pnpm-lock.yml not updating

[cyrus-za]

What Renovate type, platform and version are you using?
Using whitesource github bot (hosted app)
https://github.com/marketplace/renovate

Describe the bug

I am using pnpm (switched after using renovate with yarn previously). All PRs opened by renovatebot only update package.json but no lockfile.

I checked docs and pnpm seems to be officially supported.

Relevant debug logs

Have you created a minimal reproduction repository?

Please read the minimal reproductions documentation to learn how to make a good minimal reproduction repository.

• This is a really small bug, it does not need a reproduction (think small typo)
• I have provided a minimal reproduction repository
• I don't have time for that, but it happens in a public repository I have linked to
• I don't have time for that, and cannot share my private repository
• The nature of this bug means it's impossible to reproduce publicly

Additional context

I added "compatibility": { "pnpm": "^5.0.0" }, to see if that would help. No luck.

Full config below

{
  "extends": ["config:base"],
  "labels": ["dependencies"],
  "rangeStrategy": "replace",
  "compatibility": { "pnpm": "^5.0.0" },
  "lockFileMaintenance": { "enabled": true },
  "packageRules": [
    {
      "updateTypes": ["minor", "patch", "pin", "digest"],
      "automerge": true
    },
    {
      "packagePatterns": ["eslint"],
      "labels": ["linting"]
    }
  ]
}

[viceice]

Please create a minmal reproduction repo on github. This should be possible to reproduce there.

Also we need the DEBUG logs to see whats happen.

[cyrus-za]

There is literally a TODO in the logs
DEBUG: TODO: implement pnpm-lock.yaml parsing of lockVersion

Repo: https://github.com/cyrus-za/renovate-pnpm-issue

Logs

https://app.renovatebot.com/dashboard#github/cyrus-za/renovate-pnpm-issue/288694303

INFO: Repository started
{
  "renovateVersion": "24.21.0"
}
DEBUG: Using localDir: /mnt/renovate/gh/cyrus-za/renovate-pnpm-issue
DEBUG: Repository cache is valid
DEBUG: initRepo("cyrus-za/renovate-pnpm-issue")
DEBUG: Overriding default GitHub endpoint
{
  "endpoint": "https://api.github.com/"
}
DEBUG: No dangling containers to remove
DEBUG: cyrus-za/renovate-pnpm-issue default branch = main
DEBUG: Using personal access token for git init
DEBUG: resetMemCache()
DEBUG: checkOnboarding()
DEBUG: isOnboarded()
DEBUG: findFile(renovate.json)
DEBUG: Initializing git repository into /mnt/renovate/gh/cyrus-za/renovate-pnpm-issue
DEBUG: git clone completed
{
  "durationMs": 582
}
DEBUG: latest commit
{
  "latestCommitDate": "2021-01-17T13:49:22+02:00"
}
DEBUG: Setting git author name
{
  "gitAuthorName": "Renovate Bot"
}
DEBUG: Setting git author email
{
  "gitAuthorEmail": "bot@renovateapp.com"
}
DEBUG: Config file exists
{
  "fileName": "renovate.json"
}
DEBUG: Retrieving issueList
DEBUG: Retrieved 0 issues
DEBUG: Repo is onboarded
DEBUG: Found renovate.json config file
DEBUG: Repository config
{
  "fileName": "renovate.json",
  "config": {
    "extends": [
      "config:base"
    ],
    "labels": [
      "dependencies"
    ],
    "rangeStrategy": "replace",
    "compatibility": {
      "pnpm": "^5.0.0"
    },
    "recreateClosed": true,
    "lockFileMaintenance": {
      "enabled": true
    },
    "packageRules": [
      {
        "updateTypes": [
          "minor",
          "patch",
          "pin",
          "digest"
        ],
        "automerge": true
      },
      {
        "packagePatterns": [
          "eslint"
        ],
        "labels": [
          "linting"
        ]
      }
    ]
  }
}
DEBUG: migrateAndValidate()
DEBUG: Config migration necessary
{
  "oldConfig": {
    "extends": [
      "github>whitesource/merge-confidence:beta",
      "config:base"
    ],
    "labels": [
      "dependencies"
    ],
    "rangeStrategy": "replace",
    "compatibility": {
      "pnpm": "^5.0.0"
    },
    "recreateClosed": true,
    "lockFileMaintenance": {
      "enabled": true
    },
    "packageRules": [
      {
        "updateTypes": [
          "minor",
          "patch",
          "pin",
          "digest"
        ],
        "automerge": true
      },
      {
        "packagePatterns": [
          "eslint"
        ],
        "labels": [
          "linting"
        ]
      }
    ]
  },
  "newConfig": {
    "extends": [
      "github>whitesource/merge-confidence:beta",
      "config:base"
    ],
    "labels": [
      "dependencies"
    ],
    "rangeStrategy": "replace",
    "recreateClosed": true,
    "lockFileMaintenance": {
      "enabled": true
    },
    "packageRules": [
      {
        "updateTypes": [
          "minor",
          "patch",
          "pin",
          "digest"
        ],
        "automerge": true
      },
      {
        "packagePatterns": [
          "eslint"
        ],
        "labels": [
          "linting"
        ]
      }
    ],
    "constraints": {
      "pnpm": "^5.0.0"
    }
  }
}
DEBUG: massaged config
{
  "config": {
    "extends": [
      "github>whitesource/merge-confidence:beta",
      "config:base"
    ],
    "labels": [
      "dependencies"
    ],
    "rangeStrategy": "replace",
    "recreateClosed": true,
    "lockFileMaintenance": {
      "enabled": true
    },
    "packageRules": [
      {
        "updateTypes": [
          "minor",
          "patch",
          "pin",
          "digest"
        ],
        "automerge": true
      },
      {
        "packagePatterns": [
          "eslint"
        ],
        "labels": [
          "linting"
        ]
      }
    ],
    "constraints": {
      "pnpm": "^5.0.0"
    }
  }
}
DEBUG: migrated config
{
  "config": {
    "extends": [
      "github>whitesource/merge-confidence:beta",
      "config:base"
    ],
    "labels": [
      "dependencies"
    ],
    "rangeStrategy": "replace",
    "recreateClosed": true,
    "lockFileMaintenance": {
      "enabled": true
    },
    "packageRules": [
      {
        "updateTypes": [
          "minor",
          "patch",
          "pin",
          "digest"
        ],
        "automerge": true
      },
      {
        "packagePatterns": [
          "eslint"
        ],
        "labels": [
          "linting"
        ]
      }
    ],
    "constraints": {
      "pnpm": "^5.0.0"
    }
  }
}
DEBUG: Found repo ignorePaths
{
  "ignorePaths": [
    "**/node_modules/**",
    "**/bower_components/**",
    "**/vendor/**",
    "**/examples/**",
    "**/__tests__/**",
    "**/test/**",
    "**/tests/**",
    "**/__fixtures__/**"
  ]
}
DEBUG: detectSemanticCommits()
DEBUG: getCommitMessages
