Package manager

Do you want to request a feature or report a bug?
feature request

What is the current behavior?
Currently yarn why won't indicate any package info in the resolutions field

If the current behavior is a bug, please provide the steps to reproduce.

1. install a package with any version, e.g "pkg": "^1.0.0"
2. add resolutions field in package.json, pkg: "1.0.0"
3. upd

• I am on the latest Poet

When I try to 'conan install' version-range-based requirements for a package from a GitLab remote package repository, I get an unhelpful Python message "ERROR: 'NoneType' object is not iterable." I believe it's triggered by some faulty implementation on the GitLab repository side, but it would be helpful if Conan provided a more specific indication of the error cause.
My example conanfile.py:
`

Hooks for scopes get a double prefix, ie @@scope, when shown with the npm hook ls command. This is due to the response from the web request already including the prefix in the name field, and the following lines of code then locally adding the prefix again, duplicating it.

Hi,

I just realized there is no update/upgrade section in your doc. It could be nice to have clear command on how to update the software, specially if there is some breaking changes or whatever.

Self-service

• I'd be willing to implement a fix

Describe the bug

yarn info --virtuals doesn't show the dependencies of virtual packages.

To reproduce

package.json

{
  "dependencies": {
    "webpack": "5.66.0"
  }
}

Run

yarn install
yarn info --virtuals webpack

The output shows

├─ webpack@npm:5.66.0
│  ├─ Instan

Describe the bug
CodeQL show that we are logging paths directly. We should instead escape and then log them.

To Reproduce
Results are shown here: https://github.com/gomods/athens/pull/1748/checks?check_run_id=4567576462

Expected behavior

We can simply log escaped paths provided by net/url: https://pkg.go.dev/net/url#URL.EscapedPath

Additional context
Add an

We use a some magic number when dealing with exit codes in our help that runs subprocesses via Open3.popen3.

Here: https://github.com/rubygems/rubygems/blob/f62cad4818cc333b40d506d859ca53531f2f25f6/bundler/spec/support/subprocess.rb#L39-L54

We should probably add a link to https://tldp.org/LDP/abs/html/exitcodes.html and move it to a constant/variable with some non magical name.

_Origin

Currently spack does not support the following packages, all of these packages are installed outside of Spack at Cori, we would like to get support for these packages if possible.

• cpmd https://www.lcrc.anl.gov/for-users/software/available-software/cpmd/
• ComputeCPP https://github.com/codeplaysoftware/computecpp-sdk need to confirm link
• ds9 https://sites.google.com/cfa.harvard.

Could it be possible to have a warning message when installing a rock that contains a module that is already provided by another rock? Or is there already an option for this and I didn't find it?

At least with Luarocks version 3.2.1 I verified that there are no warnings for this case.

However it seems that Luarocks is aware of the collision and installs the new module under another name and