Skip to content

fix(releases): explicitly use no frozen lockfile in the install step #2733

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
myftija merged 1 commit into from
Dec 3, 2025
Merged

fix(releases): explicitly use no frozen lockfile in the install step #2733

myftija merged 1 commit into from
Dec 3, 2025

Conversation

@myftija
Copy link
Collaborator

@myftija myftija commented Dec 3, 2025

No description provided.

@changeset-bot
Copy link

changeset-bot bot commented Dec 3, 2025

⚠️ No Changeset found

Latest commit: 33c6758

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Dec 3, 2025
edited
Loading

Walkthrough

The pull request modifies a GitHub Actions workflow file that handles release processes. Specifically, the "Update lockfile on release PR" step now invokes pnpm install --no-frozen-lockfile instead of pnpm install. This flag change allows the lockfile to be modified during the installation process, rather than enforcing strict lockfile immutability. The modification is limited to this single command invocation with no other workflow logic or control flow changes.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

  • Single file modified (.github/workflows/release.yml)
  • One-line change adding a single CLI flag (--no-frozen-lockfile)
  • Clear, straightforward intent with minimal context needed
  • No logic branching or conditional changes

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Description check ⚠️ Warning The pull request description is missing entirely. The required template includes sections for Testing, Changelog, and Screenshots that must be completed. Add a complete pull request description following the repository template, including Testing steps, Changelog entry, and any relevant information about the change.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and specifically describes the main change: adding --no-frozen-lockfile flag to the pnpm install step in the release workflow.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch fix-install-step
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8b0f51b and 33c6758.

📒 Files selected for processing (1)
  • .github/workflows/release.yml (1 hunks)
🧰 Additional context used
🧠 Learnings (3)
📚 Learning: 2025-11-27T16:27:48.109Z 
Learnt from: CR
Repo: triggerdotdev/trigger.dev PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-27T16:27:48.109Z
Learning: pnpm version `10.23.0` and Node.js version `20.11.1` are required for development

Applied to files:

  • .github/workflows/release.yml
📚 Learning: 2025-11-27T16:27:48.109Z 
Learnt from: CR
Repo: triggerdotdev/trigger.dev PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-27T16:27:48.109Z
Learning: Use pnpm for package management in this monorepo

Applied to files:

  • .github/workflows/release.yml
📚 Learning: 2025-11-27T16:26:44.496Z 
Learnt from: CR
Repo: triggerdotdev/trigger.dev PR: 0
File: .cursor/rules/executing-commands.mdc:0-0
Timestamp: 2025-11-27T16:26:44.496Z
Learning: Execute most monorepo commands using `pnpm run` from the root directory, with `--filter` flag for specific packages (e.g., `pnpm run dev --filter webapp`)

Applied to files:

  • .github/workflows/release.yml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (23)
  • GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (7, 8)
  • GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (2, 8)
  • GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (8, 8)
  • GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (5, 8)
  • GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (1, 8)
  • GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (3, 8)
  • GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (4, 8)
  • GitHub Check: units / internal / 🧪 Unit Tests: Internal (8, 8)
  • GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (6, 8)
  • GitHub Check: units / internal / 🧪 Unit Tests: Internal (4, 8)
  • GitHub Check: units / internal / 🧪 Unit Tests: Internal (5, 8)
  • GitHub Check: units / internal / 🧪 Unit Tests: Internal (2, 8)
  • GitHub Check: units / internal / 🧪 Unit Tests: Internal (7, 8)
  • GitHub Check: units / internal / 🧪 Unit Tests: Internal (6, 8)
  • GitHub Check: units / internal / 🧪 Unit Tests: Internal (1, 8)
  • GitHub Check: units / internal / 🧪 Unit Tests: Internal (3, 8)
  • GitHub Check: units / packages / 🧪 Unit Tests: Packages (1, 1)
  • GitHub Check: typecheck / typecheck
  • GitHub Check: e2e / 🧪 CLI v3 tests (windows-latest - pnpm)
  • GitHub Check: e2e / 🧪 CLI v3 tests (ubuntu-latest - npm)
  • GitHub Check: e2e / 🧪 CLI v3 tests (windows-latest - npm)
  • GitHub Check: e2e / 🧪 CLI v3 tests (ubuntu-latest - pnpm)
  • GitHub Check: Analyze (javascript-typescript)
🔇 Additional comments (1)
.github/workflows/release.yml (1)

129-131: Excellent! This fix correctly enables lockfile updates during release PR creation.

The explicit --no-frozen-lockfile flag is the right approach here. The update-lockfile job runs only when a release PR is being created (if: needs.release.outputs.published != 'true'), and it needs to resolve dependencies and update the lockfile on the changeset-release/main branch. Without this flag, the step would fail if there are any dependency resolution differences. The subsequent commit step (lines 132–143) correctly captures and pushes any lockfile changes.

Meanwhile, the main release job continues to enforce strict lockfile validation at line 49 with --frozen-lockfile during the build phase, maintaining correctness there. The separation of concerns between the two jobs is sound.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@myftija myftija merged commit c5f7a8d into main Dec 3, 2025
31 checks passed
@myftija myftija deleted the fix-install-step branch December 3, 2025 15:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nicktrn nicktrn nicktrn approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@myftija @nicktrn