[PATCH] yarnpkg

DoneSubmitted by Kozo.
Details
5 participants
  • Kozo
  • Björn Höfling
  • Kozo viaweb
  • Jakub Kądziołka
  • Christopher Baines
Owner
unassigned
Severity
normal
K
(address . guix-patches@gnu.org)
1ba1944d95080f01f02a11c2484e7cb9fa75f538.camel@runbox.com
Hello,
This is my first submission. Please let me know how I can improve forfuture packages.
I followed the steps in the manual and submitted a Software Heritagerequest to pull the source code.
Thank you,Kozo
From cf6cecd960225bab04cc33041e42d4e0cf4a075c Mon Sep 17 00:00:00 2001From: Kozodev <gitlabcanada@runbox.com>Date: Sat, 25 Apr 2020 20:09:34 -0600Subject: [PATCH] yarnpkg
--- yarn.scm | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 yarn.scm
Toggle diff (55 lines)diff --git a/yarn.scm b/yarn.scmnew file mode 100644index 0000000..4a1a57b--- /dev/null+++ b/yarn.scm@@ -0,0 +1,47 @@+(define-module (yarn)+ #:use-module (guix packages)+ #:use-module (guix download)+ #:use-module (guix build-system trivial)+ #:use-module (guix licenses)+ #:use-module (gnu packages node)+ #:use-module (ice-9 pretty-print))++(define yarn-version "1.22.4")++(define-public yarn+ (package+ (name "yarn")+ (version yarn-version)+ (source (origin+ (method url-fetch/tarbomb)+ (uri (string-append "https://github.com/yarnpkg/yarn/releases/download/v"+ version "/yarn-v" version ".tar.gz"))+ (sha256+ (base32+ "0n7vhwjz3lyjnavcaw08cqa8gfampqsy5mm3f555cbqb26m1clxw"))))+ (build-system trivial-build-system)+ (outputs '("out"))+ (inputs `(("node" ,node)))+ (arguments+ `(#:modules ((guix build utils))+ #:builder (begin+ (use-modules (guix build utils))+ (let* ((out (assoc-ref %outputs "out"))+ (bin (string-append out "/bin"))+ (lib (string-append out "/lib"))+ (node-modules (string-append lib "/node_modules"))+ (yarn (string-append node-modules "/yarn"))+ (input-dir (string-append+ (assoc-ref %build-inputs "source") "/yarn-v" ,version)))+ (mkdir-p yarn)+ (mkdir-p bin)+ (copy-recursively (string-append input-dir "/") yarn)+ (symlink (string-append yarn "/bin/yarn") (string-append bin "/yarn"))+ (symlink (string-append yarn "/bin/yarnpkg") (string-append bin "/yarnpkg"))+ (delete-file (string-append yarn "/bin/yarn.cmd"))+ (delete-file (string-append yarn "/bin/yarnpkg.cmd"))))))+ (home-page "https://yarnpkg.com/")+ (synopsis "Dependency management tool for JavaScript")+ (description "Fast, reliable, and secure dependency management tool+for JavaScript. Acts as a drop-in replacement for NodeJS's npm.")+ (license bsd-2)))-- 2.26.2
C
C
Christopher Baines wrote on 26 Apr 2020 19:42
(name . Kozo)(address . Gitlabcanada@runbox.com)(address . 40860@debbugs.gnu.org)
878siinnxg.fsf@cbaines.net
Kozo <Gitlabcanada@runbox.com> writes:
Toggle quote (6 lines)> This is my first submission. Please let me know how I can improve for> future packages.>> I followed the steps in the manual and submitted a Software Heritage> request to pull the source code.
Hi Kozo,
Yarn would indeed be something that would be nice to have a package for.
While I guess that this might work, I think there are issues with thesource here and the lack of dependencies that make this unsuitable forGuix.
Toggle quote (12 lines)> +(define-public yarn> + (package> + (name "yarn")> + (version yarn-version)> + (source (origin> + (method url-fetch/tarbomb)> + (uri (string-append "https://github.com/yarnpkg/yarn/releases/download/v"> + version "/yarn-v" version ".tar.gz"))> + (sha256> + (base32> + "0n7vhwjz3lyjnavcaw08cqa8gfampqsy5mm3f555cbqb26m1clxw"))))
The key thing here is source. For many reasons, the packages in Guixrepresent software being built from some source material.
What's being downloaded here might look like source material, but Idoubt the ~153,409 line lib/cli.js file is really the preferred form forediting the Yarn source code.
Toggle quote (4 lines)> + (build-system trivial-build-system)> + (outputs '("out"))> + (inputs `(("node" ,node)))
Another sign that something is up is the mismatch between the inputshere, and the dependencies in the upstream metadata [1]. Assuming thepackage works, I'm guessing that there's a lot more than the source ofYarn within the "source" of this package.
1: https://github.com/yarnpkg/yarn/blob/master/package.json
I'm hopeful that package Yarn will become possible sometime soon, but inmy mind the path forward is to get an importer working for npm, packagethe many dependencies, then attempt to package yarn.
