npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@coderspirit/lock-distill

v0.1.3

Published

A lock-files distiller, to be used in monorepo environments when creating Docker images.

Downloads

10

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

castarcocastarco

Keywords

lockfilemonorepodockeryarn

Readme

Lock-Distill

NPM version License npm downloads Known Vulnerabilities Security Score

Introduction

Lock-Distill is a tool designed to create "minimal" lockfiles to be used when building OCI/Docker images, in the context of monorepos.

When working on monorepo environments, it is typical to rely on tools such as "yarn workspaces". This has some advantages, but it also presents some problems.

A very insidious problem is that a unique and global lockfile is shared between all the workspaces inside the monorepo. This has the unfortunate consequence that this lockfile will change with much higher frequency than if we had one repository per workspace.

The higher changes frequency implies that Docker Builder (or any other OCI image builders) will have to discard the cached layers based on that file more often, therefore having to spend more time and energy recomputing previously done work.

Install instructions

# With NPM
npm install @coderspirit/lock-distill

# Or with Yarn:
yarn add @coderspirit/lock-distill

Usage

We have to pass at least two options:

  • The application package.json file path
  • The file path for the global lockfile
lock-distill -p ./apps/svc1/package.json -l ./yarn.lock -o ./apps/svc1/distilled.yarn.lock

Once you have a "distilled" lockfile, you can COPY or mount it while building the Docker/OCI image.

Options

  • -p, --package <path>: The application's package.json file path. Required.
  • -l, --lockfile <path>: The monorepo's global lockfile path. Required.
  • -o, --output <path>: The path where to write the distillation output. If not passed, then the result can be directly read from stdout.
  • -m, --mode <full|workspace>: It specifies how aggressive will be the distillation process.
    • If set to workspace, then it will generate a new lockfile containing references to the workspace's prod & dev dependencies.
    • If set to full, then it will generate a new lockfile only containing references to the workspace's prod dependencies. This is the default option.
  • -t, --type: This option is not useful yet, as only Yarn v1.x is supported for now, but hopefully we'll introduce support for Yarn >=2, PNPM and others.