0.0.4 • Published 5 months ago

pnpm-dedicated-lockfile v0.0.4

Weekly downloads
-
License
MIT
Repository
github
Last release
5 months ago

pnpm-dedicated-lockfile

Generate a lockfile that only contains dependencies of a single package.

npm package License

Contents

Introduction

pnpm is a package manager than greatly assists working with monorepo. It stores a manifest of all installed packages in a single file .pnpm-lock.yaml at the root of your workspace. This is necessary for pNpm to manage all dependencies in one place, with appropiate caching and shared references.

However this means it is difficult to tell when changes in an installed dependency impact a given package.

When you have CI jobs that are based on caching, updating a single dependency can trigger every job to re-run, which is slow and expensive.

Instead, you can calculate a single lockfile for a given package, and perform caching based on that.

pnpm-dedicated-lockfile is a CLI that writes this dedicated lockfile to your package.

Note that while this file is directly based on .pnpm-lock.yaml and has a similar format, it is not an actual lockfile and is not interchangeable with .pnpm-lock.yaml. Instead it should only be used for caching, and for visually inspecting dependency impacts to a given package.

Install

npm i pnpm-dedicated-lockfile --save-dev

Example

npx pnpm-dedicated-lockfile --projectDir ./path/to/package

Will write a file at ./path/to/package/.pnpm-lock.

Usage

npx pnpm-dedicated-lockfile --help to get started.

It is generally recommended to only include pnpm-dedicated-lockfile as a dev/test dependency. The resulting files may be checked into version control. They are as deterministic as .pnpm-lock.yaml, but since they may only be used for caching, it is not strictly necessary.

flagtypedefaultdescription
--projectDirstring.Directory containing package to calculate dedicated lockfile.
--hashbooleanfalseWrite a SHA hash instead of a large JSON file. This has benefits of reduced file size, but may more easily result in collisions.
--lockfile-namestring.pnpm-lockUpdate the file name to whatever you prefer.
--omit-commentbooleanfalseExclude the // DO NOT EDIT comment at top of file.
--omit-linksbooleanfalseExclude dependencies that are only related to local workspace links (e.g. workspace:^ specifiers). They are included by default
--dry-runbooleanfalseDon't actually create/update the files.
--cibooleanIf is CI environmentIf existing file is out-of-date, throws an error. Make sure to explicitly set as false if not checking files into version control.