Unfortunately I don't think there's a bug that tracks this overall issuewell, although I did find a similar bug about yarn [2]
2: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=33431
Does that make sense?
Thanks,
Chris
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAl6lyBtfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNFODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE9XeGpQ/6A9mixGXc2IobxUkE0RnjK5iQkdA4viJxOjnY8rZjvr6nhTIChOorcP8EUYrEePzYYCi7AzIq0EED6ZQShf0auoajzkZhHdVeLsNnvl7mQ/VfQ1H3/Z/GvNy6Ma66Dsko07DlqQzX8aCNZ7A+XVfr/yewg9NHRtSP3hRiyCfAtQT1Tt3ceViMLqny9T1rcBZLZtHUldDOcx5t2NMC2e+jBlLj61NqWv2YfRmjI1H4/CZHPHzUBUp6Qphm3ZQBjG3CzQPWf4etk8KIKNxAOfwxgLC8EfVYYgSV4+vQmDy5VRp8VGcH2xhw1vCoFYDhyT29SpqBw4rQ5eT+gedyvdxK7EOPJkVvmAHXa7vFT8B1yLyBvEVvErtCohD9yz3EXg6FSz5kAYezq4k/h155MHvQflPSidizhI4i2k90fp+3Y3hwAoTqz8EZ+D45O3zw+9ItRafCceR6lBzG1XUD2E5MKUqKPAsJtmg68931DYQ1QNgjPBocDBgBhW3gRltUV01kqCjYz1PVVDaoyucNDYoMXvKsYNjA8YBdkAyRcsPmtDepRv/KuVCGZfAbLrddrgkpgUOdTSsCTTo8JqXHN8J/P3ZCvStJu+vEcJS9UK2GH9b1SQqsQHtnFaX87ipA7YSZpz+vzWRZckfyKKnsvkLtL9DzMk7HZ3r6Syd9V08uSC4==QUul-----END PGP SIGNATURE-----
J
J
Jakub Kądziołka wrote on 26 Apr 2020 20:16
Re: [PATCH] yarnpkg
(name . Kozo)(address . Gitlabcanada@runbox.com)(address . guix-patches@gnu.org)
20200426181625.tagnhjfz3n7do2cb@gravity
On Sat, Apr 25, 2020 at 08:15:56PM -0600, Kozo wrote:
Toggle quote (7 lines)> Subject: [PATCH] yarnpkg> > ---> yarn.scm | 47 +++++++++++++++++++++++++++++++++++++++++++++++> 1 file changed, 47 insertions(+)> create mode 100644 yarn.scm
Please write commit logs in the ChangeLog format [0]. You can check thecommit history for examples.
Toggle quote (2 lines)> (define-module (yarn)
Please put the file in gnu/packages/. Also, add it to the list ingnu/local.mk.
Toggle quote (7 lines)> #:use-module (guix packages)> #:use-module (guix download)> #:use-module (guix build-system trivial)> #:use-module (guix licenses)> #:use-module (gnu packages node)> #:use-module (ice-9 pretty-print))
I can't see where (ice-9 pretty-print) is being used.
Toggle quote (2 lines)> (define yarn-version "1.22.4")
What is the purpose of this single-use variable?
Toggle quote (7 lines)> (define-public yarn> (package> (name "yarn")> (version yarn-version)> (source (origin> (method url-fetch/tarbomb)
The file has only a single directory, so why use /tarbomb?
Toggle quote (3 lines)> (uri (string-append "https://github.com/yarnpkg/yarn/releases/download/v"> version "/yarn-v" version ".tar.gz"))
When looking through this download, it seems that the lib/cli.js file isa preprocessed mess. Ideally, we would build the package from source.
Toggle quote (14 lines)> (sha256> (base32> "0n7vhwjz3lyjnavcaw08cqa8gfampqsy5mm3f555cbqb26m1clxw"))))> (build-system trivial-build-system)> (outputs '("out"))> (inputs `(("node" ,node)))> (arguments> `(#:modules ((guix build utils))> #:builder (begin> (use-modules (guix build utils))> (let* ((out (assoc-ref %outputs "out"))> (bin (string-append out "/bin"))> (lib (string-append out "/lib"))
The indentation is quite confusing here, I'd suggest running./etc/format-code.el on your file.
Toggle quote (4 lines)> (synopsis "Dependency management tool for JavaScript")> (description "Fast, reliable, and secure dependency management tool> for JavaScript. Acts as a drop-in replacement for NodeJS's npm.")
I think there are a lot of buzzwords in this description: "fast,reliable and secure" is not an objective property. Is there somethingmore neutral that could be said about the package?
