docs: Append yarn-plugin-pin-deps to Contrib plugins
#4552
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
milesrichardson
changed the title
yarn-plugin-pin-deps to community pluginsyarn-plugin-pin-deps to Contrib plugins
Something I wanted to allow was to have resolutions available within the constraints runtime. This way you could just have a constraint define that all dependencies must have their resolutions as range, and it'd auto-fix everything 🤔 |
You can use defaultSemverRangePrefix: '' |
merceyz
pushed a commit
that referenced
this pull request
Oct 21, 2023
(cherry picked from commit 82376c1)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What's the problem this PR addresses?
This PR adds a new plugin to the list of "contrib plugins". The plugin is
yarn-plugin-pin-deps, which adds a commandyarn pin-deps. This command will find any dependencies referenced with a semver identifier, and will updatepackage.jsonto replace that identifier with the exact version of the package currently resolved in the lockfile for that reference.We've been using it "in production" for 1+ year and I recently migrated it to support Yarn 3, so I decided to also take the opportunity to package it as a plugin. It's worked well for our purposes, where the original goal was to migrate a mono-repo to use pinned dependencies. By it's nature it isn't something we use often, but we do occasionally use it to pin some dependency we accidentally installed without
-Ea few commits prior (granted, if I didn't have this plugin, I'd just remove the package and install it again - but it does help for migrating many dependencies all at once).It's possible this plugin is not even necessary, or there is a way to accomplish this dependency pinning with basic yarn commands, but I'm not aware of it (at least, it was certainly not possible when I originally wrote this plugin). It's also possible that is has some oversight in how it pins dependencies that will cause weird bugs, but if so, I have not encountered it yet.
Please do let me know if there is better-supported way to pin dependencies to their currently resolved versions, so that I can delete the plugin 😄
How did you fix it?
I followed the "open a PR" link and used the wonderful GitHub editor to append a link to the plugin 😄 I hope I did not break any formatting.
Checklist