berry icon indicating copy to clipboard operation
berry copied to clipboard
verified publisher icon yarnpkg

[Bug?]: Yarn upgrade doesn't upgrade patches

Open tobiasdiez opened this issue 3 years ago • 6 comments

Self-service

  • [ ] I'd be willing to implement a fix

Describe the bug

If you have created a patch for a dependency and then upgrade the dependency, the corresponding patch is not upgraded. The expected behavior would be that yarn tries to apply the patch on the upgraded dependency, and if this succeeds updates the patch file and the resolution field.

To reproduce

const {promises: {readFile}} = require(`fs`);

await packageJsonAndInstall({
  dependencies: {"@nuxtjs/tailwindcss": "^5.3.3"},
  resolutions: {"@nuxtjs/[email protected]": "patch:@nuxtjs/tailwindcss@npm%3A5.3.3#./.yarn/patches/@nuxtjs-tailwindcss-npm-5.3.3-e31175b5f6.patch",}
});

await yarn(`up`, `@nuxtjs/tailwindcss`);

const pkgJson = JSON.parse(await readFile(`package.json`, `utf8`));
expect(pkgJson.dependencies).toStrictEqual({"@nuxtjs/tailwindcss": "^5.3.5"});
expect(pkgJson.resolutions).toStrictEqual({"@nuxtjs/[email protected]": "patch:@nuxtjs/tailwindcss@npm%3A5.3.5#./.yarn/patches/@nuxtjs-tailwindcss-npm-5.3.5-xyz.patch"});

Environment

System:
    OS: Linux 5.4 Debian GNU/Linux 10 (buster) 10 (buster)
    CPU: (16) x64 Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz
  Binaries:
    Node: 16.15.1 - /tmp/xfs-9b27c579/node
    Yarn: 4.0.0-rc.25.dev - /tmp/xfs-9b27c579/yarn
    npm: 8.11.0 - ~/.nvm/versions/node/v16.15.1/bin/npm

Additional context

No response

tobiasdiez avatar Oct 18 '22 10:10 tobiasdiez

Hi! 👋

This issue looks stale, and doesn't feature the reproducible label - which implies that you didn't provide a working reproduction using Sherlock. As a result, it'll be closed in a few days unless a maintainer explicitly vouches for it or you edit your first post to include a formal reproduction (you can use the playground for that).

Note that we require Sherlock reproductions for long-lived issues (rather than standalone git repositories or similar) because we're a small team. Sherlock gives us the ability to check which bugs are still affecting the master branch at any given point, and decreases the amount of code we need to run on our own machines (thus leading to faster bug resolutions). It helps us help you! 😃

If you absolutely cannot reproduce a bug on Sherlock (for example because it's a Windows-only issue), a maintainer will have to manually add the upholded label. Thanks for helping us triaging our repository! 🌟

yarnbot avatar Nov 17 '22 11:11 yarnbot

This issue reproduces on master:

Error: expect(received).toStrictEqual(expected) // deep equality

- Expected
+ Received

  Object {
-   "@nuxtjs/tailwindcss": "^5.3.5",
+   "@nuxtjs/tailwindcss": "^6.1.3",
  }
    at module.exports (evalmachine.<anonymous>:12:30)
    at async /github/workspace/.yarn/cache/@arcanis-sherlock-npm-2.0.3-558f52b79f-286d94b96d.zip/node_modules/@arcanis/sherlock/lib/executeRepro.js:57:13
    at async executeInTempDirectory (/github/workspace/.yarn/cache/@arcanis-sherlock-npm-2.0.3-558f52b79f-286d94b96d.zip/node_modules/@arcanis/sherlock/lib/executeRepro.js:18:16)
    at async executeRepro (/github/workspace/.yarn/cache/@arcanis-sherlock-npm-2.0.3-558f52b79f-286d94b96d.zip/node_modules/@arcanis/sherlock/lib/executeRepro.js:25:12)
    at async ExecCommand.execute (/github/workspace/.yarn/cache/@arcanis-sherlock-npm-2.0.3-558f52b79f-286d94b96d.zip/node_modules/@arcanis/sherlock/lib/commands/exec.js:26:38)
    at async ExecCommand.validateAndExecute (/github/workspace/.yarn/cache/clipanion-npm-2.0.0-rc.16-b9444aaf89-4061026d74.zip/node_modules/clipanion/lib/advanced/Command.js:161:26)
    at async Cli.run (/github/workspace/.yarn/cache/clipanion-npm-2.0.0-rc.16-b9444aaf89-4061026d74.zip/node_modules/clipanion/lib/advanced/Cli.js:74:24)
    at async Cli.runExit (/github/workspace/.yarn/cache/clipanion-npm-2.0.0-rc.16-b9444aaf89-4061026d74.zip/node_modules/clipanion/lib/advanced/Cli.js:83:28)

yarnbot avatar Nov 17 '22 11:11 yarnbot

Unfortunately unable to pitch in with this (at least in the next few months), but has any discussion been given to roadmap around a fix? This issue is the last major blocker to making the switch in a number of our projects.

vilkinsons avatar Feb 17 '23 03:02 vilkinsons

We (ab)use yarn patch to fix missing or improperly formatted LICENSE files for installed packages so those can be picked up by FOSS license extraction utilities. When upgrading packages, this becomes super dangerous because suddenly those changes might go missing without any warnings. I'd appreciate at least the ability to configure a rejectPatchedPackageUpgrades or ensureAllPatchesApplied option that'll error out when a patch becomes unused for any reason.

JosXa avatar May 23 '24 14:05 JosXa

I suppose you can manually reapply the patch after upgrade using git apply e.g.

yarn patch @storybook/core@npm:8.3.5
➤ YN0000: Package @storybook/core@npm:8.3.5 got extracted with success!
➤ YN0000: You can now edit the following folder: /private/var/folders/1s/bw5z19qs3j3fgxf5dw38cj5h75ghqw/T/xfs-aef57e13/user
➤ YN0000: Once you are done run yarn patch-commit -s /private/var/folders/1s/bw5z19qs3j3fgxf5dw38cj5h75ghqw/T/xfs-aef57e13/user and Yarn will store a patchfile based on your changes.
➤ YN0000: Done in 0s 112ms
# apply old patch to newer version
git apply .yarn/patches/@storybook-core-npm-8.3.3-4c1cd3fdb1.patch --directory=/private/var/folders/1s/bw5z19qs3j3fgxf5dw38cj5h75ghqw/T/xfs-aef57e13/user --unsafe-paths
# verify changes and then commit
yarn patch-commit -s /private/var/folders/1s/bw5z19qs3j3fgxf5dw38cj5h75ghqw/T/xfs-aef57e13/user

psychobolt avatar Oct 10 '24 05:10 psychobolt

@psychobolt lifesaver, thank you!

Additional note for patching things, folks: Always use the library's linter/formatter do not add any extra characters (or use command + P -> Save without formatting in VSCode)

vargajacint avatar Sep 10 '25 08:09 vargajacint