pnpm `--recursive` flag in non-monorepo causes unwanted 'link:' version #22458

karlhorky · 2023-05-27T16:15:37Z

karlhorky
May 27, 2023

How are you running Renovate?

Mend Renovate hosted app on github.com

If you're self-hosting Renovate, tell us what version of Renovate you run.

No response

If you're self-hosting Renovate, select which platform you are using.

None

If you're self-hosting Renovate, tell us what version of the platform you run.

No response

Was this something which used to work for you, and then stopped?

I never saw this working

Wanted end result.

I originally reported this issue over at #22457 but auto-closed from the bot 😫

Given a repo package that:

Uses pnpm
Refers to itself in its dependencies
Is not a monorepo

...the version in the pnpm lockfile will be updated to 'link:'.

Example Renovate bot commit from update PR:

upleveled/eslint-plugin-upleveled@97d1a7c (#144)

Relevant part of the diff:

This can be problematic for tools like ESLint, which may not be able to resolve the dependency (see failed test run):

$ pnpm eslint . --max-warnings 0

Oops! Something went wrong! :(

ESLint: 8.41.0

ESLint couldn't find the plugin "eslint-plugin-upleveled".

(The package "eslint-plugin-upleveled" was not found when loaded as a Node module from the directory "/home/runner/work/eslint-plugin-upleveled/eslint-plugin-upleveled".)

It's likely that the plugin isn't installed correctly. Try reinstalling by running the following:

    npm install eslint-plugin-upleveled@latest --save-dev

The plugin "eslint-plugin-upleveled" was referenced from the config file in ".eslintrc.cjs » eslint-config-upleveled".

If you still can't figure out the problem, please stop by https://eslint.org/chat/help to chat with the team.

Error: Process completed with exit code 2.

As far as I have investigated, this occurs because of the --recursive flag for pnpm install that Renovate uses, added in this PR by @ianwalter (reviewed by @viceice):

feat(pnpm): Adding --recursive flag to pnpm install #6850

In the PR, @ExE-Boss brought up the concern that running pnpm install --recursive in non-monorepo may cause unwanted behavior - @zkochan replied that "This should be fine."

Apparently, in most cases it probably is fine (since there have not been many users reporting problems), but in this particular circumstance, it causes an issue.

Workaround (GitHub Actions workflow)

In this commit in the PR, I added the following step to my GitHub Actions workflow, to manually add back the package using pnpm add and then commit the result to Git:

    steps:
      - uses: actions/checkout@v4
        with:
          # Disable configuring $GITHUB_TOKEN in local git config
          persist-credentials: false
      - uses: pnpm/action-setup@v2
        with:
          version: 'latest'
      - name: Use Node.js
        uses: actions/setup-node@v4
        with:
          node-version: 'lts/*'
          cache: 'pnpm'
      - run: pnpm install

      # Fix Renovate running `pnpm install --recursive` causing `version: 'link:'` for eslint-plugin-upleveled
      # https://github.com/renovatebot/renovate/discussions/22458
      - name: Fix pnpm lockfile after Renovate pnpm --recursive
        run: |
          if sed -nE '/^\s+eslint-plugin-upleveled:\n\s+specifier: [0-9.-]+\n\s+version: '\''link:'\''$/q0' pnpm-lock.yaml; then
            echo "version: 'link:' found in pnpm-lock.yaml"
            pnpm add --save-dev eslint-plugin-upleveled
          else
            echo "version: 'link:' not found in pnpm-lock.yaml"
            exit 0
          fi

          git add package.json pnpm-lock.yaml
          if [ -z "$(git status --porcelain)" ]; then
            echo "No changes to commit, exiting"
            exit 0
          fi

          git config user.email github-actions[bot]@users.noreply.github.com
          git config user.name github-actions[bot]

          git commit -m "Fix pnpm lockfile after Renovate pnpm --recursive"

          # Credit for oauth2 syntax is the ad-m/github-push-action GitHub Action:
          # https://github.com/ad-m/github-push-action/blob/d91a481090679876dfc4178fef17f286781251df/start.sh#L43-L55
          git push https://oauth2:${{ secrets.PNPM_PATCH_UPDATE_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git HEAD:${{ github.ref }}

It creates new commits from the GitHub Actions bot account (example commit):

What you tried so far.