DEBUG: Semantic commits detection: angular
DEBUG: angular semantic commits detected
DEBUG: Setting branchPrefix: renovate/
DEBUG: Cannot read vulnerability alerts
DEBUG: No vulnerability alerts found
DEBUG: processRepo()
DEBUG: No baseBranches
DEBUG: extract()
DEBUG: Setting current branch to main
DEBUG: latest commit
{
  "branchName": "main",
  "latestCommitDate": "2021-01-17T13:49:22+02:00"
}
DEBUG: Using file match: (^|/)tasks/[^/]+\.ya?ml$ for manager ansible
DEBUG: Using file match: (^|/)requirements\.ya?ml$ for manager ansible-galaxy
DEBUG: Using file match: azure.*pipelines?.*\.ya?ml$ for manager azure-pipelines
DEBUG: Using file match: (^|/)batect(-bundle)?\.yml$ for manager batect
DEBUG: Using file match: (^|/)batect$ for manager batect-wrapper
DEBUG: Using file match: (^|/)WORKSPACE(|\.bazel)$ for manager bazel
DEBUG: Using file match: \.bzl$ for manager bazel
DEBUG: Using file match: buildkite\.ya?ml for manager buildkite
DEBUG: Using file match: \.buildkite/.+\.ya?ml$ for manager buildkite
DEBUG: Using file match: (^|/)Gemfile$ for manager bundler
DEBUG: Using file match: (^|/)Cargo.toml$ for manager cargo
DEBUG: Using file match: (^|/).circleci/config.yml$ for manager circleci
DEBUG: Using file match: (^|/)Podfile$ for manager cocoapods
DEBUG: Using file match: (^|/)([\w-]*)composer.json$ for manager composer
DEBUG: Using file match: (^|/)deps\.edn$ for manager deps-edn
DEBUG: Using file match: (^|/)docker-compose[^/]*\.ya?ml$ for manager docker-compose
DEBUG: Using file match: (^|/|\.)Dockerfile$ for manager dockerfile
DEBUG: Using file match: (^|/)Dockerfile\.[^/]*$ for manager dockerfile
DEBUG: Using file match: (^|/).drone.yml$ for manager droneci
DEBUG: Using file match: (^|/).gitmodules$ for manager git-submodules
DEBUG: Using file match: ^\.github\/workflows\/[^/]+\.ya?ml$ for manager github-actions
DEBUG: Using file match: ^\.gitlab-ci\.yml$ for manager gitlabci
DEBUG: Using file match: ^\.gitlab-ci\.yml$ for manager gitlabci-include
DEBUG: Using file match: (^|/)go.mod$ for manager gomod
DEBUG: Using file match: \.gradle(\.kts)?$ for manager gradle
DEBUG: Using file match: (^|/)gradle.properties$ for manager gradle
DEBUG: Using file match: (^|/)gradle.properties$ for manager gradle-lite
DEBUG: Using file match: \.gradle(\.kts)?$ for manager gradle-lite
DEBUG: Using file match: (^|/)gradle/wrapper/gradle-wrapper.properties$ for manager gradle-wrapper
DEBUG: Using file match: (^|/)requirements\.yaml$ for manager helm-requirements
DEBUG: Using file match: (^|/)values.yaml$ for manager helm-values
DEBUG: Using file match: (^|/)helmfile.yaml$ for manager helmfile
DEBUG: Using file match: (^|/)Chart.yaml$ for manager helmv3
DEBUG: Using file match: ^Formula/[^/]+[.]rb$ for manager homebrew
DEBUG: Using file match: \.html?$ for manager html
DEBUG: Using file match: (^|/)plugins\.txt for manager jenkins
DEBUG: Using file match: (^|/)kustomization\.yaml for manager kustomize
DEBUG: Using file match: (^|/)project\.clj$ for manager leiningen
DEBUG: Using file match: \.pom\.xml$ for manager maven
DEBUG: Using file match: (^|/)pom\.xml$ for manager maven
DEBUG: Using file match: (^|/)package.js$ for manager meteor
DEBUG: Using file match: (^|/)mix\.exs$ for manager mix
DEBUG: Using file match: ^.node-version$ for manager nodenv
DEBUG: Using file match: (^|/)package.json$ for manager npm
DEBUG: Using file match: \.(?:cs|fs|vb)proj$ for manager nuget
DEBUG: Using file match: \.(?:props|targets)$ for manager nuget
DEBUG: Using file match: \.config\/dotnet-tools\.json$ for manager nuget
DEBUG: Using file match: (^|/)\.nvmrc$ for manager nvm
DEBUG: Using file match: (^|/)([\w-]*)requirements.(txt|pip)$ for manager pip_requirements
DEBUG: Using file match: (^|/)setup.py$ for manager pip_setup
DEBUG: Using file match: (^|/)Pipfile$ for manager pipenv
DEBUG: Using file match: (^|/)pyproject\.toml$ for manager poetry
DEBUG: Using file match: (^|/)\.pre-commit-config\.yaml$ for manager pre-commit
DEBUG: Using file match: (^|/)pubspec\.ya?ml$ for manager pub
DEBUG: Using file match: (^|/)\.ruby-version$ for manager ruby-version
DEBUG: Using file match: \.sbt$ for manager sbt
DEBUG: Using file match: project/[^/]*.scala$ for manager sbt
DEBUG: Using file match: (^|/)setup\.cfg$ for manager setup-cfg
DEBUG: Using file match: (^|/)Package\.swift for manager swift
DEBUG: Using file match: \.tf$ for manager terraform
DEBUG: Using file match: (^|/)\.terraform-version$ for manager terraform-version
DEBUG: Using file match: (^|/)terragrunt\.hcl$ for manager terragrunt
DEBUG: Using file match: ^.travis.yml$ for manager travis
DEBUG: Matched 1 file(s) for manager npm: package.json
DEBUG: npm file package.json has name "renovate-pnpm-issue"
DEBUG: Detecting Lerna and Yarn Workspaces
DEBUG: Finding locked versions
DEBUG: TODO: implement pnpm-lock.yaml parsing of lockVersion
DEBUG: Found npm package files
DEBUG: Found 1 package file(s)
INFO: Dependency extraction complete
{
  "baseBranch": "main",
  "stats": {
    "managers": {
      "npm": {
        "fileCount": 1,
        "depCount": 2
      }
    },
    "total": {
      "fileCount": 1,
      "depCount": 2
    }
  }
}
DEBUG: Package releases lookups complete
{
  "baseBranch": "main"
}
DEBUG: packageFiles with updates
{
  "config": {
    "npm": [
      {
        "packageFile": "package.json",
        "deps": [
          {
            "depType": "dependencies",
            "depName": "lodash",
            "currentValue": "^4",
            "datasource": "npm",
            "prettyDepType": "dependency",
            "depIndex": 0,
            "updates": [],
            "warnings": [],
            "sourceUrl": "https://github.com/lodash/lodash",
            "homepage": "https://lodash.com/"
          },
          {
            "depType": "devDependencies",
            "depName": "pnpm",
            "currentValue": "^5.15.1",
            "datasource": "npm",
            "prettyDepType": "devDependency",
            "depIndex": 1,
            "updates": [],
            "warnings": [],
            "sourceUrl": "https://github.com/pnpm/pnpm",
            "homepage": "https://pnpm.js.org"
          }
        ],
        "packageJsonName": "renovate-pnpm-issue",
        "packageFileVersion": "1.0.0",
        "packageJsonType": "library",
        "pnpmShrinkwrap": "pnpm-lock.yaml",
        "skipInstalls": true,
        "constraints": {}
      }
    ]
  }
}
DEBUG: branchifyUpgrades
DEBUG: 1 flattened updates found:
DEBUG: Returning 1 branch(es)
DEBUG: config.repoIsOnboarded=true
DEBUG: processRepo()
DEBUG: Processing 1 branch: renovate/lock-file-maintenance
DEBUG: Calculating hourly PRs remaining
DEBUG: Retrieving PR list
DEBUG: Retrieved 0 Pull Requests
DEBUG: currentHourStart=2021-01-17T11:00:00.000+00:00
DEBUG: PR hourly limit remaining: 2
DEBUG: Calculating prConcurrentLimit (20)
DEBUG: getBranchPr(renovate/lock-file-maintenance)
DEBUG: findPr(renovate/lock-file-maintenance, undefined, open)
DEBUG: 0 PRs are currently open
DEBUG: PR concurrent limit remaining: 20
DEBUG: Calculated maximum PRs remaining this run
{
  "prsRemaining": 2
}
DEBUG: PullRequests limit = 2
DEBUG: Calculating branchConcurrentLimit (20)
DEBUG: 0 branches are currently open
DEBUG: Branch concurrent limit remaining: 20
DEBUG: Calculated maximum branches remaining this run
{
  "branchesRemaining": 20
}
DEBUG: Branches limit = 20
DEBUG: processBranch with 1 upgrades(branch="renovate/lock-file-maintenance")
DEBUG: Setting current branch to main(branch="renovate/lock-file-maintenance")
DEBUG: latest commit(branch="renovate/lock-file-maintenance")
{
  "branchName": "main",
  "latestCommitDate": "2021-01-17T13:49:22+02:00"
}
DEBUG: getBranchPr(renovate/lock-file-maintenance)(branch="renovate/lock-file-maintenance")
DEBUG: findPr(renovate/lock-file-maintenance, undefined, open)(branch="renovate/lock-file-maintenance")
DEBUG: branchExists=false(branch="renovate/lock-file-maintenance")
DEBUG: Branch has 0 upgrade(s)(branch="renovate/lock-file-maintenance")
DEBUG: recreateClosed is true(branch="renovate/lock-file-maintenance")
DEBUG: Checking schedule(before 5am on monday, null)(branch="renovate/lock-file-maintenance")
DEBUG: Checking 1 schedule(s)(branch="renovate/lock-file-maintenance")
DEBUG: Checking schedule "before 5am on monday"(branch="renovate/lock-file-maintenance")
{
  "parsedSchedule": {
    "schedules": [
      {
        "t_b": [
          18000
        ],
        "d": [
          2
        ]
      }
    ],
    "exceptions": [],
    "error": -1
  }
}
DEBUG: Does not match schedule because 7 is not in 1(branch="renovate/lock-file-maintenance")
DEBUG: Package not scheduled(branch="renovate/lock-file-maintenance")
DEBUG: Skipping branch creation as not within schedule(branch="renovate/lock-file-maintenance")
DEBUG: Removing any stale branches
DEBUG: config.repoIsOnboarded=true
DEBUG: No renovate branches found
DEBUG: Repository timing splits (milliseconds)
{
  "splits": {
    "init": 3222,
    "extract": 1273,
    "lookup": 1521,
    "update": 612
  },
  "total": 6645
}
DEBUG: http statistics
{
  "hostStats": [
    "api.github.com, 5 requests, 231ms request average, 0ms queue average",
    "registry.npmjs.org, 1 request, 170ms request average, 0ms queue average"
  ],
  "totalRequests": 6
}
INFO: Repository finished
{
  "durationMs": 6645
}

