Make WordPress Core

Opened 7 years ago

Closed 7 years ago

#40421 closed enhancement (duplicate)

Commit or ignore `yarn.lock` file

Reported by: jnylen0's profile jnylen0 Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Build/Test Tools Keywords:
Focuses: Cc:


For purposes of version control, we should do something with yarn.lock in the root of the WP dev repository. yarn is a much faster, more robust, and backwards-compatible alternative to npm install which I have started using for Node.js projects. There are a lot of benefits over npm which are detailed on the project's front page. The main reason I use it is that it's many times faster than npm install.

Unlike npm, yarn by default stores a list of the exact versions of all dependencies expected to be installed. This is a good way to avoid breakage if a package is updated with a bug, but still falls within the version range expected by npm.

This version information is stored in the yarn.lock file after you run yarn. There are two options for how to deal with this file and proceed with this ticket: commit this file, or ignore it.

If we are interested in taking steps towards migrating to yarn, which I personally would like to see, then we should commit this file. This does not impose a requirement that people start to use yarn, rather it merely provides additional benefits if you do (deterministic installs including all versions of sub-dependencies).

Alternatively, ignoring yarn.lock does not create any kind of expectation that people must use yarn instead of npm install, though personally I would recommend it. This will allow people to continue using yarn if they wish, with a clean source tree.

Change History (1)

#1 @swissspidy
7 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #38603.

We already have a ticket for exploring Yarn and possibly adding a lock file.

In my experience, Yarn has been way more strict than npm, often (rightfully) installing older versions of packages than npm and therefore leading to some compatibility problems.

We need to ensure there's no change in behaviour when using Yarn instead of npm.

Note: See TracTickets for help on using tickets.