dependabot-script
dependabot-script copied to clipboard
dependabot
npm_and_yarn json parse error
Deaer dependabot-script team,
We are experiencing some issue with dependabot/dependabot-core image and its scripts
symptoms
We saw this error in our pipeline,
/home/dependabot/dependabot-script/vendor/ruby/2.6.0/gems/dependabot-common-0.118.8/lib/dependabot/shared_helpers.rb:116:in `rescue in run_helper_subprocess': Dependabot::SharedHelpers::HelperSubprocessFailed
from /home/dependabot/dependabot-script/vendor/ruby/2.6.0/gems/dependabot-common-0.118.8/lib/dependabot/shared_helpers.rb:84:in `run_helper_subprocess'
...
from /home/dependabot/dependabot-script/vendor/ruby/2.6.0/gems/dependabot-npm_and_yarn-0.118.8/lib/dependabot/npm_and_yarn/file_updater.rb:39:in `updated_dependency_files'
from ./generic-update-script.rb:212:in `block in <main>'
from ./generic-update-script.rb:174:in `each'
from ./generic-update-script.rb:174:in `<main>'
/usr/lib/ruby/2.6.0/json/common.rb:156:in `parse': 767: unexpected token at '' (JSON::ParserError)
from /usr/lib/ruby/2.6.0/json/common.rb:156:in `parse'
We used the latest dependabot/dependabot-core image. so I think the latest dependabot/dependabot-core is broken
root cause suspects
Further investigation point me to this file shared_helpers.rb and this line
response = JSON.parse(stdout)
By printing the stderr in shared_helpers.rb I found this
Error: Cannot find module './lib/npm'
Require stack:
- /opt/npm_and_yarn/run.js
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:880:15)
at Function.Module._load (internal/modules/cjs/loader.js:725:27)
at Module.require (internal/modules/cjs/loader.js:952:19)
at require (internal/modules/cjs/helpers.js:88:18)
at Socket.<anonymous> (/opt/npm_and_yarn/run.js:12:19)
at Socket.emit (events.js:327:22)
at endReadableNT (internal/streams/readable.js:1327:12)
at processTicksAndRejections (internal/process/task_queues.js:80:21) {
code: 'MODULE_NOT_FOUND',
requireStack: [ '/opt/npm_and_yarn/run.js' ]
}
By inspecting the image file, I found this
root@301c0231d8c2:/home/dependabot/dependabot-script# ls /opt/npm_and_yarn/lib/
npm6 yarn
So is /opt/npm_and_yarn/run.js expecting npm instead of npm6 ?
Thank you
could be related to this https://github.com/dependabot/dependabot-script/issues/416
We experience the same problems, but also with composer:
The cause seems to be a change of composer location. When I exec into the docker container, there is no path /opt/composer/helpers/bin/run, but only /opt/composer/helpers/v1/bin/run and /opt/composer/helpers/v2/bin/run. Any help would be appreciated.
I think this PR is the culprit: https://github.com/dependabot/dependabot-core/pull/2971 it moved npm to npm6
Updating the dependabot-omnibus dependency in the Gemfile solves the issue. (remember to use the correct Bundler version: bundle _1.17.3_ update
Updating the
dependabot-omnibusdependency in the Gemfile solves the issue. (remember to use the correct Bundler version:bundle _1.17.3_ update
Tried updating dependabot-omnibus to 0.130.2 and running with bundler 1.17.3 but that errors out on trying to install commonmarker which is a dependency of dependabot-omnibus
Changing the dependabot-omnibus in the Gemfile to 0.130.2 and doing bundle _1.17.3_ install and bundle _1.17.3_ update worked for me.
I struggled getting dependbot going on Azure Dev Ops Pipeline, I had very similar issues with npm and yarn, in the beginning I tried to get it going on Ruby bundle, but I could not just seem to set the paths for npm helpers correctly (plus the npm and other bins), according to docs you need to build and copy those. Finally I got it going using docker and latest image dependabot-omnibus (~> 0.152.1). It has all the paths and bins set up, just pass the vars to the docker container
I struggled getting dependbot going on Azure Dev Ops Pipeline, I had very similar issues with npm and yarn, in the beginning I tried to get it going on Ruby bundle, but I could not just seem to set the paths for npm helpers correctly (plus the npm and other bins), according to docs you need to build and copy those. Finally I got it going using docker and latest image
dependabot-omnibus (~> 0.152.1). It has all the paths and bins set up, just pass the vars to the docker container
how did you get it running with the docker container?
If I'm using the docker container as well as the lastest omnibus as you mentioned, I still get the error ...
usr/lib/ruby/gems/2.7.0/gems/bundler-1.17.3/lib/bundler/rubygems_integration.rb:200: warning: constant Gem::ConfigMap is deprecated
/usr/lib/ruby/gems/2.7.0/gems/bundler-1.17.3/lib/bundler/rubygems_integration.rb:200: warning: constant Gem::ConfigMap is deprecated
warning: parser/current is loading parser/ruby27, which recognizes
warning: 2.7.3-compliant syntax, but you are running 2.7.1.
warning: please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.
/usr/lib/ruby/2.7.0/json/common.rb:156:in `parse': 783: unexpected token at '' (JSON::ParserError)
from /usr/lib/ruby/2.7.0/json/common.rb:156:in `parse'
from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/clients/azure.rb:53:in `fetch_commit'
from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:73:in `commit'
from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:360:in `_full_specification_for'
from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:370:in `_fetch_file_content'
from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:140:in `fetch_file_from_host'
from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-maven-0.152.1/lib/dependabot/maven/file_fetcher.rb:32:in `pom'
from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-maven-0.152.1/lib/dependabot/maven/file_fetcher.rb:25:in `fetch_files'
from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:65:in `files'
from ./generic-update-script.rb:154:in `<main>'
I struggled getting dependbot going on Azure Dev Ops Pipeline, I had very similar issues with npm and yarn, in the beginning I tried to get it going on Ruby bundle, but I could not just seem to set the paths for npm helpers correctly (plus the npm and other bins), according to docs you need to build and copy those. Finally I got it going using docker and latest image
dependabot-omnibus (~> 0.152.1). It has all the paths and bins set up, just pass the vars to the docker containerhow did you get it running with the docker container?
If I'm using the docker container as well as the lastest omnibus as you mentioned, I still get the error ...
usr/lib/ruby/gems/2.7.0/gems/bundler-1.17.3/lib/bundler/rubygems_integration.rb:200: warning: constant Gem::ConfigMap is deprecated /usr/lib/ruby/gems/2.7.0/gems/bundler-1.17.3/lib/bundler/rubygems_integration.rb:200: warning: constant Gem::ConfigMap is deprecated warning: parser/current is loading parser/ruby27, which recognizes warning: 2.7.3-compliant syntax, but you are running 2.7.1. warning: please see https://github.com/whitequark/parser#compatibility-with-ruby-mri. /usr/lib/ruby/2.7.0/json/common.rb:156:in `parse': 783: unexpected token at '' (JSON::ParserError) from /usr/lib/ruby/2.7.0/json/common.rb:156:in `parse' from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/clients/azure.rb:53:in `fetch_commit' from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:73:in `commit' from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:360:in `_full_specification_for' from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:370:in `_fetch_file_content' from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:140:in `fetch_file_from_host' from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-maven-0.152.1/lib/dependabot/maven/file_fetcher.rb:32:in `pom' from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-maven-0.152.1/lib/dependabot/maven/file_fetcher.rb:25:in `fetch_files' from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:65:in `files' from ./generic-update-script.rb:154:in `<main>'
So I have set up the dependobot as a seperate (standalone) project, project consists of pipeline yaml, dockerfile, gemfile and gemfile lock and the update scripts from this project https://github.com/tinglesoftware/dependabot-azure-devops. I had made some changes for security reasons and in this project implementation there is a npm private registry bug that does not allow me to connect to private npm registry, so semi fixed / hacked that in the update-script.rb ( I also gave an issue, but no reply so far).
trigger:
- none
pool:
vmImage: 'Ubuntu-20.04'
steps:
- script: |
mkdir repo
git clone https://$(AZURE_ACCESS_TOKEN)@dev.azure.com/$(AZURE_ORGANIZATION)/$(AZURE_PROJECT)/_git/$(AZURE_REPOSITORY) repo
cd repo
git checkout $(DEPENDABOT_TARGET_BRANCH)
git pull
displayName: 'Create and checkout git project'
- script: |
docker build -f Dockerfile -t dependobot .
displayName: Build dependobot with project
- script: |
docker run --rm -t \
-e GITHUB_ACCESS_TOKEN=$(GITHUB_ACCESS_TOKEN) \
-e AZURE_PROTOCOL=$(AZURE_PROTOCOL) \
-e AZURE_HOST=$(AZURE_HOSTNAME) \
-e AZURE_PORT=$(AZURE_PORT) \
-e AZURE_ACCESS_TOKEN=$(AZURE_ACCESS_TOKEN) \
-e AZURE_ORGANIZATION=$(AZURE_ORGANIZATION) \
-e AZURE_PROJECT=$(AZURE_PROJECT) \
-e AZURE_REPOSITORY=$(AZURE_REPOSITORY) \
-e DEPENDABOT_PACKAGE_MANAGER=$(DEPENDABOT_PACKAGE_MANAGER) \
-e DEPENDABOT_NPM_CREDENTIALS=$(DEPENDABOT_NPM_CREDENTIALS) \
-e DEPENDABOT_TARGET_BRANCH=$(DEPENDABOT_TARGET_BRANCH) \
-e DEPENDABOT_VERSIONING_STRATEGY=$(DEPENDABOT_VERSIONING_STRATEGY) \
-e DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT=$(DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT) \
-e DEPENDABOT_VERSIONING_STRATEGY=$(DEPENDABOT_VERSIONING_STRATEGY) \
-e DEPENDABOT_SEC_ONLY=$(DEPENDABOT_SEC_ONLY) \
-e DEPENDABOT_DIRECTORY=$DEPENDABOT_DIRECTORY \
dependobot
env:
GITHUB_ACCESS_TOKEN: $(GITHUB_ACCESS_TOKEN)
AZURE_ACCESS_TOKEN: $(AZURE_ACCESS_TOKEN)
AZURE_ORGANIZATION: $(AZURE_ORGANIZATION)
AZURE_PROJECT: $(AZURE_PROJECT)
AZURE_REPOSITORY: $(AZURE_REPOSITORY)
DEPENDABOT_PACKAGE_MANAGER: $(DEPENDABOT_PACKAGE_MANAGER)
DEPENDABOT_TARGET_BRANCH: $(DEPENDABOT_TARGET_BRANCH)
DEPENDABOT_VERSIONING_STRATEGY: $(DEPENDABOT_VERSIONING_STRATEGY)
DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT: $(DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT)
AZURE_PROTOCOL: $(AZURE_PROTOCOL)
AZURE_HOST: $(AZURE_HOST)
AZURE_PORT: $(AZURE_PORT)
DEPENDABOT_NPM_CREDENTIALS: $(DEPENDABOT_NPM_CREDENTIALS)
DEPENDABOT_SEC_ONLY: $(DEPENDABOT_SEC_ONLY)
displayName: 'Execute dependobot script'
Whats its important is to copy the repo, scrtipts, gemlock.file into container, I do this with following Dockerfile
FROM dependabot/dependabot-core:0.155.0
# Copy the Gemfile and Gemfile.lock
ARG CODE_DIR=/home/dependabot/dependabot-script
RUN mkdir -p ${CODE_DIR}
COPY --chown=dependabot:dependabot Gemfile Gemfile.lock ${CODE_DIR}/
WORKDIR ${CODE_DIR}
# Install dependencies
RUN bundle config set --local path "vendor" \
&& bundle install --jobs 4 --retry 3
# Copy the Ruby scripts
COPY --chown=dependabot:dependabot update.rb ${CODE_DIR}
COPY --chown=dependabot:dependabot azure_helpers.rb ${CODE_DIR}
# Copy the repository
COPY --chown=dependabot:dependabot ./repo/ ${CODE_DIR}
# Run update script
ENTRYPOINT ["bundle", "exec", "ruby", "./update.rb"]
This has recently surfaced in Github's dependabot alerts. We have detected this as the most recent alerts show Dependabot::DependencyFileNotParseable errors. I have tried running dependabot-script locally for package manager npm_and_yarn with the following error logs:
/Users/retracted/.rvm/rubies/ruby-3.0.0/lib/ruby/3.0.0/json/common.rb:216:in `parse': 809: unexpected token at '' (JSON::ParserError)
from /Users/retracted/.rvm/rubies/ruby-3.0.0/lib/ruby/3.0.0/json/common.rb:216:in `parse'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb:197:in `parse_package_lock'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb:56:in `npm_lockfile_details'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb:27:in `block in lockfile_details'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb:24:in `each'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb:24:in `lockfile_details'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:96:in `build_dependency'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:74:in `block (3 levels) in manifest_dependencies'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:70:in `each'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:70:in `block (2 levels) in manifest_dependencies'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:68:in `each'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:68:in `block in manifest_dependencies'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:62:in `each'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:62:in `manifest_dependencies'
from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:41:in `parse'
from ./generic-update-script.rb:167:in `<main>'
I have also confirmed that the bug is not due to updates in the package-lock.json file as the following dependabot-script runs result in the same error:
- Ran locally against a previous lockfile version
- Ran locally against a regenerated-from-scratch lockfile
- By deleting node modules
- Clearing npm cache
- Running npm install
- Pushing to remote branch
- Running dependabot-script against that branch
- Triggered a retry from Github's dependabot alerts
- From another repository
- Created prior to the introduction of the bug
- It now shows the same
Dependabot::DependencyFileNotParseableerror
same issue:
2022-06-12T07:06:18.3167374Z ##[section]Starting: react-frontend
2022-06-12T07:06:18.3176921Z ==============================================================================
2022-06-12T07:06:18.3177262Z Task : Dependabot
2022-06-12T07:06:18.3177602Z Description : Automatically update dependencies and vulnerabilities in your code
2022-06-12T07:06:18.3177913Z Version : 1.6.202
2022-06-12T07:06:18.3178156Z Author : Tingle Software
2022-06-12T07:06:18.3178541Z Help : For help please visit https://github.com/tinglesoftware/dependabot-azure-devops
2022-06-12T07:06:18.3178963Z ==============================================================================
2022-06-12T07:06:18.4910315Z [command]/usr/bin/docker run --rm -i -e DEPENDABOT_PACKAGE_MANAGER=npm -e DEPENDABOT_FAIL_ON_EXCEPTION=true -e DEPENDABOT_EXCLUDE_REQUIREMENTS_TO_UNLOCK= -e AZURE_PROTOCOL=https -e AZURE_HOSTNAME=dev.azure.com -e AZURE_ORGANIZATION=<org> -e AZURE_PROJECT=<project> -e AZURE_REPOSITORY=react-frontend -e AZURE_ACCESS_TOKEN=*** -e AZURE_SET_AUTO_COMPLETE=true -e AZURE_MERGE_STRATEGY=1 -e DEPENDABOT_VERSIONING_STRATEGY=auto -e DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT=50 -e DEPENDABOT_EXTRA_CREDENTIALS=*** -e GITHUB_ACCESS_TOKEN=*** -e AZURE_AUTO_APPROVE_PR=false tingle/dependabot-azure-devops:0.6
2022-06-12T07:06:21.1432312Z warning: parser/current is loading parser/ruby27, which recognizes2.7.6-compliant syntax, but you are running 2.7.5.
