Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Offline mirror collision with npm aliased package name #788

Open
slimreaper35 opened this issue Jan 17, 2025 · 0 comments · May be fixed by #786
Open

Offline mirror collision with npm aliased package name #788

slimreaper35 opened this issue Jan 17, 2025 · 0 comments · May be fixed by #786
Labels
yarn Pull requests/issues related to our yarn handling module

Comments

@slimreaper35
Copy link
Member

slimreaper35 commented Jan 17, 2025
edited by eskultety
Loading

Related to: #634

We added this check to prevent tarballs in the cache from being overwritten. For example, there is a registry package and a URL package that share the identical tarball name.

The problem is when a dependency uses an alias, which apparently leads yarn to create duplicate records inside yarn.lock if that dependency is already required. Cachi2 "detects" this collision and refuses to proceed with the request.

Example of npm aliases:

"@isaacs/cliui@^8.0.2":
  version "8.0.2"
  resolved "https://registry.yarnpkg.com/@isaacs/cliui/-/cliui-8.0.2.tgz#b37667b7bc181c168782259bab42474fbf52b550"
  integrity sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==
  dependencies:
    string-width "^5.1.2"
    string-width-cjs "npm:string-width@^4.2.0"
    strip-ansi "^7.0.1"
    strip-ansi-cjs "npm:strip-ansi@^6.0.1"
    wrap-ansi "^8.1.0"
    wrap-ansi-cjs "npm:wrap-ansi@^7.0.0"

To reproduce this behavior:

git clone git@github.com:kiali/kiali.git
cd kiali
git switch v2.2
cd frontend
cachi2 fetch-deps yarn

One of multiple dependencies that are present twice in the yarn.lock:

wrap-ansi@^7.0.0
npm alias - https://github.com/kiali/kiali/blob/v2.2/frontend/yarn.lock#L13533
yarn - https://github.com/kiali/kiali/blob/v2.2/frontend/yarn.lock#L13551
@slimreaper35 slimreaper35 added the yarn Pull requests/issues related to our yarn handling module label Jan 17, 2025
slimreaper35 added a commit to slimreaper35/cachi2 that referenced this issue Jan 20, 2025
@slimreaper35
yarn v1: Drop offline mirror collision exception for registry packages
af5c616 
closes containerbuildsystem#788

Signed-off-by: Michal Šoltis <msoltis@redhat.com>
@slimreaper35 slimreaper35 linked a pull request Jan 22, 2025 that will close this issue
Consolidate the integration test repos to a single one #789
Open
4 tasks
@slimreaper35 slimreaper35 removed a link to a pull request Jan 22, 2025
Consolidate the integration test repos to a single one #789
Open
4 tasks
@slimreaper35 slimreaper35 linked a pull request Jan 22, 2025 that will close this issue
yarn classic: Offline mirror collision #786
Draft
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
yarn Pull requests/issues related to our yarn handling module
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

yarn classic: Offline mirror collision slimreaper35/cachi2
1 participant
@slimreaper35