Update yarn monorepo

Open renovate[bot] opened this issue 2 years ago • 0 comments

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@yarnpkg/sdks (source)	`^3.0.0-rc.42` -> `^3.2.0`
yarn (source)	`3.5.0` -> `3.8.5`

Release Notes

yarnpkg/berry (@yarnpkg/sdks)

`v3.2.0`

Compare Source

Various improvements have been made in the core to improve performance. Additionally:

Commands

The yarn workspaces foreach run command is now able to run binaries.
The yarn npm info command now supports displaying information about a tagged version of a package (e.g. yarn npm info vue@next).
A new yarn explain command has been added. It can be used to explain an error code, or list all available error codes.
- For example, try to run yarn explain YN0002.
The yarn npm publish command now accepts a new --otp option, to set the One-Time Password from the CLI.
- A better error message will also be shown when a query fails due to an invalid OTP.
yarn upgrade-interactive now has improved paging:
- Yarn will display as many suggestions as can fit in the viewport (rather than a fixed-size list).
- The suggestions that fit in the viewport will be fetched in the foreground and will load one-by-one.
- The suggestions that don't will be fetched in the background and will be loaded in batches to increase responsiveness and reduce input lag.
- Most notably, you won't have to wait for all of the suggestions to be fetched (which took a very long time before on large monorepos) before you can start navigating through the list.

Installs

The node-modules linker now tolerates if node_modules is a symbolic link, and doesn't recreate it.
On top of the cpu and arch fields, Yarn now support a new libc field which can be used in tandem with optionalDependencies to avoid downloading packages that have been linked against incompatible standard libraries (we currently support two values: glibc and musl).
The pnpm linker has received various improvements:
- It will now remove the node_modules/.store and node_modules folders if they are empty.
- It now supports running binaries of soft links.
- It will now create self-references for packages that don't depend on other versions of themselves.
- It will now remove scope folders (e.g. node_modules/@yarnpkg) if they are empty or after removing a scoped dependency.
All .pnp.cjs files with inlined data will now store the data in a JSON string literal instead of an object literal to improve startup performance.

Compatibility

The shell now treats backslashes same as Bash (so it mostly ignore them).
- Could potentially be a breaking change, but the old behavior caused portability issues with a few packages, so we had to make this change (especially since the portable shell is intended to help portability).
The shell now supports ${FOO:+}.
The PnP filesystem now handles read and readSync using options.
The PnP filesystem now handles UNC paths using forward slashes.
The PnP filesystem now sets the proper path property on streams created by createReadStream() and obtained from zip archives.
The PnP runtime now throws an ERR_REQUIRE_ESM error when attempting to require an ES Module, matching the default Node.js behaviour.
Updates the PnP compatibility layer for TypeScript 4.6 Beta (it's possible we'll need to publish another patch update once the 4.6 enters stable).

Bugfixes

@yarnpkg/pnpify now escapes paths correctly.
The ESM loader is now enabled regardless of the entrypoint module type, this fixes support for dynamic imports in commonjs modules when the entrypoint is also commonjs.
The ESM loader is now able to resolve relative imports with search parameters.
The node field inside the npm_config_user_agent Yarn sets will now include a leading v.
Yarn is now able to recover from a corrupted install state.
Yarn is now able to migrate classic lockfiles containing unconventional tarball URLs.
The nm linker hoists portals after hoisting their dependencies first.
Fixed a crash caused by a bad interaction between aliased packages and peer dependencies.
The ESBuild plugin will no longer allow access to Node.js builtins if the platform isn't set to Node.
SemVer ranges with build metadata can now be resolved.
The YARN_IGNORE_NODE environment variable will now be parsed using the same mechanism as env variable configuration settings (i.e. both 1/0 and true/false will be accepted)

ZipFS Extension

You can now unmount zip folders by right-clicking on their workspaces.

Miscellaneous Features

Reporting for Git errors has been improved.
The resolution step now has a progress indicator.
The experimental ESM loader warning emitted by Node.js is now suppressed.
Private registries can now be authenticated using private keys and certificates.
A new wrapNetworkRequest hook now lets you wrap network requests (for example to log them).

Updates the PnP compatibility layer for TypeScript 4.5

`v3.1.0`

Compare Source

Commands

The yarn workspaces list and yarn workspaces foreach commands now both support a new --since option that lets you filter the workspace list by changes (only workspaces that changed since the specified commit will be iterated on). This feature is still a little experimental, especially when used with -R,--recursive.
The yarn workspaces foreach command now handles the fact that a script containing : only becomes global if it exists in exactly one workspace.
The yarn workspaces foreach command now supports --jobs 1 and --jobs unlimited.
The yarn init -2 command will now add the packageManager field to your project manifest.

Settings

The pattern matcher from logFilters will now match any part of the log entry.