Described above

Relevant debug logs

Logs

DEBUG: No dangling containers to remove
INFO: Repository started
{
  "renovateVersion": "35.98.4"
}
DEBUG: Using localDir: /mnt/renovate/gh/upleveled/eslint-plugin-upleveled
DEBUG: PackageFiles.clear() - Package files deleted
DEBUG: initRepo("upleveled/eslint-plugin-upleveled")
DEBUG: Using queue: host=api.github.com, concurrency=10
DEBUG: upleveled/eslint-plugin-upleveled default branch = main
DEBUG: Using app token for git init
DEBUG: Repository cache is restored from revision 13
DEBUG: Resetting npmrc
DEBUG: checkOnboarding()
DEBUG: isOnboarded()
DEBUG: findPr(renovate/configure, Configure Renovate, !open)
DEBUG: getPrList success
{
  "pullsTotal": 129,
  "requestsTotal": 1,
  "apiQuotaAffected": true
}
DEBUG: Found PR #1
DEBUG: Checking cached config file name
DEBUG: Existing config file confirmed
DEBUG: Repository config
{
  "fileName": "renovate.json",
  "config": {
    "extends": [
      "github>karlhorky/renovate-config:default.json5"
    ],
    "packageRules": [
      {
        "matchDepTypes": [
          "peerDependencies"
        ],
        "rangeStrategy": "bump"
      }
    ]
  }
}
DEBUG: Repo is onboarded
DEBUG: migrateAndValidate()
DEBUG: No config migration necessary
DEBUG: massaged config
{
  "config": {
    "extends": [
      "github>whitesource/merge-confidence:beta",
      "github>karlhorky/renovate-config:default.json5"
    ],
    "packageRules": [
      {
        "matchDepTypes": [
          "peerDependencies"
        ],
        "rangeStrategy": "bump"
      }
    ]
  }
}
DEBUG: migrated config
{
  "config": {
    "extends": [
      "github>whitesource/merge-confidence:beta",
      "github>karlhorky/renovate-config:default.json5"
    ],
    "packageRules": [
      {
        "matchDepTypes": [
          "peerDependencies"
        ],
        "rangeStrategy": "bump"
      }
    ]
  }
}
DEBUG: Setting hostRules from config
DEBUG: Found repo ignorePaths
{
  "ignorePaths": [
    "**/node_modules/**",
    "**/bower_components/**",
    "**/vendor/**",
    "**/examples/**",
    "**/__tests__/**",
    "**/test/**",
    "**/tests/**",
    "**/__fixtures__/**"
  ]
}
DEBUG: Using queue: host=api.github.com, concurrency=10
DEBUG: No vulnerability alerts found
DEBUG: No vulnerability alerts found
DEBUG: findIssue(Dependency Dashboard)
DEBUG: Retrieving issueList
DEBUG: Retrieved 1 issues
DEBUG: Found issue 2
DEBUG: No baseBranches
DEBUG: extract()
DEBUG: Cached extract for sha=3cd4d43bd5b0a066304d4593255f8ca7fcb64379 is valid and can be used
DEBUG: Deleted cached dep updates
INFO: Dependency extraction complete
{
  "baseBranch": "main",
  "stats": {
    "managers": {
      "github-actions": {
        "fileCount": 1,
        "depCount": 3
      },
      "npm": {
        "fileCount": 1,
        "depCount": 6
      }
    },
    "total": {
      "fileCount": 2,
      "depCount": 9
    }
  }
}
DEBUG: Setting npmrc
DEBUG: PackageFiles.add() - Package file saved for base branch
{
  "baseBranch": "main"
}
DEBUG: Package releases lookups complete
{
  "baseBranch": "main"
}
DEBUG: branchifyUpgrades
DEBUG: detectSemanticCommits()
DEBUG: Initializing git repository into /mnt/renovate/gh/upleveled/eslint-plugin-upleveled
DEBUG: Performing blobless clone
DEBUG: git clone completed
{
  "durationMs": 848
}
DEBUG: latest repository commit
{
  "latestCommit": {
    "hash": "3cd4d43bd5b0a066304d4593255f8ca7fcb64379",
    "date": "2023-05-19T14:13:14+00:00",
    "message": "Update dependency upgrades - non-major (#143)",
    "refs": "HEAD -> main, origin/main, origin/HEAD",
    "body": "Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>\r\nCo-authored-by: Karl Horky <karl.horky@gmail.com>\r\n",
    "author_name": "renovate[bot]",
    "author_email": "29139614+renovate[bot]@users.noreply.github.com"
  }
}
DEBUG: getCommitMessages
DEBUG: semanticCommits: detected "unknown"
DEBUG: semanticCommits: disabled
DEBUG: 4 flattened updates found: @types/eslint, @types/node, eslint-config-upleveled, eslint
DEBUG: Returning 1 branch(es)
DEBUG: config.repoIsOnboarded=true
DEBUG: packageFiles with updates
{
  "baseBranch": "main",
  "config": {
    "github-actions": [
      {
        "deps": [
          {
            "autoReplaceStringTemplate": "{{depName}}@{{#if newDigest}}{{newDigest}}{{#if newValue}} # {{newValue}}{{/if}}{{/if}}{{#unless newDigest}}{{newValue}}{{/unless}}",
            "commitMessageTopic": "{{{depName}}} action",
            "currentValue": "v3",
            "currentVersion": "v3",
            "datasource": "github-tags",
            "depName": "actions/checkout",
            "depType": "action",
            "fixedVersion": "v3",
            "packageName": "actions/checkout",
            "registryUrl": "https://github.com",
            "replaceString": "actions/checkout@v3",
            "sourceUrl": "https://github.com/actions/checkout",
            "versioning": "docker",
            "warnings": [],
            "updates": []
          },
          {
            "autoReplaceStringTemplate": "{{depName}}@{{#if newDigest}}{{newDigest}}{{#if newValue}} # {{newValue}}{{/if}}{{/if}}{{#unless newDigest}}{{newValue}}{{/unless}}",
            "commitMessageTopic": "{{{depName}}} action",
            "currentValue": "v2",
            "currentVersion": "v2",
            "datasource": "github-tags",
            "depName": "pnpm/action-setup",
            "depType": "action",
            "fixedVersion": "v2",
            "packageName": "pnpm/action-setup",
            "registryUrl": "https://github.com",
            "replaceString": "pnpm/action-setup@v2",
            "sourceUrl": "https://github.com/pnpm/action-setup",
            "versioning": "docker",
            "warnings": [],
            "updates": []
          },
          {
            "autoReplaceStringTemplate": "{{depName}}@{{#if newDigest}}{{newDigest}}{{#if newValue}} # {{newValue}}{{/if}}{{/if}}{{#unless newDigest}}{{newValue}}{{/unless}}",
            "commitMessageTopic": "{{{depName}}} action",
            "currentValue": "v3",
            "currentVersion": "v3",
            "datasource": "github-tags",
            "depName": "actions/setup-node",
            "depType": "action",
            "fixedVersion": "v3",
            "packageName": "actions/setup-node",
            "registryUrl": "https://github.com",
            "replaceString": "actions/setup-node@v3",
            "sourceUrl": "https://github.com/actions/setup-node",
            "versioning": "docker",
            "warnings": [],
            "updates": []
          }
        ],
        "packageFile": ".github/workflows/lint-and-check-types.yml"
      }
    ],
    "npm": [
      {
        "constraints": {
          "pnpm": ">=8"
        },
        "deps": [
          {
            "currentValue": "8.37.0",
            "currentVersion": "8.37.0",
            "datasource": "npm",
            "depName": "@types/eslint",
            "depType": "devDependencies",
            "fixedVersion": "8.37.0",
            "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/eslint",
            "isSingleVersion": true,
            "lockedVersion": "8.37.0",
            "packageName": "@types/eslint",
            "prettyDepType": "devDependency",
            "registryUrl": "https://registry.npmjs.org",
            "sourceDirectory": "types/eslint",
            "sourceUrl": "https://github.com/DefinitelyTyped/DefinitelyTyped",
            "versioning": "npm",
            "warnings": [],
            "updates": [
              {
                "bucket": "latest",
                "newVersion": "8.40.0",
                "newValue": "8.40.0",
