-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pnpm-lock.yml not updating #8323
Comments
Please create a minmal reproduction repo on github. This should be possible to reproduce there. Also we need the |
There is literally a TODO in the logs Repo: https://github.com/cyrus-za/renovate-pnpm-issue Logshttps://app.renovatebot.com/dashboard#github/cyrus-za/renovate-pnpm-issue/288694303 INFO: Repository started
{
"renovateVersion": "24.21.0"
}
DEBUG: Using localDir: /mnt/renovate/gh/cyrus-za/renovate-pnpm-issue
DEBUG: Repository cache is valid
DEBUG: initRepo("cyrus-za/renovate-pnpm-issue")
DEBUG: Overriding default GitHub endpoint
{
"endpoint": "https://api.github.com/"
}
DEBUG: No dangling containers to remove
DEBUG: cyrus-za/renovate-pnpm-issue default branch = main
DEBUG: Using personal access token for git init
DEBUG: resetMemCache()
DEBUG: checkOnboarding()
DEBUG: isOnboarded()
DEBUG: findFile(renovate.json)
DEBUG: Initializing git repository into /mnt/renovate/gh/cyrus-za/renovate-pnpm-issue
DEBUG: git clone completed
{
"durationMs": 582
}
DEBUG: latest commit
{
"latestCommitDate": "2021-01-17T13:49:22+02:00"
}
DEBUG: Setting git author name
{
"gitAuthorName": "Renovate Bot"
}
DEBUG: Setting git author email
{
"gitAuthorEmail": "bot@renovateapp.com"
}
DEBUG: Config file exists
{
"fileName": "renovate.json"
}
DEBUG: Retrieving issueList
DEBUG: Retrieved 0 issues
DEBUG: Repo is onboarded
DEBUG: Found renovate.json config file
DEBUG: Repository config
{
"fileName": "renovate.json",
"config": {
"extends": [
"config:base"
],
"labels": [
"dependencies"
],
"rangeStrategy": "replace",
"compatibility": {
"pnpm": "^5.0.0"
},
"recreateClosed": true,
"lockFileMaintenance": {
"enabled": true
},
"packageRules": [
{
"updateTypes": [
"minor",
"patch",
"pin",
"digest"
],
"automerge": true
},
{
"packagePatterns": [
"eslint"
],
"labels": [
"linting"
]
}
]
}
}
DEBUG: migrateAndValidate()
DEBUG: Config migration necessary
{
"oldConfig": {
"extends": [
"github>whitesource/merge-confidence:beta",
"config:base"
],
"labels": [
"dependencies"
],
"rangeStrategy": "replace",
"compatibility": {
"pnpm": "^5.0.0"
},
"recreateClosed": true,
"lockFileMaintenance": {
"enabled": true
},
"packageRules": [
{
"updateTypes": [
"minor",
"patch",
"pin",
"digest"
],
"automerge": true
},
{
"packagePatterns": [
"eslint"
],
"labels": [
"linting"
]
}
]
},
"newConfig": {
"extends": [
"github>whitesource/merge-confidence:beta",
"config:base"
],
"labels": [
"dependencies"
],
"rangeStrategy": "replace",
"recreateClosed": true,
"lockFileMaintenance": {
"enabled": true
},
"packageRules": [
{
"updateTypes": [
"minor",
"patch",
"pin",
"digest"
],
"automerge": true
},
{
"packagePatterns": [
"eslint"
],
"labels": [
"linting"
]
}
],
"constraints": {
"pnpm": "^5.0.0"
}
}
}
DEBUG: massaged config
{
"config": {
"extends": [
"github>whitesource/merge-confidence:beta",
"config:base"
],
"labels": [
"dependencies"
],
"rangeStrategy": "replace",
"recreateClosed": true,
"lockFileMaintenance": {
"enabled": true
},
"packageRules": [
{
"updateTypes": [
"minor",
"patch",
"pin",
"digest"
],
"automerge": true
},
{
"packagePatterns": [
"eslint"
],
"labels": [
"linting"
]
}
],
"constraints": {
"pnpm": "^5.0.0"
}
}
}
DEBUG: migrated config
{
"config": {
"extends": [
"github>whitesource/merge-confidence:beta",
"config:base"
],
"labels": [
"dependencies"
],
"rangeStrategy": "replace",
"recreateClosed": true,
"lockFileMaintenance": {