[safinsingh]

I think it's worth nothing that when running the command that renovate currently uses to update the pnpm lockfile locally, my pnpm-lock.yaml updates correctly. I'm not very familiar with the codebase, so I'm not sure whether the issue is internal to renovate itself and not pnpm. For reference, my current renovate.json contains the following:

{
	"extends": ["config:base"],
	"automerge": true,
	"major": {
		"automerge": false
	},
	"labels": ["dependencies"]
}

Feel free to let me know if there's anything else I can provide or do to help resolve the issue :)

[cyrus-za]

I am fairly certain it's a matter of the file just not being committed by renovate.

[rarkins]

@cyrus-za when I fork your repo and run it with the app or locally then I can't reproduce the problem. The lock file is updated fine, e.g. https://github.com/renovate-tests/renovate-pnpm-issue/pull/2/files

Can you tick the retry/rebase checkbox in your PR to see if it is also working there?

FYI I cannot recall any changes or fixes we made which would have impacted pnpm

[cyrus-za]

@rarkins the test repo actually worked. It just took like a day to see the first PR to find out if it works. So I knew it had to be something else in the private repo. I assumed it had to do with the fact that something on the renovate server cached it as a yarn repo and when I switched to pnpm, it was still looking for a yarn.lock and not a pnpm lockfile.

• Retry/rebase did not work.
• Deleting renovate's access to the repo and adding it back did not work.
• Deleting renovate.json and adding it back after a onboarding PR opens, did not work

What ended up solving the problem was adding my npm token to the renovate.json as I got a private package in my package.json

Nowhere in the logs or PR comments did it hint anything at that. All it had (which I didn't initially see in between all the PR comments from vercel) was an artifact problem with a blank error message

I suggest we leave this issue open until there's better error messages when pnpm throws a 404 due to missing token.

Also, a bit off topic, but I'd like to request a feature to not need to add the token in the config file seeing as its in source control and it just feels wrong, even though its a private repo. Maybe we can do

{
  "npm_token": "$NPM_TOKEN"
}

and then add it to env on github and give the bot access? Or if thats not possible, maybe a interface on renovate site (where we find the logs) to add environment variables.

[rarkins]

If you want to keep this open for a related topic, plesae update the title and description accordingly. A reproduction will still be needed too, assuming you're not intending to debug it yourself.

Re: off-topic: For the hosted app, you can use "encrypted" objects. Search the docs/repo for examples. We will migrate from that to #8070 soon too

[rarkins]

Could it be that this only fails when there's workspaces and the lock file is in a different directory to the package.json being updated

[safinsingh]

Ah yes, that sounds like the issue. I've just checked on one of my monorepos using pnpm and that seems to be the case!

Perhaps walking up to the nearest pnpm-lock.yaml from the package.json(s) which were updated could work?

[cyrus-za]

Single lockfile and single package.json side-by-side in root.

Using nx workspaces, but should not be relevant to renovate as it isn't like yarn workspace or pnpm workspace or lerna where we got sub-modules / packages with their own package.json

[rarkins]

Can this issue be closed?

[Hebilicious]

I'm having this issue with renovate as well. Weirdly enough, it worked on a couple PRs, but now even resetting the bot doesn't work (renaming welcome PR and deleting renovate.json).

pnpm-workspace.yaml :

packages:
    #  Packages
    - "packages/db/**"
    - "packages/config/**"
    - "packages/**"

renovate.json :

{ "extends": ["config:base"] }

According to logs, pnpm install --recursive --lockfile-only --ignore-scripts --ignore-pnpmfile is being run as expected, but the output gives me this :

DEBUG: pnpm-lock.yaml hasn't changed(branch="renovate/pinia-2.x")
DEBUG: No updated lock files in branch(branch="renovate/pinia-2.x")
DEBUG: 1 file(s) to commit

I can provide more details or open another issue @rarkins ?|
Is anyone else having this issue ?