                "releaseTimestamp": "2023-05-23T02:02:48.588Z",
                "newMajor": 8,
                "newMinor": 40,
                "updateType": "minor",
                "branchName": "renovate/dependency-upgrades-non-major"
              }
            ]
          },
          {
            "currentValue": "20.2.1",
            "currentVersion": "20.2.1",
            "datasource": "npm",
            "depName": "@types/node",
            "depType": "devDependencies",
            "fixedVersion": "20.2.1",
            "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node",
            "isSingleVersion": true,
            "lockedVersion": "20.2.1",
            "packageName": "@types/node",
            "prettyDepType": "devDependency",
            "registryUrl": "https://registry.npmjs.org",
            "sourceDirectory": "types/node",
            "sourceUrl": "https://github.com/DefinitelyTyped/DefinitelyTyped",
            "versioning": "npm",
            "warnings": [],
            "updates": [
              {
                "bucket": "latest",
                "newVersion": "20.2.4",
                "newValue": "20.2.4",
                "releaseTimestamp": "2023-05-25T20:44:30.238Z",
                "newMajor": 20,
                "newMinor": 2,
                "updateType": "patch",
                "branchName": "renovate/dependency-upgrades-non-major"
              }
            ]
          },
          {
            "currentValue": "4.3.2",
            "currentVersion": "4.3.2",
            "datasource": "npm",
            "depName": "eslint-config-upleveled",
            "depType": "devDependencies",
            "fixedVersion": "4.3.2",
            "isSingleVersion": true,
            "lockedVersion": null,
            "packageName": "eslint-config-upleveled",
            "prettyDepType": "devDependency",
            "registryUrl": "https://registry.npmjs.org",
            "sourceUrl": "https://github.com/upleveled/eslint-config-upleveled",
            "versioning": "npm",
            "warnings": [],
            "updates": [
              {
                "bucket": "latest",
                "newVersion": "4.5.0",
                "newValue": "4.5.0",
                "releaseTimestamp": "2023-05-23T15:05:44.119Z",
                "newMajor": 4,
                "newMinor": 5,
                "updateType": "minor",
                "branchName": "renovate/dependency-upgrades-non-major"
              }
            ]
          },
          {
            "currentValue": "2.1.8",
            "currentVersion": "2.1.8",
            "datasource": "npm",
            "depName": "eslint-plugin-upleveled",
            "depType": "devDependencies",
            "fixedVersion": "2.1.8",
            "lockedVersion": null,
            "packageName": "eslint-plugin-upleveled",
            "prettyDepType": "devDependency",
            "registryUrl": "https://registry.npmjs.org",
            "sourceUrl": "https://github.com/upleveled/eslint-plugin-upleveled",
            "versioning": "npm",
            "warnings": [],
            "updates": []
          },
          {
            "currentValue": "5.0.4",
            "currentVersion": "5.0.4",
            "datasource": "npm",
            "depName": "typescript",
            "depType": "devDependencies",
            "fixedVersion": "5.0.4",
            "homepage": "https://www.typescriptlang.org/",
            "lockedVersion": "5.0.4",
            "packageName": "typescript",
            "prettyDepType": "devDependency",
            "registryUrl": "https://registry.npmjs.org",
            "sourceUrl": "https://github.com/Microsoft/TypeScript",
            "versioning": "npm",
            "warnings": [],
            "updates": []
          },
          {
            "currentValue": "^8.40.0",
