frontsideair / yarnhook Goto Github PK
View Code? Open in Web Editor NEWRun `yarn install`, `npm install` or `pnpm install` on git hooks automatically
License: MIT License
Run `yarn install`, `npm install` or `pnpm install` on git hooks automatically
License: MIT License
bun.sh is a new JS tool which also has package management skills, with accompanying bun.lockb
lockfile. Let's add support for it.
This is serious, it may result in lost data.
Some project support loading environment variables from .env
files to allow permanent variables to be committed and shared among project members. Examples include create-react-app
and Docker Compose. I think it would be great if yarnhook
did as well. That way, a project team could share a variable such as YARNHOOK_DRYRUN=true
without requiring each member to set it in a global .bashrc
file.
Though this may seem to limit individual preference in environment variables, yarnhook
could also recognize .env.local
, which overrides .env
and is usually listed in .gitignore
Stale node_modules
is a source of bugs, footguns, headaches. Angular has a bullet in the readme just for it. Consider sending PRs to large projects to increase adoption, this will also benefit the project.
Proposal:
It was suggested at #2 and now we have pnpm
support I'm much more sympathetic to the name. One issue is we already have a neat logo, should we change it to something that looks like a lock?
npm ci
is way faster than npm install
so we should use it when it's available. Requirements:
>5.7.0
package-lock.json
or npm-shrinkwrap.json
exists (we already check for package-lock.json
)Things to do:
npm-shrinkwrap.json
#19npm install
instead of npm ci
npm install
if npm ci
fails?Right now the default is something like this:
{
"printWidth": 100,
"semi": false,
"trailingComma": "all"
}
This will enable pnpm
support as well.
package.json
fieldspnpm
supportHi,
I was going to implement a git hook to do just the same thing that yarnhook does, but for Composer (PHP package manager). But I thought it would be a shame to have yarnhook for yarn, and something specific for Composer. So I'm wondering if you are opened to handling not node-related package managers? In which case I can open a PR to add composer.
Thanks!
thanks for the great package, it really makes life a lot easier.
Version 7 of pnpm was recently released, and --prefer-frozen-shrinkwrap
was deprecated in favor of --prefer-frozen-lockfile
, causing the hook to exit with an error (and also not work as expected, since the installation does take place, just not with a frozen lock file). See the release notes here.
To the best of my understanding, it is impossible to detect pnpm's version through filesystem checks, since v7 uses the same lockfile as previous versions, so looks like resorting to pnpm -v
is the only way around this
Would it be possible to add the ability to accept additional arguments so I could do something like this:
"husky": {
"hooks": {
"post-checkout": "yarnhook --ignore-optional",
"post-merge": "yarnhook --ignore-optional",
"post-rewrite": "yarnhook --ignore-optional"
}
}
I'd really like to prevent yarnhook from installing optional dependencies.
Run flow with lint-staged, do it after #4.
The project can have zero dependencies without execa, which has listed their benefits but maybe we don't need any of them? Test extensively.
--prefer-offline
:
use network only if dependencies are not available in local cache
Make yarn install faster when switching branches
--pure-lockfile
don't generate a lockfile
yarnhook should not change yarn lockfile, and I don't think we should use frozen-lockfile
which could fail when the lockfile is not synced with package.json yet.
When yarn install fails, for example because there is a bug in yarn or because of a wrong node version (The engine "node" is incompatible with this module. Expected version ">=4 <=9"
) we can end up in detached head
Thanks for the great lib!
Currently, doesn't detect changes in nested package.json
and yarn.lock
. What do you think about adding support for monorepos?
Adding pnpm support should be really easy.
I see currently this tool checks for a lockfile to decide what pm should be used for installation. pnpm has its own lockfile called shrinkwrap.yaml
.
Alternatively, which-pm can be used, which will correctly identify the pm even when installing was done w/o a lockfile creation
It would be nice to support an option to just log a message (hopefully loud), instead of forcing an install. The lockfile detection logic and execution of git diff
command is still helpful to abstract away.
mrm will make installation a whole lot easier.
I don't see any reason not to support shrinkwraps.
I get an yarnhook: command not found
error when I try to git checkout
on v0.4.4.
The following item seem to be missing from package.json in v0.4.4.
https://github.com/frontsideair/yarnhook/blob/v0.4.3/package.json#L4
I cloned a project that uses yarnhook, changed a file, and then ran git checkout
on that file. yarnhook
got triggered, but it failed with this output:
<path_to_project>/node_modules/.bin/yarnhook
<path_to_project>/node_modules/yarnhook/node_modules/execa/index.js:303
throw (result.error || new Error(result.stderr === '' ? result.stdout : result.stderr));
^
Error: fatal: Log for 'HEAD' only has 1 entries.
at Function.module.exports.sync (<path_to_project>/node_modules/yarnhook/node_modules/execa/index.js:303:26)
at Object.<anonymous> (<path_to_project>/node_modules/yarnhook/index.js:58:38)
at Module._compile (internal/modules/cjs/loader.js:1147:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1167:10)
at Module.load (internal/modules/cjs/loader.js:996:32)
at Function.Module._load (internal/modules/cjs/loader.js:896:14)
at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:71:12)
at internal/main/run_main_module.js:17:47
error Command failed with exit code 1.
Tried googling but found nothing. Any advice?
Hi,
thanks for the awesome package. We have been using it for a couple of months, but since we migrated to yarn berry, we are having issues since --frozen-lockfile
flag was deprecated in favour of --immutable
. Hence, the hook no longer works.
Would it be possible to detect whether yarn classic or yarn 2 is used?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.