-
Task
-
Resolution: Unresolved
-
Critical
-
None
Shrinkwrap is an unbearable pain in the ass (locally known as "shrinkcrap"):
- It just stops working (without error on install etc) if the version numbers of packages do not line up perfectly in package.json, npm-shrinkwrap.json and node_modules.
- Getting it back into a working state (where an npm install updates npm-shrinkwrap.json etc) can take ages i.e. can take up to an hour (some people have said it takes them multiple hours).
- Regenration of the npm-shrinkwrap.json from scratch is a horrible option too because that then results in commit diffs with line change counts in the 1,000s.
- From what I (TF) can remember, it's not possible to use tools like slink or linklocal when using shrinkwrap. Can't remember the issue(s).
- I (CM) believe I'd had that working fine provided I set a new/beta version in the module I'm installing, install it, then slink it. (see comment below)
- Works with maven build - we will need some changes here I think ... not sure if frontend will work for anything other than npm when it comes to installing packages.
Scope
- Decent errors when package installs do not do as expected i.e. update relevant build files.
- Easy and fast process for getting things back into a working order if things are inconsistent e.g. regeneration of whatever fills the roll of npm-shrinkwrap.json is simple and does not result in line change counts in the 1,000s.
- Possible to work in dev mode and use tools like slink or linklocal.
Possibilities
- Switch to using Yarn. cliffmeyers has already done some experimenting with this.
- Yarn uses a lockfile by default, and has explicit commands that differentiate between adding a dependency (add) and installing a project's dependencies (install).
- Yarn supports link/unlink, so it may eliminate the need for slink
- Link to commit/branch in the JDL where I experimented using yarn: https://github.com/jenkinsci/jenkins-design-language/commit/2538a4f08be8ec5adc99d41b09c975ba49dbbc94
- Write some node.js scripts that help streamline npm/shrink operations, and perform additional validation (some of validation already exists and is called from the Jenkinsfile)
- I (CM) find the trickiest scenario to manage is when there is a conflict during merge. I usually follow this process:
- Accept "theirs" for package.json and npm-shrinkwrap.json
- Run "npm install" so that package.json, npm-shrinkwrap.json and node_modules are in sync
- Individually install the correct version of each package that I have changed: "npm install cliff-code@1.5.2 -S -E"
- We could write a script that does this? Perhaps one that does it across multiple/all modules at once? For example, we could use "./setlib.js blueocean-core-js@1.5.2" which would step into all projects, find those which depend on "blueocean-core-js" and run the correct install command in each
- I (CM) find the trickiest scenario to manage is when there is a conflict during merge. I usually follow this process:
- Give up on JS package management entirely and just check things into node_modules.
- is blocking
-
JENKINS-40401 Automatic NPM dependency update in node_modules when working in "Dev Mode"
-
- Open
-
cc tfennelly epic has been created