isolate-package 1.33.0 → 1.35.0

package/src/get-internal-package-names.ts

@@ -23,9 +23,9 @@ export async function getInternalPackageNames(
 
   detectPackageManager(workspaceRootDir);
 
-  const targetPackageManifest = await readTypedJson<PackageManifest>(
+  const targetPackageManifest = (await readTypedJson(
     path.join(targetPackageDir, "package.json"),
-  );
+  )) as PackageManifest;
 
   const packagesRegistry = await createPackagesRegistry(
     workspaceRootDir,

package/src/isolate-bin.ts

@@ -97,11 +97,11 @@ async function run() {
   await isolate(mergedConfig);
 }
 
-run().catch((err) => {
-  if (err instanceof Error) {
-    console.error(err.stack);
-    process.exit(1);
+run().catch((error) => {
+  if (error instanceof Error) {
+    console.error(error.stack);
   } else {
-    console.error(err);
+    console.error(error);
   }
+  process.exit(1);
 });

package/src/isolate.ts

@@ -31,29 +31,30 @@ import {
   getRootRelativeLogPath,
   isRushWorkspace,
   readTypedJson,
+  resetIsolateDir,
   writeTypedYamlSync,
 } from "./lib/utils";
 
 const __dirname = getDirname(import.meta.url);
 
-export function createIsolator(config?: IsolateConfig) {
-  const resolvedConfig = resolveConfig(config);
+export function createIsolator(initialConfig?: IsolateConfig) {
+  const resolvedConfig = resolveConfig(initialConfig);
 
-  return async function isolate(): Promise<string> {
+  return async function runIsolate(): Promise<string> {
     const config = resolvedConfig;
     setLogLevel(config.logLevel);
     const log = useLogger();
 
-    const { version: libraryVersion } = await readTypedJson<PackageManifest>(
+    const { version: libraryVersion } = (await readTypedJson(
       path.join(path.join(__dirname, "..", "package.json")),
-    );
+    )) as PackageManifest;
 
     log.debug("Using isolate-package version", libraryVersion);
 
     const { targetPackageDir, workspaceRootDir } =
       resolveWorkspacePaths(config);
 
-    const buildOutputDir = await getBuildOutputDir({
+    const buildOutputDir = getBuildOutputDir({
       targetPackageDir,
       buildDirName: config.buildDirName,
       tsconfigPath: config.tsconfigPath,
@@ -77,19 +78,23 @@ export function createIsolator(config?: IsolateConfig) {
       getRootRelativeLogPath(isolateDir, workspaceRootDir),
     );
 
-    if (fs.existsSync(isolateDir)) {
-      await fs.remove(isolateDir);
-      log.debug("Cleaned the existing isolate output directory");
-    }
-
-    await fs.ensureDir(isolateDir);
+    /**
+     * Place the trash sibling outside `targetPackageDir`, since that directory
+     * is later packed by `processBuildOutputFiles`. Keeping the trash next to
+     * the target package (still on the same filesystem) preserves the atomic
+     * rename without risking that the trash gets picked up by `npm pack` or
+     * races with that step.
+     */
+    await resetIsolateDir(isolateDir, {
+      trashParentDir: path.dirname(targetPackageDir),
+    });
 
     const tmpDir = path.join(isolateDir, "__tmp");
     await fs.ensureDir(tmpDir);
 
-    const targetPackageManifest = await readTypedJson<PackageManifest>(
+    const targetPackageManifest = (await readTypedJson(
       path.join(targetPackageDir, "package.json"),
-    );
+    )) as PackageManifest;
 
     /** Validate mandatory fields for the target package */
     validateManifestMandatoryFields(
@@ -233,8 +238,10 @@ export function createIsolator(config?: IsolateConfig) {
     const copiedPatches = shouldCopyPatches
       ? await copyPatches({
           workspaceRootDir,
+          targetPackageDir,
           targetPackageManifest: outputManifest,
           packagesRegistry,
+          internalDepPackageNames: internalPackageNames,
           isolateDir,
           includeDevDependencies: config.includeDevDependencies,
         })
@@ -276,9 +283,7 @@ export function createIsolator(config?: IsolateConfig) {
         if (packageManager.name === "bun") {
           manifest.patchedDependencies = patchEntries;
         } else {
-          if (!manifest.pnpm) {
-            manifest.pnpm = {};
-          }
+          manifest.pnpm ??= {};
           manifest.pnpm.patchedDependencies = patchEntries;
         }
 

package/src/lib/config.test.ts

@@ -12,7 +12,7 @@ const mockLogger = {
   error: vi.fn(),
 };
 
