You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Examine package.json and yarn.lock in this repository. Note that while yarn.lock specifies the dependency (lodash used as an example, but the
exact package is not important) at one version, package.json has the
dependency version updated.
Run yarn install --frozen-lockfile. Note that it bails out with an error
that lockfile should be updated.
Run yarn install --frozen-lockfile --force. Note that the command succeeds.
The version installed in node_modules is different than lockfile specifies,
but lockfile is not updated. This behaviour is identical as if yarn install --pure-lockfile was run at this point.
Finally run yarn install and confirm that lockfile is indeed updated.
What is the expected behavior? https://yarnpkg.com/en/docs/cli/install says that --frozen-lockfile fails if an update to lockfile is needed. Description of --force does not involve lockfile, only refetching packages. Description of neither --frozen-lockfile nor --force mentions any exception nor possible interactions between those two.Therefore I'd expect yarn install --force --frozen-lockfile to bail out if lockfile is outdated.
Please mention your node.js, yarn and operating system version.
$ node -v
v8.9.4
$ yarn -v
1.3.2
The text was updated successfully, but these errors were encountered:
Do you want to request a feature or report a bug?
Bug
What is the current behavior?
Yarn install incorrectly behaves when both
--frozen-lockfile
and--force
are present.If the current behavior is a bug, please provide the steps to reproduce.
0. Clone https://gist.github.com/1c31682a46ae4ef33f544377003075f7.git
package.json
andyarn.lock
in this repository. Note that whileyarn.lock
specifies the dependency (lodash
used as an example, but theexact package is not important) at one version,
package.json
has thedependency version updated.
yarn install --frozen-lockfile
. Note that it bails out with an errorthat lockfile should be updated.
yarn install --frozen-lockfile --force
. Note that the command succeeds.The version installed in
node_modules
is different than lockfile specifies,but lockfile is not updated. This behaviour is identical as if
yarn install --pure-lockfile
was run at this point.yarn install
and confirm that lockfile is indeed updated.What is the expected behavior?
https://yarnpkg.com/en/docs/cli/install says that
--frozen-lockfile
fails if an update to lockfile is needed. Description of--force
does not involve lockfile, only refetching packages. Description of neither--frozen-lockfile
nor--force
mentions any exception nor possible interactions between those two.Therefore I'd expectyarn install --force --frozen-lockfile
to bail out if lockfile is outdated.Please mention your node.js, yarn and operating system version.
The text was updated successfully, but these errors were encountered: