Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ERR_PNPM_FROZEN_LOCKFILE_WITH_OUTDATED_LOCKFILE  Cannot perform a frozen installation because the lockfile needs updates #6307

Closed
XiaoBaiClassmate opened this issue Mar 29, 2023 · 8 comments

Comments

@XiaoBaiClassmate
Copy link

pnpm version:8.0.0

Code to reproduce the issue:pnpm install

Expected behavior:Work as usual

Actual behavior: 

ERR_PNPM_FROZEN_LOCKFILE_WITH_OUTDATED_LOCKFILE  Cannot perform a frozen installation because the lockfile needs updates
Note that in CI environments this setting is true by default. If you still need to run install in such cases, use "pnpm install --no-frozen-lockfile"

Additional information:

  • node -v prints:18.12.1
  • Windows, macOS, or Linux?:Windows

Upgrading from 7.30.5 to 8.0.0 causes an error, and the fallback version works fine

@await-ovo
Copy link
Member

related #6304

@MikeMcC399
Copy link

MikeMcC399 commented Mar 29, 2023

This behaviour breaks CI workflows.

Problem

Using

pnpm install --frozen-lockfile

pnpm 8.0.0 rejects pnpm-lock.yaml with lockfileVersion: 5.4 generated by pnpm 7.30.5

which breaks CI workflows

Expected

pnpm 8.0.0 should accept pnpm-lock.yaml with lockfileVersion: 5.4 generated by pnpm 7.30.5

Steps to reproduce

mkdir pnpm8-test
cd pnpm8-test
npm install pnpm@7 -g
pnpm -v
pnpm install webpack
grep lockfileVersion pnpm-lock.yaml
pnpm install --frozen-lockfile

produces

changed 1 package in 1s
7.30.5
Packages: +77
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Packages are hard linked from the content-addressable store to the virtual store.
  Content-addressable store is at: D:\.pnpm-store\v3
  Virtual store is at:             node_modules/.pnpm
Progress: resolved 77, reused 77, downloaded 0, added 77, done

dependencies:
+ webpack 5.76.3

Done in 5.5s
lockfileVersion: 5.4
Lockfile is up to date, resolution step is skipped
Already up to date
Done in 1.4s

Now updating to pnpm 8.0.0

npm install pnpm@8 -g
pnpm -v
pnpm install --frozen-lockfile

produces an error message

changed 1 package in 1s
8.0.0
 ERR_PNPM_FROZEN_LOCKFILE_WITH_OUTDATED_LOCKFILE  Cannot perform a frozen installation because the lockfile needs updates

Note that in CI environments this setting is true by default. If you still need to run install in such cases, use "pnpm install --no-frozen-lockfile"

The solution is to re-install using pnpm 8.0.0

pnpm install webpack
grep lockfileVersion pnpm-lock.yaml
pnpm install --frozen-lockfile

which shows success

Packages: +4 -4
++++----
Progress: resolved 77, reused 77, downloaded 0, added 0, done
Done in 773ms
lockfileVersion: '6.0'
Lockfile is up to date, resolution step is skipped
Already up to date
Done in 574ms

@MikeMcC399
Copy link

https://github.com/pnpm/pnpm/releases/tag/v8.0.0 contains the text:

Migration Instructions

"Before updating pnpm to v8 in your CI, regenerate your pnpm-lock.yaml. To upgrade your lockfile, run pnpm install and commit the changes. Existing dependencies will not be updated; however, due to configuration changes in pnpm v8, some missing peer dependencies may be added to the lockfile and some packages may get deduplicated.

You can commit the new lockfile even before upgrading Node.js in the CI, as pnpm v7 already supports the new lockfile format."

so it appears that this issue is not a bug, but intended breaking behaviour. This is different to how npm has worked, where later versions supported earlier lockfile formats.


Unfortunately when using the GitHub pnpm/action-setup with version: latest then pnpm 8.0.0 was installed and used automatically, breaking the CI workflow.

In my instance I modified this to specify version: 7 instead. I would plan to keep it this way until Node.js 14 is no longer generally supported after end of April 2023 (see https://github.com/nodejs/release#release-schedule) when I would plan to write version: 8 instead.

      - name: Install pnpm
        uses: pnpm/action-setup@v2
        with:
          version: latest

@zkochan
Copy link
Member

zkochan commented Mar 29, 2023

In our docs we everywhere suggest to pin the major version of pnpm for CI

https://pnpm.io/continuous-integration

@MikeMcC399
Copy link

@zkochan

In our docs we everywhere suggest to pin the major version of pnpm for CI

Thanks for your feedback!

I have changed the example in README: cypress-io/github-action: pnpm to the following and it is all working again!


pnpm

The package manager pnpm is not pre-installed in GitHub Actions runner images (unlike npm and yarn): to install pnpm include pnpm/action-setup in your workflow. If the action finds a pnpm-lock.yaml file, it uses the pnpm command pnpm install --frozen-lockfile by default to install dependencies.

name: example-basic-pnpm
on: push
jobs:
  basic-pnpm:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Install pnpm
        uses: pnpm/action-setup@v2
        with:
          version: 7
      - name: Cypress run
        uses: cypress-io/github-action@v5
        with:
          working-directory: examples/basic-pnpm

pnpm example

@chaderenyore
Copy link

This behaviour breaks CI workflows.

Problem

Using

pnpm install --frozen-lockfile

pnpm 8.0.0 rejects pnpm-lock.yaml with lockfileVersion: 5.4 generated by pnpm 7.30.5

which breaks CI workflows

Expected

pnpm 8.0.0 should accept pnpm-lock.yaml with lockfileVersion: 5.4 generated by pnpm 7.30.5

Steps to reproduce

mkdir pnpm8-test
cd pnpm8-test
npm install pnpm@7 -g
pnpm -v
pnpm install webpack
grep lockfileVersion pnpm-lock.yaml
pnpm install --frozen-lockfile

produces

changed 1 package in 1s
7.30.5
Packages: +77
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Packages are hard linked from the content-addressable store to the virtual store.
  Content-addressable store is at: D:\.pnpm-store\v3
  Virtual store is at:             node_modules/.pnpm
Progress: resolved 77, reused 77, downloaded 0, added 77, done

dependencies:
+ webpack 5.76.3

Done in 5.5s
lockfileVersion: 5.4
Lockfile is up to date, resolution step is skipped
Already up to date
Done in 1.4s

Now updating to pnpm 8.0.0

npm install pnpm@8 -g
pnpm -v
pnpm install --frozen-lockfile

produces an error message

changed 1 package in 1s
8.0.0
 ERR_PNPM_FROZEN_LOCKFILE_WITH_OUTDATED_LOCKFILE  Cannot perform a frozen installation because the lockfile needs updates

Note that in CI environments this setting is true by default. If you still need to run install in such cases, use "pnpm install --no-frozen-lockfile"

The solution is to re-install using pnpm 8.0.0

pnpm install webpack
grep lockfileVersion pnpm-lock.yaml
pnpm install --frozen-lockfile

which shows success

Packages: +4 -4
++++----
Progress: resolved 77, reused 77, downloaded 0, added 0, done
Done in 773ms
lockfileVersion: '6.0'
Lockfile is up to date, resolution step is skipped
Already up to date
Done in 574ms

Thanks for the reply, the solution fixed the issue. Just to point out though to others, it must not always be Webpack, you can install another dependency. As for me, I installed nuxt-icons which will come in handy for my project and then proceeded with it. Works well too

@zkochan
Copy link
Member

zkochan commented Jun 14, 2023

pnpm was updated to print more info, when this error happens. Related PR: #6557

@jakebanks
Copy link

jakebanks commented Oct 12, 2023

Looks like I need to reinstall a package to get the lockfile to migrate - running pnpm i with an up to date lockfile didn't migrate the lockfile for me like I expected

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

6 participants