New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependency resolution not deterministic #6154
Comments
The lockfile got messed up every time I install or update some dependency. I have to delete the lock file and I guess pretty soon even that will stop working and I'll be completely stucked. |
This is happening very often to me. |
try v8.0.0-rc.1 or v7.30.4 |
@unional can you confirm that your issue has been fixed? |
It happens to my work repo, not in OSS, so will check it tomorrow. |
@unional were you able to check it? |
I'm validating this, using 7.30.5. I'm running '@typescript-eslint/eslint-plugin':
specifier: ^5.54.1
- version: 5.56.0(@typescript-eslint/parser@5.56.0)(eslint@8.36.0)(typescript@4.9.5)
+ version: 5.56.0(@typescript-eslint/parser@5.57.0)(eslint@8.36.0)(typescript@4.9.5)
eslint-plugin-harmony:
specifier: ^7.1.1
- version: 7.1.2(@typescript-eslint/eslint-plugin@5.56.0)(eslint-config-prettier@8.8.0)(eslint@8.36.0)(typescript@4.9.5)
+ version: 7.1.2(@typescript-eslint/eslint-plugin@5.57.0)(eslint-config-prettier@8.8.0)(eslint@8.36.0)(typescript@4.9.5)
/@storybook/client-logger@7.0.0-rc.7:
- resolution: {integrity: sha1-ivPqyXGd4YdP8GAQXcKKW9cGjKE=, tarball: https://art.code.pan.run:443/artifactory/api/npm/npm-panvirt/@storybook/client-logger/-/client-logger-7.0.0-rc.7.tgz}
+ resolution: {integrity: sha1-UisEGG5CDa7eK8sjD9NrHEYTJQE=, tarball: https://art.code.pan.run:443/artifactory/api/npm/npm-panvirt/@storybook/client-logger/-/client-logger-7.0.0-rc.8.tgz}
I don't expect other dependencies to be changed. If I update the package.json manually and run The dependency I'm updating has nothing to do with |
Some of the changes are add and remove of /@formatjs/ecma402-abstract@1.7.0:
- resolution: {integrity: sha512-0IQF4oDZdO8ruyrNJZuRle3F/YiGgRwTNrZyMI1N1X8GERZusOrXU9Stw+j/lyyfDWaJK44b+Qnri/qfLPCtGQ==, tarball: <some-url>}
+ resolution: {integrity: sha512-0IQF4oDZdO8ruyrNJZuRle3F/YiGgRwTNrZyMI1N1X8GERZusOrXU9Stw+j/lyyfDWaJK44b+Qnri/qfLPCtGQ==}
dependencies:
tslib: 2.5.0
/react-docgen-typescript@2.2.2(typescript@4.9.5):
- resolution: {integrity: sha1-RhEFXlae3AcSBKrbIOHJPhqxZZw=}
+ resolution: {integrity: sha1-RhEFXlae3AcSBKrbIOHJPhqxZZw=, tarball: <some-url>}
peerDependencies:
typescript: '>= 4.3.x'
dependencies:
typescript: 4.9.5
dev: true |
/react-intl@5.25.1(react@16.14.0)(typescript@4.9.5):
- resolution: {integrity: sha1-aKc678SFyb9wBiOBrn9vR5FoCHk=, tarball: <some-url>}
+ resolution: {integrity: sha1-aKc678SFyb9wBiOBrn9vR5FoCHk=}
peerDependencies:
react: ^16.3.0 || 17 || 18
typescript: ^4.5
+ peerDependenciesMeta:
+ typescript:
+ optional: true
/uni-require@0.0.1(@types/node@18.15.7):
resolution: {integrity: sha1-C8EXUUVgWNhmuRMZWyFxLn0nObw=}
peerDependencies:
'@types/node': '*'
dependencies:
'@types/node': 18.15.7
+ dev: false |
One good thing is this time it doesn't cause Will continue to monitor to see if that happens again or not. |
FYI it still happens with 7.30.5 and 8.1.0 |
@zkochan can you reopen this? It is still happening in 8.2.0 you can see that
But the build error shows there is
When running |
Or reopen this one. That's the one I originally mentioned about the webpack compilation error: |
Same problems here. Doing updates of a single dependency in a workspaces setting causes unrelated updates all over the place, including running into the same webpack problem with multiple versions. @unional how did you solve this? |
I'm doing workarounds like this: pnpm up -r abc // webpack is out of sync
pnpm up -r webpack // realign webpack It is not optimal as there can be other packages that are affected by this. |
@unional We found out that manually changing a dependency version in a /cc @zkochan |
Thanks! Sometimes I need to update multiple projects using wildcards. Maybe in that case, I can do revert and install. Will need to try that to see if it gets the same result. i.e.: pnpm up -r "@just-web/*"
git reset pnpm-lock.yaml
pnpm i |
Unfortunately, I've confirmed that neither workaround works 100% of the time. I have this case where I upgraded some dependencies, undo the changes in the lock file, even nuke the |
This still happening on |
pnpm version:
7.28.0 with lockfile v6
Code to reproduce the issue:
I was work on this: #5585 (comment)
I delete the lockfile and node_modules folder and start again,
this time it resolves the dependency issue.
I then remove the
overrides
field and test how it works.When I look at the lock file, I saw many changes.
I was expecting it just remove the overrides and maybe adjust (mess up) dependencies related to webpack.
But I found changes like these:
Actual behavior:
Since the actual version installed is the same (they are the latest),
the resolution really should stay the same.
Additional information:
node -v
prints:v16.19.0
The text was updated successfully, but these errors were encountered: