Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using yarn but ignoring lockfile #95

Open
simonihmig opened this issue May 20, 2021 · 6 comments
Open

Using yarn but ignoring lockfile #95

simonihmig opened this issue May 20, 2021 · 6 comments

Comments

@simonihmig
Copy link

Given a project with a yarn.lock and calling the action with useLockFile: false, I was surprised that it actually runs npm install, instead of yarn --no-lockfile. I would have expected the latter.

This seems to be intentional, looking at this code, but I wonder why?
simonihmig added a commit to ember-bootstrap/ember-bootstrap that referenced this issue May 20, 2021
@simonihmig
Revert floating deps
5f41a16 
Seems broken, see bahmutov/npm-install#95
@YenHub
Copy link
Contributor

YenHub commented Jun 20, 2021

@bahmutov - is this by design or can I open an MR to address this?

@bahmutov
Copy link
Owner

bahmutov commented Jun 20, 2021 via email

@YenHub YenHub mentioned this issue Jun 21, 2021
Merged
@YenHub
Copy link
Contributor

YenHub commented Jun 21, 2021

I have opened a pull request which hopefully addresses this issue.

Let me know how it goes!

#102

simonihmig added a commit to simonihmig/ember-stargate that referenced this issue Oct 15, 2021
@simonihmig
Update bahmutov/[email protected]
af12f48 
Hopefully fixing bahmutov/npm-install#95 and thus failing CI due to the `socket.io` issue, as npm does take `resolutions` into account.
@simonihmig simonihmig mentioned this issue Oct 15, 2021
Closed
@simonihmig
Copy link
Author

@YenHub Thanks for tackling this! I have finally tried this, but still see the same (wrong) behavior (see https://github.com/kaliber5/ember-stargate/pull/322/checks?check_run_id=3905655494#step:4:40).

However it seems to me the action is not actually using the latest code, as the dist/index.js files has been last updated 9 month ago! @bahmutov seems your automated publishing workflow isn't compiling the action automatically, so how is this supposed to work?

Another point: I think for the lockfile to be ignored, yarn has to run with the --no-lockfile option. So shouldn't this line be like follows?

const args = shouldUsePackageLock ? ['--frozen-lockfile'] : ['--no-lockfile']

@YenHub
Copy link
Contributor

YenHub commented Oct 15, 2021

Thanks @simonihmig for your update

RE:

const args = shouldUsePackageLock ? ['--frozen-lockfile'] : ['--no-lockfile']

Where an empty array is passed into exec as args, no args are presented, therefore Yarn will run with it's default behaviour, that is, no lock file behaviour.

You effectively end up with:-

return exec.exec(quote(yarnPath), [], options)

@simonihmig
Copy link
Author

Where an empty array is passed into exec as args, no args are presented, therefore Yarn will run with it's default behaviour, that is, no lock file behaviour.

I understand that, but the default behavior of yarn is to take the lockfile into account!? (at least that is for yarn v1)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@simonihmig @bahmutov @YenHub