PR autoclosed same day it was opened, no changes in repo

[glasser]

What Renovate type, platform and version are you using?

Hosted app. GitHub. npm package.json.

Describe the bug

This repository has a very simple renovate.json:

{
  "extends": [
    "config:base"
  ]
}

It contains a few npm projects in subdirectories with their own package.json files. They currently all contain "apollo-server": "^2.21.1". The point of this repo is to be always-up-to-date examples of using Apollo Server, so we're really excited about using Renovate here.

Issue 1: v2.22.0 of apollo-server was released 25 days ago and v2.23.0 was released 5 days ago, but oddly Renovate did not try to update the package at all until earlier today (ie, it never tried to go to v2.22.0). (Here's the log of the upgrading run in case you have permissions to see it.

Issue 2: It finally did open an upgrading PR but then a few runs later, it auto-closed the PR.

During this whole period we did not make any commits to this repository.

Relevant debug logs

There seems to be a difference in the log line starting with packageFiles with updates. I provided links to two runs above in case you have permissions.

packageFiles with updates for the run that created the branch

DEBUG: packageFiles with updates
{
  "config": {
    "npm": [
      {
        "packageFile": "custom-directives/upper-case-directive/package.json",
        "deps": [
          {
            "depType": "dependencies",
            "depName": "apollo-server",
            "currentValue": "^2.21.1",
            "datasource": "npm",
            "prettyDepType": "dependency",
            "lockedVersion": "2.21.1",
            "depIndex": 0,
            "updates": [
              {
                "newVersion": "2.23.0",
                "newValue": "^2.23.0",
                "bucket": "non-major",
                "newMajor": 2,
                "newMinor": 23,
                "updateType": "minor",
                "isRange": true,
                "releaseTimestamp": "2021-04-14T23:23:47.477Z",
                "skippedOverVersions": [
                  "2.21.2",
                  "2.22.0",
                  "2.22.1",
                  "2.22.2"
                ],
                "branchName": "renovate/apollo-graphql-packages"
              }
            ],
            "warnings": [],
            "sourceUrl": "https://github.com/apollographql/apollo-server",
            "sourceDirectory": "packages/apollo-server",
            "currentVersion": "2.21.1",
            "isSingleVersion": false,
            "fixedVersion": "2.21.1"
          },

packageFiles with updates for the run that autoclosed

Note that if I look at older runs before the one that created the branch, they look like this too (ie, they don't see v2.23, or v2.22 that's been out for weeks).

DEBUG: packageFiles with updates
{
  "config": {
    "npm": [
      {
        "packageFile": "custom-directives/upper-case-directive/package.json",
        "deps": [
          {
            "depType": "dependencies",
            "depName": "apollo-server",
            "currentValue": "^2.21.1",
            "datasource": "npm",
            "prettyDepType": "dependency",
            "lockedVersion": "2.21.1",
            "depIndex": 0,
            "updates": [],
            "warnings": [],
            "sourceUrl": "https://github.com/apollographql/apollo-server",
            "sourceDirectory": "packages/apollo-server",
            "fixedVersion": "2.21.1"
          },

logs about auto-closing

DEBUG: Removing any stale branches
DEBUG: config.repoIsOnboarded=true
DEBUG: Branch lists
{
  "branchList": [],
  "renovateBranches": [
    "renovate/apollo-graphql-packages"
  ]
}
DEBUG: remainingBranches=renovate/apollo-graphql-packages
DEBUG: findPr(renovate/apollo-graphql-packages, undefined, open)
DEBUG: Found PR #3
INFO: Autoclosing PR
{
  "branchName": "renovate/apollo-graphql-packages",
  "prNo": 3,
  "prTitle": "Update dependency apollo-server to ^2.23.0"
}

The auto-closing run does not have any WARN or higher log lines.

Have you created a minimal reproduction repository?

Please read the minimal reproductions documentation to learn how to make a good minimal reproduction repository.

• I have provided a minimal reproduction repository
• I don't have time for that, but it happens in a public repository I have linked to
• I don't have time for that, and cannot share my private repository
• The nature of this bug means it's impossible to reproduce publicly

(I think this reproduction is pretty minimal already, in that the config file is minimal? The only odd things about this repo, I think, are that it contains multiple sub-projects, and that the package in question is part of one of the built-in groups so it gets a special renovate/apollo-graphql-packages branch name.)

[viceice]

Duplicate of #9627

[glasser]

@viceice Hi, are you suggesting that the issue is #9634 ? I don't know that the description matches — in this case the range is apollo-server@^2.21.1 and the locked version is 2.21.1 which doesn't match "The locked version is not the highest version matching the range, or the same version as the range", does it?

[rarkins]

@glasser it's almost definitely the same bug. The app was subsequently rolled back to a version before the bug which lead to the auto close. Today it will roll forward again to a version where the bug is fixed and should stay closed.

[glasser]

OK, so should we eventually see a PR for this package? It's run again as recently as an hour ago with no update. I'm guessing we just have something misconfigured in the repo that's preventing Renovate from upgrading apollo-server but I'm not sure what... we're just using default config:base configuration, with a few separate directories with package.json files under it.

[rarkins]

Please check out the docs for rangeStrategy. Renovate won't by default upgrade dependencies which are "in range". You probably want update-lockfile or bump strategy. Or maybe to pin the dependencies?

[glasser]

You're absolutely right. Sorry to waste your time. I appreciate the incredible support you provide and should work a little harder to let you do a little less of it.