WingNews logo WingNews
top | item 18990447

(no title)

wopian | 7 years ago

npm's lockfile is a pain to diff in PRs because of the JSON format where what was maybe 20 changed lines in yarn is upwards of 80 from the brackets.

With YAML and whatever format yarn.lock was in, the only changed lines are changes to the version resolutions, hash and dependencies.

discuss

order

donatj|7 years ago

I'd say safely merging YAML diffs however could be trouble.

I don't know how restricted their YAML subset is, but in my experience it's so loose a format the only way to be sure YAML says what you think it says is to run it through a parser.

DuskStar|7 years ago

I think if you're merging lockfile diffs, you're doing something wrong! Merge the package.json diffs and regenerate the lockfile.

drodgers|7 years ago

> safely merging YAML diffs however could be trouble

Yarn will actually do the merging automatically — if you have conflict markers in your lockfile, just running yarn will parse them along with the rest of the file and produce a new lockfile with the changes from both diffs (unless there's a genuine conflict).

I assume that this feature won't go away with the new lockfile format

Vinnl|7 years ago

They do say "subset of YAML", so presumably that can make it easier. And hopefully they'll keep handling this for you.

smt88|7 years ago

As a heavy Open API Spec user, I can tell you that YAML is a nightmare to diff.

zbentley|7 years ago

Diffability is not a great argument against YAML/for JSON IMO. Tools can usually handle that for you.

What is the largest concern about YAML is that truncated documents are almost always still valid documents. The likelihood of that happening compared to, say, a git merge gone wrong is much lower, but the consequences are likely much worse.

I don't have a strong opinion on structured data file format, but that's an issue with YAML that often goes unmentioned.

reconbot|7 years ago

If you run `npm install` again it does detect the conflict and resolve it. https://docs.npmjs.com/files/package-locks#resolving-lockfil... But in practice I haven't found any changes that have been untenable to understand with a diff.

dickeytk|7 years ago

resolving conflicts isn't why I read the diff (yarn resolves automatically anyways) it's so I can see what has changed