feat!: use hierarchical lockfile snapshots for per-context detection#4
Merged
Conversation
3234367 to
4a7bd88
Compare
BREAKING CHANGE: LockfileSnapshot type changed from Map<name, version> to Map<context, Map<name, version>> to preserve per-importer/package resolution. This enables detecting changes in specific workspace packages even when the same package exists elsewhere with a different version. - Core types updated with new LockfileSnapshot and LockfileDiff formats - Diff logic updated to compare per-context - Affected resolution updated for new diff format - Parsers updated: pnpm (YAML), bun (JSONC), npm (direct JSON) - npm parser now extracts per-workspace dependencies - Added E2E tests for all 4 package managers - Added per-importer detection test - pnpm parser now properly handles multiple importers
4a7bd88 to
b92ce3f
Compare
- Add missing parser adapter tests (format, lockfileNames, delegation) - Add empty lockfile handling tests for all parsers - Add multi-context extraction tests for npm, bun, pnpm - Add scoped package test for npm parser - Fix npm fixtures to include nested node_modules entries - Fix bun fixtures to include workspace declarations - Add deep transitive chain (4+ levels) E2E fixture and test - Add diamond dependency test - Add cycle handling tests (mutual, long, self-reference) - Update README with warning and development note
ESLint complains about async functions without await. These parsers use synchronous JSON/YAML parsing, so returning Promise.resolve() is cleaner.
- Rewrite Yarn parser to use YAML directly instead of lockparse - Convert yarn-transitive fixtures to Yarn Berry format - Drop support for Yarn v1 lockfiles (incompatible with YAML parsing) - Remove lockparse dependency, use yaml package instead - Add yarn-berry-research fixtures for format exploration
- Create deep-chain fixtures (4-level transitive dependency) for npm, yarn, bun - Create diamond dependency fixtures for all 4 package managers (pnpm, npm, yarn, bun) - Parameterize E2E tests to run for all formats - Keep per-importer detection test pnpm-only (pnpm-specific feature)
|
🎉 This PR is included in version 2.0.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 3.0.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 2.0.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 2.0.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 2.0.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 2.0.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR changes the
LockfileSnapshottype from a flatMap<name, version>to a hierarchicalMap<context, Map<name, version>>to preserve per-importer/package resolution.Breaking Change
The
LockfileSnapshotandLockfileDifftypes have been updated:Map<string, string>(name → version)Map<string, Map<string, string>>(context → name → version)This enables detecting changes in specific workspace packages even when the same package exists elsewhere with a different version.
Changes
ContextDiffBackwards Compatibility Note
ALL_DEPENDENCY_TYPESexport has been renamed toallDependencyTypesfor consistency.Why this matters
Previously, if
@foo/barchanged from 3.984.0 → 3.1010.0 inpackage-b, but version 3.989.0 already existed elsewhere in the lockfile, the parser would store 3.989.0 (first encountered) for both before and after, making the diff see no change. Now each importer's dependencies are tracked separately.