Installs

A new nodeLinker: pnpm mode will let you install packages using the pnpm install strategy, where packages are stored flat and referenced by each others through symlinks. This mode is still a little experimental, so please send our way bugs you might find.
Yarn won't install anymore packages that don't match the current OS. Should you need to (for example if you check-in your cache), use the supportedArchitectures field to manually enforce the presence of specific architectures.
The nmMode: hardlinks-global setting will now be automatically downgraded to nmMode: hardlinks-local when global caches and install folders are kept on different devices, thus letting the install continue normally. A warning will still be produced explaining this behaviour.
The node_modules linker maximizes chances to end-up with only one top-level node_modules in the case of using workspaces
The nmSelfReferences setting has been added to the nm linker to control whether workspaces are allowed to require themselves - results in creation of self-referencing symlinks. yarn workspaces focus will not create self-referencing symlinks for excluded workspaces anymore.
Yarn can now install workspaces from remote git repositories that use npm if npm@>=7.x is installed on the system.
The hoisting algorithm should be faster, improving the install time for recurrent node_modules installs.

Miscellaneous Features

Workspaces can now be referred to using workspace:^ and workspace:~. When published, those markers will turn into the actual version (just like what used to happen with workspace:*), except that they'll be prefixed with the relevant semver prefix (respectively ^ and ~).
A new npmAuditRegistry setting will let you define which registry to use when running audits. If unset, we'll fallback to the currently configured publish registry (we'll likely change this behavior in Yarn 4 to rather use the fetch registry).

Bugfixes

Direct portal dependencies for node_modules installs will now be given priority during hoisting, preventing cases when indirect regular dependencies would block the way for direct portal dependencies.
The pnpify binary can now be used from inside directories containing spaces.
The CLI bundles built from sources will now output the commit hash instead of the tree hash, as part of their --version string.
Nested workspaces are properly hoisted by node-modules linker.
Self-referencing symlinks won't be created for anonymous workspaces when using the node-modules linker, since they cannot be used from the code anyway.
The cache is now fully atomic when moving files across devices, and is more efficient in general.
The PnP patch will now properly pick up changes to the fs module, allowing users to patch it.
When using PnP, require.resolve('pnpapi') will be handled correctly even when using exports.
The install state will no longer be invalidated after running commands that modify the lockfile; this should bring a significant performance improvement when running commands such as yarn run immediately after adding or removing dependencies inside large monorepos.
Optional peer dependencies now imply an optional peer dependency on the corresponding @types version. This matches the behaviour for peer dependencies.

Compatibility

Yarn will now generate an experimental ESM loader when it detects you may need it. This can be disabled (or enabled) using pnpEnableEsmLoader.
The PnP compatibility patch for resolve will no longer resolve missing modules to a file with the same name that would happen to be located next to the issuer.
Fixes the SDK to account for a breaking change in VSCode >=1.61.

`v3.0.0`

Compare Source

Breaking Changes

Node 10 isn't supported anymore.
Plugins can't access yup anymore (we migrated to Typanion as part of Clipanion v3).
- To upgrade workspace-tools, remove it from your .yarnrc.yml, upgrade, then import it back.
The enableImmutableInstalls will now default to true on CI (we still recommend to explicitly use --immutable on the CLI).
- You can re-allow mutations by adding YARN_ENABLE_IMMUTABLE_INSTALLS=false in your environment variables.
The initVersion and initLicense configuration options have been removed. initFields should be used instead.
Yarn will now generate .pnp.cjs files (instead of .pnp.js) when using PnP, regardless of what the type field inside the manifest is set to.
The virtual folder (used to disambiguate peer dependencies) got renamed from $$virtual into __virtual__.
The -a alias flag of yarn workspaces foreach got removed; use -A,--all instead, which is strictly the same.
The old PnPify SDK folder (.vscode/pnpify) won't be cleaned up anymore.
The --skip-builds flag from yarn install got renamed into --mode=skip-build.
The bstatePath configuration option has been removed. The build state (.yarn/build-state.yml) has been moved into the install state (.yarn/install-state.gz)
The cache files need to be regenerated. We had to change their timestamps in order to account for a flaw in the zip spec that was causing problems with some third-party tools.
@yarnpkg/pnpify has been refactored into 3 packages:
- @yarnpkg/sdks now contains the Editor SDKs
- @yarnpkg/pnpify now contains the PnPify CLI compatibility tool that creates in-memory node_modules
- @yarnpkg/nm now contains the node_modules tree builder and hoister
@yarnpkg/plugin-node-modules has been renamed to @yarnpkg/plugin-nm
The --clipanion=definitions commands supported by our CLIs will now expose the definitions on the entry point (rather than on .command)

API

structUtils.requirableIdent got removed; use structUtils.stringifyIdent instead, which is strictly the same.
configuration.format got removed; use formatUtils.pretty instead, which is strictly the same, but type-safe.
httpUtils.Options['json'] got removed; use httpUtils.Options['jsonResponse'] instead, which is strictly the same.
PackageExtension['description'] got removed, use formatUtils.json(packageExtension, formatUtils.Type.PACKAGE_EXTENSION) instead, which is strictly the same.
Project.generateBuildStateFile has been removed, the build state is now in Project.storedBuildState.
Project.tryWorkspaceByDescriptor and Project.getWorkspaceByDescriptor now match on virtual descriptors.

Installs

Workspaces now get self-references even when under the node-modules linker (just like how it already worked with the pnp linker). This means that a workspace called foo can now safely assume that calls to require('foo/package.json') will always work, removing the need for absolute aliases in the majority of cases.
The node-modules linker now does its best to support the portal: protocol. This support comes with two important limitations:
- Projects that make use of such dependencies will have to be run with the --preserve-symlinks Node option if they wish to access their dependencies.
- Because Yarn installs will never modify files outside of the project due to security reasons, sub-dependencies of packages with portal: must be hoisted outside of the portal. Failing that (for example if the portal package depends on something incompatible with the version hoisted via another package), the linker will produce an error and abandon the install.
The node-modules linker can now utilize hardlinks. The new setting nmMode: classic | hardlinks-local | hardlinks-global specifies which node_modules strategy should be used:
- classic - standard node_modules layout, without hardlinks
- hardlinks-local - standard node_modules layout with hardlinks inside the project only
- hardlinks-global - standard node_modules layout with hardlinks pointing to global content storage across all the projects using this option

Bugfixes

Yarn now has a proper governance model.
The node-modules linker will now ensure that the generated install layouts are terminal, by doing several rounds when needed.
The node-modules linker will no longer print warnings about postinstall scripts when a workspace depends on another workspace listing install scripts.
Peer dependencies depending on their own parent are now properly hoisted by the node-modules linker.
Boolean values will be properly interpreted when specified inside the configuration file via the ${ENV_VAR} syntax.
Should any of preinstall, install, postinstall fail, the remaining scripts will be skipped.
The git: protocol will now default to fetching HEAD (rather than the hardcoded master).
The SIGTERM signal will now be propagated to child processes.
The PnP linker now schedules packages to be rebuilt if their unplugged folder is removed
yarn config unset will now correctly unset non-nested properties
The TypeScript SDK now
And a bunch of smaller fixes.

Settings

Various initFields edge cases have been fixed.
The preferAggregateCacheInfo flag will now also aggregate cleanup reports.
A new enableMessageNames flag can be set to false to exclude the YNxxxx from the output.

Commands

yarn init can now be run even from within existing projects (will create missing files).
yarn init and yarn set version will set the packageManager field.
yarn set version now downloads binaries from the official Yarn website (rather than GitHub).
yarn set version from sources will now upgrade the builtin plugins as well unless --skip-plugins is set.
yarn version apply now supports a new --prerelease flag which replaces how prereleases were previously handled.
yarn run should be significantly faster to boot on large projects.
yarn workspaces foreach --verbose will now print when processes start and end, even if they don't have an output.
yarn workspaces foreach now supports a --from <glob> flag, which when combined with -R will target workspaces reachable from the 'from' glob.
yarn patch-commit can now be used as many times as you want on the same patch folder.
yarn patch-commit now supports a new -s,--save flag which will save the patch instead of just printing it.
yarn up now supports a new -R,--recursive flag which will upgrade the specified package, regardless where it is.
yarn config unset is a new command that will remove a setting from the local configuration (or home if -H is set).
yarn exec got support for running shell scripts using Yarn's portable shell.
yarn plugin import can now install specific versions of the official plugins.
yarn plugin import will now download plugins compatible with the current CLI by default.
yarn unlink has been added which removes resolutions previously set by yarn link.

Builtin Shell

The shell now supports background jobs, with color-coded output.
It now also supports redirections from file descriptors.

Compatibility

Running yarn install inside a Yarn v1 project will now automatically enable the node-modules linker. This should solve most of the problems people have had in their migrations. We still recommend to keep the default PnP for new projects, but the choice is yours.
The patched filesystem now supports file URLs, bigint, and fstat.
An official ESBuild resolver is now provided under the name @yarnpkg/esbuild-plugin-pnp. We use it to bundle Yarn itself!
PnP projects can now use the Node exports field - regardless of the Node version.
The PnP hook now supports the node: protocol (new in Node 16)
The Prettier SDK does not use PnPify anymore since it was its only remaining use, and was fairly invasive; as a result, the Prettier plugins must be specified in Prettier's plugins configuration property.
Zip terminal links can now be clicked from within VSCode
Builtin patches that fail to apply will no longer cause an error (they'll emit a warning and the original sources will be used instead).
- Remember that patches are a problem for our team too, and that we only do this because we don't have any other option available to us right now - if you wish to help, consider upvoting the relevant pull request in the TypeScript repository or, if you work at Microsoft, perhaps mention to your TypeScript team next door that fixing this would benefit you.