Various buildNpmPackage fixes

doc/languages-frameworks/javascript.section.md

@@ -196,7 +196,7 @@ buildNpmPackage rec {
 * `makeCacheWritable`: Whether to make the cache writable prior to installing dependencies. Don't set this unless npm tries to write to the cache directory, as it can slow down the build.
 * `npmBuildScript`: The script to run to build the project. Defaults to `"build"`.
 * `npmFlags`: Flags to pass to all npm commands.
-* `npmInstallFlags`: Flags to pass to `npm ci`.
+* `npmInstallFlags`: Flags to pass to `npm ci` and `npm prune`.
 * `npmBuildFlags`: Flags to pass to `npm run ${npmBuildScript}`.
 * `npmPackFlags`: Flags to pass to `npm pack`.
 

pkgs/applications/audio/open-stage-control/default.nix

@@ -16,7 +16,7 @@ buildNpmPackage rec {
     ./package-lock.json.patch
   ];
 
-  npmDepsHash = "sha256-UF3pZ+SlrgDLqntciXRNbWfpPMtQw1DXl41x9r37QN4=";
+  npmDepsHash = "sha256-SGLcFjPnmhFoeXtP4gfGr4Qa1dTaXwSnzkweEvYW/1k=";
 
   nativeBuildInputs = [
     copyDesktopItems

pkgs/build-support/node/build-npm-package/default.nix

@@ -17,7 +17,7 @@
 , npmBuildScript ? "build"
   # Flags to pass to all npm commands.
 , npmFlags ? [ ]
-  # Flags to pass to `npm ci`.
+  # Flags to pass to `npm ci` and `npm prune`.
 , npmInstallFlags ? [ ]
   # Flags to pass to `npm rebuild`.
 , npmRebuildFlags ? [ ]

pkgs/build-support/node/build-npm-package/hooks/default.nix

@@ -7,10 +7,11 @@
       substitutions = {
         nodeSrc = srcOnly nodejs;
 
-        # Specify the stdenv's `diff` and `jq` by abspath to ensure that the user's build
+        # Specify `diff`, `jq`, and `prefetch-npm-deps` by abspath to ensure that the user's build
         # inputs do not cause us to find the wrong binaries.
         diff = "${buildPackages.diffutils}/bin/diff";
         jq = "${buildPackages.jq}/bin/jq";
+        prefetchNpmDeps = "${buildPackages.prefetch-npm-deps}/bin/prefetch-npm-deps";
 
         nodeVersion = nodejs.version;
         nodeVersionMajor = lib.versions.major nodejs.version;

pkgs/build-support/node/build-npm-package/hooks/npm-build-hook.sh

@@ -20,6 +20,7 @@ npmBuildHook() {
         echo
         echo "Here are a few things you can try, depending on the error:"
         echo "1. Make sure your build script ($npmBuildScript) exists"
+        echo "  If there is none, set `dontNpmBuild = true`."
         echo '2. If the error being thrown is something similar to "error:0308010C:digital envelope routines::unsupported", add `NODE_OPTIONS = "--openssl-legacy-provider"` to your derivation'
         echo "  See https://github.com/webpack/webpack/issues/14532 for more information."
         echo

pkgs/build-support/node/build-npm-package/hooks/npm-config-hook.sh

@@ -5,9 +5,18 @@ npmConfigHook() {
 
     echo "Configuring npm"
 
-    export HOME=$TMPDIR
+    export HOME="$TMPDIR"
     export npm_config_nodedir="@nodeSrc@"
 
+    if [ -z "${npmDeps-}" ]; then
+        echo
+        echo "ERROR: no dependencies were specified"
+        echo 'Hint: set `npmDeps` if using these hooks individually. If this is happening with `buildNpmPackage`, please open an issue.'
+        echo
+
+        exit 1
+    fi
+
     local -r cacheLockfile="$npmDeps/package-lock.json"
     local -r srcLockfile="$PWD/package-lock.json"
 
@@ -47,15 +56,17 @@ npmConfigHook() {
       exit 1
     fi
 
+    @prefetchNpmDeps@ --fixup-lockfile "$srcLockfile"
+
     local cachePath
 
     if [ -z "${makeCacheWritable-}" ]; then
-        cachePath=$npmDeps
+        cachePath="$npmDeps"
     else
         echo "Making cache writable"
         cp -r "$npmDeps" "$TMPDIR/cache"
         chmod -R 700 "$TMPDIR/cache"
-        cachePath=$TMPDIR/cache
+        cachePath="$TMPDIR/cache"
     fi
 
     npm config set cache "$cachePath"
@@ -71,7 +82,7 @@ npmConfigHook() {
         echo "Here are a few things you can try, depending on the error:"
         echo '1. Set `makeCacheWritable = true`'
         echo "  Note that this won't help if npm is complaining about not being able to write to the logs directory -- look above that for the actual error."
-        echo '2. Set `npmInstallFlags = [ "--legacy-peer-deps" ]`'
+        echo '2. Set `npmFlags = [ "--legacy-peer-deps" ]`'
         echo
 
         exit 1
@@ -96,6 +107,8 @@ npmConfigHook() {
       rm node_modules/.meow
     fi
 
+    patchShebangs node_modules
+
     echo "Finished npmConfigHook"
 }
 

pkgs/build-support/node/build-npm-package/hooks/npm-install-hook.sh

@@ -27,7 +27,7 @@ npmInstallHook() {
     local -r nodeModulesPath="$packageOut/node_modules"
 
     if [ ! -d "$nodeModulesPath" ]; then
-        npm prune --omit dev
+        npm prune --omit dev $npmInstallFlags "${npmInstallFlagsArray[@]}" $npmFlags "${npmFlagsArray[@]}"
         find node_modules -maxdepth 1 -type d -empty -delete
 
         cp -r node_modules "$nodeModulesPath"

pkgs/build-support/node/fetch-npm-deps/default.nix

@@ -1,4 +1,4 @@
-{ lib, stdenvNoCC, rustPlatform, Security, testers, fetchurl, prefetch-npm-deps, fetchNpmDeps }:
+{ lib, stdenvNoCC, rustPlatform, makeWrapper, Security, gnutar, gzip, testers, fetchurl, prefetch-npm-deps, fetchNpmDeps }:
 
 {
   prefetch-npm-deps = rustPlatform.buildRustPackage {
@@ -16,8 +16,13 @@
 
     cargoLock.lockFile = ./Cargo.lock;
 
+    nativeBuildInputs = [ makeWrapper ];
     buildInputs = lib.optional stdenvNoCC.isDarwin Security;
 
+    postInstall = ''
+      wrapProgram "$out/bin/prefetch-npm-deps" --prefix PATH : ${lib.makeBinPath [ gnutar gzip ]}
+    '';
+
     passthru.tests =
       let
         makeTestSrc = { name, src }: stdenvNoCC.mkDerivation {
@@ -46,7 +51,7 @@
             hash = "sha256-uQmc+S+V1co1Rfc4d82PpeXjmd1UqdsG492ADQFcZGA=";
           };
 
-          hash = "sha256-fk7L9vn8EHJsGJNMAjYZg9h0PT6dAwiahdiEeXVrMB8=";
+          hash = "sha256-wca1QvxUw3OrLStfYN9Co6oVBR1LbfcNUKlDqvObps4=";
         };
 
         lockfileV2 = makeTest {
@@ -57,7 +62,7 @@
             hash = "sha256-qS29tq5QPnGxV+PU40VgMAtdwVLtLyyhG2z9GMeYtC4=";
           };
 
-          hash = "sha256-s8SpZY/1tKZVd3vt7sA9vsqHvEaNORQBMrSyhWpj048=";
+          hash = "sha256-tuEfyePwlOy2/mOPdXbqJskO6IowvAP4DWg8xSZwbJw=";
         };
 
         hashPrecedence = makeTest {
@@ -68,7 +73,7 @@
             hash = "sha256-1+0AQw9EmbHiMPA/H8OP8XenhrkhLRYBRhmd1cNPFjk=";
           };
 
-          hash = "sha256-KRxwrEij3bpZ5hbQhX67KYpnY2cRS7u2EVZIWO1FBPM=";
+          hash = "sha256-oItUls7AXcCECuyA+crQO6B0kv4toIr8pBubNwB7kAM=";
         };
 
         hostedGitDeps = makeTest {
@@ -79,7 +84,30 @@
             hash = "sha256-X9mCwPqV5yP0S2GonNvpYnLSLJMd/SUIked+hMRxDpA=";
           };
 
-          hash = "sha256-oIM05TGHstX1D4k2K4TJ+SHB7H/tNKzxzssqf0GJwvY=";
+          hash = "sha256-5Mg7KDJLMM5e/7BCHGinGAnBRft2ySQzvKW06p3u/0o=";
+        };
+
+        linkDependencies = makeTest {
+          name = "link-dependencies";
+
+          src = fetchurl {
+            url = "https://raw.githubusercontent.com/evcc-io/evcc/0.106.3/package-lock.json";
+            hash = "sha256-6ZTBMyuyPP/63gpQugggHhKVup6OB4hZ2rmSvPJ0yEs=";
+          };
+
+          hash = "sha256-VzQhArHoznYSXUT7l9HkJV4yoSOmoP8eYTLel1QwmB4=";
+        };
+
+        # This package contains both hosted Git shorthand, and a bundled dependency that happens to override an existing one.
+        etherpadLite1818 = makeTest {
+          name = "etherpad-lite-1.8.18";
+
+          src = fetchurl {
+            url = "https://raw.githubusercontent.com/ether/etherpad-lite/1.8.18/src/package-lock.json";
+            hash = "sha256-1fGNxYJi1I4cXK/jinNG+Y6tPEOhP3QAqWOBEQttS9E=";
+          };
+
+          hash = "sha256-8xF8F74nHwL9KPN2QLsxnfvsk0rNCKOZniYJQCD5u/I=";
         };
       };
 

pkgs/build-support/node/fetch-npm-deps/src/cacache.rs

@@ -109,7 +109,7 @@ impl Cache {
 
         let mut file = File::options().append(true).create(true).open(index_path)?;
 
-        write!(file, "\n{:x}\t{data}", Sha1::new().chain(&data).finalize())?;
+        write!(file, "{:x}\t{data}", Sha1::new().chain(&data).finalize())?;
 
         Ok(())
     }