Renovate: Dependency update PR didn't update yarn.lock

Created on 13 Mar 2018  路  5Comments  路  Source: renovatebot/renovate

This is a:

  • [X] Bug report (non-security related)
  • [ ] Feature request
  • [ ] I'm not sure which of those it is

I'm using:

  • [X] The Renovate GitHub App
  • [ ] Self-hosted GitHub
  • [ ] Self-hosted GitLab
  • [ ] Self-hosted VSTS

Please describe the issue:

Hi!

A recent PR updated the popper.js dependency, however didn't update yarn.lock, causing the Travis run to fail:
https://github.com/mozilla/treeherder/pull/3333

priority-2-important bug
Source
picture edmorley

Most helpful comment

@edmorley I'll check this one out today

picture rarkins on 13 Mar 2018
2

All 5 comments

@edmorley I'll check this one out today

rarkins picture rarkins on 13 Mar 2018
2

Relevant server logs:

{"name":"renovate","level":30,"repository":"mozilla/treeherder","branch":"renovate/popper.js-1.x","dependencies":["popper.js"],"err":{"name":"ChildProcessError","code":1,"childProcess":{},"stdout":"yarn install v1.5.1\n[1/4] Resolving packages...\ninfo If you think this is a bug, please open a bug report with the information provided in \"/tmp/tmp-10YNmRG2GnJau/yarn-error.log\".\ninfo Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command.\n","stderr":"error An unexpected error occurred: \"Couldn't find any versions for \\\"popper.js\\\" that matches \\\"1.14.0\\\"\".\n"},"msg":"yarn install error","time":"2018-03-12T14:48:29.328Z"}
{"name":"renovate","level":20,"repository":"mozilla/treeherder","branch":"renovate/popper.js-1.x","dependencies":["popper.js"],"msg":"No updated lock files in branch","time":"2018-03-12T14:48:29.328Z"}
{"name":"renovate","level":20,"repository":"mozilla/treeherder","branch":"renovate/popper.js-1.x","dependencies":["popper.js"],"msg":"1 file(s) to commit","time":"2018-03-12T14:48:29.328Z"}

Particularly:

error An unexpected error occurred: \"Couldn't find any versions for \\\"popper.js\\\" that matches \\\"1.14.0\\\"\"
  1. Yarn failed to find the (very recently published) [email protected].
  2. We failed to detect that yarn had an error, so did not warn in the PR

I noticed it a lot in the past, but (1) is a problem that yarn's registry is not meant to still be having because they are just a "proxy". Maybe npmjs caused the problem but we can't know.

(2) is a problem I should be able to reproduce by hardcoding a version of a dependency I know doesn't exist into our lookup function and observing if I get the same.

If I can reproduce it, I will add code to abort the PR creation whenever we find a log from yarn mentioning that the dependency we're upgrading can't be found, because that should be a "transient" error that self-repairs on the next run once yarn/npmjs registry fixes itself.

If you like, you can rename and close your PR now, in order to (hopefully) get a working PR.

rarkins picture rarkins on 13 Mar 2018

Will do! Thank you for investigating :-)

edmorley picture edmorley on 13 Mar 2018

Updated analysis: this problem is not because we missed the "yarn install" exit code, but instead because at the time of branch creation we skipped PR creation due to prCreation=not-pending and hence the transient lock file error log was "lost". Solution: raise PRs immediately if we know there was a lock file error.

rarkins picture rarkins on 15 Mar 2018

:tada: This issue has been resolved in version 11.36.8 :tada:

The release is available on:

Your semantic-release bot :package::rocket:

renovate-bot picture renovate-bot on 15 Mar 2018
1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Flydiverny picture Flydiverny  路  4Comments
jeromelachaud picture jeromelachaud  路  3Comments
rarkins picture rarkins  路  3Comments
Flydiverny picture Flydiverny  路  4Comments
OmgImAlexis picture OmgImAlexis  路  4Comments