-vi.mock("~/lib/logger", () => ({
+vi.mock("#/lib/logger", () => ({
   useLogger: () => mockLogger,
 }));
 

package/src/lib/config.ts

@@ -93,7 +93,7 @@ function loadModuleConfig(filePath: string): IsolateConfig {
       throw new Error("Failed to extract config JSON from subprocess output");
     }
 
-    const parsed = JSON.parse(jsonMatch);
+    const parsed = JSON.parse(jsonMatch) as unknown;
 
     if (
       typeof parsed !== "object" ||
@@ -105,7 +105,7 @@ function loadModuleConfig(filePath: string): IsolateConfig {
       );
     }
 
-    return parsed;
+    return parsed as IsolateConfig;
   } catch (error) {
     const stderr =
       error instanceof Error && "stderr" in error
@@ -151,7 +151,7 @@ export function loadConfigFromFile(): IsolateConfig {
   }
 
   if (jsonExists) {
-    return readTypedJsonSync<IsolateConfig>(jsonConfigPath);
+    return readTypedJsonSync(jsonConfigPath) as IsolateConfig;
   }
 
   return {};

package/src/lib/lockfile/helpers/bun-lockfile.ts

@@ -0,0 +1,153 @@
+/**
+ * Shared types and walker logic for the Bun workspace lockfile (`bun.lock`).
+ *
+ * Used both when generating the isolated lockfile and when computing the set
+ * of package names that will end up installed in the isolate (so that patches
+ * for deep transitive deps are preserved).
+ */
+
+export type BunWorkspaceEntry = {
+  name?: string;
+  version?: string;
+  dependencies?: Record<string, string>;
+  devDependencies?: Record<string, string>;
+  optionalDependencies?: Record<string, string>;
+  peerDependencies?: Record<string, string>;
+  optionalPeers?: string[];
+};
+
+export type BunLockfile = {
+  lockfileVersion: number;
+  workspaces: Record<string, BunWorkspaceEntry>;
+  packages: Record<string, unknown[]>;
+  trustedDependencies?: string[];
+  patchedDependencies?: Record<string, string>;
+  overrides?: Record<string, string>;
+};
+
+/** Extract dependency names from a workspace entry. */
+export function collectDependencyNames(
+  entry: BunWorkspaceEntry,
+  includeDevDependencies: boolean,
+): string[] {
+  const names = new Set<string>();
+
+  for (const name of Object.keys(entry.dependencies ?? {})) {
+    names.add(name);
+  }
+  for (const name of Object.keys(entry.optionalDependencies ?? {})) {
+    names.add(name);
+  }
+  for (const name of Object.keys(entry.peerDependencies ?? {})) {
+    names.add(name);
+  }
+
+  if (includeDevDependencies) {
+    for (const name of Object.keys(entry.devDependencies ?? {})) {
+      names.add(name);
+    }
+  }
+
+  return [...names];
+}
+
+/**
+ * Check whether a package entry represents a workspace package by examining
+ * its identifier string (first element in the entry array).
+ */
+export function isWorkspacePackageEntry(entry: unknown[]): boolean {
+  const ident = entry[0];
+  return typeof ident === "string" && ident.includes("@workspace:");
+}
+
+/**
+ * Extract the info object from a packages entry. The position varies by type:
+ * - npm packages: [ident, registry, info, checksum] -> index 2
+ * - workspace packages: [ident, info] -> index 1
+ * - git/github packages: [ident, info, checksum] -> index 1
+ *
+ * Detection: if the second element is a string (registry URL or checksum),
+ * the info object is deeper. Workspace entries have only 2 elements.
+ */
+export function getPackageInfoObject(
+  entry: unknown[],
+): Record<string, unknown> | undefined {
+  if (entry.length <= 1) return undefined;
+
+  /** Workspace entries: [ident, info] */
+  if (isWorkspacePackageEntry(entry)) {
+    return typeof entry[1] === "object"
+      ? (entry[1] as Record<string, unknown>)
+      : undefined;
+  }
+
+  /**
+   * npm entries with registry URL: [ident, registryUrl, info, checksum]. The
+   * second element is a string (the registry URL).
+   */
+  if (typeof entry[1] === "string") {
+    return typeof entry[2] === "object"
+      ? (entry[2] as Record<string, unknown>)
+      : undefined;
+  }
+
+  /** git/tarball entries: [ident, info, checksum] */
+  return typeof entry[1] === "object"
+    ? (entry[1] as Record<string, unknown>)
+    : undefined;
+}
+
+/**
+ * Recursively collect all package keys that are required, starting from a set
+ * of direct dependency names and walking through their transitive
+ * dependencies in the packages section.
+ */
+export function collectRequiredPackages(
+  directDependencyNames: Set<string>,
+  packages: Record<string, unknown[]>,
+): Set<string> {
+  const required = new Set<string>();
+  const queue = [...directDependencyNames];
+
+  let name: string | undefined;
+  while ((name = queue.pop()) !== undefined) {
+    if (required.has(name)) continue;
+
+    const entry = packages[name];
+    if (!entry) continue;
+
+    required.add(name);
+
+    const info = getPackageInfoObject(entry);
+    if (!info) continue;
+
+    /** Walk transitive dependencies from the info object */
+    for (const depField of [
+      "dependencies",
+      "optionalDependencies",
+      "peerDependencies",
+    ]) {
+      enqueueDeps(info[depField], required, queue);
+    }
+  }
+
+  return required;
+}
+
+/**
+ * Push any names from a dependency map onto the BFS queue, skipping anything
+ * already marked required so we don't revisit it. `deps` is typed as `unknown`
+ * because it comes from a freshly-parsed lockfile entry with no schema.
+ */
+function enqueueDeps(
+  deps: unknown,
+  required: Set<string>,
+  queue: string[],
+): void {
+  if (!deps || typeof deps !== "object") return;
+  for (const depName of Object.keys(deps as Record<string, unknown>)) {
+    if (!required.has(depName)) {
+      queue.push(depName);
+    }
+  }
+}

