Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add flag to ignore individual optional packages #5251

Open
tvald opened this issue Jan 19, 2018 · 5 comments
Open

Add flag to ignore individual optional packages #5251

tvald opened this issue Jan 19, 2018 · 5 comments
Assignees
@BYK
Labels
triaged

Comments

@tvald
Copy link

tvald commented Jan 19, 2018

Do you want to request a feature or report a bug?
Request a feature.

What is the current behavior?
Currently there is no way to suppress individual optional packages while retaining others, since--ignore-optional is a global flag which suppresses all optional packages.

What is the suggested behavior?
I suggest the repeatable flag --suppress-optional <package-name>, which would cause <package-name> to be ignored if <package-name> is a transitively-optional dependency, and would cause an error if <package-name> is required.

Motivation
This flag would help to manage overall package size by enabling the manual suppression of specific optional dependencies.

This flag would also help to suppress misbehaving optional packages. For example, a package we rely on has an optional dependency (bad-package) with unmanaged dependencies. That is, bad-package requires you to separately download and build some libfoo before running yarn install, which we never do because bad-package isn't useful to us. Unfortunately, this causes yarn install to always spew a lengthy warning when bad-package fails to install.

This optional dependency is obviously misbehaving, but we can't fix it, so instead we'd like to ignore it. We can't just use --ignore-optional everywhere, because we do need some optional dependencies like fsevents. With --suppress-optional bad-package, we could selectively suppress the misbehaving package.
@ghost ghost assigned BYK Jan 19, 2018
@ghost ghost added the triaged label Jan 19, 2018
@tvald
Copy link
Author

tvald commented Jan 19, 2018

This is vaguely related to #4611, which encompasses more complicated scenarios.

@renovate renovate bot mentioned this issue Feb 6, 2018
Closed
@Pajn Pajn mentioned this issue Mar 10, 2018
Open
@aneilbaboo
Copy link

One use case for this is fsevents:

A yarn.lock file generated on a Mac will include this dependency, so when code is deployed to a CI system running ubuntu, yarn finishes with an exit code 1. It would be nice to ignore this dependency in a particular environment.

@lelvisl
Copy link

lelvisl commented Aug 16, 2018

same problem with fsevents and camunda/camunda-bpm-sdk-js

@vojtechszocs vojtechszocs mentioned this issue Sep 19, 2018
Merged
@laurence-myers
Copy link

Another use case: the "pm2" package has an optional dependency on "gkt", which is a dummy module (it just has a console.log() statement), hosted on Unitech's servers instead of npm. They use this setup for their own analytics. There's currently an issue with how they're serving the module, which prevents installing "pm2".

It would be nice to say "don't install any optional dependency called 'gkt', it's not needed".

@vinicius73
Copy link

pm2 again: Unitech/pm2#4993
That feature would be important to fix some issues about security.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@BYK BYK

Labels
triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@BYK @tvald @vinicius73 @aneilbaboo @laurence-myers @lelvisl