yarn upgrade does not store specific version in lockfile

Created on 4 Nov 2016  ยท  9Comments  ยท  Source: yarnpkg/yarn

Do you want to request a feature or report a bug?
Bug

What is the current behavior?

  1. We have package.json
{
  "dependencies": {
    "lodash": "4.15.0"
  }
}
  1. Run yarn install creates a correct yarn.lock
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
# yarn lockfile v1
[email protected]:
  version "4.15.0"
  resolved lodash-4.15.0.tgz#3162391d8f0140aa22cf8f6b3c34d6b7f63d3aa9
  1. I want to update lodash:
$ yarn upgrade lodash
yarn upgrade v0.16.1
warning react-native: No license field
[1/4] ๐Ÿ”  Resolving packages...
[2/4] ๐Ÿšš  Fetching packages...
[3/4] ๐Ÿ”—  Linking dependencies...
[4/4] ๐Ÿ“ƒ  Building fresh packages...
success Saved lockfile.
success Saved 1 new dependency
โ””โ”€ [email protected]
โœจ  Done in 0.89s.

package.json got updated correctly

{
  "dependencies": {
    "lodash": "^4.16.6"
  }
}

But yarn.lock contains lodash without version specifier

# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
# yarn lockfile v1
lodash:
  version "4.16.6"
  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.6.tgz#d22c9ac660288f3843e16ba7d2b5d06cca27d777"

What is the expected behavior?

Yarn lock must have version lodash@^4.16.6 after yarn upgrade lodash as it does for package.json

Please mention your node.js, yarn and operating system version.
Latest release [email protected]

cat-bug
Source
picture bestander

All 9 comments

This was not caught by yarn install - lockfile did not get updated and yarn check.
A way around this for now:

yarn update <package>@^<version>
bestander picture bestander on 4 Nov 2016

I'll take a look at this now. I noticed when I was working on #1620 but didn't think nothing of it.

wyze picture wyze on 4 Nov 2016
🎉1

There should be code in there to handle this.

sebmck picture sebmck on 4 Nov 2016

Same issue with yarn add command

bestander picture bestander on 4 Nov 2016
👍1

Something broke then since I definently remember fixing this for yarn add.

sebmck picture sebmck on 4 Nov 2016
👍1

Ok, a fix must have tests then

bestander picture bestander on 4 Nov 2016

Identified and fixed the issue, working on some tests now and will have a PR incoming soon!

wyze picture wyze on 4 Nov 2016
👍1

This isn't fixed. I've run upgrade several times now on a couple private modules and while the initial upgrade command pulls down the newer module the yarn.lock doesn't get updated and for some reason old versions of the modules keep getting pulled back down.......even after running yarn cache clean.

keeleycarrigan picture keeleycarrigan on 23 Mar 2017
👍1

@keeleycarrigan, I recommend opening a new issue with repro steps

bestander picture bestander on 7 Apr 2017
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ocolot picture ocolot  ยท  3Comments
baptistelebail picture baptistelebail  ยท  3Comments
AzGoalie picture AzGoalie  ยท  3Comments
seansfkelley picture seansfkelley  ยท  3Comments
Ambroos picture Ambroos  ยท  3Comments