New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Omit private packages from lists of changed and unchanged packages offered by the CLI when running yarn changeset
#620
Comments
If I'm not mistaken, this issue is related to #436. |
@mtlewis do you mean |
The former. It seems to me that whether access to a package is restricted or not shouldn't have bearing on whether a package appears in changesets, but private packages (i.e. packages with I've edited the issue description a bit to try and make this more explicit :) |
There have been some feature requests in the past to allow for creating changesets for private packages but those use cases have not been explored by me. I agree that we shouldn't list those packages by default either way. The change for this wouldn't be hard to implement - the logic is contained in the We should take care of edge cases though - when there are no publishable packages for some reason (if everything is private) |
@Andarist I have implement changes locally, however, I think that will be a major change because people will no longer see private packages in the list displayed by CLI which can be a pain for them if they are creating changesets for private packages as well. We don't use changesets now, but we have a use case for generating changelog for private packages. We are moving to micro-frontends and each micro-frontend is a npm package, which never gets published. Instead we just deploy content of BTW, thank you for nice code in the repo. During implementing changes I realized that I do not feel like I am working in a "foreign" repo, which was awesome! |
This is a valid concern but keeping the CLI such as this without any potentially breaking changes is not feasible - because almost every change would require us to major bump. I think this is a reasonable request (to skip private packages there).
That is an option - although we'd have to establish what this would actually skip. By making this a config option (and not let's say a command option) it's not obvious that this would only skip listing of those packages. As a user, I would expect this to influence more than that - unless we'd nest this in some top-level key that would indicate that this is only for this listing. Truth to be told - I'mn a little bit fuzzy when it comes to how private packages are exactly handled by Changesets. I know though that there are some use cases not satisfied with the current state of things (some issues were raised about them in the past, for instance we have this PR open). So kinda before going further with this - we'd have to kinda establish (and hopefully document) differences between those package "types". I've taken a quick look in the codebase and I think those might be the only differences - private packages are not published (duh...) and as a byproduct of that git tags are not created for them and github releases are not created for them (if we assume that Changeset Action is used for publishing). Everything else works the same way (versioning, dependency management etc).
Have you already looked into the publishing part in combination with Changesets (for those private packages)? How do you plan to check if a private package has been bumped?
Thanks! :) |
Thank you for quick response!
I totally forgot that commands may have options. I also think that introducing new config option will affect other commands as well, and the topic of how everything should behave deserves a separate discussion and, perhaps, more complex changes in the code. I believe we can focus on CLI here, as it is easy to reason about what "private" package mean for So, if we're fine with breaking changes, I propose adding new
No. Currently, we don't use Changesets. We even don't change package versions, as we use git hash as a version. But things may change when we will start thinking of adopting Changesets. Currently, we don't generate changelogs for micro-frontends, maybe Changesets can help with that. |
q: we are thinking about adjusting the behavior to omit all the packages without a version field (or just private packages without a version field). This would probably match your expectations, right? Since they would not be displayed on the list then and it could work "out of the box". People wanting to version their private packages could still do that if they include This is just a rough idea - so we are very much eager to hear your thoughts on that. |
That will work. And that way new command line option won't be necessary, which is good. Also, NPM docs say that "If you don't plan to publish your package, the name and version fields are optional.", which means we are not going against official information. My only concern is that people may still want to have a version field for private package to be able to reference them inside a monorepo. When using yarn, 2 questions:
|
There is also
You may still need to reference a private package in dev dependencies of a public package - and referencing a private package from a private package doesn't look that different to me, or am I missing something? 🤔
Yes, this would have to be taken into account in the system as a whole. It's hard for me list all the exact places right now though - but hopefully this should limit itself to just a couple of places.
I've recently opened a PR to fill the missing version ( #705 ) and this has prompted the discussion that maybe instead of doing that we should ignore private package without a version. The version will still be required for publishable packages though - and we might want to throw when a version is missing in such a package. |
…662) * Tag private packages when their version changes * Fixed formatting * Export tagExists function * Implement config option to opt into the private packages versioning feature * Added doco on tracking private packages * Fixed tests compilation * Filter package list based on tracking private packages config Fixes #620 * Fixed lint issue * Fixed tests * Update docs again * Remove requirement of being logged into NPM if there are no unpublished packages When only publishing private packages (apps?) we shouldn't need users to be logged into NPM * Update .changeset/khaki-kangaroos-tie.md Co-authored-by: Mateusz Burzyński <mateuszburzynski@gmail.com> * Update packages/config/src/index.ts Co-authored-by: Mateusz Burzyński <mateuszburzynski@gmail.com> * Update packages/git/src/index.test.ts Co-authored-by: Mateusz Burzyński <mateuszburzynski@gmail.com> * Use remote tag check instead of local * Updated config to work against a privatePackages flag Allows opting into tagging private package versions & also opting out of versioning private packages entirely * Fixed lint error * Fixed tests * Fixed linting errors * Update packages/cli/src/commands/publish/publishPackages.ts Co-authored-by: Mateusz Burzyński <mateuszburzynski@gmail.com> * Update packages/cli/src/commands/add/createChangeset.ts Co-authored-by: Mateusz Burzyński <mateuszburzynski@gmail.com> * Fixed duplication of logic when filtering listable packages * Removed flags enum and simplified config * Added cwd to tagExists and fixed tests * Hoist tagging private packages out of publish package * Addressed feedback * Fix linting issues after rebase * Fixed up issues around config * Fixed some minor config issues * Expanded scope of privatePackages changesets to include config and types packages * tweak changesets Co-authored-by: Mateusz Burzyński <mateuszburzynski@gmail.com>
Affected Packages
Problem
The list of packages offered by
yarn changeset
includes private packages (i.e. packages withprivate: true
in package.json). In projects with broad contribution, contributors may not be aware that only packages that get published should be included in changesets, and include those private packages. This creates noise for maintainers, who have to explain the issue and ask the contributor to fix the changeset.Proposed solution
If a package is marked as private, it shouldn't be included in the lists of changed and unchanged packages offered by the CLI. This behavior could be behind an optional flag if there are workflows where including private packages in this list makes sense.
The text was updated successfully, but these errors were encountered: