My dotrun snap runs yarn internally. This will fail if it detects an .npmrc or .yarnrc file in the home directory, even if it can’t read it. It doesn’t seem to matter that the $HOME variable points to $SNAP_USER_DATA, yarn still finds the file in the actual user’s home directory.
I’ve tried various ways to make yarn ignore this file, but to no avail. It appears this can only be fixed by allowing yarn to read the files.
Looking at the upstream issue this is a shame that we can’t work-around it better but either way, granting read access to these configuration files doesn’t appear to introduce any likely security or trust issues since they are not particularly sensitive from what I can glean.
+1 for auto-connect of dotrun of personal-files for ~/.npmrc and ~/.yarnrc. One minor but important point is the name of this interface - currently this is npmrc in your snapcraft.yaml - traditionally we would call this dot-npmrc and I wonder whether we would want an explicit dot-yarnrc as a separate instance as well so that is quite obvious to users who use dotrun that access is provided to these files as they are not owned by dotrun - @nottrobin thoughts on separating these out into two separate instances? @jdstrand can you remind me again if we have a more explicit policy on naming of personal-files interfaces?
The changes look good. +1 for using and auto-connecting personal-files for read access to ~/.npmrc and ~/.yarnrc using the dot-npmrc and dot-yarnrc interface references.
2 votes for, 0 against for using and auto-connecting personal-files for read access to ~/.npmrc and ~/.yarnrc using the dot-npmrc and dot-yarnrc interface references.
Note, there is a corresponding change that must be done to the review-tools for this to pass automated review. I’ve made that change now, but it isn’t yet in production. Once done, this will pass automated review. Until then, you can request manual review via the store and we will manually approve.
@nottrobin - I re-ran the automated tests to make sure the snap declaration was correct and it put it back in the manual review queue. I just now manually approved.
