renovatebot · rarkins · Apr 13, 2017 · Feb 15, 2017 · Feb 15, 2017 · Feb 21, 2017
diff --git a/docs/configuration.md b/docs/configuration.md
@@ -56,24 +56,25 @@ $ node renovate --help
 
   Options:
 
-    -h, --help                    output usage information
-    --enabled [boolean]           Enable or disable renovate
-    --onboarding [boolean]        Require a Configuration PR first
-    --platform <string>           Platform type of repository
-    --endpoint <string>           Custom endpoint to use
-    --token <string>              Repository Auth Token
-    --package-files <list>        Package file paths
-    --dep-types <list>            Dependency types
-    --ignore-deps <list>          Dependencies to ignore
-    --ignore-future [boolean]     Ignore versions tagged as "future"
-    --ignore-unstable [boolean]   Ignore versions with unstable semver
-    --respect-latest [boolean]    Ignore versions newer than npm "latest" version
-    --recreate-closed [boolean]   Recreate PRs even if same ones were closed previously
-    --rebase-stale-prs [boolean]  Rebase stale PRs (GitHub only)
-    --labels <list>               Labels to add to Pull Request
-    --assignees <list>            Assignees for Pull Request
-    --reviewers <list>            Requested reviewers for Pull Requests (GitHub only)
-    --log-level <string>          Logging level
+    -h, --help                      output usage information
+    --enabled [boolean]             Enable or disable renovate
+    --onboarding [boolean]          Require a Configuration PR first
+    --platform <string>             Platform type of repository
+    --endpoint <string>             Custom endpoint to use
+    --token <string>                Repository Auth Token
+    --package-files <list>          Package file paths
+    --dep-types <list>              Dependency types
+    --ignore-deps <list>            Dependencies to ignore
+    --ignore-future [boolean]       Ignore versions tagged as "future"
+    --ignore-unstable [boolean]     Ignore versions with unstable semver
+    --respect-latest [boolean]      Ignore versions newer than npm "latest" version
+    --recreate-closed [boolean]     Recreate PRs even if same ones were closed previously
+    --rebase-stale-prs [boolean]    Rebase stale PRs (GitHub only)
+    --labels <list>                 Labels to add to Pull Request
+    --assignees <list>              Assignees for Pull Request
+    --reviewers <list>              Requested reviewers for Pull Requests (GitHub only)
+    --maintain-yarn-lock [boolean]  Keep yarn.lock updated in main branch (no monorepo support)
+    --log-level <string>            Logging level
 
   Examples:
 
@@ -126,4 +127,5 @@ Obviously, you can't set repository or package file location with this method.
 | `labels` | Labels to add to Pull Request | list | `[]` | `RENOVATE_LABELS` | `--labels` |
 | `assignees` | Assignees for Pull Request | list | `[]` | `RENOVATE_ASSIGNEES` | `--assignees` |
 | `reviewers` | Requested reviewers for Pull Requests (GitHub only) | list | `[]` | `RENOVATE_REVIEWERS` | `--reviewers` |
+| `maintainYarnLock` | Keep yarn.lock updated in main branch (no monorepo support) | boolean | `false` | `RENOVATE_MAINTAIN_YARN_LOCK` | `--maintain-yarn-lock` |
 | `logLevel` | Logging level | string | `"info"` | `LOG_LEVEL` | `--log-level` |
diff --git a/lib/config/definitions.js b/lib/config/definitions.js
@@ -131,6 +131,13 @@ const options = [
     description: 'Requested reviewers for Pull Requests (GitHub only)',
     type: 'list',
   },
+  // Yarn options
+  {
+    name: 'maintainYarnLock',
+    description: 'Keep yarn.lock updated in main branch (no monorepo support)',
+    type: 'boolean',
+    default: false,
+  },
   // Debug options
   {
     name: 'logLevel',

diff --git a/lib/helpers/yarn.js b/lib/helpers/yarn.js
@@ -20,7 +20,10 @@ async function generateLockFile(newPackageJson, npmrcContent, yarnrcContent) {
     if (yarnrcContent) {
       fs.writeFileSync(path.join(tmpDir.name, '.yarnrc'), yarnrcContent);
     }
-    cp.spawnSync('yarn', ['install'], { cwd: tmpDir.name });
+    logger.debug('Spawning yarn install');
+    const result = cp.spawnSync('yarn', ['install'], { cwd: tmpDir.name });
+    logger.debug(String(result.stdout));
+    logger.debug(String(result.stderr));
     yarnLock = fs.readFileSync(path.join(tmpDir.name, 'yarn.lock'));
   } catch (error) {
     tmpDir.removeCallback();

diff --git a/lib/worker.js b/lib/worker.js
@@ -1,4 +1,5 @@
 const logger = require('winston');
+const path = require('path');
 const stringify = require('json-stringify-pretty-compact');
 const githubApi = require('./api/github');
 const gitlabApi = require('./api/gitlab');
@@ -54,10 +55,38 @@ async function processPackageFile(repoName, packageFile, packageConfig) {
   // Find all upgrades for remaining dependencies
   const upgrades = await findUpgrades(dependencies, config);
   // Process all upgrades sequentially
+  if (config.maintainYarnLock) {
+    await maintainYarnLock(config);
+  }
   await processUpgradesSequentially(config, upgrades);
   logger.info(`${repoName} ${packageFile} done`);
 }
 
+async function maintainYarnLock(inputConfig) {
+  const packageContent = await inputConfig.api.getFileContent(inputConfig.packageFile);
+  const yarnLockFileName = path.join(path.dirname(inputConfig.packageFile), 'yarn.lock');
+  logger.debug(`Checking for ${yarnLockFileName}`);
+  const existingYarnLock = await inputConfig.api.getFileContent(yarnLockFileName);
+  if (!existingYarnLock) {
+    return;
+  }
+  logger.debug('Found existing yarn.lock file');
+  const newYarnLock = await branchWorker.getYarnLockFile(packageContent, inputConfig);
+  if (existingYarnLock === newYarnLock.contents) {
+    logger.debug('Yarn lock file does not need updating');
+    return;
+  }
+  logger.debug('Yarn lock needs updating');
+  const commitMessage = 'Renovate yarn.lock file';
+  // API will know whether to create new branch or not
+  const params = Object.assign({}, inputConfig);
+  params.branchName = 'renovate/yarn-lock';
+  params.prTitle = 'Renovate yarn.lock file';
+  params.prBody = 'This PR regenerates yarn.lock files based on the existing `package.json` files.';
+  await inputConfig.api.commitFilesToBranch(params.branchName, [newYarnLock], commitMessage);
+  prWorker.ensurePr(params);
+}
+
 async function findUpgrades(dependencies, inputConfig) {
   const allUpgrades = [];
   // findDepUpgrades can add more than one upgrade to allUpgrades

diff --git a/readme.md b/readme.md
@@ -38,24 +38,25 @@ $ node renovate --help
 
   Options:
 
-    -h, --help                    output usage information
-    --enabled [boolean]           Enable or disable renovate
-    --onboarding [boolean]        Require a Configuration PR first
-    --platform <string>           Platform type of repository
-    --endpoint <string>           Custom endpoint to use
-    --token <string>              Repository Auth Token
-    --package-files <list>        Package file paths
-    --dep-types <list>            Dependency types
-    --ignore-deps <list>          Dependencies to ignore
-    --ignore-future [boolean]     Ignore versions tagged as "future"
-    --ignore-unstable [boolean]   Ignore versions with unstable semver
-    --respect-latest [boolean]    Ignore versions newer than npm "latest" version
-    --recreate-closed [boolean]   Recreate PRs even if same ones were closed previously
-    --rebase-stale-prs [boolean]  Rebase stale PRs (GitHub only)
-    --labels <list>               Labels to add to Pull Request
-    --assignees <list>            Assignees for Pull Request
-    --reviewers <list>            Requested reviewers for Pull Requests (GitHub only)
-    --log-level <string>          Logging level
+    -h, --help                      output usage information
+    --enabled [boolean]             Enable or disable renovate
+    --onboarding [boolean]          Require a Configuration PR first
+    --platform <string>             Platform type of repository
+    --endpoint <string>             Custom endpoint to use
+    --token <string>                Repository Auth Token
+    --package-files <list>          Package file paths
+    --dep-types <list>              Dependency types
+    --ignore-deps <list>            Dependencies to ignore
+    --ignore-future [boolean]       Ignore versions tagged as "future"
+    --ignore-unstable [boolean]     Ignore versions with unstable semver
+    --respect-latest [boolean]      Ignore versions newer than npm "latest" version
+    --recreate-closed [boolean]     Recreate PRs even if same ones were closed previously
+    --rebase-stale-prs [boolean]    Rebase stale PRs (GitHub only)
+    --labels <list>                 Labels to add to Pull Request
+    --assignees <list>              Assignees for Pull Request
+    --reviewers <list>              Requested reviewers for Pull Requests (GitHub only)
+    --maintain-yarn-lock [boolean]  Keep yarn.lock updated in main branch (no monorepo support)
+    --log-level <string>            Logging level
 
   Examples: