Print debug information #36
Conversation
| @@ -126,6 +134,9 @@ jobs: | |||
| if: ${{ inputs.post-install-steps }} | |||
| uses: ./.github/tmp/post-install-steps | |||
|
|
|||
| - name: Print installed dependencies | |||
There was a problem hiding this comment.
This will be a ton of output; are you sure it’s helpful?
There was a problem hiding this comment.
Does it hurt? What are the downsides?
I'm not sure, tbh, how useful this is on OSS side of things, but at work this has been a life saver in numerous occassions:
- tracking down npm bugs (e.g. when lockfiles are not respected: [BUG]
npm cirespects thepackage-lock=falseconfig flag npm/cli#4185, [BUG]npm cisucceeds whenpackage-lock.jsondoesn't matchpackage.jsonnpm/cli#2701) - tracking down whether a specific (malicious) version of a package has ever been installed
- tracking down regressions in dependencies by comparing the trees between successful builds
The later two can be somewhat solved by using lockfiles, but there's opinions about that.
There was a problem hiding this comment.
What opinions? The latter two absolutely are covered by lockfiles.
Also, GitHub actions are almost exclusively used by open source projects, so that’s what we should be optimizing for.
There was a problem hiding this comment.
The downsides are that it might cause actually important log output to be truncated if the log gets too large - I’m not sure what GitHub’s log size limit is, but this specific output caused that problem on projects for me on Travis in the past, so i don’t do it anymore.
There was a problem hiding this comment.
What opinions
I meant that while lockfiles cover the issues mentioned, there are opinions about using lockfiles. Esp. in the context of OSS libraries a lot of people don't use them?
not sure what GitHub’s log size limit is
https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration#artifact-and-log-retention-policy does not mention any size limits.
I do recall them recently posting a blog post about how they rewrote the log viewer to cater for larger log files 🤔 https://github.blog/2021-03-25-how-github-actions-renders-large-scale-logs/ mentions that they need to support at least 50k lines. Surely that should be enough to list the dependencies 🤔
There was a problem hiding this comment.
Oh definitely there are opinions about that :-) but by not using a lockfile, I’d use --before locally to investigate anyways, which the full tree output wouldn’t help with.
There was a problem hiding this comment.
how much time does it add to list and log the entire dep tree?
There was a problem hiding this comment.
It does say 0s here: https://github.com/dominykas/pkgjs-action/runs/4685158763?check_suite_focus=true (randome poke). Other places say 1s. Ofc that's a very small tree, but I doubt it would go much over that.
Regarding the log lines, it could be attached as an artifact, but that would probably add another second... Not sure it's worth that.
There was a problem hiding this comment.
Fair enough :-) altho actually it might be much more useful to attach the lockfile itself - or, the one npm would have produced - as an artifact.
I guess i can see the usefulness of both, based on what you’ve described. The lockfile could be looked into as a follow up.
Closes #10