Yarn: Dependencies installed via file protocol contain unnecessary files

Do you want to request a feature or report a bug?

bug

What is the current behavior?

When I install a dependency with via file: protocol it contains more files like a normal dependency, because white- and blacklists for publishing (.gitignore, .npmignore, "files" in package.json...) aren't respected.

Now directories like node_modules/ of _this_ one dependency land in the cache, too. This results in a _very long_ Linking dependencies... phase.

The workaround:

• Open yarns cache directory.
• Look for dependencies which were installed via file:.
• Manually remove unwanted files and directories.

If the current behavior is a bug, please provide the steps to reproduce.

1. Create a new package.json in a fresh directory and try to install a new local dependency (which contain a node_modules/ directory for example) via file:.
2. Look in $ yarn cache dir for this dependency and you'll see a node_modules/ directory there. (This isn't the case for other packages in your cache which aren't installed via file:.)

E.g.

{
  "name": "some-example",
  "version": "1.0.0",
  "private": true,
  "dependencies": {
    "some-dependency": "file:../some-dependency/"
  }
}

What is the expected behavior?

Respect white- and blacklists for publishing for file: based dependencies, too.

Please mention your node.js, yarn and operating system version.

• Node: v6.9
• yarn: v0.24.6
• operating system: Mac OS X 10.12.4