {}, 'deep', checkReporterAndLockfile({importFrom}));
 });
 
 test.concurrent('import shallow dev deps', () => {
-  return runImport([], {}, 'shallow-dev', checkReporterAndLockfile);
+  const importFrom = 'node_modules';
+  return runImport([], {}, 'shallow-dev', checkReporterAndLockfile({importFrom}));
 });
 
 test.concurrent('import github deps', () => {
-  return runImport([], {}, 'github', checkReporterAndLockfile);
+  const importFrom = 'node_modules';
+  return runImport([], {}, 'github', checkReporterAndLockfile({importFrom}));
 });
 
 test.concurrent('import file deps', () => {
-  return runImport([], {}, 'file', checkReporterAndLockfile);
+  const importFrom = 'node_modules';
+  return runImport([], {}, 'file', checkReporterAndLockfile({importFrom}));
+});
+
+test.concurrent('import overlapping semver ranges successfully', () => {
+  const importFrom = 'node_modules';
+  return runImport([], {}, 'overlapping', checkReporterAndLockfile({importFrom}));
 });
 
-test.concurrent('throw on missing dev deps deps', async () => {
+test.concurrent('throw on missing dev deps', async () => {
   let thrown = false;
   try {
     await runImport([], {}, 'missing-dev');
@@ -115,7 +135,7 @@ test.concurrent('import missing opt deps', () => {
   });
 });
 
-test.concurrent('throw on locked deps', async () => {
+test.concurrent('throw when yarn.lock exists', async () => {
   let thrown = false;
   try {
     await runImport([], {}, 'locked');
@@ -124,3 +144,61 @@ test.concurrent('throw on locked deps', async () => {
   }
   expect(thrown).toBeTruthy();
 });
+
+if (semver.satisfies(nodeVersion, '>=5.0.0')) {
+  test.concurrent('import shallow deps from package-lock.json', () => {
+    const importFrom = 'package-lock.json';
+    return runImport([], {}, 'shallow-package-lock', checkReporterAndLockfile({importFrom}));
+  });
+
+  test.concurrent('import deep deps from package-lock.json', () => {
+    const importFrom = 'package-lock.json';
+    return runImport([], {}, 'deep-package-lock', checkReporterAndLockfile({importFrom}));
+  });
+
+  test.concurrent('import shallow dev deps from package-lock.json', () => {
+    const importFrom = 'package-lock.json';
+    return runImport([], {}, 'shallow-dev-package-lock', checkReporterAndLockfile({importFrom}));
+  });
+
+  test.concurrent('import github deps from package-lock.json', () => {
+    const importFrom = 'package-lock.json';
+    return runImport([], {}, 'github-package-lock', checkReporterAndLockfile({importFrom}));
+  });
+
+  test.concurrent('import file deps from package-lock.json', () => {
+    const importFrom = 'package-lock.json';
+    return runImport([], {}, 'file-package-lock', checkReporterAndLockfile({importFrom}));
+  });
+
+  test.concurrent('import overlapping semver ranges from package-lock.json successfully', () => {
+    const importFrom = 'package-lock.json';
+    return runImport([], {}, 'overlapping-package-lock', checkReporterAndLockfile({importFrom}));
+  });
+
+  test.concurrent('throw on corrupted package-lock.json', async () => {
+    let thrown = false;
+    try {
+      await runImport([], {}, 'corrupted-package-lock');
+    } catch (err) {
+      thrown = true;
+    }
+    expect(thrown).toBeTruthy();
+  });
+
+  test.concurrent('throw on corrupted package-lock.json - missing deep dependencies', async () => {
+    let thrown = false;
+    try {
+      await runImport([], {}, 'corrupted-package-lock-missing-deps');
+    } catch (err) {
+      thrown = true;
+    }
+    expect(thrown).toBeTruthy();
+  });
+
+  test.concurrent('including Yarn and Node version in yarn.lock from package-lock.json', () => {
+    return runImport([], {production: true}, 'versions-yarn-lock-package-lock', async (config, reporter) => {
+      await checkLockfileWithVersions(config, reporter);
+    });
+  });
+}

