forked from aws/aws-cdk
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcheck-yarn-lock.js
executable file
·54 lines (45 loc) · 2.09 KB
/
check-yarn-lock.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
/**
* Yarn v1 doesn't repect --frozen-lockfile entirely when using yarn workspaces.
* The net effect is that if a dependency in one of our packages is not in the yarn.lock file,
* yarn will happily install any/latest version of that package, even when --frozen-lockfile
* is provided.
*
* This script manually verifies that all dependencies listed in our package.json files are
* present in yarn.lock, and will fail if not.
*
* See:
* https://github.com/yarnpkg/yarn/issues/4098
* https://github.com/yarnpkg/yarn/issues/6291
*/
const fs = require('fs');
const path = require('path');
const { Project } = require("@lerna/project");
const lockfileParser = require('@yarnpkg/lockfile');
function repoRoot() {
return path.join(__dirname, '..');
}
function yarnLockPackages() {
const yarnLockfile = fs.readFileSync(path.join(repoRoot(), 'yarn.lock'), 'utf8');
const lockfileResult = lockfileParser.parse(yarnLockfile);
if (lockfileResult.type !== 'success') {
throw new Error(`Error finding or parsing lockfile: ${lockfileResult.type}`);
}
return new Set(Object.keys(lockfileResult.object));
}
async function main() {
const yarnPackages = yarnLockPackages();
const projects = await new Project(repoRoot()).getPackages();
function errorIfNotInYarnLock(package, dependencyName, dependencyVersion) {
const dependencyId = `${dependencyName}@${dependencyVersion}`;
const isLocalDependency = dependencyVersion === '0.0.0' || dependencyVersion === '^0.0.0';
if (!isLocalDependency && !yarnPackages.has(dependencyId)) {
throw new Error(`ERROR! Dependency ${dependencyId} from ${package.name} not present in yarn.lock. Please run yarn update and try again!`);
}
}
projects.forEach((p) => {
Object.entries(p.devDependencies || {}).forEach(([depName, depVersion]) => errorIfNotInYarnLock(p, depName, depVersion));
Object.entries(p.peerDependencies || {}).forEach(([depName, depVersion]) => errorIfNotInYarnLock(p, depName, depVersion));
Object.entries(p.dependencies || {}).forEach(([depName, depVersion]) => errorIfNotInYarnLock(p, depName, depVersion));
});
}
main();