Renovate: Yarn.lock file is almost never updated in dependency update PRs

Created on 27 Jun 2018 · 4Comments · Source: renovatebot/renovate

What Renovate type are you using?
Renovate GitHub App

Describe the bug
We have a repository using yarn workspaces (but not lerna) with the following config:

  "workspaces": [
    "packages/*",
    "app/"
  ],
  "renovate": {
    "extends": ["config:base"],
    "semanticPrefix": "chore:",
    "lockFileMaintenance": {
      "enabled": true
    },
    "updateLockFiles": true,
    "prCreation": "not-pending",
    "packageRules": [
      {
        "packagePatterns": ["^@types/"],
        "automerge": true
      }
    ]
  },

Most PRs only change the dependency version in the package.json.
By looking at the recently closed PRs we can see that only one has an updated yarn.lock as well:

https://github.com/foosbyte/kicker-trainer/pull/130 (no updates to yarn.lock)
https://github.com/foosbyte/kicker-trainer/pull/129 (no updates to yarn.lock)
https://github.com/foosbyte/kicker-trainer/pull/128 (no updates to yarn.lock)
https://github.com/foosbyte/kicker-trainer/pull/126 (yarn.lock has been updated)
https://github.com/foosbyte/kicker-trainer/pull/125 (no updates to yarn.lock)

Expected behavior
Every update PR should have an updated lock file as well.

Additional context
I looked at the related issues: #1654 and #2108 - The first one doesn't seem likely as the lock files in our PRs only get updated once in about every 20 PRs or so. The other issue might be related - but we are not using lerna as we are building an application and not publishable packages.

npm priority-2-important bug

Source

ZauberNerd

All 4 comments

Thanks for raising the issue. It doesn’t sound like the same problem as previous issues. I’ll look into it soon to determine what’s going wrong.

rarkins on 27 Jun 2018

:tada: This issue has been resolved in version 13.0.4 :tada:

The release is available on:

Your semantic-release bot :package::rocket:

renovate-bot on 27 Jun 2018

❤1

Wow, thank you for such quick work!

ZauberNerd on 27 Jun 2018

@ZauberNerd you're welcome, and thanks for the detailed bug report that helped me track it down easily.

FYI, the problem was with the app/package.json only - lock files were being updated fine for the rest. More specifically, we were failing to match it to the "app/" pattern in your workspaces array as minimatch seemed to want an exact match or a /* pattern to match it. I tested it against a fork of your repo to verify it and it's now live in the app, so future PRs should hopefully be all fine for you.

rarkins on 27 Jun 2018

❤1

Was this page helpful?

0 / 5 - 0 ratings