From 205020b6c39639ff3471bd024c5ce17bc9a55731 Mon Sep 17 00:00:00 2001
From: Konstantin Raev <bestander@fb.com>
Date: Mon, 10 Apr 2017 17:14:15 +0100
Subject: [PATCH 1/2] wip fixing resolver when lockfile has incorrect semver
 entries

---
 src/package-resolver.js | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/package-resolver.js b/src/package-resolver.js
index 4cca3a7dfa..82b4d0ff92 100644
--- a/src/package-resolver.js
+++ b/src/package-resolver.js
@@ -434,8 +434,20 @@ export default class PackageResolver {
       this.activity.tick(req.pattern);
     }
 
-    if (!this.lockfile.getLocked(req.pattern, true)) {
+    const lockfileEntry = this.lockfile.getLocked(req.pattern);
+    if (!lockfileEntry) {
       this.newPatterns.push(req.pattern);
+    } else {
+      const {range} = PackageRequest.normalizePattern(req.pattern);
+      // TODO anything about exotic?
+      // lockfileEntry is incorrect, remove it from lockfile cache and consider the pattern as new
+      if (!PackageRequest.getExoticResolver(range) && !semver.satisfies(lockfileEntry.version, range)) {
+        // TODO print warning about incorrect lockfile entry for pattern
+        this.removePattern(req.pattern);
+        this.newPatterns.push(req.pattern);
+        // TODO encapsulate in lockfile
+        delete this.lockfile.cache[req.pattern];
+      }
     }
 
     const request = new PackageRequest(req, this);

From 61c134ad9a528448b9d13bb6c33f17267e0868af Mon Sep 17 00:00:00 2001
From: Konstantin Raev <bestander@fb.com>
Date: Tue, 11 Apr 2017 14:26:38 +0100
Subject: [PATCH 2/2] Fixes incorrect entries in lockfiles

Fixes #2629.
If lockfile pattern does not match a version it will be ignored and re-resolved
---
 __tests__/commands/install/lockfiles.js          | 15 +++++++++++++++
 .../fixtures/install/lockfile-fixed/package.json |  6 ++++++
 .../fixtures/install/lockfile-fixed/yarn.lock    | 11 +++++++++++
 src/lockfile/wrapper.js                          |  8 ++++++++
 src/package-resolver.js                          | 16 ++++++++++------
 src/reporters/lang/en.js                         |  1 +
 6 files changed, 51 insertions(+), 6 deletions(-)
 create mode 100644 __tests__/fixtures/install/lockfile-fixed/package.json
 create mode 100644 __tests__/fixtures/install/lockfile-fixed/yarn.lock

diff --git a/__tests__/commands/install/lockfiles.js b/__tests__/commands/install/lockfiles.js
index 36846f159a..184464313a 100644
--- a/__tests__/commands/install/lockfiles.js
+++ b/__tests__/commands/install/lockfiles.js
@@ -288,3 +288,18 @@ test.concurrent('install should rewrite lockfile if patterns can be merged', ():
     expect(lockContent).not.toContain('https://fakepath.wont.download.com/mime-db/-/mime-db-1.0.0.tgz');
   });
 });
+
+test.concurrent('install should fix if lockfile patterns don\'t match resolved version', (): Promise<void> => {
+  const fixture = 'lockfile-fixed';
+
+  return runInstall({}, fixture, async (config, reporter) => {
+    const lockContent = await fs.readFile(
+      path.join(config.cwd, 'yarn.lock'),
+    );
+    expect(lockContent).not.toContain('mime-db-1.24.0.tgz');
+    expect(lockContent).toContain('mime-db-1.23.0.tgz');
+    expect(lockContent).not.toContain('left-pad-1.1.3.tgz');
+    expect(lockContent).toContain('left-pad-1.1.2.tgz');
+
+  });
+});
diff --git a/__tests__/fixtures/install/lockfile-fixed/package.json b/__tests__/fixtures/install/lockfile-fixed/package.json
new file mode 100644
index 0000000000..57d783cf7d
--- /dev/null
+++ b/__tests__/fixtures/install/lockfile-fixed/package.json
@@ -0,0 +1,6 @@
+{
+  "dependencies": {
+    "left-pad": ">=1.0.0 <1.1.3",
+    "mime-db": "1.23.0"
+  }
+}
diff --git a/__tests__/fixtures/install/lockfile-fixed/yarn.lock b/__tests__/fixtures/install/lockfile-fixed/yarn.lock
new file mode 100644
index 0000000000..0f74133f93
--- /dev/null
+++ b/__tests__/fixtures/install/lockfile-fixed/yarn.lock
@@ -0,0 +1,11 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+
+
+"left-pad@>=1.0.0 <1.1.3":
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/left-pad/-/left-pad-1.1.3.tgz#612f61c033f3a9e08e939f1caebeea41b6f3199a"
+
+mime-db@1.23.0:
+  version "1.24.0"
+  resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.24.0.tgz#e2d13f939f0016c6e4e9ad25a8652f126c467f0c"
diff --git a/src/lockfile/wrapper.js b/src/lockfile/wrapper.js
index 76b60934c3..897cf699ba 100644
--- a/src/lockfile/wrapper.js
+++ b/src/lockfile/wrapper.js
@@ -122,6 +122,14 @@ export default class Lockfile {
     return undefined;
   }
 
+  removePattern(pattern: string) {
+    const cache = this.cache;
+    if (!cache) {
+      return;
+    }
+    delete cache[pattern];
+  }
+
   getLockfile(patterns: {
     [packagePattern: string]: Manifest
   }): Object {
diff --git a/src/package-resolver.js b/src/package-resolver.js
index 82b4d0ff92..3fd128e34b 100644
--- a/src/package-resolver.js
+++ b/src/package-resolver.js
@@ -438,15 +438,19 @@ export default class PackageResolver {
     if (!lockfileEntry) {
       this.newPatterns.push(req.pattern);
     } else {
-      const {range} = PackageRequest.normalizePattern(req.pattern);
-      // TODO anything about exotic?
+      const {range, hasVersion} = PackageRequest.normalizePattern(req.pattern);
       // lockfileEntry is incorrect, remove it from lockfile cache and consider the pattern as new
-      if (!PackageRequest.getExoticResolver(range) && !semver.satisfies(lockfileEntry.version, range)) {
-        // TODO print warning about incorrect lockfile entry for pattern
+      if (
+        semver.validRange(range) &&
+        semver.valid(lockfileEntry.version) &&
+        !semver.satisfies(lockfileEntry.version, range) &&
+        !PackageRequest.getExoticResolver(range) &&
+        hasVersion
+      ) {
+        this.reporter.warn(this.reporter.lang('incorrectLockfileEntry', req.pattern));
         this.removePattern(req.pattern);
         this.newPatterns.push(req.pattern);
-        // TODO encapsulate in lockfile
-        delete this.lockfile.cache[req.pattern];
+        this.lockfile.removePattern(req.pattern);
       }
     }
 
diff --git a/src/reporters/lang/en.js b/src/reporters/lang/en.js
index 37db734d33..97d29a79fe 100644
--- a/src/reporters/lang/en.js
+++ b/src/reporters/lang/en.js
@@ -94,6 +94,7 @@ const messages = {
   frozenLockfileError: 'Your lockfile needs to be updated, but yarn was run with `--frozen-lockfile`.',
   fileWriteError: 'Could not write file $0: $1',
   multiplePackagesCantUnpackInSameDestination: 'Pattern $0 is trying to unpack in the same destination $1 as pattern $2. This could result in a non deterministic behavior, skipping.',
+  incorrectLockfileEntry: 'Lockfile has incorrect entry for $0. Ingoring it.',
 
   yarnOutdated: "Your current version of Yarn is out of date. The latest version is $0 while you're on $1.",
   yarnOutdatedInstaller: 'To upgrade, download the latest installer at $0.',