Do you want to request a feature or report a bug?
feature request

What is the current behavior?
Currently yarn why won't indicate any package info in the resolutions field

If the current behavior is a bug, please provide the steps to reproduce.

1. install a package with any version, e.g "pkg": "^1.0.0"
2. add resolutions field in package.json, pkg: "1.0.0"
3. upd

Looking at the code, it looks like autoload files are loaded in the order of packages given by PackageSorter::sortPackages().

This should be documented in https://getcomposer.org/doc/04-schema.md#files. (Also, I have no idea what the sorting done by PackageSorter::sortPackages() actually is. It says 'dependency weight' but what does that mean?)

poetry and poetry-core are full type annotated and checking types by mypy is prepared. However these checks are deactivated for most of the modules.

In this ticket I like to invite everybody to pick one or more modules in poetry and poetry-core and fix errors reported by mypy. Please link any PR you are starting to this issue.

In process:

• https://github.com/python-poetry/po

pnpm version: >=6.11.0-0

Code to reproduce the issue:

When I try to 'conan install' version-range-based requirements for a package from a GitLab remote package repository, I get an unhelpful Python message "ERROR: 'NoneType' object is not iterable." I believe it's triggered by some faulty implementation on the GitLab repository side, but it would be helpful if Conan provided a more specific indication of the error cause.
My example conanfile.py:
`

Hooks for scopes get a double prefix, ie @@scope, when shown with the npm hook ls command. This is due to the response from the web request already including the prefix in the name field, and the following lines of code then locally adding the prefix again, duplicating it.

Hi,

I just realized there is no update/upgrade section in your doc. It could be nice to have clear command on how to update the software, specially if there is some breaking changes or whatever.

Self-service

• I'd be willing to implement a fix

Describe the bug

yarn info --virtuals doesn't show the dependencies of virtual packages.

To reproduce

package.json

{
  "dependencies": {
    "webpack": "5.66.0"
  }
}

Run

yarn install
yarn info --virtuals webpack

The output shows

├─ webpack@npm:5.66.0
│  ├─ Instan

Describe the bug
CodeQL show that we are logging paths directly. We should instead escape and then log them.

To Reproduce
Results are shown here: https://github.com/gomods/athens/pull/1748/checks?check_run_id=4567576462

Expected behavior

We can simply log escaped paths provided by net/url: https://pkg.go.dev/net/url#URL.EscapedPath

Additional context
Add an

Describe the problem as clearly as you can

If any error occurs during gem package fetching, bundler will always retry it. But many errors will keep happening again and again, and once bundler gives up, it will give a less informative error.

Did you try upgrading rubygems & bundler?

Yes.

Post steps to reproduce the problem

You can follow the steps to reproduce #5160.

Currently spack does not support the following packages, all of these packages are installed outside of Spack at Cori, we would like to get support for these packages if possible.

• cpmd https://www.lcrc.anl.gov/for-users/software/available-software/cpmd/
• ComputeCPP https://github.com/codeplaysoftware/computecpp-sdk need to confirm link
• ds9 https://sites.google.com/cfa.harvard.

Could it be possible to have a warning message when installing a rock that contains a module that is already provided by another rock? Or is there already an option for this and I didn't find it?

At least with Luarocks version 3.2.1 I verified that there are no warnings for this case.

However it seems that Luarocks is aware of the collision and installs the new module under another name and