Skip to content

module: allow running .ts in node_modules if private #55385

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

module: allow running .ts in node_modules if private #55385

wants to merge 2 commits into from

Conversation

marco-ippolito
Copy link
Member

@marco-ippolito marco-ippolito commented Oct 14, 2024
edited
Loading

Refs: nodejs/typescript#14

This PR checks when attempting to run .ts files under node_modules if the package.json contains the property private: true.

This should make possible to use strip-types in monorepos, without allowing package maintainer to publish their packages on npm without compiling first.

Also not very performant since is checking/parsing the package.json every time a file under node_modules is encountered, it requires some sort of caching

@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/loaders
  • @nodejs/typescript

@nodejs-github-bot nodejs-github-bot added lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels Oct 14, 2024
@marco-ippolito marco-ippolito added the strip-types Issues or PRs related to strip-types support label Oct 14, 2024
@mcollina
Copy link
Member

This solution works for me.

marco-ippolito
marco-ippolito commented Oct 14, 2024
View reviewed changes
doc/api/errors.md
@@ -3041,7 +3041,8 @@ import 'package-name'; // supported
added: v22.6.0
-->

Type stripping is not supported for files descendent of a `node_modules` directory.
Type stripping is not supported for files descendent of a `node_modules` directory,
where package.json is missing or does not contain the property `"private": true`.
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
where package.json is missing or does not contain the property `"private": true`.
where package.json is missing or does not contain the property `"private": true`.

Is there any chance it can be missing?

marco-ippolito
marco-ippolito commented Oct 14, 2024
View reviewed changes
lib/internal/modules/helpers.js
function isPrivateNodeModule(filename) {
const packageJsonReader = require('internal/modules/package_json_reader');
const resolved = StringPrototypeStartsWith(filename, 'file://') ? filename : pathToFileURL(filename).href;
const packageConfig = packageJsonReader.getPackageScopeConfig(resolved);
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we cache already analized paths?
Like everything under node_modules/foo once we have already read read node_modules/foo/package.json

@jakebailey
Copy link

I said this on nodejs/typescript#14 (comment), but I don't understand the use case here; if you have a package like this, you can't have published it because it's marked private. How did you get the package, then? For monorepos, I would really expect that you'd get it via a symlink, in which case the realpath of the files will not prevent the transform from happening.

@marco-ippolito
Copy link
Member Author

I said this on nodejs/typescript#14 (comment), but I don't understand the use case here; if you have a package like this, you can't have published it because it's marked private. How did you get the package, then? For monorepos, I would really expect that you'd get it via a symlink, in which case the realpath of the files will not prevent the transform from happening.

Probably easier to use since it doesnt require additional tooling.
We could also document that possibility

@jakebailey
Copy link

That doesn't really answer my question... I understand that using this flag prevents needing another tool like tsx. But how would someone end up in the situation where their node_modules directory contains a private package, but that package is not symlinked?

@marco-ippolito
Copy link
Member Author

I thought that private: true would still allow publishing privately on the registry, which is not the case 😐
In that case yes it doesnt make sense.

@bmeck
Copy link
Member

bmeck commented Oct 15, 2024

@marco-ippolito were you thinking about bundledDependencies?

@marco-ippolito marco-ippolito mentioned this pull request Feb 26, 2025
Closed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. strip-types Issues or PRs related to strip-types support
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@marco-ippolito @nodejs-github-bot @mcollina @jakebailey @bmeck