-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prioritise popular transitive dependencies when hoisting #2676
Conversation
Will look into the failures tomorrow. Just looks like I need to update a test that was impacted by this prioritization. |
@@ -87,6 +87,8 @@ export default class PackageHoister { | |||
*/ | |||
|
|||
seed(patterns: Array<string>) { | |||
this.prepass(patterns); | |||
|
|||
for (const pattern of this.resolver.dedupePatterns(patterns)) { | |||
this._seed(pattern); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you need to seed the patterns again here?
6c9efb4
to
f6fcbb7
Compare
Will this help #570 at all? |
f6fcbb7
to
f0d4587
Compare
@fingermark It's not related. This is to do with transitive dependencies not being hoisted because of conflicts causing a lot of duplicated dependencies. |
f0d4587
to
7bc63c9
Compare
The CI should probably be fixed with a rebase |
All green! Merging! |
Awesome, let's cherry-pick it into 0.21.1 |
I think this fixes #2673 ??? |
Yes it should |
Does this change imply that different |
No, this step takes place after all dependencies are resolved and
downloaded.
There is a recent commit that fixed a bug though when several compatible
entries in lockfile were merging.
It was happening anyway but was not reflected in lockfile save
…On Fri, 7 Apr 2017 at 19:42, Mark Stosberg ***@***.***> wrote:
Does this change imply that different yarn.lock file structures will be
generated after this patch is landed?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#2676 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ACBdWF4mT2eg1UWfpeAyaQZl1bzPCBKAks5rtoOngaJpZM4L8SC7>
.
|
Is there any downside with this change potentially causing unexpected dependency changes when relying on an implicit dependency? For example; At Domain.com.au, we have a centralized build tool which itself wraps other tools, named
{
"devDependencies": {
"fe-build": "^10.0.0"
},
"scripts": {
"lint": "eslint"
}
} One of those dependencies might be a specific version of
{
"dependencies": {
"eslint": "^2.0.0"
}
} We may also depend on a bunch of other things in The previous algorithm would always grab one particular However, with this change, it could be the case that if other dependencies each specify I'm not sure if this is an issue in reality, but I'd be worried this may crop up in the future as our dependency trees get bigger and bigger, especially when the pressures to deliver products outweigh updating dependencies in our build tool |
That should not be a problem. If you want to run a specific version of eslint in your project then eslint needs to be a top level dependency, not an implicit one. |
To clarify; I understand this is somewhat akin to doing a To be clear; I don't actually think this will come up, but if it did, it would be a hell of a thing to debug, and would cause a lot of head scratching for devs. |
Thank you for clarifying.
Yarn and npm don't have a feature to guarantee hoisting structure, this
particular limitation seems quite rare to me.
I would suggest to work around this at the level of fe-build or your
application so that if fe-build/eslint got hoisted it would not break.
From the top of my head, add eslint >2 to your application dependencies,
then fe-build/eslint would not be hoisted as long as it is 2.0.
…On Thu, 13 Apr 2017 at 00:39, Jess Telford ***@***.***> wrote:
To clarify; fe-build in this example is relying on the behaviour of the
old hoisting algorithm as part of its API. my-component purposely does
not have a dependency on eslint, expecting it to be hoisted from
node_modules/fe-build/node_modules/eslint into node_modules/eslint.
I understand this is somewhat akin to doing a
require('foo/lib/some-internal-file.js') (relying on internal APIs), but
until this point, that API has been the same and using it has worked well
for us.
To be clear; I don't actually think this will come up, but if it did, it
would be a hell of a thing to debug, and would cause a lot of head
scratching for devs.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#2676 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ACBdWCWcJeFrjz-Ai6_c4Dtrag2e_CGuks5rvWDFgaJpZM4L8SC7>
.
|
This PR prioritises popular transitive dependencies when we perform hoisting. For example, currently if a dependency one level deep depends on
a@1.0.0
then it's immediately hoisted to the top. If then two levels deep there are multiple dependencies relying ona@2.0.0
then the top position has already been taken.Instead, with this patch, we first do a prepass over the dependency graph and hoist transitive dependencies that have multiple versions according to what one is depended on the most.
While testing this patch I used a new create-react-app project to test, the following are before and after sizes of
node_modules
: