diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 138029c4bb0..2b8585aa04e 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -228,19 +228,6 @@ jobs: exit 1 fi - - name: Run yarn lint:lockfile-lint - if: ${{ success() || failure() }} - run: | - if ! yarn lint:lockfile-lint; then - echo '' - echo '' - echo 'ℹ️ ℹ️ ℹ️' - echo 'Try resetting yarn.lock to its previous state and then run `yarn install`.' - echo 'If your `~/.npmrc` mentions a custom registry, you should remove this setting first.' - echo 'ℹ️ ℹ️ ℹ️' - exit 1 - fi - - name: Run yarn lint:license-in-workspaces if: ${{ success() || failure() }} env: diff --git a/apps/hash/README.md b/apps/hash/README.md index 3d2b397b50a..169ca5c7a97 100644 --- a/apps/hash/README.md +++ b/apps/hash/README.md @@ -54,28 +54,28 @@ To run HASH locally, please follow these steps: ```sh git --version ## ≥ 2.17 - + node --version ## ≥ 20.12 - + yarn --version ## ≥ 1.16 - + rustup --version ## ≥ 1.27.1 (Required to match the toolchain as specified in `rust-toolchain.toml`) - + docker --version ## ≥ 20.10 - + docker compose version ## ≥ 2.17.2 - + docker buildx version ## ≥ 0.10.4 - + protoc --version ## ≥ 25 - + java --version ## ≥ 8 ``` diff --git a/package.json b/package.json index 55c46c78361..c0dd9b993f0 100644 --- a/package.json +++ b/package.json @@ -47,7 +47,6 @@ "lint:constraints": "yarn constraints", "lint:eslint": "turbo --continue lint:eslint --", "lint:license-in-workspaces": "yarn workspace @local/repo-chores exe scripts/check-license-in-workspaces.ts", - "lint:lockfile-lint": "lockfile-lint --path yarn.lock --type yarn --allowed-hosts npm yarn", "lint:markdownlint": "markdownlint --dot .", "lint:prettier": "prettier --check --ignore-unknown .", "lint:taplo": "taplo fmt --check", @@ -56,7 +55,7 @@ "postinstall": "turbo run postinstall", "seed-data:opensearch": "yarn workspace @apps/hash-search-loader clear-opensearch", "seed-data:redis": "yarn workspace @apps/hash-realtime clear-redis", - "seed-data": "concurrently \"yarn:seed-data:*\"", + "seed-data": "npm-run-all --parallel \"seed-data:*\"", "test": "npm-run-all --continue-on-error \"test:*\"", "test:unit": "turbo run test:unit --env-mode=loose --", "test:integration": "turbo run test:integration --env-mode=loose --", @@ -68,19 +67,9 @@ }, "prettier": { "plugins": [ - "prettier-plugin-packagejson", - "prettier-plugin-sh" + "prettier-plugin-packagejson" ], - "trailingComma": "all", - "overrides": [ - { - "files": "*.sql", - "options": { - "keywordCase": "upper", - "language": "postgresql" - } - } - ] + "trailingComma": "all" }, "resolutions": { "@artilleryio/int-commons@npm:2.11.0": "patch:@artilleryio/int-commons@npm%3A2.11.0#~/.yarn/patches/@artilleryio-int-commons-npm-2.11.0-5b69c05121.patch", @@ -116,15 +105,11 @@ "@sentry/cli": "^2.39.1", "@taplo/cli": "0.7.0", "@yarnpkg/types": "^4.0.0", - "concurrently": "7.6.0", "lefthook": "1.9.2", - "lockfile-lint": "4.14.0", "markdownlint-cli": "0.43.0", "npm-run-all2": "7.0.1", "prettier": "3.4.2", "prettier-plugin-packagejson": "2.5.6", - "prettier-plugin-sh": "0.14.0", - "suppress-exit-code": "3.2.0", "turbo": "2.3.3" }, "packageManager": "yarn@4.5.3+sha512.3003a14012e2987072d244c720506549c1aab73ee728208f1b2580a9fd67b92d61ba6b08fe93f6dce68fd771e3af1e59a0afa28dd242dd0940d73b95fedd4e90" diff --git a/yarn.config.cjs b/yarn.config.cjs index 0f921e4553c..513ecbec26f 100644 --- a/yarn.config.cjs +++ b/yarn.config.cjs @@ -22,6 +22,8 @@ const ignoredWorkspaces = [ "@blocks/person", ]; +const allowedGitDependencies = []; + /** * * @param {Dependency} dependency @@ -72,40 +74,94 @@ function enforceNoDualTypeDependencies({ Yarn }) { } /** - * Enforces the use of the `workspace:` protocol for all workspace dependencies. - * - * This rule ensures that all dependencies that are part of the workspace are - * declared using the `workspace:` protocol. + * Enforce that the package protocols are correct. * - * @param {Context} context - The Yarn constraint context. + * @param {Context} context */ -function enforceWorkspaceDependenciesDeclaredAsSuch({ Yarn }) { +function enforceProtocols({ Yarn }) { const workspaces = Yarn.workspaces(); for (const dependency of Yarn.dependencies()) { - if ( - workspaces.some( - (workspace) => - workspace.ident === dependency.ident && - workspace.pkg.version === dependency.range, - ) - ) { - dependency.update("workspace:^"); + if (shouldIgnoreDependency(dependency)) { + continue; + } + + const workspaceDependency = workspaces.find( + (workspace) => workspace.ident === dependency.ident, + ); + + if (workspaceDependency) { + // turbo doesn't support the `workspace:` protocol when rewriting lockfiles, leading to inconsistent lockfiles + dependency.update(workspaceDependency.pkg.version); } - } -} -/** - * This rule prohibits the use of the 'file:' protocol in dependency ranges - * and replaces it with the 'portal:' protocol. - * - * @param {Context} context - The Yarn constraint context. - */ -function enforcePortalProtocolInsteadOfFileProtocol({ Yarn }) { - for (const dependency of Yarn.dependencies()) { if (dependency.range.startsWith("file:")) { + // the file: protocol makes problems when used in conjunction with pnpm mode, portal is the equivalent protocol dependency.update(dependency.range.replace("file:", "portal:")); } + + if (dependency.range.startsWith("link:")) { + dependency.error( + `The link protocol allows for non-packages to be linked and is not allowed, dependency: ${dependency.ident}`, + ); + } + + if (dependency.range.startsWith("exec:")) { + dependency.error( + `The exec protocol allows for arbitrary code execution and is not allowed, dependency: ${dependency.ident}`, + ); + } + + let shouldCheckIfValidGitDependency = false; + + if ( + dependency.range.startsWith("https://") || + dependency.range.startsWith("http://") + ) { + // always prefix with the git protocol + dependency.update(`git:${dependency.range}`); + shouldCheckIfValidGitDependency = true; + } + + if (dependency.range.startsWith("ssh://")) { + // always prefix with the git protocol + dependency.update(`git:${dependency.range.replace(/^ssh:\/\//, "git:")}`); + shouldCheckIfValidGitDependency = true; + } + + if ( + (shouldCheckIfValidGitDependency || + dependency.range.startsWith("git:")) && + !allowedGitDependencies.includes(dependency.ident) + ) { + dependency.error( + `arbitrary git dependencies are not allowed, dependency: ${dependency.ident}`, + ); + } + + // patches are only allowed if they are for an `npm:` dpeendenct + if (dependency.range.startsWith("patch:")) { + const dependencySpecification = dependency.range.match(/^patch:([^#]+)/); + if (!dependencySpecification) { + dependency.error( + `invalid patch protocol, dependency: ${dependency.ident}`, + ); + continue; + } + + // locator is on the right side + // splitRight at `@` + const segments = dependencySpecification[1].split("@"); + const last = segments.pop(); + // urldecode the last segment + const version = decodeURIComponent(last); + + if (!version.startsWith("npm:")) { + dependency.error( + `patch protocol is only allowed for npm dependencies, dependency: ${dependency.ident}, patches: ${version}`, + ); + } + } } } @@ -180,10 +236,9 @@ function enforceDevDependenciesAreProperlyDeclared({ Yarn }) { module.exports = defineConfig({ async constraints(context) { - // enforceWorkspaceDependenciesDeclaredAsSuch(context); enforceConsistentDependenciesAcrossTheProject(context); enforceNoDualTypeDependencies(context); - // enforcePortalProtocolInsteadOfFileProtocol(context); + enforceProtocols(context); enforceDevDependenciesAreProperlyDeclared(context); }, }); diff --git a/yarn.lock b/yarn.lock index 2a31fa76460..d24a40e0581 100644 --- a/yarn.lock +++ b/yarn.lock @@ -19546,16 +19546,6 @@ __metadata: languageName: node linkType: hard -"@yarnpkg/parsers@npm:^3.0.0-rc.48.1": - version: 3.0.2 - resolution: "@yarnpkg/parsers@npm:3.0.2" - dependencies: - js-yaml: "npm:^3.10.0" - tslib: "npm:^2.4.0" - checksum: 10c0/a0c340e13129643162423d7e666061c0b39b143bfad3fc5a74c7d92a30fd740f6665d41cd4e61832c20375889d793eea1d1d103cacb39ed68f7acd168add8c53 - languageName: node - linkType: hard - "@yarnpkg/types@npm:^4.0.0": version: 4.0.0 resolution: "@yarnpkg/types@npm:4.0.0" @@ -23104,26 +23094,6 @@ __metadata: languageName: node linkType: hard -"concurrently@npm:7.6.0": - version: 7.6.0 - resolution: "concurrently@npm:7.6.0" - dependencies: - chalk: "npm:^4.1.0" - date-fns: "npm:^2.29.1" - lodash: "npm:^4.17.21" - rxjs: "npm:^7.0.0" - shell-quote: "npm:^1.7.3" - spawn-command: "npm:^0.0.2-1" - supports-color: "npm:^8.1.0" - tree-kill: "npm:^1.2.2" - yargs: "npm:^17.3.1" - bin: - conc: dist/bin/concurrently.js - concurrently: dist/bin/concurrently.js - checksum: 10c0/c5b59f9ce726775272b8e61db0798594bdeb1ac53c78e1cfaffa26f46cf2c09e04a26742265b3eb8ec655ea1a9851eeaa47ae50766a7e5c6b4e1de7b8c8a9b3f - languageName: node - linkType: hard - "confbox@npm:^0.1.8": version: 0.1.8 resolution: "confbox@npm:0.1.8" @@ -24180,7 +24150,7 @@ __metadata: languageName: node linkType: hard -"date-fns@npm:^2.0.1, date-fns@npm:^2.16.1, date-fns@npm:^2.29.1, date-fns@npm:^2.30.0": +"date-fns@npm:^2.0.1, date-fns@npm:^2.16.1, date-fns@npm:^2.30.0": version: 2.30.0 resolution: "date-fns@npm:2.30.0" dependencies: @@ -27194,23 +27164,6 @@ __metadata: languageName: node linkType: hard -"execa@npm:^6.1.0": - version: 6.1.0 - resolution: "execa@npm:6.1.0" - dependencies: - cross-spawn: "npm:^7.0.3" - get-stream: "npm:^6.0.1" - human-signals: "npm:^3.0.1" - is-stream: "npm:^3.0.0" - merge-stream: "npm:^2.0.0" - npm-run-path: "npm:^5.1.0" - onetime: "npm:^6.0.0" - signal-exit: "npm:^3.0.7" - strip-final-newline: "npm:^3.0.0" - checksum: 10c0/004ee32092af745766a1b0352fdba8701a4001bc3fe08e63101c04276d4c860bbe11bb8ab85f37acdff13d3da83d60e044041dcf24bd7e25e645a543828d9c41 - languageName: node - linkType: hard - "execa@npm:^8.0.1": version: 8.0.1 resolution: "execa@npm:8.0.1" @@ -29599,15 +29552,11 @@ __metadata: "@sentry/cli": "npm:^2.39.1" "@taplo/cli": "npm:0.7.0" "@yarnpkg/types": "npm:^4.0.0" - concurrently: "npm:7.6.0" lefthook: "npm:1.9.2" - lockfile-lint: "npm:4.14.0" markdownlint-cli: "npm:0.43.0" npm-run-all2: "npm:7.0.1" prettier: "npm:3.4.2" prettier-plugin-packagejson: "npm:2.5.6" - prettier-plugin-sh: "npm:0.14.0" - suppress-exit-code: "npm:3.2.0" turbo: "npm:2.3.3" languageName: unknown linkType: soft @@ -30322,13 +30271,6 @@ __metadata: languageName: node linkType: hard -"human-signals@npm:^3.0.1": - version: 3.0.1 - resolution: "human-signals@npm:3.0.1" - checksum: 10c0/0bb27e72aea1666322f69ab9816e05df952ef2160346f2293f98f45d472edb1b62d0f1a596697b50d48d8f8222e6db3b9f9dc0b6bf6113866121001f0a8e48e9 - languageName: node - linkType: hard - "human-signals@npm:^4.3.0": version: 4.3.1 resolution: "human-signals@npm:4.3.1" @@ -32336,7 +32278,7 @@ __metadata: languageName: node linkType: hard -"js-yaml@npm:^3.10.0, js-yaml@npm:^3.13.0, js-yaml@npm:^3.13.1, js-yaml@npm:^3.14.1, js-yaml@npm:^3.6.1": +"js-yaml@npm:^3.13.0, js-yaml@npm:^3.13.1, js-yaml@npm:^3.14.1, js-yaml@npm:^3.6.1": version: 3.14.1 resolution: "js-yaml@npm:3.14.1" dependencies: @@ -33373,32 +33315,6 @@ __metadata: languageName: node linkType: hard -"lockfile-lint-api@npm:^5.9.1": - version: 5.9.1 - resolution: "lockfile-lint-api@npm:5.9.1" - dependencies: - "@yarnpkg/parsers": "npm:^3.0.0-rc.48.1" - debug: "npm:^4.3.4" - object-hash: "npm:^3.0.0" - checksum: 10c0/e7390d998776cc63c17a30cb766b28031db6820aaf0531f58d48ae167ec7f71c84b35b645640c1989048b4fab76a484be74b453e852c01a06e07e937a11f0203 - languageName: node - linkType: hard - -"lockfile-lint@npm:4.14.0": - version: 4.14.0 - resolution: "lockfile-lint@npm:4.14.0" - dependencies: - cosmiconfig: "npm:^9.0.0" - debug: "npm:^4.3.4" - fast-glob: "npm:^3.3.2" - lockfile-lint-api: "npm:^5.9.1" - yargs: "npm:^17.7.2" - bin: - lockfile-lint: bin/lockfile-lint.js - checksum: 10c0/e1bdc8d4a78e044e71d8a5fd7980d71e5bbee289b4c1055e90d58b652d36cfbf4f9d298fedd79f1fb31c820ae34bebddc3753845a2a52a0afdd3928a8e8fb0ca - languageName: node - linkType: hard - "lockfile@npm:^1.0.4": version: 1.0.4 resolution: "lockfile@npm:1.0.4" @@ -36467,13 +36383,6 @@ __metadata: languageName: node linkType: hard -"mvdan-sh@npm:^0.10.1": - version: 0.10.1 - resolution: "mvdan-sh@npm:0.10.1" - checksum: 10c0/cfdd3c6429aad170014892f7934ff60a4418b32e4c14db10f0d3cfb7743f37385e2a3a8c58c65b7c4fbfe44838d9e8cf8c93897b9763a08224c32957a72621c0 - languageName: node - linkType: hard - "mz@npm:^2.6.0, mz@npm:^2.7.0": version: 2.7.0 resolution: "mz@npm:2.7.0" @@ -37363,13 +37272,6 @@ __metadata: languageName: node linkType: hard -"object-hash@npm:^3.0.0": - version: 3.0.0 - resolution: "object-hash@npm:3.0.0" - checksum: 10c0/a06844537107b960c1c8b96cd2ac8592a265186bfa0f6ccafe0d34eabdb526f6fa81da1f37c43df7ed13b12a4ae3457a16071603bcd39d8beddb5f08c37b0f47 - languageName: node - linkType: hard - "object-inspect@npm:^1.13.1, object-inspect@npm:^1.13.3": version: 1.13.3 resolution: "object-inspect@npm:1.13.3" @@ -39249,18 +39151,6 @@ __metadata: languageName: node linkType: hard -"prettier-plugin-sh@npm:0.14.0": - version: 0.14.0 - resolution: "prettier-plugin-sh@npm:0.14.0" - dependencies: - mvdan-sh: "npm:^0.10.1" - sh-syntax: "npm:^0.4.1" - peerDependencies: - prettier: ^3.0.3 - checksum: 10c0/9df1a5f3a7d18b562064724809ce8be0efed6a5e03ef6eb41f1015ffca3471cd62ce83a01de5fe5e6bb13a3affb0c4c653ba4ab6b662e1e06742c65b5b646c5e - languageName: node - linkType: hard - "prettier@npm:*, prettier@npm:3.4.2": version: 3.4.2 resolution: "prettier@npm:3.4.2" @@ -42182,7 +42072,7 @@ __metadata: languageName: node linkType: hard -"rxjs@npm:*, rxjs@npm:7.8.1, rxjs@npm:^7.0.0, rxjs@npm:^7.5.5, rxjs@npm:^7.8.1": +"rxjs@npm:*, rxjs@npm:7.8.1, rxjs@npm:^7.5.5, rxjs@npm:^7.8.1": version: 7.8.1 resolution: "rxjs@npm:7.8.1" dependencies: @@ -42727,15 +42617,6 @@ __metadata: languageName: node linkType: hard -"sh-syntax@npm:^0.4.1": - version: 0.4.2 - resolution: "sh-syntax@npm:0.4.2" - dependencies: - tslib: "npm:^2.6.2" - checksum: 10c0/0bfe3b3ffcfa7b59a91d432e2f77e6cd4ccb0f267fe6fcce95b9be4ddf34169a8e2721060e067385574e3248818860b682af24b1cb4b5803167e1666bc6fec24 - languageName: node - linkType: hard - "sha.js@npm:^2.4.11": version: 2.4.11 resolution: "sha.js@npm:2.4.11" @@ -44476,17 +44357,6 @@ __metadata: languageName: node linkType: hard -"suppress-exit-code@npm:3.2.0": - version: 3.2.0 - resolution: "suppress-exit-code@npm:3.2.0" - dependencies: - execa: "npm:^6.1.0" - bin: - suppress-exit-code: main.js - checksum: 10c0/173508a1472e2c7e63ad71c283e9744f58c3c38021bc1641e33ceaa662a63ed28db6c7fe9cce5c4152eb1fc9667a74a6bf37ce0eecc612e8eb9ee597a5e2a85c - languageName: node - linkType: hard - "svg-parser@npm:^2.0.4": version: 2.0.4 resolution: "svg-parser@npm:2.0.4" @@ -48517,7 +48387,7 @@ __metadata: languageName: node linkType: hard -"yargs@npm:17.7.2, yargs@npm:^17.0.0, yargs@npm:^17.0.1, yargs@npm:^17.1.1, yargs@npm:^17.3.1, yargs@npm:^17.7.1, yargs@npm:^17.7.2": +"yargs@npm:17.7.2, yargs@npm:^17.0.0, yargs@npm:^17.0.1, yargs@npm:^17.1.1, yargs@npm:^17.7.1, yargs@npm:^17.7.2": version: 17.7.2 resolution: "yargs@npm:17.7.2" dependencies: