1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-29 10:39:10 -05:00
Commit graph

266 commits

Author SHA1 Message Date
Nathan Whitaker
56f31628f7
feat: subcommand to view and update outdated dependencies (#26942)
Closes #20487

Currently spelled

```
deno outdated
```
and
```
deno outdated --update
```

Works across package.json and deno.json, and in workspaces.

There's a bit of duplicated code, I'll refactor to reduce this in follow
ups

## Currently supported:
### Printing outdated deps (current output below which basically mimics
pnpm, but requesting feedback / suggestions)

```
deno outdated
```
![Screenshot 2024-11-19 at 2 01
56 PM](https://github.com/user-attachments/assets/51fea83a-181a-4082-b388-163313ce15e7)

### Updating deps

semver compatible:
```
deno outdated --update
```
latest:
```
deno outdated --latest
```
current output is basic, again would love suggestions
![Screenshot 2024-11-19 at 2 13
46 PM](https://github.com/user-attachments/assets/e4c4db87-cd67-4b74-9ea7-4bd80106d5e9)

#### Filters
```
deno outdated --update "@std/*"
deno outdated --update --latest "@std/* "!@std/fmt"
```
#### Update to specific versions
```
deno outdated --update @std/fmt@1.0.2 @std/cli@^1.0.3
```

### Include all workspace members
```
deno outdated --recursive
deno outdated --update --recursive
```

## Future work
- interactive update
- update deps in js/ts files
- better support for transitive deps

Known issues (to be fixed in follow ups):
- If no top level dependencies have changed, we won't update transitive
deps (even if they could be updated)
- Can't filter transitive deps, or update them to specific versions

## TODO (in this PR):
- ~~spec tests for filters~~
- ~~spec test for mixed workspace (have tested manually)~~
- tweak output
- suggestion when you try `deno update`

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-11-20 15:22:15 -08:00
David Sherret
617350e79c
refactor(resolver): move more resolution code into deno_resolver (#26873)
Follow-up to cjs refactor.

This moves most of the resolution code into the deno_resolver crate.
Still pending is the npm resolution code.
2024-11-14 15:24:25 -05:00
Nathan Whitaker
c371b2a492
fix(install): re-setup bin entries after running lifecycle scripts (#26752)
Fixes #26677

Some packages (like supabase) declare bin entries that don't exist until
lifecycle scripts are run. For instance, the lifecycle script downloads
a binary file which serves as a bin entrypoint.

Unfortunately you can't just defer setting up the bin entries until
after lifecycle scripts have run, because the scripts may rely on them.

I looked into this, and PNPM just re-links bin entries after running
lifecycle scripts. I think that's about the best we can do as well.

Note that we'll only re-setup bin entries for packages whose lifecycle
scripts we run. This should limit the performance cost, as typically a
given project will not have many lifecycle scripts (and of those, many
of them probably don't have bin entries to set up).
2024-11-12 09:23:39 -08:00
Nathan Whitaker
f9a05068d6
fix(install): handle invalid function error, and fallback to junctions regardless of the error (#26730)
Fixes #26116.

Handle the new error and treat is as lacking permission to make
symlinks, but also to make this more robust, just always fall back to
junctions no matter what the actual error is. Instead, warn if the error
isn't one we've handled, but go on to attempt creating the junction
2024-11-05 04:16:53 +00:00
Leo Kettmeir
fe9f0ee593
refactor(runtime/permissions): use concrete error types (#26464) 2024-11-04 09:17:21 -08:00
David Sherret
826e42a5b5
fix: improved support for cjs and cts modules (#26558)
* cts support
* better cjs/cts type checking
* deno compile cjs/cts support
* More efficient detect cjs (going towards stabilization)
* Determination of whether .js, .ts, .jsx, or .tsx is cjs or esm is only
done after loading
* Support `import x = require(...);`

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-11-01 12:27:00 -04:00
Nathan Whitaker
04ae1a5517
fix(cli): set npm_config_user_agent when running npm packages or tasks (#26639)
Fixes #25342.

Still not sure on the exact user agent to set (should it include
`node`?).

