Giters

renovatebot / config-help

Please use the Discussions feature of https://github.com/renovatebot/renovate instead

Home Page:https://github.com/renovatebot/renovate/discussions

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Adhoc Refresh Lockfile

JordanSinko opened this issue · comments

commented

Which Renovate are you using?

WhiteSource Renovate App

Which platform are you using?

GitHub.com

Have you checked the logs? Don't forget to include them if relevant

Renovate config for Lerna monorepo:

{
  "extends": ["config:base", ":prConcurrentLimitNone", ":pinVersions"],
  "lockFileMaintenance": { "enabled": true }
}

What would you like to do?

There have been a few times when a dependency has been updated and the updates Renovate changes in yarn.lock breaks the build due to conflicting lockfile versions:

Conflicting versions of constructs in type system: previously loaded 3.2.23, trying to load 3.2.25

The specific example follows:

An update to constructs module correctly updated all package.json's (monorepo). The root yarn.lock was also updated from

constructs@3.2.23, constructs@^3.2.0:
  version "3.2.23"
  resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.2.23.tgz#c6eac61bcdc0ae8892e53f47998d8326280ed67e"
  integrity sha512-OjSkEKxPPHejROgAqwPvPRJ11nJWpt2dCIqYWdWyRMnpEu2FIbIJDeEcQuWKJB7gKIOqI0X8zhpsgoAqaiPCLA==

to:

constructs@3.2.25:
  version "3.2.25"
  resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.2.25.tgz#a54e72bda865b345b262c375408cf44bb719fc37"
  integrity sha512-CTjjeA2Lk71R0z0agDvaspcKB5WdwzeQgA8v30fSgqfX0xMj0DhJ6AcmCwWnVOvYUuTMnU7Qv05tcJKR4sSqwQ==

constructs@^3.2.0:
  version "3.2.23"
  resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.2.23.tgz#c6eac61bcdc0ae8892e53f47998d8326280ed67e"
  integrity sha512-OjSkEKxPPHejROgAqwPvPRJ11nJWpt2dCIqYWdWyRMnpEu2FIbIJDeEcQuWKJB7gKIOqI0X8zhpsgoAqaiPCLA==

As far as I could tell, nothing was using 3.2.23. I took the PR commit and regenerated the lockfile which resulted in

constructs@3.2.25, constructs@^3.2.0:
  version "3.2.25"
  resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.2.25.tgz#a54e72bda865b345b262c375408cf44bb719fc37"
  integrity sha512-CTjjeA2Lk71R0z0agDvaspcKB5WdwzeQgA8v30fSgqfX0xMj0DhJ6AcmCwWnVOvYUuTMnU7Qv05tcJKR4sSqwQ==

This leads me to my question.. Is there an option to attempt a refresh of the lockfile via a checkbox/command like the retry/rebase? Can this be done via config if the build is failing?

Thanks and love the tool!!

commented

If you enable the dependencyDashboard issue/feature then you will be able to trigger the lock file maintenance PR any time on-demand. See https://togithub.com/renovatebot/renovate/issues/2958 for an example. So then the following would be possible:

  • You get a PR like that which has incompatibilities
  • You trigger a lock file maintenance PR from the dashboard to completely refresh the main branch locked versions and merge it
  • Assuming the merging causes a conflict in the first PR, Renovate will automatically rebase it. If not then click the rebase/retry button
  • Hopefully the original PR is now got compatible versions
commented

Love it! Thanks!