Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: store integrity check when the lockfile is updated #4580

Merged
merged 2 commits into from Apr 16, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 6 additions & 0 deletions .changeset/modern-maps-unite.md
@@ -0,0 +1,6 @@
---
"@pnpm/package-requester": patch
"pnpm": patch
---

Don't check the integrity of the store with the package version from the lockfile, when the package was updated [#4580](https://github.com/pnpm/pnpm/pull/4580).
6 changes: 4 additions & 2 deletions packages/package-requester/src/packageRequester.ts
Expand Up @@ -244,7 +244,7 @@ async function resolveAndFetch (
}
}

const pkg = pick(['name', 'version'], manifest ?? {})
const pkg: PkgNameVersion = pick(['name', 'version'], manifest ?? {})
const fetchResult = ctx.fetchPackageToStore({
fetchRawManifest: true,
force: forceFetch,
Expand All @@ -254,7 +254,9 @@ async function resolveAndFetch (
id,
resolution,
},
expectedPkg: options.expectedPkg?.name != null ? options.expectedPkg : pkg,
expectedPkg: options.expectedPkg?.name != null
? (updated ? { name: options.expectedPkg.name, version: pkg.version } : options.expectedPkg)
: pkg,
})

return {
Expand Down
46 changes: 46 additions & 0 deletions packages/package-requester/test/index.ts
Expand Up @@ -973,6 +973,52 @@ test('throw exception if the package data in the store differs from the expected
}
})

test("don't throw an error if the package was updated, so the expectedPkg has a different version than the version in the store", async () => {
const storeDir = tempy.directory()
const cafs = createCafsStore(storeDir)
{
const requestPackage = createPackageRequester({
resolve,
fetchers,
cafs,
networkConcurrency: 1,
storeDir,
verifyStoreIntegrity: true,
})

const projectDir = tempy.directory()
const pkgResponse = await requestPackage({ alias: 'is-positive', pref: '3.1.0' }, {
downloadPriority: 0,
lockfileDir: projectDir,
preferredVersions: {},
projectDir,
registry,
})
await pkgResponse.finishing!()
}
const requestPackage = createPackageRequester({
resolve,
fetchers,
cafs,
networkConcurrency: 1,
storeDir,
verifyStoreIntegrity: true,
})
const projectDir = tempy.directory()
const pkgResponse = await requestPackage({ alias: 'is-positive', pref: '3.1.0' }, {
downloadPriority: 0,
lockfileDir: tempy.directory(),
preferredVersions: {},
projectDir,
registry,
expectedPkg: {
name: 'is-positive',
version: '3.0.0',
},
})
await expect(pkgResponse.files!()).resolves.toStrictEqual(expect.anything())
})

test('the version in the bundled manifest should be normalized', async () => {
const storeDir = tempy.directory()
const cafs = createCafsStore(storeDir)
Expand Down
2 changes: 1 addition & 1 deletion pnpm-lock.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.