feat: bun package manager support for electron-builder #9313
Conversation
🦋 Changeset detectedLatest commit: 19508e7 The changes in this PR will be included in the next version bump. This PR includes changesets to release 8 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
All alerts resolved. Learn more about Socket for GitHub. This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. |
johnpyp
force-pushed
the
feat/bun-pm-support
branch
3 times, most recently
from
7214602 to
a68b932
Compare
|
This is awesome! Kicking off CI. Quick Q on this 👇 . What is it doing? |
|
Yeah, that's part of a breaking change in pnpm v10 (details here: https://github.com/orgs/pnpm/discussions/8945) where you're required to specify which dependencies which have It's unfortunately easy to miss it when initially migrating, because if you start from a pnpm v9 installation it won't always print out the error message... weird consistency bug in pnpm I think. If you do |
mmaietta
left a comment
mmaietta
left a comment
There was a problem hiding this comment.
Please also add a changeset to register it in the release notes via Changesets CI/CD
pnpm generate-changeset
packages/app-builder-lib/src/node-module-collector/bunNodeModulesCollector.ts
Outdated
Show resolved
Hide resolved
packages/app-builder-lib/src/node-module-collector/bunNodeModulesCollector.ts
Outdated
Show resolved
Hide resolved
packages/app-builder-lib/src/node-module-collector/bunNodeModulesCollector.ts
Outdated
Show resolved
Hide resolved
packages/app-builder-lib/src/node-module-collector/bunNodeModulesCollector.ts
Outdated
Show resolved
Hide resolved
packages/app-builder-lib/src/node-module-collector/bunNodeModulesCollector.ts
Outdated
Show resolved
Hide resolved
johnpyp
force-pushed
the
feat/bun-pm-support
branch
2 times, most recently
from
cf23a54 to
1dba64d
Compare
johnpyp
force-pushed
the
feat/bun-pm-support
branch
from
1dba64d to
0f506d8
Compare
johnpyp
force-pushed
the
feat/bun-pm-support
branch
from
0f506d8 to
f508b9f
Compare
mmaietta
left a comment
mmaietta
left a comment
There was a problem hiding this comment.
Sorry for the delay on this! Been on a family vacation.
| "@types/hosted-git-info": "3.0.2", | ||
| "@types/js-yaml": "4.0.3", | ||
| "@types/plist": "3.0.5", | ||
| "@types/resolve": "^1.20.6", |
| "@typescript-eslint/eslint-plugin": "8.17.0", | ||
| "@typescript-eslint/parser": "8.17.0", | ||
| "@vitest/ui": "3.0.4", | ||
| "@vitest/ui": "^3.2.2", |
There was a problem hiding this comment.
Can we revert this change please? Currently trying to freeze/separate dependency version changes to exclusively their own PRs unless otherwise required.
This should allow us to revert all changes to the pnpm-lock.yaml
| import { NodeModulesCollector } from "./nodeModulesCollector" | ||
| import { PM } from "./packageManager" | ||
| import { BunDependency, BunManifest, Dependencies } from "./types" | ||
| import { createRequire } from "module" |
There was a problem hiding this comment.
I'm not familiar with this createRequire, but 2 quick Qs. What are we using it for here as opposed to directly require(...)?
Can we also change the import to from "node:module"?
| const { stdout } = await execAsync("git rev-parse --show-toplevel", { | ||
| cwd: baseDir, | ||
| timeout: 5000, | ||
| }) |
There was a problem hiding this comment.
Will this be called numerous times? If so, we could probably use the package lazy-val that is already used in this project for Lazy<string>
|
I can pull this feature into my larger refactor/bug-fixes of node module collector code. |
|
Migrated code to be compatible with refactored node_module_collector code |
2 participants
Additions
node_modulesdirectory in the ASAR--linker=isolatedand--linker=hoistedmodesdetectPackageManagerby adding the Git Root + "nearest parent lockfile" to the search directories for a lockfileelectron-builderwas inpackages/fooand thebun.lockonly exists in the roottest-bun-workspacefixturebun install --linker=isolatedtest andbun install --linker=hoistedtest caselibdepends on one version of a pakage andappdepends on another), which bun isolated mode disambguates. thebunNodeModulesCollectorcorrectly handles this case and nestsnode_modulesappropriately for it.onlyBuiltDependencies, which seems to have been missed in the pnpm v9 -> v10 upgrade.Notes
This PR adds support for bun package manger during electron
node_modulespackaging into an ASAR, particularly in the context of workspaces and bun's isolated install mode (like pnpm's defaultnode_modules/.pnpmfolder + symlinks,isolatedmode in bun usesnode_modules/.bin+ symlinks).I've confirmed on my real electron application with quite a few dependencies that this all seems to work as expected, and the new fixtures confirm that as well.
Something that seems like it could be a good idea is leveraging https://github.com/antfu-collective/package-manager-detector instead of the manual package management detection that's done currently, because there's a lot more techniques to judge it, and that library encapsulates the logic quite nicely into a configurable call. E.g I noticed that even though
bun.lockwas added in one place previously, it was missing in 2 others, leading to difficult to troubleshoot inconsistencies. If we leveragedpackage-manager-detectioneverywhere, that opportunity for inconsistency should hopefully vanish.