modify yarn-cling

go-to-k · go-to-k · commit 3d30ebe22960 · 2025-12-15T16:51:31.000+09:00
diff --git a/packages/@aws-cdk/yarn-cling/lib/index.ts b/packages/@aws-cdk/yarn-cling/lib/index.ts
@@ -36,13 +36,21 @@ export async function generateShrinkwrap(options: ShrinkwrapOptions): Promise<Pa
   const yarnLock: YarnLock = lockfile.parse(await fs.readFile(yarnLockLoc, { encoding: 'utf8' }));
   const pkgJson = await loadPackageJson(packageJsonFile);
 
-  let lock = await generateLockFile(pkgJson, yarnLock, packageJsonDir);
+  // Load resolutions from root package.json (for monorepo support)
+  const rootPkgJsonPath = path.join(path.dirname(yarnLockLoc), 'package.json');
+  let resolutions: Record<string, string> = {};
+  if (await fileExists(rootPkgJsonPath)) {
+    const rootPkgJson = await loadPackageJson(rootPkgJsonPath);
+    resolutions = rootPkgJson.resolutions || {};
+  }
+
+  let lock = await generateLockFile(pkgJson, yarnLock, packageJsonDir, resolutions);
 
   if (options.hoist ?? true) {
     lock = hoistDependencies(lock);
   }
 
-  _validateTree(lock);
+  _validateTree(lock, resolutions);
 
   if (options.outputFile) {
     // Write the shrinkwrap file
@@ -52,7 +60,12 @@ export async function generateShrinkwrap(options: ShrinkwrapOptions): Promise<Pa
   return lock;
 }
 
-async function generateLockFile(pkgJson: PackageJson, yarnLock: YarnLock, rootDir: string): Promise<PackageLockFile> {
+async function generateLockFile(
+  pkgJson: PackageJson,
+  yarnLock: YarnLock,
+  rootDir: string,
+  resolutions: Record<string, string> = {},
+): Promise<PackageLockFile> {
   const builder = new PackageGraphBuilder(yarnLock);
   const rootKeys = await builder.buildGraph(pkgJson.dependencies || {}, rootDir);
 
@@ -65,7 +78,7 @@ async function generateLockFile(pkgJson: PackageJson, yarnLock: YarnLock, rootDi
   };
 
   try {
-    checkRequiredVersions(lockFile);
+    checkRequiredVersions(lockFile, resolutions);
   } catch (e: any) {
     const tempFile = path.join(os.tmpdir(), 'npm-shrinkwrap.json');
     await fs.writeFile(tempFile, JSON.stringify(lockFile, undefined, 2), 'utf-8');
@@ -366,7 +379,7 @@ async function findPackageDir(depName: string, rootDir: string) {
  * tell our future selves that is cannot and will not work, and we should find another
  * solution.
  */
-export function checkRequiredVersions(root: PackageLockFile) {
+export function checkRequiredVersions(root: PackageLockFile, resolutions: Record<string, string> = {}) {
   recurse(root, [[root.name, root]]);
 
   // rootPath does include 'entry'
@@ -386,8 +399,11 @@ export function checkRequiredVersions(root: PackageLockFile) {
           range = range.split('@')[1];
         }
 
+        // If there's a resolution for this package, use that instead of the required range
+        const effectiveRange = resolutions[name] || range;
+
         const depPath = [name, ...rootPath.map(x => x[0])];
-        if (!semver.satisfies(resolvedPackage.version, range)) {
+        if (!semver.satisfies(resolvedPackage.version, effectiveRange)) {
           // Ruh-roh.
           throw new Error(`Looks like we're trying to force '${renderRootPath(depPath)}' to version '${resolvedPackage.version}' (found at ${resolvedPath} => ${name}), but `
             + `${depPath[depPath.length - 1]} specifies the dependency as '${range}'. NPM will not respect this shrinkwrap file. Try vendoring a patched `
@@ -421,7 +437,7 @@ export function checkRequiredVersions(root: PackageLockFile) {
  * We have manipulated the tree a bunch. Do a sanity check to ensure that all declared
  * dependencies are satisfied.
  */
-export function _validateTree(lock: PackageLockTree) {
+export function _validateTree(lock: PackageLockTree, resolutions: Record<string, string> = {}) {
   const errors = new Array<string>();
   recurse(lock, [['root', lock]], {});
   if (errors.length > 0) {
@@ -452,13 +468,16 @@ export function _validateTree(lock: PackageLockTree) {
       declaredRange = declaredRange.split('@')[1];
     }
 
+    // If there's a resolution for this package, use that instead of the declared range
+    const effectiveRange = resolutions[name] || declaredRange;
+
     const foundVersion = depsVersions[name];
     const newRootPath = [name, ...rootPath.map(x => x[0])];
     if (!foundVersion) {
       errors.push(`Dependency on ${renderRootPath(newRootPath)} not satisfied: not found`);
-    } else if (!semver.satisfies(foundVersion, declaredRange)) {
+    } else if (!semver.satisfies(foundVersion, effectiveRange)) {
       // eslint-disable-next-line no-console
-      errors.push(`Dependency on ${renderRootPath(newRootPath)} not satisfied: declared range '${declaredRange}', found '${foundVersion}'`);
+      errors.push(`Dependency on ${renderRootPath(newRootPath)} not satisfied: declared range '${effectiveRange}', found '${foundVersion}'`);
     }
   }
 }
diff --git a/packages/@aws-cdk/yarn-cling/lib/types.ts b/packages/@aws-cdk/yarn-cling/lib/types.ts
@@ -6,6 +6,11 @@ export interface PackageJson {
    * Dependency name to version range
    */
   dependencies?: Record<string, string>;
+
+  /**
+   * Yarn resolutions to force specific package versions
+   */
+  resolutions?: Record<string, string>;
 }
 
 export interface YarnLock {
