Skip to content

refactor(@angular/cli): add generic package manifest resolver #31947

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
alan-agius4 merged 1 commit into from
Nov 27, 2025
Merged

refactor(@angular/cli): add generic package manifest resolver #31947

alan-agius4 merged 1 commit into from
Nov 27, 2025

Conversation

@clydin
Copy link
Member

@clydin clydin commented Nov 25, 2025

Extends the package manager abstraction to resolve manifests for various specifier types beyond registry packages. This is crucial for supporting packages installed from local directories, file archives, and git repositories.

A new getManifest method is introduced on the PackageManager service. This method acts as a unified entry point for manifest resolution:

  • It uses npm-package-arg to parse the package specifier and determine its type (registry, directory, file, git, etc.).
  • For local directory specifiers, it reads the package.json directly from the filesystem for maximum efficiency.
  • For other non-registry specifiers (git repos, remote tarballs, local tarballs), it uses the acquireTempPackage flow to safely fetch and extract the package.
  • When acquiring a package, lifecycle scripts are disabled for improved security and performance.
  • To reliably determine the package name for non-registry types, the manifest resolver now inspects the temporary package.json after the package manager has installed the dependency.

The existing getPackageManifest method has been renamed to getRegistryManifest to more accurately reflect its purpose.

@clydin
refactor(@angular/cli): add generic package manifest resolver
c71ffea 
Extends the package manager abstraction to resolve manifests for various specifier types beyond registry packages. This is crucial for supporting packages installed from local directories, file archives, and git repositories.

A new `getManifest` method is introduced on the `PackageManager` service. This method acts as a unified entry point for manifest resolution:
- It uses `npm-package-arg` to parse the package specifier and determine its type (registry, directory, file, git, etc.).
- For local directory specifiers, it reads the `package.json` directly from the filesystem for maximum efficiency.
- For other non-registry specifiers (git repos, remote tarballs, local tarballs), it uses the `acquireTempPackage` flow to safely fetch and extract the package.
- When acquiring a package, lifecycle scripts are disabled for improved security and performance.
- To reliably determine the package name for non-registry types, the manifest resolver now inspects the temporary `package.json` after the package manager has installed the dependency.

The existing `getPackageManifest` method has been renamed to `getRegistryManifest` to more accurately reflect its purpose.
@clydin clydin added the target: minor This PR is targeted for the next minor release label Nov 25, 2025
@clydin clydin marked this pull request as ready for review November 25, 2025 19:09
@clydin clydin added the action: review The PR is still awaiting reviews from at least one requested reviewer label Nov 25, 2025
@clydin clydin requested a review from alan-agius4 November 26, 2025 15:14
@alan-agius4 alan-agius4 added action: merge The PR is ready for merge by the caretaker and removed action: review The PR is still awaiting reviews from at least one requested reviewer labels Nov 27, 2025
@alan-agius4 alan-agius4 merged commit dabe101 into angular:main Nov 27, 2025
39 checks passed
@alan-agius4
Copy link
Collaborator

alan-agius4 commented Nov 27, 2025

This PR was merged into the repository. The changes were merged into the following branches:

@clydin clydin deleted the package-managers/non-registry-manifests branch November 27, 2025 13:27
@angular-automatic-lock-bot
Copy link

angular-automatic-lock-bot bot commented Dec 28, 2025

This issue has been automatically locked due to inactivity.
Please file a new issue if you are encountering a similar or related problem.

Read more about our automatic conversation locking policy.

This action has been performed automatically by a bot.

@angular-automatic-lock-bot angular-automatic-lock-bot bot locked and limited conversation to collaborators Dec 28, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@alan-agius4 alan-agius4 alan-agius4 approved these changes

Assignees

No one assigned

Labels

action: merge The PR is ready for merge by the caretaker area: @angular/cli target: minor This PR is targeted for the next minor release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@clydin @alan-agius4