[Bug?]: --mode=update-lockfile does not remove old yarn cache entry #4886
Comments
Yarn Berry commands related to performing updates can run in a mode called `update-lockfile`, which was purpose-built for exactly what Dependabot does: ``` - `update-lockfile` will skip the link step altogether, and only fetch packages that are missing from the lockfile (or that have no associated checksums). This mode is typically used by tools like Renovate or Dependabot to keep a lockfile up-to-date without incurring the full install cost. ``` This makes yarn berry updates _significantly_ more performant, but it has the downside that when the yarn cache is committed to the repo, old entries in there are not cleaned up. Everything still works as expected when this happens, but over time it could lead to that cache folder getting larger than is necessary. I've opened an issue about this upstream: yarnpkg/berry#4886, not entirely sure if this is a bug or just a consequence of how this works. For now I think it's worth the trade-off, as many projects don't commit the cache folder to repo, and the performance benefits are very significant. I'll try to find some time to address this upstream.
|
Gentle ping on this, my main question is if deleting the old cache entry is desirable, and maybe some guidance on where to start looking and we'd be happy to try and get a PR up. |
|
Interesting - it seems we explicitly guard against cleaning obsolete cache entries, but I don't remember why ... that would seem like a bug to me, but then why did we add this check? 🤔 Do you remember details, @ylemkimon? |
|
@arcanis did you ever hear from @ylemkimon ? |
|
Sorry, I missed the previous ping. With berry/packages/yarnpkg-core/sources/Project.ts Lines 968 to 969 in 94e4069 and therefore
In that case, I think only the link step can be skipped, e.g., a new mode await opts.report.startTimerPromise(`Link step`, async () => {
- if (opts.mode === InstallMode.UpdateLockfile) {
+ if (opts.mode === InstallMode.UpdateLockfile || opts.mode === InstallMode.SkipLink) {
opts.report.reportWarning(MessageName.UPDATE_LOCKFILE_ONLY_SKIP_LINK, `Skipped due to ${formatUtils.pretty(this.configuration, `mode=update-lockfile`, formatUtils.Type.CODE)}`);
return;
} |
Self-service
Describe the bug
Running
yarn add <package@version> --mode=update-lockfilefor a new version of an existing package already in the lockfile and yarn cache adds the new cached version of the new package to the yarn cache as expected, but it does not remove the old entry.I am not sure if this is actually working as intended, but for Dependabot, we would like to be able to update the yarn cache for users, and have it behave similar to how they would manually perform the update. I think users would expect the old version to be removed. I would absolutely understand if this is a limit of the current implementation, as I don't know much about the implementation details, but I figured I'd ask.
We can work around this by running in the default mode, and so far performance seems acceptable so it's not a big problem, but given that the mode seems to have been specifically designed for our usecase (thank you for that!), I wanted to start a conversation with y'all.
To reproduce
I tried to set up a sherlock thing, but I couldn't get it to work, apologies, here's what I was trying to do:
Environment
System: OS: macOS 12.5.1 CPU: (16) x64 Intel(R) Core(TM) i9-9980HK CPU @ 2.40GHz Binaries: Node: 12.22.6 - /private/var/folders/zt/b61qxk5s73gctrlmls3hjmz80000gn/T/xfs-cf4427f1/node Yarn: 3.2.1 - /private/var/folders/zt/b61qxk5s73gctrlmls3hjmz80000gn/T/xfs-cf4427f1/yarn npm: 8.5.1 - ~/.nvm/versions/node/v12.22.6/bin/npmAdditional context
No response
The text was updated successfully, but these errors were encountered: