env.VERSION Not Initialized When Using pnpm in GitHub Actions

[matteo-cavallo]

When using pnpm as the package manager in a GitHub Action workflow, the environment variable env.VERSION is not properly initialized. This results in the following step failing:

- name: Setup PNPM
  if: ${{ env.PACKAGE_MANAGER == 'pnpm' }}
  uses: pnpm/action-setup@v4
  with:
    version: ${{ env.VERSION }}
    package_json_file: "${{ inputs.path }}/package.json"

Since env.VERSION is not set, the pnpm/action-setup step does not function correctly.

Potential Cause

The issue appears to stem from the package manager detection logic:

elif [ $(find "." -maxdepth 1 -name "pnpm-lock.yaml") ]; then
    echo "PACKAGE_MANAGER=pnpm" >> $GITHUB_ENV
    echo "LOCKFILE=pnpm-lock.yaml" >> $GITHUB_ENV

While PACKAGE_MANAGER and LOCKFILE are being assigned, VERSION is not explicitly set, causing workflows that rely on it to break.

[mikerice]

Also seeing this! Will try to submit a PR if I get a chance

[mikerice]

To follow up: the proper fix is just to ensure that packageManager is defined in your package.json. Otherwise, I don't think there is any reason to either:

1. explicitly define VERSION=latest, which can cause issues for projects that have a defined pnpm version in their package.json
2. perform some magic to use the lockfileVersion in pnpm-lock.yaml as this is backwards compatible and not necessarily a source of truth of the pnpm version being used.

[delucis]

This is fixed by #81!

As noted by @mikerice, it’s best to set packageManager in package.json, which is what https://github.com/nodejs/corepack does automatically for you when in use. This allows you to explicitly control the version.

However, from the 4.1.0 release on we’ll use the latest PNPM version if you haven’t set it.