| 17 May 2023 |
 Lily Foster | Time to add some debug logging and figure out what that cacache function is getting called with... hopefully it's not a bug, but npm having a ton of silently broken things because of their silently-bail-out-and-refetch logic all over the place is not news | 21:55:58 |
| Lily Foster | (like their hosted tarball url thing for gitlab is just straight up wrong and they have no intentions to fix it -- so when you do gitlab: deps they're unnecessarily way slower than any other hosted git provider because it tries the tarball, fails, and falls back to checkouts through complicated spaghetti code paths) | 21:57:00 |
| Lily Foster | (so it's "not a problem" because it handles it I guess) | 21:57:21 |
 hexa | yikes 😄 | 22:02:00 |
| hexa | https://github.com/bokeh/bokeh/blob/branch-3.2/bokehjs/package.json#L29-L32 | 22:10:50 |
| hexa | I'm not quite sure which of these workspaces is the interesting one | 22:11:04 |
| Lily Foster | Okay. So. This isn't actually an issue with workspaces. I looked in the lockfile to make sure it existed with more than nothing in it. But I must be tired because while it's present, it's actually just missing integrity and resolved fields | 22:11:19 |
| Lily Foster | * Okay. So. This isn't actually an issue with workspaces. I looked in the lockfile to make sure the p-map dep existed with more than nothing in it. But I must be tired because while it's present, it's actually just missing integrity and resolved fields | 22:11:31 |
| Lily Foster | So this lockfile needs to be deleted and regenerated | 22:12:24 |
| Lily Foster | https://github.com/bokeh/bokeh/blob/branch-3.2/bokehjs/package-lock.json#L101-L114 | 22:12:31 |
| hexa | (django-hijack is finished btw :)) | 22:12:38 |
| hexa | rough, not going to commit a 143 kB lock file into nixpkgs ;D | 22:12:56 |
| hexa | * rough, not going to commit a 143 kB lock file into nixpkgs 😄 | 22:12:58 |
| Lily Foster | npm still will not do automatic fixup of this issue: https://github.com/npm/cli/issues/4460 | 22:13:13 |
| Lily Foster | Which is dumb | 22:13:20 |
| Lily Foster | In reply to @hexa:lossy.network
rough, not going to commit a 143 kB lock file into nixpkgs 😄 Yeah the lockfile committing to nixpkgs across multiple ecosystems has been a bit unfortunate (the node2nix node-packages.nix files included)... You could submit a PR to fix the lockfile and fetchpatch the PR if you are so inclined, to avoid that | 22:16:28 |
| hexa | alright | 22:16:41 |
| Lily Foster | But there's no reproducible way to handle that as-is. Except maybe doing something like how importCargoLock handles git deps with the extra hashes and hope and pray the version exists in the registry | 22:17:29 |
| hexa |
npm install --package-lock
| 22:17:44 |
| Lily Foster | npm is pretty hecked | 22:17:48 |
| hexa | that did nothing to the lock file | 22:18:02 |
| Lily Foster | In reply to @hexa:lossy.network
npm install --package-lock
The problem is that won't fix it by default. Only remedy I'm aware of is deleting and relocking everything | 22:18:12 |
| hexa | oh ok | 22:18:19 |
| Lily Foster | (if npm fixed it up during install then it wouldn't be such a problem) | 22:18:26 |
| Lily Foster | (because eventually all of those missing details would be filled in and the updated lockfiles would get committed) | 22:18:44 |
| Lily Foster | We could probably check for this case, though, and produce a better error message | 22:19:00 |
| hexa | please 😄 | 22:19:15 |
| Lily Foster | Hmmm I'll add that to the todo list: a message that says "please bug upstream to recreate their lockfile, it's horribly busted and will not work" | 22:19:31 |
| hexa | ehhk, it uses different versions for things now | 22:20:05 |
| hexa | not surprising, but still | 22:20:25 |