After this PR, here's the state of running some `create-*` packages
(just ones I could think of off the top of my head):

| package                  | prints/runs/suggests deno install | notes |
| ---------------- | ------------- | ------ |
| `create-next-app` |  | falls back to npm, needs a PR
([code](c32e280209/packages/create-next-app/helpers/get-pkg-manager.ts (L3)))
| `sv create` |  | uses `package-manager-detector`, needs a PR
([code](https://github.com/antfu-collective/package-manager-detector/tree/main))
| `create-qwik` |  | runs `deno install` but suggests `deno start`
which doesn't work (should be `deno task start` or `deno run start`)
| `create-astro` |  | runs `deno install` but suggests `npm run dev`
later in output, probably needs a PR
| `nuxi init` |  | deno not an option in dialog, needs a PR
([code](f04e2e8944/src/commands/init.ts (L96-L102)))
| `create-react-app` |  | uses npm
| `ng new` (`@angular/cli`) |  | uses npm
| `create-vite` |  | suggests working deno commands 🎉 
| `create-solid` |   | suggests npm commands, needs PR

It's possible that fixing `package-manager-detector` or other packages
might make some of these just work, but haven't looked too carefully at
each
2024-10-31 22:19:19 -07:00
David Sherret
90edca21a2
fix: surface package.json location on dep parse failure (#26665)
Related: https://github.com/denoland/deno/issues/26653
2024-10-31 15:35:17 +00:00
Marvin Hagemeister
5389972ba5
fix(npm): match npm bearer token generation (#26544)
Spend some time stepping through the npm client code and noticed that
the bearer token was different from ours. They do some double encoding
and @dsherret helped me in matching the encoding behavior.

Fixes https://github.com/denoland/deno/issues/26033
2024-10-28 12:08:51 +01:00
Marvin Hagemeister
5f0bb3c6f4
fix: .npmrc settings not being passed to install/add command (#26473)
We weren't passing the resolved npmrc settings to the install commands.
This lead us to always fall back to the default registry url instead of
using the one from npmrc.

Fixes https://github.com/denoland/deno/issues/26139
Fixes https://github.com/denoland/deno/issues/26033
Fixes https://github.com/denoland/deno/issues/25924
Fixes https://github.com/denoland/deno/issues/25822
Fixes https://github.com/denoland/deno/issues/26152

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-10-24 20:03:56 +02:00
Marvin Hagemeister
4b99cde504
fix(npm): ensure scoped package name is encoded in URLs (#26390)
Fixes https://github.com/denoland/deno/issues/26385
2024-10-18 20:38:57 +02:00
Nathan Whitaker
7c3c13cecf
fix(install): retry downloads of registry info / tarballs (#26278)
Fixes #26085.

Adds a basic retry utility with some defaults, starts off with a 100ms
wait, then 250ms, then 500ms

I've applied the retry in the http client, reusing an existing function,
so this also applies to retrying downloads of deno binaries in `upgrade`
and `compile`. I can make a separate function that doesn't retry so this
doesn't affect `upgrade` and `compile`, but it seemed desirable to have
retries there too, so I left it in.
2024-10-15 16:46:42 -07:00
林炳权
533a9b1086
chore: upgrade to rust 1.81.0 (#26261) 2024-10-15 21:40:07 +05:30
Nathan Whitaker
7a990d9d42
feat(npm): support --allow-scripts on deno run (and deno add, deno test, etc) (#26075)
Fixes https://github.com/denoland/deno/issues/25533. Fixes
https://github.com/denoland/deno/issues/25396.

Previously we only supported it on `deno install` and `deno cache`,
which is annoying if you're using `nodeModulesDir: auto`.

Also changes from printing output of lifecycle scripts directly to
capturing the output and only printing it on error.
2024-10-12 12:14:32 -07:00
David Sherret
2de4faa483
refactor: improve node permission checks (#26028)
Does less work when requesting permissions with `-A`
2024-10-04 20:55:41 +01:00
David Sherret
edac916604
fix(install): surface package.json dependency errors (#26023) 2024-10-04 07:52:00 +00:00
Nathan Whitaker
275418473e
fix(install): store tags associated with package in node_modules dir (#26000)
Fixes #25998. Fixes https://github.com/denoland/deno/issues/25928.

Originally I was just going to make this an error message instead of a
panic, but once I got to a minimal repro I felt that this really should
work.

The panic occurs when you have `nodeModulesDir: manual` (or a
package.json present), and you have an npm package with a tag in your
deno.json (see the spec test that illustrates this).

This code path only actually executes when trying to choose an
appropriate package version from `node_modules/.deno`, so we should be
able to fix it by storing some extra data at install time.

The fix proposed here is to repurpose the `.initialized` file that we
store in `node_modules` to store the tags associated with a package.
Basically, if you have a version requirement with a tag (e.g.
`npm:chalk@latest`), when we set up the node_modules folder for that
package, we store the tag (`latest`) in `.initialized`. Then, when doing
BYONM resolution, if we have a version requirement with a tag, we read
that file and check if the tag is present.

The downside is that we do more work when setting up `node_modules`. We
_could_ do this only when BYONM is enabled, but that would have the
downside of needing to re-run `deno install` when you switch from auto
-> manual, though maybe that's not a big deal.
2024-10-02 17:16:46 -07:00
Nathan Whitaker
cb74975ab2
fix(install): compare versions directly to decide whether to create a child node_modules dir for a workspace member (#26001)
Fixes #25861.

