feat(lockfile): track JSR and npm dependencies in config file (#22004)

See overview in https://github.com/denoland/deno_lockfile/pull/13

cli/npm/managed/installer.rs

@@ -82,7 +82,7 @@ impl PackageJsonDepsInstaller {
       return Ok(()); // already installed by something else
     }
 
-    let package_reqs = inner.deps_provider.reqs();
+    let package_reqs = inner.deps_provider.reqs().unwrap_or_default();
 
     // check if something needs resolving before bothering to load all
     // the package information (which is slow)

cli/npm/managed/mod.rs

@@ -225,13 +225,21 @@ async fn snapshot_from_lockfile(
   lockfile: Arc<Mutex<Lockfile>>,
   api: &dyn NpmRegistryApi,
 ) -> Result<ValidSerializedNpmResolutionSnapshot, AnyError> {
-  let incomplete_snapshot = {
+  let (incomplete_snapshot, skip_integrity_check) = {
     let lock = lockfile.lock();
-    deno_npm::resolution::incomplete_snapshot_from_lockfile(&lock)?
+    (
+      deno_npm::resolution::incomplete_snapshot_from_lockfile(&lock)?,
+      lock.overwrite,
+    )
   };
-  let snapshot =
-    deno_npm::resolution::snapshot_from_lockfile(incomplete_snapshot, api)
-      .await?;
+  let snapshot = deno_npm::resolution::snapshot_from_lockfile(
+    deno_npm::resolution::SnapshotFromLockfileParams {
+      incomplete_snapshot,
+      api,
+      skip_integrity_check,
+    },
+  )
+  .await?;
   Ok(snapshot)
 }
 

cli/npm/managed/resolution.rs

@@ -10,7 +10,6 @@ use deno_core::parking_lot::RwLock;
 use deno_lockfile::NpmPackageDependencyLockfileInfo;
 use deno_lockfile::NpmPackageLockfileInfo;
 use deno_npm::registry::NpmPackageInfo;
-use deno_npm::registry::NpmPackageVersionDistInfoIntegrity;
 use deno_npm::registry::NpmRegistryApi;
 use deno_npm::resolution::NpmPackageVersionResolutionError;
 use deno_npm::resolution::NpmPackagesPartitioned;
@@ -388,21 +387,6 @@ fn populate_lockfile_from_snapshot(
 fn npm_package_to_lockfile_info(
   pkg: &NpmResolutionPackage,
 ) -> NpmPackageLockfileInfo {
-  fn integrity_for_lockfile(
-    integrity: NpmPackageVersionDistInfoIntegrity,
-  ) -> String {
-    match integrity {
-      NpmPackageVersionDistInfoIntegrity::Integrity {
-        algorithm,
-        base64_hash,
-      } => format!("{}-{}", algorithm, base64_hash),
-      NpmPackageVersionDistInfoIntegrity::UnknownIntegrity(integrity) => {
-        integrity.to_string()
-      }
-      NpmPackageVersionDistInfoIntegrity::LegacySha1Hex(hex) => hex.to_string(),
-    }
-  }
-
   let dependencies = pkg
     .dependencies
     .iter()
@@ -415,7 +399,7 @@ fn npm_package_to_lockfile_info(
   NpmPackageLockfileInfo {
     display_id: pkg.id.nv.to_string(),
     serialized_id: pkg.id.as_serialized(),
-    integrity: integrity_for_lockfile(pkg.dist.integrity()),
+    integrity: pkg.dist.integrity().for_lockfile(),
     dependencies,
   }
 }