Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

yarn - Proper way to quickly check if `package.json` and `yarn.lock` requirements are satisfied?

Tags:

npm

yarnpkg

yarnpkg-v2

yarn-lock.json

I'd like to verify whether all the dependencies in my project (package.json and yarn.lock) are satisfied without having to run yarn install (which builds out a whole dependency tree and makes network requests)

At first, I was very hopeful that yarn check did this. The following command verifies that each dependency is satisfied in package.json and verifies that the installed package matches the yarn.lock file.

yarn check --integrity --verify-tree

However, the documentation says this is deprecated as of yarn v2, and that yarn install --check-files should be used instead.

But the documentation for --check-files makes it seem like this does something completely different.

yarn install --check-files

Verifies that already installed files in node_modules did not get removed.

I can also verify that running it essentially runs a full yarn install command, so it's not useful here.

Furthermore, the pull request that removed yarn check also mentions that the behavior of --check-files isn't exactly intuitive.

So what's the supported way of running this check in yarn v2 and later? Is there any way to do a lightweight check against package.json and yarn.lock without having to build out the whole dependency tree over a network like yarn install does?

FWIW, a similar question was asked for npm and the solution was to use the --dry-run flag, but that flag doesn't seem to exist in yarn.

like image 546
user2490003 Avatar asked Jan 24 '21 05:01

user2490003

Video Answer

1 Answers

There are several options in the yarn cli which probably give you the ability to achieve what you want to do.

My best guess is to use the offline mode to stop any external requests, which you asked for. The frozen lockfile additionally gives you the option to error out in case the dependencies are not in sync with each other.

The option to check files that you mention is not inherently needed for your case, as far as I understand, because you don't want to check the node_modules-folder rather than the package.json and the yarn.lock.

So how about yarn install --offline --frozen-lockfile?

Best wishes, hope that helps

like image 158
SimplyComple0x78 Avatar answered Sep 23 '22 23:09

SimplyComple0x78
Sign in to Comment

Related questions

Replace env variables in the .npmrc with dotenv before `npm install`
How to know npm package compatibility with Angular version prior install or upgrade?
How to leverage npm audit?
Invalid hook call on npm module
How to use configuration file (openapitools.json) with @openapitools/openapi-generator-cli?
webpack: "[ERR_REQUIRE_ESM]: Must use import to load ES Module" - But I AM using import!
How to enable jpeg support in node-canvas on x64 windows with MSVC10 compiler?
npm install fails because package is missing in registry
Delete multiple objects fron google cloud storage using node.js
Error: Could not locate the bindings file. Tried:
CodeDeploy PM2 Command Not Found
Private NPM: How can the latest version of a module be installed?
How to log from a NPM package, without forcing a logging library
Intellisense for module-alias Package
Getting npm ERR! ENOTDIR: not a directory while installing package which depends on another
Enforcing shared dependencies in a monorepo
Start React app fail on vscode by ESLint version
Why publish the TypeScript declaration file on DefinitelyTyped for a Javascript library?
use Google Cloud Functions with a registry other than registry.npmjs.org
Data path "" should NOT have additional properties(allowedCommonJsDependencies)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!