fix: global hash divergence for empty version strings (#6319)
### Description
@mehulkar uncovered a case where we had hash divergence between Rust/Go
on Windows. It was initially caused by something in the prysk setup
where `package.json` got a dependency of the form: `"monorepo":
"file:"`. This caused an external dependency to be listed with an empty
version string. This proved to be problematic as the Go capnp library
[encodes empty strings as null
pointers](https://github.com/capnproto/go-capnp/blob/main/struct.go#L139)
instead of a zero length byte array as Rust does.
As the Go library exposes slightly more internals, I chose to change the
Go code to circumvent the empty string behavior.
Future work might be disallowing empty version strings, but that's a
larger change and something that requires more investigation. `npm` is
happy to produce/parse/use a dependency with version `file:` so we
should probably support it.
### Testing Instructions
Added unit tests for serializing lockfile packages with an empty version
string from Rust and Go. The first commit of the PR adds these tests
where it fails on Go to match the Rust hash.
Also can check against the case that @mehulkar uncovered:
- `mkdir /tmp/test && cd /tmp/test`
-
`~/code/turbo/turborepo-tests/integration/tests/_helpers/setup_monorepo.sh
$(pwd)`
- Edit `package.json` to contain `"dependencies": { "monorepo": "file:"
}`
- Regenerate `package-lock.json` by `npm install`
- `turbo build --dry=json` should now pass with a binary built using
this PR
Closes TURBO-1557
---------
Co-authored-by: Chris Olszewski <Chris Olszewski>