            "currentVersion": "8.40.0",
            "datasource": "npm",
            "depName": "eslint",
            "depType": "peerDependencies",
            "fixedVersion": "8.40.0",
            "homepage": "https://eslint.org",
            "isSingleVersion": false,
            "lockedVersion": "8.40.0",
            "packageName": "eslint",
            "prettyDepType": "peerDependency",
            "registryUrl": "https://registry.npmjs.org",
            "sourceUrl": "https://github.com/eslint/eslint",
            "versioning": "npm",
            "warnings": [],
            "updates": [
              {
                "bucket": "latest",
                "newVersion": "8.41.0",
                "newValue": "^8.41.0",
                "releaseTimestamp": "2023-05-19T20:53:06.637Z",
                "newMajor": 8,
                "newMinor": 41,
                "updateType": "minor",
                "isRange": true,
                "isBump": true,
                "branchName": "renovate/dependency-upgrades-non-major"
              }
            ]
          }
        ],
        "lockFiles": [
          "pnpm-lock.yaml"
        ],
        "managerData": {
          "hasPackageManager": false,
          "packageJsonName": "eslint-plugin-upleveled",
          "pnpmShrinkwrap": "pnpm-lock.yaml",
          "yarnZeroInstall": false
        },
        "npmrc": "***********",
        "packageFile": "package.json",
        "packageFileVersion": "2.1.8",
        "skipInstalls": true
      }
    ]
  }
}
DEBUG: detectSemanticCommits()
DEBUG: semanticCommits: returning "disabled" from cache
DEBUG: processRepo()
DEBUG: Processing 1 branch: renovate/dependency-upgrades-non-major
DEBUG: Calculating hourly PRs remaining
DEBUG: currentHourStart=2023-05-25T21:00:00.000+00:00
DEBUG: PR hourly limit remaining: 2
DEBUG: Calculating prConcurrentLimit (10)
DEBUG: getBranchPr(renovate/dependency-upgrades-non-major)
DEBUG: findPr(renovate/dependency-upgrades-non-major, undefined, open)
DEBUG: Found PR #144
DEBUG: 1 PRs are currently open
DEBUG: PR concurrent limit remaining: 9
DEBUG: Calculated maximum PRs remaining this run: 2
DEBUG: PullRequests limit = 2
DEBUG: Calculating hourly PRs remaining
DEBUG: currentHourStart=2023-05-25T21:00:00.000+00:00
DEBUG: PR hourly limit remaining: 2
DEBUG: Calculating branchConcurrentLimit (10)
DEBUG: 1 already existing branches found: renovate/dependency-upgrades-non-major
DEBUG: Branch concurrent limit remaining: 9
DEBUG: Calculated maximum branches remaining this run: 2
DEBUG: Branches limit = 2
DEBUG: syncBranchState()(branch="renovate/dependency-upgrades-non-major")
DEBUG: branch.isUpToDate(): needs recalculation(branch="renovate/dependency-upgrades-non-major")
DEBUG: getBranchPr(renovate/dependency-upgrades-non-major)(branch="renovate/dependency-upgrades-non-major")
DEBUG: findPr(renovate/dependency-upgrades-non-major, undefined, open)(branch="renovate/dependency-upgrades-non-major")
DEBUG: Found PR #144(branch="renovate/dependency-upgrades-non-major")
DEBUG: branchExists=true(branch="renovate/dependency-upgrades-non-major")
DEBUG: dependencyDashboardCheck=undefined(branch="renovate/dependency-upgrades-non-major")
DEBUG: PR rebase requested=false(branch="renovate/dependency-upgrades-non-major")
DEBUG: recreateClosed is true(branch="renovate/dependency-upgrades-non-major")
DEBUG: Checking if PR has been edited(branch="renovate/dependency-upgrades-non-major")
DEBUG: branch.isModified(): using cached result "false"(branch="renovate/dependency-upgrades-non-major")
DEBUG: Found existing branch PR(branch="renovate/dependency-upgrades-non-major")
DEBUG: Checking schedule(after 4pm on thursday, null)(branch="renovate/dependency-upgrades-non-major")
DEBUG: Checking 1 schedule(s)(branch="renovate/dependency-upgrades-non-major")