2022-06-12T07:06:21.1434525Z Please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.
2022-06-12T07:06:21.8171089Z GitHub access token has been provided.
2022-06-12T07:06:21.8177426Z Using hostname = 'dev.azure.com', protocol = 'https', port = '443'.
2022-06-12T07:06:21.8178120Z Using 'https://dev.azure.com:443/' as API endpoint
2022-06-12T07:06:21.8178773Z Fetching npm_and_yarn dependency files for <org>/<project>/_git/react-frontend
2022-06-12T07:06:21.8179310Z Targeting 'default' branch under '/' directory
2022-06-12T07:06:21.8179812Z Using 'bump_versions' requirements update strategy
2022-06-12T07:06:21.8180179Z Parsing dependencies information
2022-06-12T07:06:28.2132784Z Checking if @craco/craco 6.4.3 needs updating
2022-06-12T07:06:28.2133308Z No update needed for @craco/craco 6.4.3
2022-06-12T07:06:28.2133748Z Checking if @emotion/react 11.9.0 needs updating
2022-06-12T07:06:28.2134168Z No update needed for @emotion/react 11.9.0
2022-06-12T07:06:28.2134635Z Checking if @emotion/styled 11.8.1 needs updating
2022-06-12T07:06:28.2135055Z No update needed for @emotion/styled 11.8.1
2022-06-12T07:06:28.2135497Z Checking if @hookform/resolvers 2.9.0 needs updating
2022-06-12T07:08:41.2192383Z Requirements to unlock own
2022-06-12T07:08:41.2192772Z Updating @hookform/resolvers from 2.9.0 to 2.9.1
2022-06-12T07:09:30.0347154Z /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:129:in `rescue in run_helper_subprocess': Dependabot::SharedHelpers::HelperSubprocessFailed
2022-06-12T07:09:30.0375096Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:78:in `run_helper_subprocess'
2022-06-12T07:09:30.0376565Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:137:in `run_yarn_top_level_updater'
2022-06-12T07:09:30.0377731Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:108:in `block (2 levels) in run_yarn_updater'
2022-06-12T07:09:30.0378838Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:106:in `chdir'
2022-06-12T07:09:30.0379915Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:106:in `block in run_yarn_updater'
2022-06-12T07:09:30.0381244Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:168:in `with_git_configured'
2022-06-12T07:09:30.0382281Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:105:in `run_yarn_updater'
2022-06-12T07:09:30.0383376Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:77:in `run_current_yarn_update'
2022-06-12T07:09:30.0384495Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:58:in `block in updated_yarn_lock'
2022-06-12T07:09:30.0385648Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:49:in `block in in_a_temporary_directory'
2022-06-12T07:09:30.0386446Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:49:in `chdir'
2022-06-12T07:09:30.0387257Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:49:in `in_a_temporary_directory'
2022-06-12T07:09:30.0388281Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:54:in `updated_yarn_lock'
2022-06-12T07:09:30.0389248Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:30:in `updated_yarn_lock_content'
2022-06-12T07:09:30.0390175Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:170:in `updated_yarn_lock_content'
2022-06-12T07:09:30.0391052Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:114:in `yarn_lock_changed?'
2022-06-12T07:09:30.0391942Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:138:in `block in updated_lockfiles'
2022-06-12T07:09:30.0392780Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:137:in `each'
2022-06-12T07:09:30.0393632Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:137:in `updated_lockfiles'
2022-06-12T07:09:30.0394518Z from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:39:in `updated_dependency_files'
2022-06-12T07:09:30.0395134Z from ./update-script.rb:335:in `block in <main>'
2022-06-12T07:09:30.0395589Z from ./update-script.rb:273:in `each'
2022-06-12T07:09:30.0396011Z from ./update-script.rb:273:in `<main>'