"enabled": true
},
"packageRules": [
{
"updateTypes": [
"minor",
"patch",
"pin",
"digest"
],
"automerge": true
},
{
"packagePatterns": [
"eslint"
],
"labels": [
"linting"
]
}
],
"constraints": {
"pnpm": "^5.0.0"
}
}
}
DEBUG: Found repo ignorePaths
{
"ignorePaths": [
"**/node_modules/**",
"**/bower_components/**",
"**/vendor/**",
"**/examples/**",
"**/__tests__/**",
"**/test/**",
"**/tests/**",
"**/__fixtures__/**"
]
}
DEBUG: detectSemanticCommits()
DEBUG: getCommitMessages
DEBUG: Semantic commits detection: angular
DEBUG: angular semantic commits detected
DEBUG: Setting branchPrefix: renovate/
DEBUG: Cannot read vulnerability alerts
DEBUG: No vulnerability alerts found
DEBUG: processRepo()
DEBUG: No baseBranches
DEBUG: extract()
DEBUG: Setting current branch to main
DEBUG: latest commit
{
"branchName": "main",
"latestCommitDate": "2021-01-17T13:49:22+02:00"
}
DEBUG: Using file match: (^|/)tasks/[^/]+\.ya?ml$ for manager ansible
DEBUG: Using file match: (^|/)requirements\.ya?ml$ for manager ansible-galaxy
DEBUG: Using file match: azure.*pipelines?.*\.ya?ml$ for manager azure-pipelines
DEBUG: Using file match: (^|/)batect(-bundle)?\.yml$ for manager batect
DEBUG: Using file match: (^|/)batect$ for manager batect-wrapper
DEBUG: Using file match: (^|/)WORKSPACE(|\.bazel)$ for manager bazel
DEBUG: Using file match: \.bzl$ for manager bazel
DEBUG: Using file match: buildkite\.ya?ml for manager buildkite
DEBUG: Using file match: \.buildkite/.+\.ya?ml$ for manager buildkite
DEBUG: Using file match: (^|/)Gemfile$ for manager bundler
DEBUG: Using file match: (^|/)Cargo.toml$ for manager cargo
DEBUG: Using file match: (^|/).circleci/config.yml$ for manager circleci
DEBUG: Using file match: (^|/)Podfile$ for manager cocoapods
DEBUG: Using file match: (^|/)([\w-]*)composer.json$ for manager composer
DEBUG: Using file match: (^|/)deps\.edn$ for manager deps-edn
DEBUG: Using file match: (^|/)docker-compose[^/]*\.ya?ml$ for manager docker-compose
DEBUG: Using file match: (^|/|\.)Dockerfile$ for manager dockerfile
DEBUG: Using file match: (^|/)Dockerfile\.[^/]*$ for manager dockerfile
DEBUG: Using file match: (^|/).drone.yml$ for manager droneci
DEBUG: Using file match: (^|/).gitmodules$ for manager git-submodules
DEBUG: Using file match: ^\.github\/workflows\/[^/]+\.ya?ml$ for manager github-actions
DEBUG: Using file match: ^\.gitlab-ci\.yml$ for manager gitlabci
DEBUG: Using file match: ^\.gitlab-ci\.yml$ for manager gitlabci-include
DEBUG: Using file match: (^|/)go.mod$ for manager gomod
DEBUG: Using file match: \.gradle(\.kts)?$ for manager gradle
DEBUG: Using file match: (^|/)gradle.properties$ for manager gradle
DEBUG: Using file match: (^|/)gradle.properties$ for manager gradle-lite
DEBUG: Using file match: \.gradle(\.kts)?$ for manager gradle-lite
DEBUG: Using file match: (^|/)gradle/wrapper/gradle-wrapper.properties$ for manager gradle-wrapper
DEBUG: Using file match: (^|/)requirements\.yaml$ for manager helm-requirements
DEBUG: Using file match: (^|/)values.yaml$ for manager helm-values
DEBUG: Using file match: (^|/)helmfile.yaml$ for manager helmfile
DEBUG: Using file match: (^|/)Chart.yaml$ for manager helmv3
DEBUG: Using file match: ^Formula/[^/]+[.]rb$ for manager homebrew
DEBUG: Using file match: \.html?$ for manager html
DEBUG: Using file match: (^|/)plugins\.txt for manager jenkins
DEBUG: Using file match: (^|/)kustomization\.yaml for manager kustomize