DEBUG: Checking schedule "after 4pm on thursday"(branch="renovate/dependency-upgrades-non-major")
{
  "parsedSchedule": {
    "schedules": [
      {
        "t_a": [
          57600
        ],
        "d": [
          5
        ]
      }
    ],
    "exceptions": [],
    "error": -1
  }
}
DEBUG: Matches schedule after 4pm on thursday(branch="renovate/dependency-upgrades-non-major")
DEBUG: Branch already exists(branch="renovate/dependency-upgrades-non-major")
DEBUG: branch.isBehindBase(): using cached result "false"(branch="renovate/dependency-upgrades-non-major")
DEBUG: Branch is up-to-date(branch="renovate/dependency-upgrades-non-major")
DEBUG: isBranchConflicted(main, renovate/dependency-upgrades-non-major)(branch="renovate/dependency-upgrades-non-major")
DEBUG: branch.isConflicted(): using cached result "false"(branch="renovate/dependency-upgrades-non-major")
DEBUG: Branch does not need rebasing(branch="renovate/dependency-upgrades-non-major")
DEBUG: Using reuseExistingBranch: true(branch="renovate/dependency-upgrades-non-major")
DEBUG: Setting current branch to main(branch="renovate/dependency-upgrades-non-major")
DEBUG: latest commit(branch="renovate/dependency-upgrades-non-major")
{
  "branchName": "main",
  "latestCommitDate": "2023-05-19T14:13:14+00:00"
}
DEBUG: manager.getUpdatedPackageFiles() reuseExistingBranch=true(branch="renovate/dependency-upgrades-non-major")
DEBUG: npm.updateDependency(): devDependencies.@types/eslint = 8.40.0(branch="renovate/dependency-upgrades-non-major")
DEBUG: npm.updateDependency(): devDependencies.@types/node = 20.2.4(branch="renovate/dependency-upgrades-non-major")
DEBUG: Need to update package file so will rebase first(packageFile="package.json", branch="renovate/dependency-upgrades-non-major")
{
  "depName": "@types/node"
}
DEBUG: manager.getUpdatedPackageFiles() reuseExistingBranch=false(branch="renovate/dependency-upgrades-non-major")
DEBUG: npm.updateDependency(): devDependencies.@types/eslint = 8.40.0(branch="renovate/dependency-upgrades-non-major")
DEBUG: Updating @types/eslint in package.json(branch="renovate/dependency-upgrades-non-major")
DEBUG: npm.updateDependency(): devDependencies.@types/node = 20.2.4(branch="renovate/dependency-upgrades-non-major")
DEBUG: Updating @types/node in package.json(branch="renovate/dependency-upgrades-non-major")
DEBUG: npm.updateDependency(): peerDependencies.eslint = ^8.41.0(branch="renovate/dependency-upgrades-non-major")
DEBUG: Updating eslint in package.json(branch="renovate/dependency-upgrades-non-major")
DEBUG: npm.updateDependency(): devDependencies.eslint-config-upleveled = 4.5.0(branch="renovate/dependency-upgrades-non-major")
DEBUG: Updating eslint-config-upleveled in package.json(branch="renovate/dependency-upgrades-non-major")
DEBUG: Updated 1 package files(branch="renovate/dependency-upgrades-non-major")
DEBUG: Getting updated lock files(branch="renovate/dependency-upgrades-non-major")
DEBUG: Writing package.json files(branch="renovate/dependency-upgrades-non-major")
{
  "packageFiles": [
    "package.json"
  ]
}
DEBUG: Writing any updated package files(branch="renovate/dependency-upgrades-non-major")
DEBUG: Writing package.json(branch="renovate/dependency-upgrades-non-major")
DEBUG: npmrc file found in repository(branch="renovate/dependency-upgrades-non-major")
DEBUG: Generating pnpm-lock.yaml for .(branch="renovate/dependency-upgrades-non-major")
DEBUG: Spawning pnpm install to create pnpm-lock.yaml(branch="renovate/dependency-upgrades-non-major")
DEBUG: No node constraint found - using latest(branch="renovate/dependency-upgrades-non-major")
DEBUG: Setting CONTAINERBASE_CACHE_DIR to /tmp/containerbase(branch="renovate/dependency-upgrades-non-major")
DEBUG: Using docker to execute(branch="renovate/dependency-upgrades-non-major")
{
  "image": "sidecar"
}