__tests__/fixtures/import/corrupted-package-lock-missing-deps/package.json

@@ -0,0 +1,9 @@
+{
+  "name": "corrupted-package-lock-missing-deps",
+  "version": "1.0.0",
+  "license": "MIT",
+  "dependencies": {
+    "commander": "^2.9.0",
+    "user-home": "^2.0.0"
+  }
+}

__tests__/fixtures/import/corrupted-package-lock-missing-deps/yarn.lock.import

@@ -0,0 +1,17 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+
+
+commander@^2.9.0:
+  version "2.15.1"
+  resolved "https://registry.yarnpkg.com/commander/-/commander-2.15.1.tgz#df46e867d0fc2aec66a34662b406a9ccafff5b0f"
+
+os-homedir@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3"
+
+user-home@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/user-home/-/user-home-2.0.0.tgz#9c70bfd8169bc1dcbf48604e0f04b8b49cde9e9f"
+  dependencies:
+    os-homedir "^1.0.0"

__tests__/fixtures/import/corrupted-package-lock/package.json

@@ -0,0 +1,9 @@
+{
+  "name": "corrupted-package-lock",
+  "version": "1.0.0",
+  "license": "MIT",
+  "dependencies": {
+    "commander": "^2.9.0",
+    "user-home": "^2.0.0"
+  }
+}

__tests__/fixtures/import/deep-package-lock/package.json

@@ -0,0 +1,9 @@
+{
+  "name": "deep-package-lock",
+  "version": "1.0.0",
+  "license": "MIT",
+  "dependencies": {
+    "commander": "^2.9.0",
+    "user-home": "^2.0.0"
+  }
+}

__tests__/fixtures/import/deep-package-lock/yarn.lock.import

@@ -0,0 +1,17 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+
+
+commander@^2.9.0:
+  version "2.15.1"
+  resolved "https://registry.yarnpkg.com/commander/-/commander-2.15.1.tgz#df46e867d0fc2aec66a34662b406a9ccafff5b0f"
+
+os-homedir@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3"
+
+user-home@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/user-home/-/user-home-2.0.0.tgz#9c70bfd8169bc1dcbf48604e0f04b8b49cde9e9f"
+  dependencies:
+    os-homedir "^1.0.0"

__tests__/fixtures/import/file-package-lock/deps/a/package.json

@@ -0,0 +1,5 @@
+{
+  "name": "file-dep-a",
+  "version": "1.0.0",
+  "license": "MIT"
+}

__tests__/fixtures/import/file-package-lock/package.json

@@ -0,0 +1,8 @@
+{
+  "name": "file-package-lock",
+  "version": "1.0.0",
+  "license": "MIT",
+  "dependencies": {
+    "file-dep-a": "file:deps/a"
+  }
+}

__tests__/fixtures/import/file-package-lock/yarn.lock.import

@@ -0,0 +1,6 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+
+
+"file-dep-a@file:deps/a":
+  version "1.0.0"

__tests__/fixtures/import/github-package-lock/package.json

@@ -0,0 +1,8 @@
+{
+  "name": "github-package-lock",
+  "version": "1.0.0",
+  "license": "MIT",
+  "dependencies": {
+    "beeper": "sindresorhus/beeper"
+  }
+}

__tests__/fixtures/import/github-package-lock/yarn.lock.import

@@ -0,0 +1,7 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+
+
+beeper@sindresorhus/beeper:
+  version "1.1.1"
+  resolved "https://codeload.github.com/sindresorhus/beeper/tar.gz/34f2c73a340f000c9e060f7038362db6782b236e"

__tests__/fixtures/import/overlapping-package-lock/deps/a/package.json

@@ -0,0 +1,8 @@
+{
+  "name": "file-dep-a",
+  "version": "1.0.0",
+  "license": "MIT",
+  "dependencies": {
+    "safe-buffer": "^5.1.1"
+  }
+}

__tests__/fixtures/import/overlapping-package-lock/deps/b/package.json

@@ -0,0 +1,8 @@
+{
+  "name": "file-dep-b",
+  "version": "1.0.0",
+  "license": "MIT",
+  "dependencies": {
+    "safe-buffer": "^5.1.0"
+  }
+}