New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal: lockfile git custom merge driver #4910
Comments
BTW I had a try at using a local script using import cp from "node:child_process";
import fs from "node:fs";
import yaml from "js-yaml";
import merge from "@pnpm/merge-lockfile-changes";
if (process.argv.includes("--install", 2)) {
// [merge "pnpm-lockfile"]
// driver = node scripts/lockfile-merge.mjs %A %O %B
cp.execSync(`git config "merge.pnpm-lockfile.driver" "node scripts/lockfile-merge.mjs %A %O %B"`, { stdio: "inherit" });
process.exit(0);
}
const [mergedFilename, oursFilename, theirsFilename] = process.argv.slice(2);
const ours = yaml.load(fs.readFileSync(oursFilename, "utf-8"));
const theirs = yaml.load(fs.readFileSync(theirsFilename, "utf-8"));
const merged = merge.default(ours, theirs);
fs.writeFileSync(mergedFilename, yaml.dump(merged)); Based on the logic in
|
There was an attempt already: https://github.com/pnpm/merge-driver But there are some issues. One of the issues is that conflicts may happen in package.json files as well and the order in which git merges the files is random. We can't really resolve the conflicts in the lockfile if the package.json file was not yet merged. The second issue is that most conflicts happen on PRs, where you can't have a custom merge driver. Hence, this feature becomes a lot less useful. |
So is the current |
It is not used. We are thinking about 2 alternative solutions currently. One is to use different lockfiles for branches to avoid merge conflicts: #4475 The other idea is to change the lockfile format to reduce the number of conflicts: pnpm/rfcs#1 |
Changing the formatting sounds a bit suspicious, I often use a (built into webstorm) "magic" yaml merge on lock file conflicts and it often results in duplicate sections. At least according to the output warning, this results in pnpm just binning the whole file, which I really want to avoid for all the usual reasons to have a lockfile. Are you saying a single file pnpm merge can not do better, due to needing I did see the branch lockfile approach, but I don't get how that works if you want a PR merge to run CI on the main branch using the updated lockfile - seems like it would need CI to check if there's a branch lockfile and if so commit a lockfile merge: seems like a nightmare to get set up? At least in my experience, conflicts in a lockfile require other files to be resolved too, so breaking PR auto merges is fine - I just want the manual branch merge to not result in broken lockfiles. Here's a dumb idea; the merge driver just leaves the conflict markers and a precommit hook does the actual merge? |
|
Sure, that's roughly what I was thinking, but having a random potentially 30s+ process happening on random commits during local work (especially during rebases!) is no fun. I did give |
Maybe we can implement something like |
Actually, maybe it is how |
Maybe I'm missing something, what does "installation" involve here? Just fetching missing package metadata? Logically least one side of the merge should have the missing data to reconstruct the merged file, but I get that would be a pain to maintain. The install would have been with updated package.json's that also got magic merged (different packages getting updated). They in theory would have the content that the merged lockfile would be for. |
Probably you are right. I don't remember how the lockfile fixer works. I'll have to check. |
Thanks for the ping @zkochan. This thread is interesting and I do think there's room for some sort of At the moment I think |
@gluxon keep in mind precommit hooks fire on every commit during a rebase (at least, from memory!) - avoiding hitting the network or messing with a bunch of FS (especially on Windows where it's slow) would be really nice. I'll give |
I can update |
@zkochan EDIT Basically I used the fix lock file just because that seems to be the last flag I can use that is still in the if condition you modified in PR #4932 pnpm/packages/core/src/install/index.ts Lines 266 to 271 in 487527d
EDIT 2 Opened a new issue #4951 |
Just wanted to point out that there is now a new experimental lockfile format setting which was introduced in: https://github.com/pnpm/pnpm/releases/tag/v7.7.0 It's supposed to help with avoiding merge conflicts due to lockfile changes. |
Describe the user story
At the moment, doing a git merge you are quite likely to get a merge conflict in the lockfile,
and it's a bit too easy to end up with a broken lockfile by attempting to manually merge,
instead of just running
pnpm
(before the merge is committed!).Describe the solution you'd like
It would be nice if pnpm could be configured as a git custom merge driver, so that no user
interaction is required:
Unfortunately, this doesn't quite work, as merge drivers must take three temporary files as input.
Having a simple, out of the box solution that doesn't require adding anything additional (in particular,
before a
pnpm install
might happen to fetch a package for this) would be really nice.Specifically, something like:
pnpm merge-lockfile %A %O %B
Describe the drawbacks of your solution
As with anything requiring git config changes, you would still require a one-time step to enable it.
This is a pretty common step and has many patterns, e.g. husky
suggests adding a
prepare
script to handle it. I don't feel this is necessarily pnpm's problem, but Isuppose
pnpm merge-lockfile --install
would make some sense.Describe alternatives you've considered
This could be done as an npm package, but keeping it up to date with pnpm would make the
implementation much more complex than it would be for pnpm, which nearly has this functionality
available (from an outsider's perspective)
The text was updated successfully, but these errors were encountered: