Using pnpm, Rush, and private package causes an error during install #541
Comments
|
Hi @gscottolson , There should not be an issue with private packages & pnpm, we are using them (and VSTS feeds) internally in the repository which ships modern SharePoint pages and SPFx. This does seem like an issue with shrinkwrapping. Would you mind sharing your shrinkwrap file and/or link to your repo (you can send it to my @microsoft.com address). |
nickpape
added
the
help wanted
|
@zkochan what do you think of this? The error is not coming from Rush. |
|
I can look into it but you can make my investigation a lot easier by providing steps to repro with plain pnpm. Also, in what part of the shrinkwrap file is this? Is there a key like this "[[ vstsTeamName ]].pkgs.visualstudio.com/@[[ namespace ]]/[[ package ]]/0.3.0/7d14051973b708e1b2175dec0c58c6f1" in the packages field of What was the stack trace of the error? |
|
Hi Zoltan, It may not be easy to repro since it appears to be happening behind a private feed. It looks like there are 2 keys in the team.pkgs.visualstudio.com/@somescope/a-package/0.3.0:
dev: false
engines:
node: '>=8.9.2'
npm: '>=5.6.0'
name: '@somescope/a-package'
peerDependencies: &ref_3
office-ui-fabric-core: ^9.4.0
office-ui-fabric-react: ^5.45.0
react: ^16.0.0
react-dom: ^16.0.0
styled-components: ^3.1.0
resolution: &ref_2
integrity: sha1-GUd+Y3K1mKnWwJGFE233Ab1145g=
registry: 'https://team.pkgs.visualstudio.com/_packaging/someteam/npm/registry/'
tarball: 'https://team.pkgs.visualstudio.com/_packaging/someteam/npm/registry/@somescope/a-package/-/a-package-0.3.0.tgz'
version: 0.3.0
team.pkgs.visualstudio.com/@somescope/a-package/0.3.0/4bf1695e2a45af450d981e5eee9b7320:
dependencies:
office-ui-fabric-core: 9.4.0
office-ui-fabric-react: /office-ui-fabric-react/5.55.1/react-dom@16.2.0+react@16.2.0
react: 16.2.0
react-dom: /react-dom/16.2.0/react@16.2.0
styled-components: /styled-components/3.1.6/react@16.2.0
dev: false
engines:
node: '>=8.9.2'
npm: '>=5.6.0'
id: team.pkgs.visualstudio.com/@somescope/a-package/0.3.0
name: '@somescope/a-package'
peerDependencies: *ref_3
resolution: *ref_2
version: 0.3.0In dependencies it is listed like: dependencies:
'@somescope/a-package': team.pkgs.visualstudio.com/@somescope/a-package/0.3.0And it is referenced by other packages like: 'file:projects/smb-biz-center.tgz':
dependencies:
'@somescope/a-package': team.pkgs.visualstudio.com/@somescope/a-package/0.3.0/4bf1695e2a45af450d981e5eee9b7320It looks like the @gscottolson, we override both in our And we ensure the registry is allowed to use upstream dependencies:
|
|
@zkochan I was able to get this working by redirecting everything (including default scope) to the VSTS feed. Is there a problem with using multiple registries? |
|
@nickpape-msft I am not aware of such issues but I only use pnpm with one registry, so I'll have to check |
|
It's probably a bad idea for people to be using multiple registries anyway... |
|
Thanks for the help on this. |
|
@nickpape I accidentially encountered this issue and have to share my experience. We're using single repo, but depending on namespace we're using different auth to provide access granularity. |
I have a package being served privately via VSTS and being referenced via
.npmrc. My project.npmrcfile looks like:Note: the [[ brackets ]] are substituted here and don’t appear in the code or error messages.
I am using
pnpm(as to avoid the request race condition I ran into previously). I can successfullygerenateandrebuild. But when I try toinstallI run into an error:When I examine the shrinkwrap file, I see my private npm pacakge from VSTS being referenced like:
This is the only package in the shrinkwrap file that is being prepended with the domain of the package.
Do you know if there is an issue with private packages and shrinkwrapping? Or am I missing something else?
The text was updated successfully, but these errors were encountered: