Commit Graph

18 Commits

Author SHA1 Message Date
Lily Foster
d2897e463d
prefetch-npm-deps: use isahc instead of ureq 2023-06-29 09:46:35 -04:00
Lily Foster
aa2f51f0d2
prefetch-npm-deps: update deps and base64 usage 2023-06-29 09:46:35 -04:00
Lily Foster
9af0383296
prefetch-npm-deps: support NIX_BUILD_CORES 2023-06-29 09:46:33 -04:00
XYenon
4915de2600 prefetch-npm-deps: add retry 2023-06-29 00:20:25 +08:00
Winter
ac35d7ea86
prefetch-npm-deps: look up hashes from cache when fixing up lockfiles 2023-04-30 10:29:46 -04:00
Winter
7efebca89c
prefetch-npm-deps: fix reproducibility
v1 lockfiles can contain multiple references to the same version of a
package, and these references can contain different `integrity` values,
such as one having SHA-1 and SHA-512, while another just has SHA-512.

Given that HashMap iteration order isn't defined, this causes
reproducibility issues, as a different integrity value could be chosen
each time.

Thanks to @lilyinstarlight for discovering this issue originally, as well
as the idea for the sorting-based implementation.
2023-04-28 18:09:39 -04:00
Winter
faa3de1bf5
prefetch-npm-deps: fix clippy lint 2023-04-06 11:32:47 -04:00
Winter
e1d64c1941
prefetch-npm-deps: throw better error when unsupported git service is used
See https://github.com/NixOS/nixpkgs/pull/206476#discussion_r1058689383.
2023-04-06 11:32:47 -04:00
Winter
7e247e6fec
prefetch-npm-deps: download dev deps for git deps with install scripts
Git dependencies with install scripts are built isolated from the main
package, so their development dependencies are required.

To take advantage of this, #206477 is needed.
2023-04-06 11:32:39 -04:00
Winter
3e68a27822
prefetch-npm-deps: refactor
This splits prefetch-npm-deps into multiple files, as well as making a
few small changes along the way, such as going from a `HashMap` to a `Vec`
as the container for packages, to deduplicate them more efficently.
2023-04-06 11:32:23 -04:00
Lily Foster
b023946d2b prefetch-npm-deps: fix hash stability
GNU tar will apparently silently include mtime of files if --mtime is
passed with an unrecognized date format. This led to hash instability
from those mtimes and this fixes it to force all mtimes to epoch
timestamp 0.
2022-11-23 20:52:08 -05:00
Winter
009a234bdd prefetch-npm-deps: repack hosted git deps
Previously, we stored the tarballs from the hosted Git providers directly in the cache. However, as we've seen with `fetchFromGitHub` etc, these files may change subtly.

Given this, this commit repacks the dependencies before storing them in the cache.
2022-11-21 15:00:08 -05:00
Winter
091d039b12 prefetch-npm-deps: deduplicate dependencies when parsing lockfile
A `package-lock.json` file can contain multiple instances of the same dependency, which caused unnecessary downloads and duplicate index entries in the generated cache.
2022-11-21 15:00:08 -05:00
Winter
b117b359db prefetch-npm-deps: move tests to separate file 2022-11-21 15:00:08 -05:00
Winter
03a7739d75 prefetch-npm-deps: skip bundled dependencies in v1 lockfiles 2022-11-21 15:00:08 -05:00
Winter
276982bd5e prefetch-npm-deps: add support for hosted git shorthands 2022-11-21 15:00:08 -05:00
Winter
cc5756b171 prefetch-npm-deps: add support for link dependencies in v2 lockfiles 2022-11-21 15:00:08 -05:00
Winter
16722903aa buildNpmPackage: init 2022-11-09 10:35:59 -05:00