DEBUG: Resolved stable matching version(branch="renovate/dependency-upgrades-non-major")
{
  "toolName": "node",
  "constraint": null,
  "resolvedVersion": "v18.16.0"
}
DEBUG: Resolved stable matching version(branch="renovate/dependency-upgrades-non-major")
{
  "toolName": "pnpm",
  "constraint": ">=8",
  "resolvedVersion": "8.5.1"
}
DEBUG: containerbaseDir is separate from cacheDir(branch="renovate/dependency-upgrades-non-major")
DEBUG: Resolved tag constraint(branch="renovate/dependency-upgrades-non-major")
{
  "image": "ghcr.io/containerbase/sidecar"
}
DEBUG: Docker image is already prefetched: ghcr.io/containerbase/sidecar@sha256:6d6c83d13274133d1c01da1ffa525e576286829f3284daffe984da622d0da252(branch="renovate/dependency-upgrades-non-major")
DEBUG: Executing command(branch="renovate/dependency-upgrades-non-major")
{
  "command": "docker run --rm --name=renovate_sidecar --label=renovate_child -v \"/mnt/renovate/gh/upleveled/eslint-plugin-upleveled\":\"/mnt/renovate/gh/upleveled/eslint-plugin-upleveled\" -v \"/tmp/renovate-cache\":\"/tmp/renovate-cache\" -v \"/tmp/containerbase\":\"/tmp/containerbase\" -e NPM_CONFIG_CACHE -e npm_config_store -e BUILDPACK_CACHE_DIR -e CONTAINERBASE_CACHE_DIR -w \"/mnt/renovate/gh/upleveled/eslint-plugin-upleveled\" ghcr.io/containerbase/sidecar bash -l -c \"install-tool node v18.16.0 && install-tool pnpm 8.5.1 && pnpm install --recursive --lockfile-only --ignore-scripts --ignore-pnpmfile\""
}
DEBUG: exec completed(branch="renovate/dependency-upgrades-non-major")
{
  "durationMs": 23535,
  "stdout": "installing v2 tool node v18.16.0\nlinking tool node v18.16.0\nnode: v18.16.0 /usr/local/bin/node\nnpm: 9.5.1  /usr/local/bin/npm\nInstalled v2 /usr/local/buildpack/tools/v2/node.sh in 4 seconds\ninstalling v2 tool pnpm v8.5.1\nlinking tool pnpm v8.5.1\n8.5.1\nInstalled v2 /usr/local/buildpack/tools/v2/pnpm.sh in 2 seconds\nProgress: resolved 1, reused 0, downloaded 0, added 0\nProgress: resolved 4, reused 0, downloaded 4, added 0\nProgress: resolved 39, reused 0, downloaded 11, added 0\nProgress: resolved 100, reused 0, downloaded 69, added 0\nProgress: resolved 124, reused 0, downloaded 99, added 0\nProgress: resolved 135, reused 0, downloaded 111, added 0\nProgress: resolved 156, reused 0, downloaded 134, added 0\nProgress: resolved 174, reused 0, downloaded 148, added 0\nProgress: resolved 221, reused 0, downloaded 189, added 0\nProgress: resolved 268, reused 0, downloaded 235, added 0\nProgress: resolved 325, reused 0, downloaded 283, added 0\nProgress: resolved 355, reused 0, downloaded 331, added 0\nProgress: resolved 364, reused 0, downloaded 362, added 0\nDone in 13.1s\nProgress: resolved 364, reused 0, downloaded 364, added 0, done\n",
  "stderr": ""
}
DEBUG: pnpm-lock.yaml needs updating(branch="renovate/dependency-upgrades-non-major")
DEBUG: Updated 1 lock files(branch="renovate/dependency-upgrades-non-major")
{
  "updatedArtifacts": [
    "pnpm-lock.yaml"
  ]
}
DEBUG: Getting comments for #144(branch="renovate/dependency-upgrades-non-major")
DEBUG: Found 1 comments(branch="renovate/dependency-upgrades-non-major")
DEBUG: 2 file(s) to commit(branch="renovate/dependency-upgrades-non-major")
DEBUG: Preparing files for committing to branch renovate/dependency-upgrades-non-major(branch="renovate/dependency-upgrades-non-major")
DEBUG: Setting git author name: Renovate Bot(branch="renovate/dependency-upgrades-non-major")
DEBUG: Setting git author email: bot@renovateapp.com(branch="renovate/dependency-upgrades-non-major")
DEBUG: git commit(branch="renovate/dependency-upgrades-non-major")
{
  "deletedFiles": [],
  "ignoredFiles": [],
  "result": {
    "author": null,
    "branch": "renovate/dependency-upgrades-non-major",
    "commit": "89e7c0297e2c41de3b6b2b758cd98f3edb37927a",
    "root": false,
    "summary": {
      "changes": 2,
