Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(npm): package-lock.json v3 root project out of sync with package.json #23495

Merged
merged 18 commits into from Aug 3, 2023
Merged

fix(npm): package-lock.json v3 root project out of sync with package.json #23495

merged 18 commits into from Aug 3, 2023

Conversation

firecow
Copy link
Contributor

@firecow firecow commented Jul 21, 2023
edited

Changes

Allow "Massage lockfile" for lock file version 3

Context

Ensure that package-lock.json root project is in sync with package.json.

See #23488

Documentation (please check one with an [x])

  • I have updated the documentation, or
  • No documentation update is required

How I've tested my work (please select one)

I have verified these changes via:

  • Code inspection only, or
  • Newly added/modified unit tests, or
  • No unit tests but ran on a real repository, or
  • Both unit tests + ran on a real repository

@CLAassistant
Copy link

CLAassistant commented Jul 21, 2023
edited

CLA assistant check
All committers have signed the CLA.

@firecow firecow changed the title Add --no-save to npm install --package-lock-only commands to ensure package.json isn't changed Add --no-save to npm install --package-lock-only commands to ensure package.json and package-lock.json are in sync Jul 21, 2023
@firecow firecow changed the title Add --no-save to npm install --package-lock-only commands to ensure package.json and package-lock.json are in sync fix(npm-post-update) Add --no-save to --package-lock-only commands to ensure sync files Jul 21, 2023
viceice
viceice requested changes Jul 21, 2023
View reviewed changes
Copy link
Member

@viceice viceice left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this must be a new behavior, because we never had issues before. which npm version ate you using? does this argument works with older npm version?

@rarkins rarkins changed the title fix(npm-post-update) Add --no-save to --package-lock-only commands to ensure sync files fix(npm): add --no-save to --package-lock-only commands to ensure sync files Jul 21, 2023
@firecow firecow marked this pull request as draft July 21, 2023 07:17
@firecow firecow changed the title fix(npm): add --no-save to --package-lock-only commands to ensure sync files fix(npm): package-lock.json root project out of sync with package.json Jul 22, 2023
@firecow
Copy link
Contributor Author

firecow commented Jul 22, 2023
edited

this must be a new behavior, because we never had issues before. which npm version ate you using? does this argument works with older npm version?

It bothers me a little that no unit tests are affected by this change, though 😄

012c0ac I think the bug was introduced here, but I'm not 100%

https://github.com/firecow/renovate-reproduce-yarn/pulls Here is a yarn example, which shows that no bug is present in renovate's yarn lock file PR's

@viceice

@firecow firecow marked this pull request as ready for review July 23, 2023 09:58
@firecow firecow changed the title fix(npm): package-lock.json root project out of sync with package.json fix(npm): package-lock.json v3 root project out of sync with package.json Jul 29, 2023
firecow
firecow commented Jul 29, 2023
View reviewed changes
Copy link
Contributor Author

@firecow firecow left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wouldn't call npm lock file version 3 new.
But yeah, kindda new 👍

Edit: This was a reply to your comment @viceice

rarkins
rarkins previously approved these changes Jul 30, 2023
View reviewed changes
@rarkins rarkins enabled auto-merge July 30, 2023 06:46
@viceice viceice disabled auto-merge July 30, 2023 07:48
@viceice
Copy link
Member

viceice commented Jul 30, 2023

failed tests and linting

@firecow
Copy link
Contributor Author

firecow commented Jul 30, 2023

failed tests and linting

I just ran them locally, and they worked if I set lockfile version condition to be explicit for v3.

Can you run them again? @viceice

viceice
viceice reviewed Jul 30, 2023
View reviewed changes
Copy link
Member

@viceice viceice left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤔 do we've a version 4?

@rarkins
Copy link
Collaborator

rarkins commented Jul 30, 2023

Would be better to do: is.number && ...

@MindTooth
Copy link
Contributor

🤔 do we've a version 4?

Of lockfile standard? Seems v3 is the latest. https://docs.npmjs.com/cli/v7/configuring-npm/package-lock-json#lockfileversion

@rarkins rarkins enabled auto-merge August 3, 2023 11:54
@rarkins rarkins added this pull request to the merge queue Aug 3, 2023
Merged via the queue into renovatebot:main with commit bc19266 Aug 3, 2023
36 checks passed
@renovate-release
Copy link
Collaborator

🎉 This PR is included in version 36.30.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@viceice viceice viceice approved these changes

@rarkins rarkins rarkins approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@firecow @CLAassistant @viceice @rarkins @MindTooth @renovate-release