DEBUG: Using file match: (^|/)project\.clj$ for manager leiningen
DEBUG: Using file match: \.pom\.xml$ for manager maven
DEBUG: Using file match: (^|/)pom\.xml$ for manager maven
DEBUG: Using file match: (^|/)package.js$ for manager meteor
DEBUG: Using file match: (^|/)mix\.exs$ for manager mix
DEBUG: Using file match: ^.node-version$ for manager nodenv
DEBUG: Using file match: (^|/)package.json$ for manager npm
DEBUG: Using file match: \.(?:cs|fs|vb)proj$ for manager nuget
DEBUG: Using file match: \.(?:props|targets)$ for manager nuget
DEBUG: Using file match: \.config\/dotnet-tools\.json$ for manager nuget
DEBUG: Using file match: (^|/)\.nvmrc$ for manager nvm
DEBUG: Using file match: (^|/)([\w-]*)requirements.(txt|pip)$ for manager pip_requirements
DEBUG: Using file match: (^|/)setup.py$ for manager pip_setup
DEBUG: Using file match: (^|/)Pipfile$ for manager pipenv
DEBUG: Using file match: (^|/)pyproject\.toml$ for manager poetry
DEBUG: Using file match: (^|/)\.pre-commit-config\.yaml$ for manager pre-commit
DEBUG: Using file match: (^|/)pubspec\.ya?ml$ for manager pub
DEBUG: Using file match: (^|/)\.ruby-version$ for manager ruby-version
DEBUG: Using file match: \.sbt$ for manager sbt
DEBUG: Using file match: project/[^/]*.scala$ for manager sbt
DEBUG: Using file match: (^|/)setup\.cfg$ for manager setup-cfg
DEBUG: Using file match: (^|/)Package\.swift for manager swift
DEBUG: Using file match: \.tf$ for manager terraform
DEBUG: Using file match: (^|/)\.terraform-version$ for manager terraform-version
DEBUG: Using file match: (^|/)terragrunt\.hcl$ for manager terragrunt
DEBUG: Using file match: ^.travis.yml$ for manager travis
DEBUG: Matched 1 file(s) for manager npm: package.json
DEBUG: npm file package.json has name "renovate-pnpm-issue"
DEBUG: Detecting Lerna and Yarn Workspaces
DEBUG: Finding locked versions
DEBUG: TODO: implement pnpm-lock.yaml parsing of lockVersion
DEBUG: Found npm package files
DEBUG: Found 1 package file(s)
INFO: Dependency extraction complete
{
"baseBranch": "main",
"stats": {
"managers": {
"npm": {
"fileCount": 1,
"depCount": 2
}
},
"total": {
"fileCount": 1,
"depCount": 2
}
}
}
DEBUG: Package releases lookups complete
{
"baseBranch": "main"
}
DEBUG: packageFiles with updates
{
"config": {
"npm": [
{
"packageFile": "package.json",
"deps": [
{
"depType": "dependencies",
"depName": "lodash",
"currentValue": "^4",
"datasource": "npm",
"prettyDepType": "dependency",
"depIndex": 0,
"updates": [],
"warnings": [],
"sourceUrl": "https://github.com/lodash/lodash",
"homepage": "https://lodash.com/"
},
{
"depType": "devDependencies",
"depName": "pnpm",
"currentValue": "^5.15.1",
"datasource": "npm",
"prettyDepType": "devDependency",
"depIndex": 1,
"updates": [],
"warnings": [],
"sourceUrl": "https://github.com/pnpm/pnpm",
"homepage": "https://pnpm.js.org"
}
],
"packageJsonName": "renovate-pnpm-issue",
"packageFileVersion": "1.0.0",
"packageJsonType": "library",
"pnpmShrinkwrap": "pnpm-lock.yaml",
"skipInstalls": true,
"constraints": {}
}
]
}
}
DEBUG: branchifyUpgrades
DEBUG: 1 flattened updates found:
DEBUG: Returning 1 branch(es)
DEBUG: config.repoIsOnboarded=true
DEBUG: processRepo()
DEBUG: Processing 1 branch: renovate/lock-file-maintenance
DEBUG: Calculating hourly PRs remaining
DEBUG: Retrieving PR list
DEBUG: Retrieved 0 Pull Requests
DEBUG: currentHourStart=2021-01-17T11:00:00.000+00:00
DEBUG: PR hourly limit remaining: 2
DEBUG: Calculating prConcurrentLimit (20)
DEBUG: getBranchPr(renovate/lock-file-maintenance)
DEBUG: findPr(renovate/lock-file-maintenance, undefined, open)
DEBUG: 0 PRs are currently open
DEBUG: PR concurrent limit remaining: 20
DEBUG: Calculated maximum PRs remaining this run
{
"prsRemaining": 2
}
DEBUG: PullRequests limit = 2
DEBUG: Calculating branchConcurrentLimit (20)
DEBUG: 0 branches are currently open
DEBUG: Branch concurrent limit remaining: 20
DEBUG: Calculated maximum branches remaining this run
{
"branchesRemaining": 20
}
DEBUG: Branches limit = 20
DEBUG: processBranch with 1 upgrades(branch="renovate/lock-file-maintenance")
DEBUG: Setting current branch to main(branch="renovate/lock-file-maintenance")
DEBUG: latest commit(branch="renovate/lock-file-maintenance")
{
"branchName": "main",
"latestCommitDate": "2021-01-17T13:49:22+02:00"
}
DEBUG: getBranchPr(renovate/lock-file-maintenance)(branch="renovate/lock-file-maintenance")
DEBUG: findPr(renovate/lock-file-maintenance, undefined, open)(branch="renovate/lock-file-maintenance")
DEBUG: branchExists=false(branch="renovate/lock-file-maintenance")
DEBUG: Branch has 0 upgrade(s)(branch="renovate/lock-file-maintenance")
DEBUG: recreateClosed is true(branch="renovate/lock-file-maintenance")
DEBUG: Checking schedule(before 5am on monday, null)(branch="renovate/lock-file-maintenance")
DEBUG: Checking 1 schedule(s)(branch="renovate/lock-file-maintenance")
DEBUG: Checking schedule "before 5am on monday"(branch="renovate/lock-file-maintenance")
{
"parsedSchedule": {
"schedules": [
{
"t_b": [
18000
],
"d": [
2
]
}
],
"exceptions": [],
"error": -1
}
}
DEBUG: Does not match schedule because 7 is not in 1(branch="renovate/lock-file-maintenance")
DEBUG: Package not scheduled(branch="renovate/lock-file-maintenance")
DEBUG: Skipping branch creation as not within schedule(branch="renovate/lock-file-maintenance")
DEBUG: Removing any stale branches
DEBUG: config.repoIsOnboarded=true
DEBUG: No renovate branches found
DEBUG: Repository timing splits (milliseconds)
{
"splits": {
"init": 3222,
"extract": 1273,
"lookup": 1521,
"update": 612
},
"total": 6645
}
DEBUG: http statistics
{
"hostStats": [
"api.github.com, 5 requests, 231ms request average, 0ms queue average",
"registry.npmjs.org, 1 request, 170ms request average, 0ms queue average"
],
"totalRequests": 6
}
INFO: Repository finished
{
"durationMs": 6645
} |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
I think it's worth nothing that when running the command that renovate currently uses to update the
Feel free to let me know if there's anything else I can provide or do to help resolve the issue :) |
I am fairly certain it's a matter of the file just not being committed by renovate. |
@cyrus-za when I fork your repo and run it with the app or locally then I can't reproduce the problem. The lock file is updated fine, e.g. https://github.com/renovate-tests/renovate-pnpm-issue/pull/2/files Can you tick the retry/rebase checkbox in your PR to see if it is also working there? FYI I cannot recall any changes or fixes we made which would have impacted pnpm |
@rarkins the test repo actually worked. It just took like a day to see the first PR to find out if it works. So I knew it had to be something else in the private repo. I assumed it had to do with the fact that something on the renovate server cached it as a yarn repo and when I switched to pnpm, it was still looking for a yarn.lock and not a pnpm lockfile.
