Tidy up NPM checkout process (#14631)

scripts/release/prepare-stable-commands/check-out-packages.js

@@ -5,7 +5,7 @@
 const {exec} = require('child-process-promise');
 const {existsSync} = require('fs');
 const {join} = require('path');
-const {logPromise} = require('../utils');
+const {execRead, logPromise} = require('../utils');
 const theme = require('../theme');
 
 const run = async ({cwd, local, packages, version}) => {
@@ -31,7 +31,24 @@ const run = async ({cwd, local, packages, version}) => {
   // Checkout canary release from NPM for all local packages
   for (let i = 0; i < packages.length; i++) {
     const packageName = packages[i];
-    await exec(`npm i ${packageName}@${version}`, {cwd: nodeModulesPath});
+
+    // We previously used `npm install` for this,
+    // but in addition to checking out a lot of transient dependencies that we don't care about–
+    // the NPM client also added a lot of registry metadata to the package JSONs,
+    // which we had to remove as a separate step before re-publishing.
+    // It's easier for us to just download and extract the tarball.
+    const url = await execRead(
+      `npm view ${packageName}@${version} dist.tarball`
+    );
+    const filePath = join(nodeModulesPath, `${packageName}.tgz`);
+    const packagePath = join(nodeModulesPath, `${packageName}`);
+    const tempPackagePath = join(nodeModulesPath, 'package');
+
+    // Download packages from NPM and extract them to the expected build locations.
+    await exec(`curl ${url} > ${filePath}`, {cwd});
+    await exec(`tar -xvzf ${filePath} -C ${nodeModulesPath}`, {cwd});
+    await exec(`mv ${tempPackagePath} ${packagePath}`, {cwd});
+    await exec(`rm ${filePath}`, {cwd});
   }
 };
 

scripts/release/prepare-stable-commands/prune-package-registry-metadata.js

@@ -1,31 +0,0 @@
-#!/usr/bin/env node
-
-'use strict';
-
-const {logPromise} = require('../utils');
-const {readJson, writeJson} = require('fs-extra');
-const {join} = require('path');
-
-const run = async ({cwd, packages}) => {
-  const nodeModulesPath = join(cwd, 'build/node_modules');
-
-  for (let i = 0; i < packages.length; i++) {
-    const packageName = packages[i];
-    const packageJSONPath = join(nodeModulesPath, packageName, 'package.json');
-    const packageJSON = await readJson(packageJSONPath);
-
-    // NPM adds a lot of metadata fields on checkout.
-    // It's nice to strip these before re-publishing the package.
-    for (let key in packageJSON) {
-      if (key.startsWith('_')) {
-        delete packageJSON[key];
-      }
-    }
-
-    await writeJson(packageJSONPath, packageJSON, {spaces: 2});
-  }
-};
-
-module.exports = async params => {
-  return logPromise(run(params), 'Pruning package registry metadata');
-};

scripts/release/prepare-stable.js

@@ -10,7 +10,6 @@ const confirmStableVersionNumbers = require('./prepare-stable-commands/confirm-s
 const guessStableVersionNumbers = require('./prepare-stable-commands/guess-stable-version-numbers');
 const parseParams = require('./prepare-stable-commands/parse-params');
 const printPrereleaseSummary = require('./shared-commands/print-prerelease-summary');
-const prunePackageRegistryMetadata = require('./prepare-stable-commands/prune-package-registry-metadata');
 const testPackagingFixture = require('./shared-commands/test-packaging-fixture');
 const testTracingFixture = require('./shared-commands/test-tracing-fixture');
 const updateStableVersionNumbers = require('./prepare-stable-commands/update-stable-version-numbers');
@@ -29,7 +28,6 @@ const run = async () => {
     await checkOutPackages(params);
     await guessStableVersionNumbers(params, versionsMap);
     await confirmStableVersionNumbers(params, versionsMap);
-    await prunePackageRegistryMetadata(params);
     await updateStableVersionNumbers(params, versionsMap);
 
     if (!params.skipTests) {