[BeeeQueue]

I can confirm @Hebilicious's issue in our private pnpm monorepo using renovate.

[lukashass]

@Hebilicious I tried to reproduce your issue in https://github.com/lukashass/renovate-pnpm-reproduction. Everything seems to be working as expected though.

Can you or @BeeeQueue provide a reproduction for your issue?

[BeeeQueue]

Could it be related to the repo being private? If not I could try setting up a repro

[rarkins]

I'm not sure what causes it, which is why we need the reproduction somehow.

[BeeeQueue]

Repro: https://github.com/BeeeQueue/renovate-pnpm-repro

I made a workflow that passes if the lockfile is not updated so the PRs can be easily identified

[lukashass]

@BeeeQueue Thanks for the reproduction.

It seems like the leading ./ in the packages filter is the problem (see https://github.com/lukashass/renovate-pnpm-repro) as also mentioned in #8323 (comment)

The leading ./ is supported by pnpm as it successfully detects packages with it. As far as i can tell, the support is not explicit though, since it is not used in the docs and the pnpm test fixtures:

• https://github.com/pnpm/pnpm/search?q=filename%3Apnpm-workspace.yaml+packages&type=code
• https://github.com/pnpm/pnpm/blob/571a5a368483203828cc7683ed5bc03759181494/packages/find-packages/test/index.ts

I'm unsure whether renovate should support leading ./ as well. 🤔

[BeeeQueue]

Is a leading ./ considered a bad practice or worse for some reason? Otherwise i don't see why it shouldn't be supported

If it won't be supported it would at least be nice with a warning about it somewhere if someone runs into it again

[lukashass]

I see two ways of supporting leading ./ right now:

The naive way

// lib/manager/npm/extract/pnpm.ts
-      matchesAnyPattern(
-        packageFile,
-        packageFilters.map((filter) => filter.replace(/\/?$/, '/package.json')) // TODO #12875
-      );
+      (matchesAnyPattern(
+        packageFile,
+        packageFilters.map((filter) => filter.replace(/\/?$/, '/package.json')) // TODO #12875
+      ) ||
+      matchesAnyPattern(
+        './' + packageFile,
+        packageFilters.map((filter) => filter.replace(/\/?$/, '/package.json')) // TODO #12875
+      ));

This should work just fine, but is obviously limited to just ./.
For example ../ (packages in parent directory) and anything more complicated is not covered. While cases with packages in parent directories are probably uncommon, this seems to be supported by pnpm.

Use find-packages

To also cover the case above and any other pattern supported by pnpm renovate could use find-packages. It is a package from the pnpm monorepo and exactly what pnpm uses.

This should cover every possible pnpm workspace configuration 🎉

@rarkins What do you think?

[BeeeQueue]

I can also recommend @manypkg/get-packages which supports multiple workspace tools

[viceice]

I see two ways of supporting leading ./ right now:

The naive way

// lib/manager/npm/extract/pnpm.ts
-      matchesAnyPattern(
-        packageFile,
-        packageFilters.map((filter) => filter.replace(/\/?$/, '/package.json')) // TODO #12875
-      );
+      (matchesAnyPattern(
+        packageFile,
+        packageFilters.map((filter) => filter.replace(/\/?$/, '/package.json')) // TODO #12875
+      ) ||
+      matchesAnyPattern(
+        './' + packageFile,
+        packageFilters.map((filter) => filter.replace(/\/?$/, '/package.json')) // TODO #12875
+      ));

This should work just fine, but is obviously limited to just ./.
For example ../ (packages in parent directory) and anything more complicated is not covered. While cases with packages in parent directories are probably uncommon, this seems to be supported by pnpm.

Use find-packages

To also cover the case above and any other pattern supported by pnpm renovate could use find-packages. It is a package from the pnpm monorepo and exactly what pnpm uses.

This should cover every possible pnpm workspace configuration 🎉

@rarkins What do you think?

find-packages sounds fine to me. Can somebody open a PR for it?

[viceice]

@weyert please don't post me too comments, they don't help. Use the 👍 to vote for it.

[renovate-release]

🎉 This issue has been resolved in version 31.43.2 🎉

The release is available on:

• GitHub release
• 31.43.2

Your semantic-release bot 📦🚀