What ended up solving the problem was adding my npm token to the renovate.json as I got a private package in my package.json Nowhere in the logs or PR comments did it hint anything at that. All it had (which I didn't initially see in between all the PR comments from vercel) was an artifact problem with a blank error message I suggest we leave this issue open until there's better error messages when pnpm throws a 404 due to missing token. Also, a bit off topic, but I'd like to request a feature to not need to add the token in the config file seeing as its in source control and it just feels wrong, even though its a private repo. Maybe we can do {
"npm_token": "$NPM_TOKEN"
} and then add it to env on github and give the bot access? Or if thats not possible, maybe a interface on renovate site (where we find the logs) to add environment variables. |
If you want to keep this open for a related topic, plesae update the title and description accordingly. A reproduction will still be needed too, assuming you're not intending to debug it yourself. Re: off-topic: For the hosted app, you can use "encrypted" objects. Search the docs/repo for examples. We will migrate from that to #8070 soon too |
Could it be that this only fails when there's workspaces and the lock file is in a different directory to the |
Ah yes, that sounds like the issue. I've just checked on one of my monorepos using Perhaps walking up to the nearest |
Single lockfile and single package.json side-by-side in root. Using nx workspaces, but should not be relevant to renovate as it isn't like yarn workspace or pnpm workspace or lerna where we got sub-modules / packages with their own package.json |
Can this issue be closed? |
I'm having this issue with renovate as well. Weirdly enough, it worked on a couple PRs, but now even resetting the bot doesn't work (renaming welcome PR and deleting renovate.json).
packages:
# Packages
- "packages/db/**"
- "packages/config/**"
- "packages/**"
{ "extends": ["config:base"] } According to logs, DEBUG: pnpm-lock.yaml hasn't changed(branch="renovate/pinia-2.x")
DEBUG: No updated lock files in branch(branch="renovate/pinia-2.x")
DEBUG: 1 file(s) to commit I can provide more details or open another issue @rarkins ?| |
I can confirm @Hebilicious's issue in our private pnpm monorepo using renovate. |
This comment has been minimized.
This comment has been minimized.
@Hebilicious I tried to reproduce your issue in https://github.com/lukashass/renovate-pnpm-reproduction. Everything seems to be working as expected though. Can you or @BeeeQueue provide a reproduction for your issue? |
This comment has been minimized.
This comment has been minimized.
Could it be related to the repo being private? If not I could try setting up a repro |
I'm not sure what causes it, which is why we need the reproduction somehow. |
Repro: https://github.com/BeeeQueue/renovate-pnpm-repro I made a workflow that passes if the lockfile is not updated so the PRs can be easily identified |
@BeeeQueue Thanks for the reproduction. It seems like the leading The leading
I'm unsure whether renovate should support leading |
Is a leading ./ considered a bad practice or worse for some reason? Otherwise i don't see why it shouldn't be supported If it won't be supported it would at least be nice with a warning about it somewhere if someone runs into it again |
I see two ways of supporting leading The naive way// lib/manager/npm/extract/pnpm.ts
- matchesAnyPattern(
- packageFile,
- packageFilters.map((filter) => filter.replace(/\/?$/, '/package.json')) // TODO #12875
- );
+ (matchesAnyPattern(
+ packageFile,
+ packageFilters.map((filter) => filter.replace(/\/?$/, '/package.json')) // TODO #12875
+ ) ||
+ matchesAnyPattern(
+ './' + packageFile,
+ packageFilters.map((filter) => filter.replace(/\/?$/, '/package.json')) // TODO #12875
+ )); This should work just fine, but is obviously limited to just Use
|
I can also recommend @manypkg/get-packages which supports multiple workspace tools |
This comment has been minimized.
This comment has been minimized.
|
@weyert please don't post me too comments, they don't help. Use the 👍 to vote for it. |
🎉 This issue has been resolved in version 31.43.2 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
What Renovate type, platform and version are you using?
Using whitesource github bot (hosted app)
https://github.com/marketplace/renovate
Describe the bug
I am using
pnpm
(switched after using renovate with yarn previously). All PRs opened by renovatebot only update package.json but no lockfile.I checked docs and pnpm seems to be officially supported.
Relevant debug logs
Have you created a minimal reproduction repository?
Please read the minimal reproductions documentation to learn how to make a good minimal reproduction repository.
Additional context
I added
"compatibility": { "pnpm": "^5.0.0" },
to see if that would help. No luck.Full config below
The text was updated successfully, but these errors were encountered: