-
Notifications
You must be signed in to change notification settings - Fork 173
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Loosen packageManager
field to support any package on npm
#354
Comments
Maybe, with a caveat. Corepack isn't intended to be a package manager. As a result, any tool it installs must not have any dependency.
If we do this, I believe "generic" packages should be targeted with a dedicated syntax. Something like: {
"packageManager": "pkg:[email protected]"
} Otherwise there'll be a problem with Yarn, which currently retrieves the package from one of two different sources depending on the version (even if we switched Yarn Modern to npm releases, it'd still come from two different packages; we don't want to publish modern releases on the This would also let us catch typos on the most popular options. |
Oh thats good to know. Looks like bun has 0 deps but cnpm has 11. Definitely need to document that caveat if we add this behavior. I'm almost wondering if
My suggestion is to not change the behavior of Yarn/pnpm/npm as it is today. Only to open the door to other package managers. Basically, check |
Maybe we could accept either a bare specifier – in which case Corepack checks the |
Since the url is going to point to a file download, how about using the For example,
Would this work with caching? I guess the url should have the version number in it and corepack could cache by url string? |
Since the |
The way I imagine that would be that those folks would do |
Actually we could have both the "binary name" and the URL: {
"packageManager": "aduh95-special-pm@http://example.com/archive.tgz#sha224.xxxxxxxxxxx"
} If someone tries to run That got me thinking, should we support the following: {
"packageManager": "pnpm@http://example.com/archive.tgz#sha224.xxxxxxxxxxx"
} And I think by default Corepack should refuse to do so, so folks by default would run official binaries of package managers that are in |
I like this idea. We could do something like this:
|
Worth noting that, at that time, none of the Corepack commands are "interactive", meaning you type the command, Corepack will execute it without requiring any additional step from the user. The suggested workflow breaks this, which may or may not be worth it. $ corepack use pkgmgr
Usage Error: Invalid package manager specification in CLI arguments. Consider adding the `--from-npm` flag if you meant to use the npm package `pkgmgr` as your package manager
$ corepack use pkgmgr --from-npm
$ cat package.json
{ "packageManager": "pkgmgr@https://registry.npmjs.com/pkgmgr/-/pkgmgr-3.0.0.tgz#sha1.xxxxxxxx" }
$ pkgmgr
Project installed |
I liked the what @arcanis had in #354 (comment) because it makes it clear what is going to be installed, where from, and the user needs to confirm that they want it installed. |
Could we consider changing the behavior of Corepack to loosen the definition of the
packageManager
field?That way you could define any npm package name in the
packageManager
field and Corepack would fetch from the npm registry if its not found in the hardcoded known package manager list.Examples
Pros
packageManager
field feels a lot more likedependencies
Cons
Usage Error: Unsupported package manager specification
.Usage Error: This project is configured to use
I think number 1 is okay but number 2 sounds problematic. Perhaps number 2 still requires a PR to Corepack.
Related
The text was updated successfully, but these errors were encountered: