yarn icon indicating copy to clipboard operation
yarn copied to clipboard
verified publisher icon yarnpkg

`yarn install` does not dedupe with local depencencies

Open ghost opened this issue 7 years ago • 2 comments

Do you want to request a feature or report a bug? I think it's a bug.

What is the current behavior? yarn installseems not do dedupe when my package.json depends on a local node module (with a local path instead of version in package.json) that shares a dependency with my module.

If the current behavior is a bug, please provide the steps to reproduce.

$ tree --noreport
.
├── a
│   ├── a.js
│   └── package.json
└── b
    └── package.json

$ cat a/package.json
{
  "name": "a",
  "version": "1.0.0",
  "main": "a.js",
  "dependencies": {
    "isarray": "2.0.4"
  }
}

$ cat b/package.json
{
  "name": "b",
  "version": "1.0.0",
  "dependencies": {
    "a": "file:../a",
    "isarray": "2.0.4"
  }
}

$ cd a

$ yarn install
yarn install v1.7.0
warning package.json: No license field
info No lockfile found.
warning [email protected]: No license field
[1/4] Resolving packages...
[2/4] Fetching packages...
[3/4] Linking dependencies...
[4/4] Building fresh packages...
success Saved lockfile.
Done in 0.26s.

$ cd ../b

$ yarn install
yarn install v1.7.0
warning package.json: No license field
info No lockfile found.
warning [email protected]: No license field
[1/4] Resolving packages...
[2/4] Fetching packages...
[3/4] Linking dependencies...
[4/4] Building fresh packages...
success Saved lockfile.
Done in 0.28s.

$ tree --noreport
.
├── node_modules
│   ├── a
│   │   ├── a.js
│   │   ├── node_modules
│   │   │   └── isarray
│   │   │       ├── index.js
│   │   │       ├── package.json
│   │   │       └── README.md
│   │   ├── package.json
│   │   └── yarn.lock
│   └── isarray
│       ├── index.js
│       ├── package.json
│       └── README.md
├── package.json
└── yarn.lock

What is the expected behavior?

I expect to find isarray in b/node_modules/isarray but not in b/node_modules/a/node_modules/isarray.

Please mention your node.js, yarn and operating system version.

$ node -v
v8.11.3
$ yarn -v
1.7.0
$ uname -srvmo
Linux 4.9.0-6-amd64 #1 SMP Debian 4.9.88-1+deb9u1 (2018-05-07) x86_64 GNU/Linux

ghost avatar Jun 26 '18 10:06 ghost

is this fixed in yarn 2 at all?

kelly-tock avatar Feb 03 '20 17:02 kelly-tock

any updates?

samuelscheit avatar Jun 21 '22 23:06 samuelscheit

I recognized that this way to import the local package ("a": "file:../a") make only symlink without doing dedupe. I do hope local dependencies can't be deduped.

sawadyecma avatar Jan 16 '23 08:01 sawadyecma