Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependabot break Yarn 2 lockfile #2412

Closed
ylemkimon opened this issue Aug 4, 2020 · 1 comment
Closed

Dependabot break Yarn 2 lockfile #2412

ylemkimon opened this issue Aug 4, 2020 · 1 comment
Labels
T: bug 🐞 Something isn't working

Comments

@ylemkimon
Copy link

ylemkimon commented Aug 4, 2020
edited
Loading

Package manager/ecosystem
JavaScript / Yarn 2

Manifest contents prior to update
package.json

{
  "devDependencies": {
    "caniuse-lite": "^1.0.30001102",
    ...
  },
  ...
}

https://github.com/KaTeX/KaTeX/blob/master/package.json

yarn.lock

"caniuse-lite@npm:^1.0.0, caniuse-lite@npm:^1.0.30000981, caniuse-lite@npm:^1.0.30001093, caniuse-lite@npm:^1.0.30001097, caniuse-lite@npm:^1.0.30001102, caniuse-lite@npm:^1.0.30001109":
  version: 1.0.30001109
...

https://github.com/KaTeX/KaTeX/blob/master/yarn.lock

Updated dependency
caniuse-lite 1.0.30001109 -> 1.0.30001110

What you expected to see, versus what you actually saw

1,10c1,3
<  # This file is generated by running "yarn install" inside your project.
< # Manual changes might be lost - proceed with caution!
< 
< __metadata:
<   version: 4
<   cacheKey: 5
< 
< "@babel/code-frame@npm:^7.0.0, @babel/code-frame@npm:^7.10.4":
<   version: 7.10.4
<   resolution: "@babel/code-frame@npm:7.10.4"
---
>  "@babel/code-frame@^7.0.0", "@babel/code-frame@^7.10.4":
>   version "7.10.4"
>   resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.10.4.tgz#168da1a36e90da68ae8d49c0f1b48c7c6249213a"
12,15c5
<     "@babel/highlight": ^7.10.4
<   checksum: 05245d3b22a3ae849439195c4ee9ce9903dfd8c3fcb5124e77923c45e9f1ceac971cce4c61505974f411a9db432949531abe10ddee92937a0a9c306dc380a5b2
<   languageName: node
<   linkType: hard
---
>     "@babel/highlight" "^7.10.4"

According to #1297,

For the default configuration of yarn v2 dependabot already updates versions correctly.

so this seems to be a regression and not a duplicate.

Images of the diff or a link to the PR, issue or logs

updater | INFO <job_44411994> Checking if caniuse-lite 1.0.30001109 needs updating
  proxy | 2020/08/04 13:08:17 GET https://registry.npmjs.org:443/caniuse-lite
  proxy | 2020/08/04 13:08:17 200 https://registry.npmjs.org:443/caniuse-lite
  proxy | 2020/08/04 13:08:18 GET https://registry.npmjs.org:443/caniuse-lite/1.0.30001110
  proxy | 2020/08/04 13:08:18 200 https://registry.npmjs.org:443/caniuse-lite/1.0.30001110
updater | INFO <job_44411994> Latest version is 1.0.30001110
  proxy | ...
updater | INFO <job_44411994> Requirements to unlock own
  proxy | 2020/08/04 13:13:11 GET https://registry.npmjs.org:443/katex
  proxy | 2020/08/04 13:13:11 200 https://registry.npmjs.org:443/katex
updater | INFO <job_44411994> Requirements update strategy widen_ranges
updater | INFO <job_44411994> Updating caniuse-lite from 1.0.30001109 to 1.0.30001110
  proxy | ...
updater | INFO <job_44411994> Submitting caniuse-lite pull request for creation
@ylemkimon ylemkimon added the T: bug 🐞 Something isn't working label Aug 4, 2020
@ylemkimon
Copy link
Author

Duplicate of #2030.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
T: bug 🐞 Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ylemkimon