action-setup icon indicating copy to clipboard operation
action-setup copied to clipboard

Published 20 hours ago verified publisher icon pnpm

Error in CI: ERR_PNPM_FROZEN_LOCKFILE_WITH_OUTDATED_LOCKFILE  Cannot perform a frozen installation because the lockfile needs updates

Open pinalbhatt opened this issue 3 years ago • 24 comments

My Action Step is `

  uses: pnpm/[email protected]

  with:

    version: 6.x

    run_install: true

`

I am getting below error when running this action

Error in CI: ERR_PNPM_FROZEN_LOCKFILE_WITH_OUTDATED_LOCKFILE  Cannot perform a frozen installation because the lockfile needs updates

and when try to fix my lockfile locally with command npm i --fix-lockfile i get following error: ` npm i --fix-lockfile
npm ERR! Cannot read properties of null (reading 'matches')

npm ERR! A complete log of this run can be found in: npm ERR! /Users/un/.npm/_logs/2022-05-01T10_32_11_056Z-debug-0.log `

pinalbhatt avatar May 01 '22 10:05 pinalbhatt

npm i --fix-lockfile

Can you try pnpm i --fix-lockfile?

KSXGitHub avatar May 01 '22 10:05 KSXGitHub

@KSXGitHub

pnpm i --fix-lockfile
 ERR_PNPM_SPEC_NOT_SUPPORTED_BY_ANY_RESOLVER  [email protected][email protected][email protected] isn't supported by any available resolver.

This error happened while installing the dependencies of [email protected]
Progress: resolved 28, reused 29, downloaded 0, added 0

Note that npm i --legacy-peer-deps works fine when using npm.

pinalbhatt avatar May 01 '22 12:05 pinalbhatt

For now i have fixed issue by adding following to my .npmrc file

auto-install-peers=true

strict-peer-dependencies=false

pinalbhatt avatar May 01 '22 14:05 pinalbhatt

and when try to fix my lockfile locally with command npm i --fix-lockfile i get following error:

Why do you run npm i if you use pnpm?

You should run pnpm install and commit the lockfile.

zkochan avatar May 01 '22 23:05 zkochan

Is you using latest pnpm the version of 7.x?

Innei avatar May 02 '22 15:05 Innei

the same error

➜  toolbox git:(master) pnpm i --fix-lockfile
 ERR_PNPM_SPEC_NOT_SUPPORTED_BY_ANY_RESOLVER  [email protected][email protected] isn't supported by any available resolver.

liuzhaowei55 avatar Sep 15 '22 14:09 liuzhaowei55

the same error

➜  toolbox git:(master) pnpm i --fix-lockfile
 ERR_PNPM_SPEC_NOT_SUPPORTED_BY_ANY_RESOLVER  [email protected][email protected] isn't supported by any available resolver.

rerun pnpm install and commit the lockfile, its ok

liuzhaowei55 avatar Sep 15 '22 14:09 liuzhaowei55

the same error with node-fetch

I have this in my resolutions

"node-fetch": "@2.6.7",  ERR_PNPM_SPEC_NOT_SUPPORTED_BY_ANY_RESOLVER  node-fetch@@2.6.7 isn't supported by any available resolver.

This error happened while installing the dependencies of [email protected]

damiangreen avatar Nov 02 '22 14:11 damiangreen

Same error here.

➜  pnpm i --fix-lockfile
Scope: all 10 workspace projects
.../apps/app:
 ERR_PNPM_SPEC_NOT_SUPPORTED_BY_ANY_RESOLVER  [email protected][email protected] isn't supported by any available resolver.

This error happened while installing the dependencies of @hookform/[email protected]
Progress: resolved 309, reused 309, downloaded 0, added 0

getting this in CI:

Scope: all 10 workspace projects
Lockfile is up to date, resolution step is skipped
 ERR_PNPM_OUTDATED_LOCKFILE  Cannot install with "frozen-lockfile" because pnpm-lock.yaml is not up to date with apps/app/package.json

Note that in CI environments this setting is true by default. If you still need to run install in such cases, use "pnpm install --no-frozen-lockfile"

bartvanremortele avatar Nov 18 '22 13:11 bartvanremortele

Same error! Running pnpm i --fix-lockfile does not change the lockfile, but in CI I keep getting an error.

This is with a project that has a peer dependency listed like this:

"peerDependencies": {
  "@ethersproject/bignumber": "5.x"
},

PaulRBerg avatar Mar 28 '23 08:03 PaulRBerg

You need to update pnpm before running it :)

ramnes avatar Mar 28 '23 10:03 ramnes

Yeah, I was on v7.30.1. After upgrading to v8, I can confirm that running --fix-lockfile fixed the issue.

Thanks for your help, @ramnes.

PaulRBerg avatar Mar 28 '23 10:03 PaulRBerg

Just encountered the same issue in Azure Pipelines. I can also confirm that updating from pnpm 7 to 8 and fixing the lockfile again worked for me.

jonraem avatar Mar 28 '23 10:03 jonraem

Same here. Upgraded from pnpm v7 to v8 and fixing the lock file using the --fix-lockfile option fixed the issue

talik077 avatar Mar 28 '23 13:03 talik077

same problem today. this worked for us.

  • corepack prepare pnpm@latest --activate
  • corepack enable
  • pnpm -v should see 8.0.0
  • pnpm i --fix-lockfile

not sure exactly what caused this but maybe something upstream? it feels suspicious that this issue had comments September 2022 and now there's a lot more traffic today...

jyono avatar Mar 28 '23 14:03 jyono

@jyono The spike is probably related to the pnpm v8 release just a few hours ago, which seems to require a new lockfile version when installing with --frozen-lockfile (which some CI/CD environments default to).

We ran into this issue too, because our CI/CD was pulling the latest pnpm version. Earlier today, that was v7, until this switched to v8, breaking our builds due to the unsupported lockfile version.

Locally installing pnpm v8 and updating the lockfile (as per above posts) worked.

Alternatively, you can also fix your pnpm version to pnpm@^7 and stick with the old lockfile.

echocrow avatar Mar 28 '23 15:03 echocrow

I guess the takeaway from this issue is to always use specific versions of external dependencies in CI.

PaulRBerg avatar Mar 28 '23 16:03 PaulRBerg

I guess the takeaway from this issue is to always use specific versions of external dependencies in CI.

(+1, ironically also why the lockfiles in question exist)

echocrow avatar Mar 28 '23 19:03 echocrow

pnpm lock is incompatible between v7 and v8? any plan to fix?

njleonzhang avatar Mar 29 '23 06:03 njleonzhang

@njleonzhang probably better to open a separate issue or discussion on this. but from my understanding, pnpm v8 can read lockfile v5 (used by pnpm v7) , and will automatically upgrade them to lockfile v6 when running pnpm install. (This is also stated in their v8 migration instructions.)

the recent comments in this issue arose from running pnpm install --frozen-lockfile (which prohibits updates to the lockfile) with pnpm v8 while still using a lockfile v5.

echocrow avatar Mar 29 '23 09:03 echocrow

I have a @formkit/auto-animate dependency, version 1.0.0-beta.6, pnpm version 8.1.0

I'm getting the ERR_PNPM_SPEC_NOT_SUPPORTED_BY_ANY_RESOLVER  @formkit@[email protected] isn't supported by any available resolver. error in CI.

exsesx avatar Mar 30 '23 10:03 exsesx

@jyono The spike is probably related to the pnpm v8 release just a few hours ago, which seems to require a new lockfile version when installing with --frozen-lockfile (which some CI/CD environments default to).

We ran into this issue too, because our CI/CD was pulling the latest pnpm version. Earlier today, that was v7, until this switched to v8, breaking our builds due to the unsupported lockfile version.

Locally installing pnpm v8 and updating the lockfile (as per above posts) worked.

Alternatively, you can also fix your pnpm version to pnpm@^7 and stick with the old lockfile.

thanks!

jyono avatar Mar 30 '23 15:03 jyono

Summary: Use corepack to manage package manager is the best choice. This enforces the same manager in different environments. For example, you are running pnpm@7 locally but pnpm@8 in ci, the lockfile format will break the installation. So, please make sure you have packageManager field defined in your package.json instead of specifing a pnpm version in the workflow file manually.

so1ve avatar Apr 01 '23 08:04 so1ve