Thanks,Jakub Kądziołka
[0]: https://www.gnu.org/prep/standards/html_node/Change-Logs.html#Change-Logs
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE5Xa/ss9usT31cTO54xWnWEYTFWQFAl6lz/UACgkQ4xWnWEYTFWSYcQ/5AVO/ZT5wVNER0Um86OHo3J1GGrwJxmE87Zhpl+iiSWK4uwaTiXjamVq9De4oa4b2KVy0GFH35dW5DMoVyBFaxSOzoPXeVB0QTUgZCPwfS2YerPsp2mWE25yoi4PLojbnjQmxLTICLDfCCOLlrRuULQ+0OtlHtFxWlZa2WhTF20RW6kaFVjFzIH84X95hKEx2LGwz9LW8cbJlhPg6LIytIOBVqIFS+lBJwrFnDux2KGUfeae/PbowLTMAXAxRagg1onyjnABY/Kf09HvfNYtdJ+3rafU33xFLWa/wbg/8THN5HDX0zCbXDjt5Wr8h641NNzP5pUMUvmEFxx7cxRF65pMMg+GPIHG6pdrfX0RaKJIVYv36QpdDKxq0ciSTw3nEvAzfUbFaPcuptaO/ldK48CZAa9g1EwiZXwpKmg0+gjUNkNHOAws+oyMlFGVNR/rnOKLz3xDroQdbQe1RmEDyH3CM0OrLKYAkL2ucQE+uXOPTmFc5MuCJ2fl0U/YB9KyHKoA8fKXUSetXhL5IPF/OYo4134LYl7dmmNqi4F8reJafpYDN2ffIdpxsllIhmUtULBlpYb2sx99W3I51NxvScTM3uD8S8xVODROXk4XGa+YvudTqc17FryxDipyUXEY728M+CVC/JPKGvDtZkk6xmwKVR/YoByUSRs6FyYYPeJo==gVN/-----END PGP SIGNATURE-----

K
[PATCH] Yarnpkg
(address . 40860@debbugs.gnu.org)
c3fc7c23eb03835639f263be0fa2c4edb56010a1.camel@runbox.com
Thank you for the feedback, Christopher and Jakub.
After going over what you said, this package is beyond my currentexperience. It would make sense to start getting all the dependenciesin one at a time and return to this one later.
Please go ahead and close this request as I work on the buildingblocks.
Thanks,Kozo
B
B
Björn Höfling wrote on 27 Apr 2020 20:28
(name . Kozo)(address . Gitlabcanada@runbox.com)(address . 40860-done@debbugs.gnu.org)
20200427202835.2caee370@alma-ubu
On Mon, 27 Apr 2020 08:10:28 -0600Kozo <Gitlabcanada@runbox.com> wrote:
Toggle quote (9 lines)> Thank you for the feedback, Christopher and Jakub.> > After going over what you said, this package is beyond my current> experience. It would make sense to start getting all the dependencies> in one at a time and return to this one later.> > Please go ahead and close this request as I work on the building> blocks.
Hi Kozo,
you can close issues by appending "-done" to the bug-number as I did.
node/npm is terribly hard because of its "dependency hell".
Jelle Licht worked on an npm-importer. AFAIK it is not yet part ofGuix. Here is a reference on it I found:
https://lists.gnu.org/archive/html/guix-devel/2017-03/msg00814.html
Björn
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQQiGUP0np8nb5SZM4K/KGy2WT5f/QUCXqckUwAKCRC/KGy2WT5f/Xl2AJwI5hSIoR7kaYHbkeW60KoKQgpXvgCeJeLT0qw54/Fg3oUw9i/90jIRy9s==bw1+-----END PGP SIGNATURE-----

Closed
K
K
Kozo viaweb wrote on 4 May 2020 21:28
(no subject)
(address . 40860@debbugs.gnu.org)
7fbdd51d8ac0.6b24ee6c792f93b@guile.gnu.org
Greetings,
Thank you for your feedback. This package is too complex for my current experience level.
The current plan of action will be to start getting all the dependencies added in and then come back to this overall package.
Please close this request and we'll re-visit it in the future.
Thank you,Kozo
B
B
Björn Höfling wrote on 5 May 2020 09:08
(name . Kozo viaweb)(address . issues.guix.gnu.org@elephly.net)(address . 40860-done@debbugs.gnu.org)
20200505090816.1164bae3@alma-ubu
On Mon, 4 May 2020 21:28:54 +0200Kozo via web <issues.guix.gnu.org@elephly.net> wrote:
Toggle quote (10 lines)> Greetings,> > Thank you for your feedback. This package is too complex for my> current experience level.> > The current plan of action will be to start getting all the> dependencies added in and then come back to this overall package.> > Please close this request and we'll re-visit it in the future.
Closed with adding "-done" to the bug-number.
Thanks for giving it a try and see you around with smaller packagesfirst.
Björn
-----BEGIN PGP SIGNATURE-----
iF0EAREKAB0WIQQiGUP0np8nb5SZM4K/KGy2WT5f/QUCXrEQ4AAKCRC/KGy2WT5f/YBuAJ9+zrEwuneFwVy2WmqW1WrORXsddgCeLul5Av9JHty0cDYCB44+ti169ls==srmI-----END PGP SIGNATURE-----

Closed
?