Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect dependency prefix after upgrade #85

Open
noseglid opened this issue Nov 6, 2017 · 3 comments
Open

Incorrect dependency prefix after upgrade #85

noseglid opened this issue Nov 6, 2017 · 3 comments

Comments

@noseglid
Copy link

noseglid commented Nov 6, 2017
edited
Loading

Everytime we get a PR for a dependency upgrade, our lockfile gets corrupted so that running yarn --frozen-lockfile gives the error:

error Your lockfile needs to be updated, but yarn was run with `--frozen-lockfile`.

We get two commits in our PR (example with a recent typescript dependency upgrade):
screen shot 2017-11-06 at 11 14 20
and
screen shot 2017-11-06 at 11 14 27

As you can see, the first commit correctly keep the dependency range (tilde in our case). While, in the second commit, the tilde is removed in the yarn.lock file. This is what makes it corrupt.

I've looked through the implementation here and it seems to boil down to the command:

yarn add -D --tilde typescript@2.6.1

Which updates yarn.lock and package.json - and removes the tilde from both.

greenkeeper-lockfile only stages and commits the lockfile which causes the corruption.

However, we want to maintain our version ranges, so even if it staged package.json too it wouldn't be right.

It seems like if I do yarn add -D typescript@~2.6.1 (that is, put the range in the dependencies version), it works as expected.

We've been using version 1.2.1 of yarn, but see the same behavior in 1.3.2 (latest right now) and 0.24.8.
This was referenced Nov 20, 2017
Merged
Closed
@fczuardi
Copy link

We had the same issue, greenkeeper added "lint-staged": "^5.0.0", on our package.json but greenkeeper-lockfile added lint-staged@5.0.0: to the lockfile.

@ivarconr
Copy link

ivarconr commented Dec 1, 2017
edited
Loading

greenkeeper added "lint-staged": "^6.0.0" in our package.json but greenkeeper-lockfile added lint-staged@6.0.0

@fczuardi fczuardi mentioned this issue Dec 12, 2017
Closed
feedmypixel added a commit to uktrade/data-hub-frontend that referenced this issue Jan 3, 2018
@feedmypixel
greenkeeper strips out the prefix used in package.json
e2783a6 
What should be "get-form-data@^2.0.0:" in yarn.lock ends up being
"get-form-data@2.0.0:". Essentially the prefix gets stripped when the
dependancy gets added to yarn.lock

Details in
greenkeeperio/greenkeeper-lockfile#85

This commit updates the yarn.lock file to contain the caret
@feedmypixel feedmypixel mentioned this issue Jan 3, 2018
Merged
feedmypixel added a commit to uktrade/data-hub-frontend that referenced this issue Jan 3, 2018
@feedmypixel
greenkeeper strips out the prefix used in package.json
cd37414 
What should be "get-form-data@^2.0.0:" in yarn.lock ends up being
"get-form-data@2.0.0:". Essentially the prefix gets stripped when the
dependancy gets updated by greenkeeper in the yarn.lock file

Details in
greenkeeperio/greenkeeper-lockfile#85

This commit updates the yarn.lock file to contain the caret
feedmypixel added a commit to uktrade/data-hub-frontend that referenced this issue Jan 3, 2018
@feedmypixel
greenkeeper strips out the prefix used in package.json
b425c05 
What should be "get-form-data@^2.0.0:" in yarn.lock ends up being
"get-form-data@2.0.0:". Essentially the prefix gets stripped when the
dependancy gets updated by greenkeeper in the yarn.lock file

Details in
greenkeeperio/greenkeeper-lockfile#85

This commit updates the yarn.lock file to contain the caret
feedmypixel added a commit to uktrade/data-hub-frontend that referenced this issue Jan 3, 2018
@feedmypixel
greenkeeper strips out the prefix used in package.json
158a197 
What should be "get-form-data@^2.0.0:" in yarn.lock ends up being
"get-form-data@2.0.0:". Essentially the prefix gets stripped when the
dependancy gets updated by greenkeeper in the yarn.lock file

Details in
greenkeeperio/greenkeeper-lockfile#85

This commit updates the yarn.lock file to contain the caret
@noseglid
Copy link
Author

We created a fork which resolves this.

yarn global add storytel/greenkeeper-lockfile#v1.12.0-storytel

I'm dissapointed in the amount of time it's taken to get this fixed, considering greenkeeper costs money AND there is an open PR which just doesn't get any response.

@aarr0n aarr0n mentioned this issue Jan 24, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@fczuardi @ivarconr @noseglid