Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No PRs due to unclear update_not_possible #9501

Open
1 task done
amureki opened this issue Apr 15, 2024 · 3 comments
Open
1 task done

No PRs due to unclear update_not_possible #9501

amureki opened this issue Apr 15, 2024 · 3 comments
Labels
L: git:submodules Git submodules L: github:actions GitHub Actions L: go:modules Golang modules L: javascript L: python T: bug 🐞 Something isn't working

Comments

@amureki
Copy link
Contributor

amureki commented Apr 15, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Package ecosystem

npm

Package manager version

10.2.4

Language version

20.11.0

Manifest location and content before the Dependabot update

This is my package.json, located in the root project folder:

{
  "name": "my-project",
  "repository": "my-project-url",
  "license": "UNLICENSED",
  "scripts": {
    "build": "wireit",
    "i18n:build": "wireit",
    "test": "wireit",
    "lint": "wireit",
    "test:ci": "wireit",
    "i18n:extract": "wireit"
  },
  "wireit": {
    "build": {
      "dependencies": [
        "sass",
        "svg",
        "webpack",
        "esm"
      ]
    },
    "webpack": {
      "command": "webpack",
      "files": [
        "frontend/assets/js/**/*.js",
        "frontend/assets/js/**/*.vue",
        "webpack.*"
      ],
      "output": [
        "frontend/static/js/*.min.js"
      ],
      "clean": true,
      "dependencies": [
        "esm",
        "i18n:build"
      ]
    },
    "esm": {
      "command": "esbuild `find frontend/assets/js -iname \"*.js\" -not -path \"*/__tests__/*\" -not -path \"*/__fixture__/*\"` --outdir=frontend/static/js --minify --sourcemap --target=es6 --format=esm",
      "files": [
        "frontend/assets/js/**/*.js"
      ],
      "output": [
        "frontend/static/js/**/*.js"
      ],
      "dependencies": [
        "i18n:build",
        "esm-dists"
      ]
    },
    "esm-dists": {
      "command": "node esm-dists.mjs",
      "files": [
        "node_modules/**/*.js"
      ],
      "output": [
        "frontend/static/dependencies/*.min.mjs"
      ]
    },
    "svg": {
      "command": "svg-sprite --config=svg-sprite.config.json 'frontend/assets/gfx/**/*.svg' 'node_modules/plyr/src/sprite/*.svg'",
      "files": [
        "frontend/assets/gfx/**/*.svg",
        "node_modules/plyr/src/sprite/*.svg"
      ],
      "output": [
        "frontend/static/img/sprite.svg"
      ]
    },
    "sass": {
      "command": "npx sass frontend/assets/scss:frontend/static/css --style=compressed --embed-sources --load-path=node_modules",
      "files": [
        "frontend/assets/scss/**/*.scss"
      ],
      "output": [
        "frontend/static/css"
      ],
      "dependencies": [
        "fonts"
      ]
    },
    "fonts": {
      "command": "node copy-fonts.mjs",
      "files": [
        "frontend/assets/fonts/*.woff2",
        "frontend/assets/fonts/*.woff"
      ],
      "output": [
        "frontend/static/fonts/*.woff2",
        "frontend/static/fonts/*.woff"
      ]
    },
    "i18n:extract": {
      "command": "lit-localize extract",
      "files": [
        "lit-localize.json",
        "frontend/assets/js/**/*.js"
      ]
    },
    "i18n:build": {
      "command": "lit-localize build",
      "files": [
        "lit-localize.json",
        "frontend/assets/js/xliff/*.xlf"
      ],
      "output": [
        "frontend/assets/js/locale/*.js"
      ]
    },
    "lint": {
      "dependencies": [
        "lint:js",
        "lint:sass"
      ]
    },
    "lint:js": {
      "command": "eslint \"**/*.{js,vue}\""
    },
    "lint:sass": {
      "command": "stylelint \"**/*.scss\""
    },
    "test": {
      "command": "jest"
    },
    "test:ci": {
      "command": "jest --ci"
    }
  },
  "version": "0.1.0",
  "engines": {
    "node": "20.*",
    "npm": "10.*"
  },
  "packageManager": "npm",
  "imports": {
    "#js/components/*": "./frontend/static/js/components/*.js",
    "#js/integrations/*": "./frontend/static/js/integrations/*.js",
    "#js/locale/*": "./frontend/static/js/locale/*.js",
    "#js/pages/*": "./frontend/static/js/pages/*.js",
    "#dependencies/*": "./frontend/static/dependencies/*.min.mjs"
  },
  "sasslintConfig": ".sass-lint.yaml",
  "dependencies": {
    "htmx.org": "*",
    "lit": "*"
  },
  "devDependencies": {
    "@algolia/autocomplete-js": "*",
    "@algolia/autocomplete-theme-classic": "*",
    "@easepick/bundle": "*",
    "@lit/localize": "*",
    "@lit/localize-tools": "*",
    "@mapbox/mapbox-gl-geocoder": "*",
    "@pusher/push-notifications-web": "*",
    "@sentry/browser": "*",
    "@sentry/integrations": "*",
    "@testing-library/jest-dom": "*",
    "algoliasearch-helper": "*",
    "chart.js": "*",
    "chartjs-adapter-dayjs-4": "*",
    "chartjs-chart-treemap": "*",
    "chartjs-plugin-annotation": "*",
    "dayjs": "*",
    "esbuild": "*",
    "esbuild-jest": "*",
    "eslint": "*",
    "eslint-config-standard": "*",
    "eslint-plugin-jest": "*",
    "eslint-plugin-jsdoc": "*",
    "eslint-plugin-promise": "*",
    "eslint-plugin-vue": "*",
    "hls.js": "*",
    "identity-obj-proxy": "*",
    "jest": "*",
    "jest-canvas-mock": "*",
    "jest-environment-jsdom": "*",
    "lit-css-loader": "*",
    "lodash": "*",
    "lodash-webpack-plugin": "*",
    "mousetrap": "*",
    "normalize.css": "*",
    "plyr": "*",
    "pusher-js": "*",
    "sass": "*",
    "shepherd.js": "*",
    "standard": "*",
    "stylelint": "*",
    "stylelint-config-standard-scss": "*",
    "stylelint-scss": "*",
    "svg-sprite": "*",
    "svgo": "*",
    "swiper": "9.*",
    "vue": "2.7.16",
    "vue-loader": "15.x",
    "vue-template-compiler": "*",
    "webpack": "*",
    "webpack-cli": "*",
    "wireit": "*"
  }
}

dependabot.yml content

# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
version: 2
updates:
- package-ecosystem: pip
  directory: "/"
  schedule:
    interval: weekly
  groups:
    minor-python-dependencies:
      update-types:
        - "minor"
        - "patch"
    major-python-dependencies:
      update-types:
        - "major"
  versioning-strategy: lockfile-only
  open-pull-requests-limit: 10
- package-ecosystem: npm
  directory: "/"
  schedule:
    interval: weekly
  groups:
    minor-javascript-dependencies:
      update-types:
        - "minor"
        - "patch"
    major-javascript-dependencies:
      update-types:
        - "major"
  versioning-strategy: lockfile-only
  open-pull-requests-limit: 10
- package-ecosystem: github-actions
  directory: "/"
  schedule:
    interval: weekly

Updated dependency

No response

What you expected to see, versus what you actually saw

As of today, I see a list of outdated dependencies, while Dependabot states: No PRs affected.
In dependabot logs I see the following:

updater | 2024/04/15 07:05:37 INFO <job_814568055> Checking if hls.js  needs updating
  proxy | 2024/04/15 07:05:37 [315] GET https://registry.npmjs.org:443/hls.js
  proxy | 2024/04/15 07:05:37 [315] 200 https://registry.npmjs.org:443/hls.js
  proxy | 2024/04/15 07:05:40 [317] HEAD https://registry.npmjs.org:443/hls.js/-/hls.js-1.5.8.tgz
  proxy | 2024/04/15 07:05:40 [317] 200 https://registry.npmjs.org:443/hls.js/-/hls.js-1.5.8.tgz
updater | 2024/04/15 07:05:40 INFO <job_814568055> Latest version is 1.5.8
updater | 2024/04/15 07:05:40 INFO <job_814568055> Requirements to unlock update_not_possible
updater | 2024/04/15 07:05:40 INFO <job_814568055> Requirements update strategy lockfile_only
updater | 2024/04/15 07:05:40 INFO <job_814568055> No update possible for hls.js

This started several months before, without me touching the dependency logic.

Native package manager behavior

❯ npm outdated
Package               Current   Wanted   Latest  Location                         
@sentry/browser       7.109.0  7.110.0  7.110.0  node_modules/@sentry/browser     
@sentry/integrations  7.109.0  7.110.0  7.110.0  node_modules/@sentry/integrations
eslint                 8.57.0    9.0.0    9.0.0  node_modules/eslint              
eslint-plugin-vue      9.24.1   9.25.0   9.25.0  node_modules/eslint-plugin-vue   
hls.js                  1.5.7    1.5.8    1.5.8  node_modules/hls.js              
sass                   1.74.1   1.75.0   1.75.0  node_modules/sass                
swiper                  9.4.1    9.4.1   11.1.1  node_modules/swiper              
vue                    2.7.16   2.7.16   3.4.21  node_modules/vue                 
vue-loader            15.11.1  15.11.1   17.4.2  node_modules/vue-loader

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

No response
@amureki amureki added the T: bug 🐞 Something isn't working label Apr 15, 2024
@amureki
Copy link
Contributor Author

amureki commented Jul 10, 2024

@abdulapopoola thank you for adding this to the project!
I wonder if it is possible to get information on the process. Is there something to be done, can I help with moving this forward?

The issue here means that right now we cannot rely on dependabot to do the job it is supposed to do - update our dependencies.

@andi34
Copy link

andi34 commented Jul 26, 2024
edited
Loading

Getting same error, seems to be related to NPM V10.

Dependabot can't resolve your JavaScript dependency files
Dependabot failed to update your dependencies because there was an error resolving your JavaScript dependency files.

Dependabot encountered the following error:

Dependabot uses Node.js v20.16.0 and NPM 10.8.1. Due to the engine-strict setting, the update will not succeed.

Curious since it's inside defined range of npm and node versions in package.json:

  "engines": {
    "node": ">=20.15.0",
    "npm": ">=10.7.0"
  },

From log

Dependabot encountered '3' error(s) during execution, please check the logs for more details.
+----------------------------------------------------------------+
|                 Dependencies failed to update                  |
+-------------------------------+--------------------------------+
| @fortawesome/fontawesome-free | dependency_file_not_resolvable |
| tailwindcss                   | dependency_file_not_resolvable |
| eslint-plugin-n               | dependency_file_not_resolvable |
+-------------------------------+--------------------------------+
Failure running container a6c2610781485ad9fc036538ab247374a7a35622deaf45bfbd0c6ae61e469417
Cleaned up container a6c2610781485ad9fc036538ab247374a7a35622deaf45bfbd0c6ae61e469417
  proxy | 2024/07/26 04:05:29 10/92 calls cached (10%)
  proxy | 2024/07/26 04:05:29 Posting metrics to remote API endpoint
Error: Dependabot encountered an error performing the update

Error: The updater encountered one or more errors.

Found someone else with same problem:
oaknational/Oak-Web-Application#2484

@andi34
Copy link

andi34 commented Jul 26, 2024 

updater | 2024/07/26 04:05:15 INFO <job_860834412> Checking if @fortawesome/fontawesome-free 6.5.2 needs updating
  proxy | 2024/07/26 04:05:15 [083] GET https://registry.npmjs.org:443/@fortawesome%2Ffontawesome-free
  proxy | 2024/07/26 04:05:15 [083] 200 https://registry.npmjs.org:443/@fortawesome%2Ffontawesome-free
  proxy | 2024/07/26 04:05:15 [085] HEAD https://registry.npmjs.org:443/@fortawesome/fontawesome-free/-/fontawesome-free-6.6.0.tgz
  proxy | 2024/07/26 04:05:15 [085] 200 https://registry.npmjs.org:443/@fortawesome/fontawesome-free/-/fontawesome-free-6.6.0.tgz
updater | 2024/07/26 04:05:15 INFO <job_860834412> Latest version is 6.6.0
  proxy | 2024/07/26 04:05:15 [087] GET https://registry.npmjs.org:443/photobooth
  proxy | 2024/07/26 04:05:15 [087] 200 https://registry.npmjs.org:443/photobooth
  proxy | 2024/07/26 04:05:17 [089] GET https://registry.npmjs.org:443/@fortawesome%2ffontawesome-free
  proxy | 2024/07/26 04:05:17 [089] 200 https://registry.npmjs.org:443/@fortawesome%2ffontawesome-free
  proxy | 2024/07/26 04:05:17 [091] GET https://registry.npmjs.org:443/photobooth
2024/07/26 04:05:17 [091] 200 https://registry.npmjs.org:443/photobooth
updater | 2024/07/26 04:05:17 INFO <job_860834412> Requirements to unlock own
  proxy | 2024/07/26 04:05:17 [093] GET https://registry.npmjs.org:443/photobooth
2024/07/26 04:05:17 [093] 200 https://registry.npmjs.org:443/photobooth
updater | 2024/07/26 04:05:17 INFO <job_860834412> Requirements update strategy bump_versions
updater | 2024/07/26 04:05:17 INFO <job_860834412> Updating @fortawesome/fontawesome-free from 6.5.2 to 6.6.0
  proxy | 2024/07/26 04:05:18 [095] POST /update_jobs/860834412/record_update_job_error
  proxy | 2024/07/26 04:05:18 [095] 204 /update_jobs/860834412/record_update_job_error
updater | 2024/07/26 04:05:18 INFO <job_860834412> Handled error whilst updating @fortawesome/fontawesome-free: dependency_file_not_resolvable {:message=>"Dependabot uses Node.js v20.16.0 and NPM 10.8.1. Due to the engine-strict setting, the update will not succeed."}

Where does https://registry.npmjs.org:443/photobooth come from?
The repo is called photobooth having trouble on... but it is not available via npmjs ... That's a different project.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
L: git:submodules Git submodules L: github:actions GitHub Actions L: go:modules Golang modules L: javascript L: python T: bug 🐞 Something isn't working
Projects
Dependabot
Status: No status
Milestone
No milestone
Development

No branches or pull requests
2 participants
@amureki @andi34