Patching a package feels harder than it needs to be. What am I doing wrong?

[MarcCelani-at]

Hi there.

In my yarn.lock, I have this entry:

"es6-promise@npm:^3.0.2, es6-promise@npm:^3.1.2, es6-promise@npm:^3.3.1":
  version: 3.3.1
  resolution: "es6-promise@npm:3.3.1"
  checksum: b4fc87cb8509c001f62f860f97b05d1fd3f87220c8b832578e6a483c719ca272b73a77f2231cb26395fa865e1cab2fd4298ab67786b69e97b8d757b938f4fc1f
  languageName: node
  linkType: hard

I want to patch [email protected], but in order to make sure that all my dependencies properly pick up my patched version, I need to put in a resolution for all of the semvers listed in the yarn.lock.

If I have multiple versions of the package being installed, I have to create a patch for each version, and again explicitly list all the semvers.

Compare this to the experience of using patch-package, where you create a patch file one time, and you are done. Patch-package applies the patch in the post install step, which means that it doesn't matter what the semvers are, only what the final packages that were installed. It attempts to apply the patch to all versions, and complains when it fails to apply a patch.

I like that yarn patch is more powerful. I can choose whether to apply my patch to just my own installation of a package, or apply it to dependencies that my dependencies pull in. But the latter requires a lot of resolutions and patches, and probably warrants constraints to prevent mistakes, which is even more work.

Is there a better way to deal with patches in the case where you want them to apply to all packages installed, even the ones your dependencies request?