fix(npm): include credentials without host type for lock file generation #34267
+70
−1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rarkins
reviewed
Feb 17, 2025
| .getAll() | ||
| .filter((rule) => rule.hostType === null || rule.hostType === undefined); | ||
| const effectiveHostRules = npmHostRules.concat(noTypeHostRules); | ||
| logger.debug(`Found ${effectiveHostRules.length} npm host rule(s)`); |
There was a problem hiding this comment.
Can you log how many were found with hostType=npm and then how many were found with empty hostType?
There was a problem hiding this comment.
This should be resolved already?
rarkins
requested changes
Feb 17, 2025
languitar
force-pushed
the
bugfix/npm-post-update-include-rules-without-host-type
branch
2 times, most recently
from
f8a262a to
027c653
Compare
rarkins
previously approved these changes
Feb 18, 2025
viceice
reviewed
Feb 18, 2025
| token: 'sometoken', | ||
| }); | ||
| const res = processHostRules(); | ||
| expect(res).toMatchInlineSnapshot( |
There was a problem hiding this comment.
Sorry for the delay. Changed now.
So far, the post-update task for generating the NPM lock file did not pick up credentials from `hostRules`` that lacked a `hostType`. This was inconsistent to the way renovate had previously determined updatable dependencies. The code path there also included `ruleRules` without a `hostType` defined. As a result, PRs would potentially fail because the lock file generation did not have the same set of credentials available as the trigger for creating a PR at all. Now, lock file generation also picks up credentials without a defined `hostType`. Co-authored-by: Michael Kriese <michael.kriese@gmx.de>
languitar
force-pushed
the
bugfix/npm-post-update-include-rules-without-host-type
branch
from
6e1b0bd to
e18d1b0
Compare
|
please avoid force push |
viceice
approved these changes
Mar 10, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes
So far, the post-update task for generating the NPM lock file did not pick up credentials from
hostRulesthat lacked ahostType. This was inconsistent to the way renovate had previously determined updatable dependencies. The code path there also includedruleRuleswithout ahostTypedefined. As a result, PRs would potentially fail because the lock file generation did not have the same set of credentials available as the trigger for creating a PR at all.Now, lock file generation also picks up credentials without a defined
hostType.Context
Related discussion: #34203
Documentation (please check one with an [x])
How I've tested my work (please select one)
I have verified these changes via: