-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Workspaces Don't Respect --frozen-lockfile #4098
Comments
With 1.0.1, this seems to have gotten even worse. Now, if you run |
I can reproduce this even after the workspaces fixes in yarn 1.2.0. (Note: The STR in the OP are missing the steps to switch into the |
Possibly related? When I clone the following repo at this particular url: I can see that when I run |
This is still an issue with Yarn 1.13.0, and affects most Lerna workflows. |
I am also able to reproduce this with |
@cansin Still an issue with |
This bug makes it quite hard for our project to keep |
@cansin I've been using the following script in CI with some success: #!/bin/bash
# This file exists because as of yarn@1.12.3, --frozen-lockfile is completely
# broken when combined with Yarn workspaces. See https://github.com/yarnpkg/yarn/issues/6291
CKSUM_BEFORE=$(cksum yarn.lock)
yarn install
EXIT_CODE=$?
CKSUM_AFTER=$(cksum yarn.lock)
if [[ $CKSUM_BEFORE != $CKSUM_AFTER ]]; then
echo "yarn_frozen_lockfile.sh: yarn.lock was modified unexpectedly - terminating"
exit 1
fi
exit $EXIT_CODE |
Still an issue in 1.17.3. |
There seems to be a PR that could fix it: #6554 |
You can run $ yarn install
$ ! git diff --name-only | grep yarn.lock |
Closing as this has been fixed in the v2. |
Do you want to request a feature or report a bug?
Bug
What is the current behavior?
If you have a workspace configured and one of the packages has a change that would require the
yarn.lock
to change,yarn install --frozen-lockfile
in the project root changes theyarn.lock
rather than erroring out. Running the same command inside the package itself produces the expected error.If the current behavior is a bug, please provide the steps to reproduce.
https://github.com/epmatsw/yarn-workspace-frozen-lockfile
In that repository, if you run
npm test
(which runsyarn install --frozen-lockfile
) in thenormal
directory, you get an error as expected. If you runnpm test
in theworkspaces/subpackage
directory,you get an error as expectedwith 1.0.1, you get no error and theyarn.lock
is updated. If you runnpm test
in theworkspaces
directory, you get no error and theyarn.lock
is updated.What is the expected behavior?
yarn install --frozen-lockfile
should not update theyarn.lock
and should produce an error.Please mention your node.js, yarn and operating system version.
Node 8.4.0, yarn 0.28.1, macOS 10.12.
The text was updated successfully, but these errors were encountered: