-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathupdate-package-lock.js
79 lines (71 loc) · 2.64 KB
/
update-package-lock.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
'use strict'
const { existsSync } = require('node:fs')
const util = require('node:util')
const updateBrowserslistDb = require('update-browserslist-db')
const constants = require('@socketregistry/scripts/constants')
const { readJson, writeJson } = require('@socketsecurity/registry/lib/fs')
const { execNpm } = require('@socketsecurity/registry/lib/npm')
const {
normalizePackageJson
} = require('@socketsecurity/registry/lib/packages')
const { rootPackageLockPath, rootPath, yarnPkgExtsJsonPath } = constants
const { values: cliArgs } = util.parseArgs(constants.parseArgsConfig)
async function modifyRootPkgLock() {
if (existsSync(rootPackageLockPath)) {
const rootPkgLockJson = await readJson(rootPackageLockPath, 'utf8')
// The @yarnpkg/extensions package is a zero dependency package, however it
// includes @yarnpkg/core as peer dependency which npm happily installs as a
// direct dependency. Later when check:tsc is run it will fail with errors
// within the @types/emscripten package which is a transitive dependency of
// @yarnpkg/core. We avoid this by removing the offending peerDependencies from
// @yarnpkg/extensions and the package-lock.json file.
const lockEntry =
rootPkgLockJson.packages?.['node_modules/@yarnpkg/extensions']
if (lockEntry?.peerDependencies) {
// Properties with undefined values are omitted when saved as JSON.
lockEntry.peerDependencies = undefined
await writeJson(rootPackageLockPath, rootPkgLockJson, { spaces: 2 })
return true
}
}
return false
}
async function modifyYarnpkgExtsPkgJson() {
if (existsSync(yarnPkgExtsJsonPath)) {
// Load, normalize, and re-save node_modules/@yarnpkg/extensions/package.json
// Normalization applies packageExtensions to fix @yarnpkg/extensions's package.json.
const yarnPkgExtsJsonRaw = await readJson(yarnPkgExtsJsonPath)
if (yarnPkgExtsJsonRaw.peerDependencies) {
await writeJson(
yarnPkgExtsJsonPath,
normalizePackageJson(yarnPkgExtsJsonRaw),
{ spaces: 2 }
)
return true
}
}
return false
}
void (async () => {
try {
// Surprisingly update-browserslist-db runs synchronously.
updateBrowserslistDb()
} catch (e) {
if (e.name === 'BrowserslistUpdateError') {
console.error(`update-browserslist-db: ${e.message}\n`)
} else {
throw e
}
}
if (
cliArgs.force ||
(await modifyRootPkgLock()) ||
(await modifyYarnpkgExtsPkgJson())
) {
// Reinstall packages with the updated package-lock.json. (should be quick)
await execNpm(['install', '--no-audit', '--no-fund'], {
cwd: rootPath,
stdio: 'inherit'
})
}
})()