-
-
Notifications
You must be signed in to change notification settings - Fork 3.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Electron Build Should Copy Lock File #8034
Comments
I know this is an old issue, but I think a neat / clean way you can accomplish this is by using the My idea here is not to copy the lock file, but rather to pin the package.json to specific versions each time you build. Through |
Side note in practice I too have been copying the package-lock.json. @rstoenescu it seems you have some interest here... is there any reason user-land devs should not copy package-lock.json? Or is there some preferred direction you want to take with regards to Quasar? |
This is a bit of a snowball issue (the more you start on it the bigger it gets). You have different packagers (npm, yarn, pnpm, etc) as well, some of these support workspaces (npm 7?, yarn, pnpm). |
And it seems some cool new Vite goodness on the horizon. Yep... 100% agree we can leave this to folks to figure out. For posterity two easy ways that I know of right off the bat...
with whatever path you want relative to |
Enhancement will be available in "@quasar/app" v3.2.5 |
Is your feature request related to a problem? Please describe.
Currently the Electron build process copies the project package.json to the build directory and performs a production install from that. If the package.json doesn't specify exact versions of all dependencies, this can lead to the build using different versions of dependencies than dev.
In my case, one of my dependencies introduced a breaking change in a minor version (poor form, I know). My package.json specified "^2.8.0". Running "quasar dev -m electron" resulted in using 2.8.0 from the version controlled package-lock.json and worked fine, but "quasar build -m electron" installed the latest 2.x.0 release, which produced a non-functional build.
Describe the solution you'd like
Prior to the Electron package installation step, the project package-lock.json or yarn.lock, as determined by the nodePackager variable, should be copied into the electron UnPackaged build directory. I've verified that this results in installing just production dependencies at the locked versions for npm. I believe this should be true for yarn as well, but have not confirmed.
Describe alternatives you've considered
If introducing the behavior specified above might cause issues I haven't considered, the behavior could be added to the Electron documentation, perhaps with a slightly more polished version of this work around that I have successfully added to the build property in quasar.conf.js:
Additional context
I'm willing to try to familiarize my self a bit more with the Quasar code base and put together a PR if this feature gets a green light. If somebody already familiar can immediately point out what method would be most appropriate to extend for this, that would be helpful. I assume the method that copies package.json currently, but I haven't tracked that down yet.
The text was updated successfully, but these errors were encountered: