Ship a yarn.lock - WIP #1629
Ship a yarn.lock - WIP #1629
Conversation
|
Thank you for your pull request and welcome to our community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. In order for us to review and merge your code, please sign up at https://code.facebook.com/cla - and if you have received this in error or have any questions, please drop us a line at [email protected]. Thanks! If you are contributing on behalf of someone else (eg your employer): the individual CLA is not sufficient - use https://developers.facebook.com/opensource/cla?type=company instead. Contact [email protected] if you have any questions. |
|
Thank you for signing our Contributor License Agreement. We can now accept your code for this (and any) Facebook open source project. Thanks! |
|
The I don't think we can just toss it in template because it'd be outdated and not supported by older CLI versions (to update the versions for the release). |
|
Ah okay - I think I get that. So whoever is releasing it would generate the Right now it publishes one after another, but I don't suppose there's a good way to release |
|
I'm not sure if lerna is pluggable enough to let us do that step without a release of create-react-app after normal release. I'm not sure which would be better. But ideally we'd have a |
|
This is what I have so far. It's a little messy, but I'll clean it up. I think this is sort of what we were getting at, but let me know if you had a different vision for it. If we're going to download a |
packages/create-react-app/index.js
Outdated
| // Try to download the yarn.lock file. | ||
| if (shouldUseYarn()) { | ||
| var releaseRequest = request({ | ||
| uri: 'https://api.github.com/repos/facebookincubator/create-react-app/releases/latest', |
There was a problem hiding this comment.
I'm worried GH API might rate limit our users, no?
Is there a more stable way to do this?
There was a problem hiding this comment.
https://developer.github.com/v3/#rate-limiting
For unauthenticated requests, the rate limit allows you to make up to 60 requests per hour.
There was a problem hiding this comment.
We could use some sort of mirroring service; though as long as we handle this gracefully it shouldn't matter -- providing the yarn.lock isn't critical -- just nice to have.
There was a problem hiding this comment.
I think I might feel more comfortable relying on something like unpkg.com here, e.g. https://unpkg.com/[email protected]/README.md.
Also I think it is important to try to provide Yarn users with a consistent experience.
There was a problem hiding this comment.
We wouldn't be able to publish the updated yarn.lock (and package.json) with react-scripts though, since we'd want the yarn.lock to reflect the latest react-scripts (we'd only be able to generate it properly after react-scripts was published.. And we wouldn't publish it within the CLI since you'd need to have the latest CLI to use the latest react-scripts when bootstrapping.
It is a nice to have - if it starts to get too complex / too difficult to maintain, I don't want to force it.
|
This might be a problem: yarnpkg/yarn#1435 (comment) |
|
Looking at this more, and having sat on it for a while, I'm not sure exactly how we'd go about accomplishing this (even forgetting the optional dependency / platform issue - which is already or is about fixed, I think). Honestly, I think the complexity that it would add (assuming there was an acceptable way of doing it) wouldn't be worth the value added. It can be done, sure, but I don't see a simple solution that I feel comfortable with. If someone has a specific vision and knows how to accomplish it, I think that would be great, but I don't see this as a good fit as I have it sketched out now. If y'all agree, we can close this. But, if you have some ideas let's talk about it. |
For #1551: Tried wrapping my head around this, and I'm stuck on how exactly we can generate a true lockfile since we're not testing a "released" version of react-scripts.
If anyone has a better grip on this than me, I'd love for you to set me straight!