Previously we were attempting to match the version requirement against
the version already present in `node_modules` root, and if they didn't
match we would create a node_modules dir in the workspace member's
directory with the dependency.

Aside from the fact that this caused the panic, on second thought it
just doesn't make sense in general. We shouldn't be semver matching, as
resolution has already occurred and decided what package versions are
required. Instead, we can just compare the versions directly.
2024-10-02 15:11:43 -07:00
David Sherret
cac28b5262
feat(byonm): support deno run npm:<package> when package is not in package.json (#25981)
Closes https://github.com/denoland/deno/issues/25905
2024-10-02 21:17:39 +01:00
Nayeem Rahman
3881b71734
feat(lsp): quick fix for @deno-types="npm:@types/*" (#25954) 2024-10-01 22:55:02 +01:00
David Sherret
69ab720025
refactor: move ByonmNpmResolver to deno_resolver (#25937)
Some more slow progress on moving all the resolution code into
deno_resolver.
2024-09-30 13:33:32 +00:00
David Sherret
1bb47805d6
refactor: move NpmCacheDir to deno_cache_dir (#25916)
Part of the ongoing work to move more of Deno's resolution out of the
CLI crate (for use in Wasm and other things)

Includes:

* https://github.com/denoland/deno_cache_dir/pull/60
2024-09-28 08:50:16 -04:00
David Sherret
fc739dc5eb
refactor: use deno_path_util (#25918) 2024-09-28 07:55:01 -04:00
Nathan Whitaker
fbddd5a2eb
fix(node): Pass NPM_PROCESS_STATE to subprocesses via temp file instead of env var (#25896)
Fixes https://github.com/denoland/deno/issues/25401. Fixes
https://github.com/denoland/deno/issues/25841. Fixes
https://github.com/denoland/deno/issues/25891.
2024-09-27 12:35:37 -07:00
Bartek Iwańczuk
eff64238b6
feat: Don't warn about --allow-script when using esbuild (#25894)
`esbuild` can work fine without needing to run post-install script, so
to make it easier on users (especially people using Vite) we are not prompting to run with
`--allow-scripts` again.

We only do that for version >= 0.18.0 to be sure.
2024-09-26 23:37:49 +00:00
Nathan Whitaker
543c687c34
feat(install): warn repeatedly about not-run lifecycle scripts on explicit installs (#25878)
Currently we only warn once. With this PR, we continue to warn about
not-run scripts on explicit `deno install` (or cache). For `run` (or
other subcommands) we only warn the once, as we do currently.
2024-09-26 17:13:33 +00:00
Nathan Whitaker
13c53d9727
fix(installl): make bin entries executable even if not put in node_modules/.bin (#25873)
Fixes https://github.com/denoland/deno/issues/25862.

npm only makes bin entries executable if they get linked into `.bin`, as
we did before this PR. So this PR actually deviates from npm, because
it's the only reasonable way to fix this that I can think of.

---

The reason this was broken in moment is the following:

Moment has dependencies on two typescript versions: 1.8 and 3.1

If you have two packages with conflicting bin entries (i.e. two
typescript versions which both have a bin entry `tsc`), in npm it is
non-deterministic and undefined which one will end up in `.bin`.

npm, due to implementation differences, chooses to put typescript 1.8
into the `.bin` directory, and so `node_modules/typescript/bin/tsc` ends
up getting marked executable. We, however, choose typescript 3.2, and so
we end up making `node_modules/typescript3/bin/tsc` executable.

As part of its tests, moment executes `node_modules/typescript/bin/tsc`.
Because we didn't make it executable, this fails.

Since the conflict resolution is undefined in npm, instead of trying to
match it, I think it makes more sense to just make bin entries
executable even if they aren't chosen in the case of a conflict.
2024-09-26 09:36:25 -07:00
Nathan Whitaker
36ebc03f17
fix(cli): Warn on not-run lifecycle scripts with global cache (#25786)
Refactors the lifecycle scripts code to extract out the common
functionality and then uses that to provide a warning in the global
resolver.

While ideally we would still support them with the global cache, for now
a warning is at least better than the status quo (where people are
unaware why their packages aren't working).
2024-09-24 19:23:57 +00:00
Bartek Iwańczuk
5b14c71daf
feat: improve warnings for deprecations and lifecycle script for npm packages (#25694)
This commit improves warning messages for deprecated npm packages
and packages that rely on lifecycle script.
2024-09-18 19:04:25 +00:00
Yazan AbdAl-Rahman
bed46474b2
fix: do not panic running invalid file specifier (#25530)
Co-authored-by: Bedis Nbiba <bedisnbiba@gmail.com>
2024-09-18 14:51:39 +01:00
David Sherret
62e952559f
refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508)
This makes the permission system more versatile.
2024-09-16 21:39:37 +01:00
David Sherret
af2d992ecd
feat: TypeScript 5.6 and npm:@types/node@22 (#25614) 2024-09-14 11:58:47 +01:00
David Sherret
72f025c743
fix: remove recently added deno.json node_modules aliasing (#25542)
This was initially added in #25399 in order to make transitioning over
from package.json to deno.json more easy, but it causes some problems
that are shown in the issue and it also means that the output of `deno
install` would have different resolution than `npm install`. Overall, I
think it's too much complexity to be smarter about this and it's
probably best to not do it. If someone needs an aliased folder then they
should keep using a package.json

Closes #25538
2024-09-09 20:19:29 +00:00
Nathan Whitaker
292344af42
fix(install): Make sure target node_modules exists when symlinking (#25494)
Fixes https://github.com/denoland/deno/issues/25493
2024-09-06 19:08:56 +00:00
David Sherret
c6d1b0a1cc
fix(byonm): resolve npm deps of jsr deps (#25399)
This allows using npm deps of jsr deps without having to add them to the
root package.json.

Works by taking the package requirement and scanning the
`node_modules/.deno` directory for the best matching package, so it
relies on deno's node_modules structure.

Additionally to make the transition from package.json to deno.json
easier, Deno now:

1. Installs npm deps in a deno.json at the same time as installing npm
deps from a package.json.
2. Uses the alias in the import map for `node_modules/<alias>` for
better package.json compatiblity.
2024-09-04 14:00:44 +00:00
David Sherret
bf7571a6f9
fix: make some warnings more standard (#25324) 2024-09-03 10:45:01 +02:00
David Sherret
f891e73bbf
refactor: remove DENO_FUTURE (#25314) 2024-08-30 21:58:24 +00:00
David Sherret
b708a13eb0
feat: improve lockfile v4 to store normalized version constraints and be more terse (#25247)
Stores normalized version constraints in the lockfile, which will
improve reproducibility and will fix a bug with duplicate specifiers
ending up in the lockfile. Also, gets rid of some duplicate data in the
specifiers area of the lockfile.
2024-08-28 14:17:47 -04:00
Bartek Iwańczuk
3dba98532a
fix: replace npm install hint with deno install hint (#25244)
Needed for https://github.com/denoland/deno/pull/25213.

With Deno 2, we should suggest using `deno install` instead of `npm
install`.
2024-08-28 02:31:41 +00:00
Nathan Whitaker
f606402677
fix(install): Use relative symlinks in deno install (#25164)
Fixes https://github.com/denoland/deno/issues/25161
2024-08-22 21:55:17 +00:00
HasanAlrimawi
0704454755
feat: Print deprecation message for npm packages (#24992)
This commit adds ability to print deprecation notices
for npm packages that have been marked as deprecated.

Closes #24013
2024-08-20 19:53:53 +02:00
David Sherret
f1c58ec041
feat(unstable): ability to use a local copy of jsr packages (#25068) 2024-08-20 14:11:43 +00:00
Asher Gomez
f89b531149
feat(node): support username and _password in .npmrc file (#24793)
Closes #23950
2024-08-14 18:53:15 +02:00
Nathan Whitaker
854c7ba198
fix(install): Properly handle dist tags when setting up node_modules (#24968)
Fixes https://github.com/denoland/deno/issues/24966.
Fixes https://github.com/denoland/deno/issues/24932.
2024-08-09 13:35:54 +00:00
Nathan Whitaker
3f692bed0a
fix(add): Support dist tags in deno add (#24960)
Fixes #24956.
2024-08-08 16:45:41 +00:00
Ryan Dahl
c79cb339ef
chore: upgrade flaky_test, fastwebsockets, base64, base32, notify (#24746) 2024-08-01 08:35:35 -04:00
Satya Rohith
8c2f1f5a55
chore: upgrade to rust 1.80 (#24778) 2024-07-29 12:58:04 -04:00
David Sherret
3bf147fe28
refactor: decouple node resolution from deno_core (#24724) 2024-07-25 19:08:14 -04:00
Nathan Whitaker
795ed23b35
fix(future): Emit deno install warning less often, suggest deno install in error message (#24706)
Two small changes:

- In our BYONM errors, suggest running `deno install` instead of `npm
install` if `DENO_FUTURE` is set
- Only emit warning about `deno install` changes if you do `deno install
<foo>` with deno_future unset
2024-07-24 23:37:13 +00:00
David Sherret
52ababc4bf
fix(node): better detection for when to surface node resolution errors (#24653) 2024-07-24 00:22:24 +00:00