MIRRORS/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky.git synced 2025-07-19 21:09:03 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

classes-recipe: npm: Complain immediately if npm-shrinkwrap.json is too old

Browse Source 
Rather than emitting:

 Exception: KeyError: 'packages'

and a stack trace, let's fail immediately if lockfileVersion implies
that the npm-shrinkwrap.json file isn't compatible.

The documentation[1] doesn't make it clear which lockfileVersions are
guaranteed to contain "packages". I have lockfileVersion 1 files
without. Running npm 7.5.2 generates npm-shrinkwrap.json files with
lockfileVersion 2 and "packages", so I've set the minimum to be 2.

[1] https://docs.npmjs.com/cli/v7/configuring-npm/package-lock-json

(From OE-Core rev: 4d3cbd11bc9cc0bf5a8571ecd3ce6e5e5c6ef6eb)

Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Mike Crowe 2025-04-08 14:41:18 +01:00 committed by Richard Purdie
parent 916205dac9
commit f762d4537c
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
meta/classes-recipe/npm.bbclass
View File

@ -154,6 +154,9 @@ python npm_do_configure() {
has_shrinkwrap_file = False has_shrinkwrap_file = False
if has_shrinkwrap_file: if has_shrinkwrap_file:
if int(orig_shrinkwrap.get("lockfileVersion", 0)) < 2:
bb.fatal("%s: lockfileVersion version 2 or later is required" % orig_shrinkwrap_file)
cached_shrinkwrap = copy.deepcopy(orig_shrinkwrap) cached_shrinkwrap = copy.deepcopy(orig_shrinkwrap)
for package in orig_shrinkwrap["packages"]: for package in orig_shrinkwrap["packages"]:
if package != "": if package != "":