package/src/lib/lockfile/helpers/generate-bun-lockfile.test.ts

@@ -13,8 +13,8 @@ vi.mock("fs-extra", () => ({
 }));
 
 /** Mock the utils */
-vi.mock("~/lib/utils", async (importOriginal) => {
-  const actual = await importOriginal<typeof import("~/lib/utils")>();
+vi.mock("#/lib/utils", async (importOriginal) => {
+  const actual = await importOriginal<typeof import("#/lib/utils")>();
   return {
     getErrorMessage: vi.fn((err: Error) => err.message),
     getPackageName: actual.getPackageName,
@@ -23,7 +23,7 @@ vi.mock("~/lib/utils", async (importOriginal) => {
 });
 
 const fs = vi.mocked((await import("fs-extra")).default);
-const { readTypedJsonSync } = vi.mocked(await import("~/lib/utils"));
+const { readTypedJsonSync } = vi.mocked(await import("#/lib/utils"));
 
 /** Reusable packages registry fixture */
 function createPackagesRegistry() {

package/src/lib/lockfile/helpers/generate-bun-lockfile.ts

@@ -1,32 +1,20 @@
 import fs from "fs-extra";
 import { got } from "get-or-throw";
 import path from "node:path";
-import { useLogger } from "~/lib/logger";
-import type { PackagesRegistry } from "~/lib/types";
+import { useLogger } from "#/lib/logger";
+import type { PackagesRegistry } from "#/lib/types";
 import {
   getErrorMessage,
   getPackageName,
   readTypedJsonSync,
-} from "~/lib/utils";
-
-type BunWorkspaceEntry = {
-  name?: string;
-  version?: string;
-  dependencies?: Record<string, string>;
-  devDependencies?: Record<string, string>;
-  optionalDependencies?: Record<string, string>;
-  peerDependencies?: Record<string, string>;
-  optionalPeers?: string[];
-};
-
-type BunLockfile = {
-  lockfileVersion: number;
-  workspaces: Record<string, BunWorkspaceEntry>;
-  packages: Record<string, unknown[]>;
-  trustedDependencies?: string[];
-  patchedDependencies?: Record<string, string>;
-  overrides?: Record<string, string>;
-};
+} from "#/lib/utils";
+import {
+  type BunLockfile,
+  type BunWorkspaceEntry,
+  collectDependencyNames,
+  collectRequiredPackages,
+  isWorkspacePackageEntry,
+} from "./bun-lockfile";
 
 /**
  * Serialize a value to JSON with trailing commas after every array element and
@@ -54,126 +42,6 @@ export function serializeWithTrailingCommas(
   return result;
 }
 
-/**
- * Extract dependency names from a workspace entry, optionally including
- * devDependencies.
- */
-function collectDependencyNames(
-  entry: BunWorkspaceEntry,
-  includeDevDependencies: boolean,
-): string[] {
-  const names = new Set<string>();
-
-  for (const name of Object.keys(entry.dependencies ?? {})) {
-    names.add(name);
-  }
-  for (const name of Object.keys(entry.optionalDependencies ?? {})) {
-    names.add(name);
-  }
-  for (const name of Object.keys(entry.peerDependencies ?? {})) {
-    names.add(name);
-  }
-
-  if (includeDevDependencies) {
-    for (const name of Object.keys(entry.devDependencies ?? {})) {
-      names.add(name);
-    }
-  }
-
-  return [...names];
-}
-
-/**
- * Check whether a package entry represents a workspace package by examining its
- * identifier string (first element in the entry array).
- */
-function isWorkspacePackageEntry(entry: unknown[]): boolean {
-  const ident = entry[0];
-  return typeof ident === "string" && ident.includes("@workspace:");
-}
-
-/**
- * Extract the info object from a packages entry. The position varies by type:
- * - npm packages: [ident, registry, info, checksum] -> index 2
- * - workspace packages: [ident, info] -> index 1
- * - git/github packages: [ident, info, checksum] -> index 1
- *
- * Detection: if the second element is a string (registry URL or checksum), the
- * info object is deeper. Workspace entries have only 2 elements.
- */
-function getPackageInfoObject(
-  entry: unknown[],
-): Record<string, unknown> | undefined {
-  if (entry.length <= 1) return undefined;
-
-  /** Workspace entries: [ident, info] */
-  if (isWorkspacePackageEntry(entry)) {
-    return typeof entry[1] === "object"
-      ? (entry[1] as Record<string, unknown>)
-      : undefined;
-  }
-
-  /**
-   * npm entries with registry URL: [ident, registryUrl, info, checksum].
-   * The second element is a string (the registry URL).
-   */
-  if (typeof entry[1] === "string") {
-    return typeof entry[2] === "object"
-      ? (entry[2] as Record<string, unknown>)
-      : undefined;
-  }
-
-  /** git/tarball entries: [ident, info, checksum] */
-  return typeof entry[1] === "object"
-    ? (entry[1] as Record<string, unknown>)
-    : undefined;
-}
-
-/**
- * Recursively collect all package keys that are required, starting from a set
- * of direct dependency names and walking through their transitive dependencies
- * in the packages section.
- */
-function collectRequiredPackages(
-  directDependencyNames: Set<string>,
-  packages: Record<string, unknown[]>,
-): Set<string> {
-  const required = new Set<string>();
-  const queue = [...directDependencyNames];
-
-  while (queue.length > 0) {
-    const name = queue.pop()!;
-
-    if (required.has(name)) continue;
-
-    const entry = packages[name];
-    if (!entry) continue;
-
-    required.add(name);
-
-    const info = getPackageInfoObject(entry);
-    if (!info) continue;
-
-    /** Walk transitive dependencies from the info object */
-    for (const depField of [
-      "dependencies",
-      "optionalDependencies",
-      "peerDependencies",
-    ]) {
-      const deps = info[depField];
-      if (deps && typeof deps === "object") {
-        for (const depName of Object.keys(deps as Record<string, unknown>)) {
-          if (!required.has(depName)) {
-            queue.push(depName);
-          }
-        }
-      }
-    }
-  }
-
-  return required;
-}
-
 export async function generateBunLockfile({
   workspaceRootDir,
   targetPackageDir,
@@ -200,7 +68,7 @@ export async function generateBunLockfile({
       throw new Error(`Failed to find bun.lock at ${lockfilePath}`);
     }
 
-    const lockfile = readTypedJsonSync<BunLockfile>(lockfilePath);
+    const lockfile = readTypedJsonSync(lockfilePath) as BunLockfile;
 
     /** Compute workspace keys for the target and internal deps */
     const targetWorkspaceKey = path
@@ -347,8 +215,8 @@ export async function generateBunLockfile({
     );
 
     log.debug("Created lockfile at", outputPath);
-  } catch (err) {
-    log.error(`Failed to generate lockfile: ${getErrorMessage(err)}`);
-    throw err;
+  } catch (error) {
+    log.error(`Failed to generate lockfile: ${getErrorMessage(error)}`);
+    throw error;
   }
 }

package/src/lib/lockfile/helpers/generate-npm-lockfile.integration.test.ts

@@ -1,14 +1,10 @@
 import fs from "fs-extra";
 import os from "node:os";
 import path from "node:path";
-import { fileURLToPath } from "node:url";
 import { afterEach, beforeEach, describe, expect, it } from "vitest";
 import { generateNpmLockfile } from "./generate-npm-lockfile";
 
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = path.dirname(__filename);
-
-const FIXTURES_DIR = path.join(__dirname, "__fixtures__");
+const FIXTURES_DIR = path.join(import.meta.dirname, "__fixtures__");
 
 /**
  * Copy a fixture's `workspace/` tree into a fresh tmp directory so that the