greenkeeper icon indicating copy to clipboard operation
greenkeeper copied to clipboard

Published 20 hours ago verified publisher icon greenkeeperio

False in-range breaking update alerts (incorrect yarn.lock generation?)

Open ovidiuch opened this issue 6 years ago • 6 comments

react-cosmos has been getting a lot of these issues lately

image

And if you look at the builds they do indeed fail.

But if you look closely at one of the related branches (here is one example) you can see there's something wrong with yarn.lock. Just a patch bump for eslint-plugin-flowtype is removing 2400+ lines from yarn.lock, including a lot of packages that I know should still be there.

And if I upgrade all the packages mentioned by Greenkeeper myself I get no errors. Example.

The react-cosmos repo is being spammed with these at the moment so any help is appreciated. Thanks!

ovidiuch avatar Sep 19 '18 08:09 ovidiuch

Hi @skidding, thanks for the detailed report, we’re currently investigating this.

janl avatar Sep 19 '18 09:09 janl

@skidding and here we are. It looks like this has to do with lerna workspaces. We currently support only the variant (IIRC), where the workspace config lives in package.json, but not in lerna.json. This is something we’ll add in the near future. Sorry for the trouble :/

janl avatar Sep 19 '18 09:09 janl

@janl Thanks for the quick response!

We currently support only the variant (IIRC), where the workspace config lives in package.json, but not in lerna.json.

The workspace config does live in package.json.

lerna.json only has Lerna-related config that is relevant on publish, not on install.

Am I missing something?

ovidiuch avatar Sep 19 '18 10:09 ovidiuch

This how happens in regular PRs as well.

Example: https://github.com/react-cosmos/react-cosmos/pull/862/files

[email protected] to [email protected] and +161 −2,437 yarn.lock diff.

ovidiuch avatar Sep 21 '18 20:09 ovidiuch

Thanks for that, @skidding. You’re not missing anything, I’m afraid that’s a limitation of how we currently do yarn lockfiles. However, we’ve got the issue on our roadmap and I’ll let you know here once we’re done. Thanks for your patience!

espy avatar Sep 24 '18 09:09 espy

I've been trying to get Greenkeeper working in a Yarn workspaces repo, and I am also seeing the same issue, where lockfile changes from Greenkeeper simply ignore anything beyond the root package.json, so all packages/**/package.json are removed from the yarn.lock.

image

I'm trying to figure out a way to make it work with https://github.com/greenkeeperio/greenkeeper-lockfile but it's difficult to test since I have to wait for updates to packages to see if my changes work. There's lots of guards in that project (e.g. initial build, not a pull request) that I can't simulate very well.

jbinto avatar Feb 16 '19 18:02 jbinto