From c13b6d1413859d03b41b97d4c671fccfd388b2cc Mon Sep 17 00:00:00 2001
From: Nathan Whitaker <17734409+nathanwhit@users.noreply.github.com>
Date: Tue, 2 Jul 2024 15:00:16 -0700
Subject: feat(cli): Add `--frozen` flag to error out if lockfile is out of
 date (#24355)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Closes #18296.

Adds a `--frozen` (alias `--frozen-lockfile`) flag that errors out if
the lockfile is out of date. This is useful for running in CI (where an
out of date lockfile is usually a mistake) or to prevent accidental
changes in dependencies.

![Screenshot 2024-06-26 at 7 11
13 PM](https://github.com/denoland/deno/assets/17734409/538404b8-b422-4f05-89e8-4c9b1c248576)
---
 cli/module_loader.rs | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'cli/module_loader.rs')

diff --git a/cli/module_loader.rs b/cli/module_loader.rs
index ed1a9526f..0e81736e5 100644
--- a/cli/module_loader.rs
+++ b/cli/module_loader.rs
@@ -72,10 +72,13 @@ use deno_semver::npm::NpmPackageReqReference;
 pub async fn load_top_level_deps(factory: &CliFactory) -> Result<(), AnyError> {
   let npm_resolver = factory.npm_resolver().await?;
   if let Some(npm_resolver) = npm_resolver.as_managed() {
-    npm_resolver.ensure_top_level_package_json_install().await?;
-    // TODO(nathanwhit): we call `cache_packages` if the lockfile is modified,
-    // so by calling it here it's possible we end up calling it twice
-    npm_resolver.cache_packages().await?;
+    if !npm_resolver.ensure_top_level_package_json_install().await? {
+      if let Some(lockfile) = factory.maybe_lockfile() {
+        lockfile.error_if_changed()?;
+      }
+
+      npm_resolver.cache_packages().await?;
+    }
   }
   // cache as many entries in the import map as we can
   if let Some(import_map) = factory.maybe_import_map().await? {
-- 
cgit v1.2.3