      "insertions": 128,
      "deletions": 136
    }
  }
}
DEBUG: resetToCommit(3cd4d43bd5b0a066304d4593255f8ca7fcb64379)(branch="renovate/dependency-upgrades-non-major")
DEBUG: Fetching branch renovate/dependency-upgrades-non-major(branch="renovate/dependency-upgrades-non-major")
DEBUG: Setting current branch to main(branch="renovate/dependency-upgrades-non-major")
DEBUG: latest commit(branch="renovate/dependency-upgrades-non-major")
{
  "branchName": "main",
  "latestCommitDate": "2023-05-19T14:13:14+00:00"
}
INFO: Branch updated(branch="renovate/dependency-upgrades-non-major")
{
  "commitSha": "0b832aa37c3065af35266067872075817210917c"
}
DEBUG: Ensuring PR(branch="renovate/dependency-upgrades-non-major")
DEBUG: There are 0 errors and 0 warnings(branch="renovate/dependency-upgrades-non-major")
DEBUG: getBranchPr(renovate/dependency-upgrades-non-major)(branch="renovate/dependency-upgrades-non-major")
DEBUG: findPr(renovate/dependency-upgrades-non-major, undefined, open)(branch="renovate/dependency-upgrades-non-major")
DEBUG: Found PR #144(branch="renovate/dependency-upgrades-non-major")
DEBUG: getPrCache()(branch="renovate/dependency-upgrades-non-major")
DEBUG: Found existing PR(branch="renovate/dependency-upgrades-non-major")
DEBUG: PR fingerprints mismatch, processing PR(branch="renovate/dependency-upgrades-non-major")
DEBUG: Fetching changelog: https://github.com/DefinitelyTyped/DefinitelyTyped (8.37.0 -> 8.40.0)(branch="renovate/dependency-upgrades-non-major")
DEBUG: Fetching changelog: https://github.com/DefinitelyTyped/DefinitelyTyped (20.2.1 -> 20.2.4)(branch="renovate/dependency-upgrades-non-major")
DEBUG: Fetching changelog: https://github.com/eslint/eslint (8.40.0 -> 8.41.0)(branch="renovate/dependency-upgrades-non-major")
DEBUG: Fetching changelog: https://github.com/upleveled/eslint-config-upleveled (4.3.2 -> 4.5.0)(branch="renovate/dependency-upgrades-non-major")
DEBUG: Processing existing PR(branch="renovate/dependency-upgrades-non-major")
DEBUG: resolveBranchStatus(branchName=renovate/dependency-upgrades-non-major, ignoreTests=false)(branch="renovate/dependency-upgrades-non-major")
DEBUG: getBranchStatus(renovate/dependency-upgrades-non-major)(branch="renovate/dependency-upgrades-non-major")
DEBUG: branch status check result(branch="renovate/dependency-upgrades-non-major")
{
  "state": "pending",
  "statuses": []
}
DEBUG: Successful checks are all internal renovate/ checks, so returning "pending" branch status(branch="renovate/dependency-upgrades-non-major")
DEBUG: No check runs found(branch="renovate/dependency-upgrades-non-major")
{
  "result": {
    "total_count": 0,
    "check_runs": []
  }
}
DEBUG: Branch status yellow(branch="renovate/dependency-upgrades-non-major")
DEBUG: PR body changed(branch="renovate/dependency-upgrades-non-major")
{
  "prTitle": "Update dependency upgrades - non-major"
}
DEBUG: updatePr(144, Update dependency upgrades - non-major, body)(branch="renovate/dependency-upgrades-non-major")
DEBUG: PR updated...prNo: 144(branch="renovate/dependency-upgrades-non-major")
INFO: PR updated(branch="renovate/dependency-upgrades-non-major")
{
  "pr": 144,
  "prTitle": "Update dependency upgrades - non-major"
}
DEBUG: setPrCache()(branch="renovate/dependency-upgrades-non-major")
DEBUG: PR is configured for automerge(branch="renovate/dependency-upgrades-non-major")
DEBUG: setBranchCommit()(branch="renovate/dependency-upgrades-non-major")
DEBUG: getBranchPr(renovate/dependency-upgrades-non-major)
DEBUG: findPr(renovate/dependency-upgrades-non-major, undefined, open)
DEBUG: Found PR #144
DEBUG: getPrCache()
DEBUG: Ensuring Dependency Dashboard
DEBUG: ensureIssue(Dependency Dashboard)
DEBUG: Issue is open and up to date - nothing to do
DEBUG: Removing any stale branches
DEBUG: config.repoIsOnboarded=true
DEBUG: Branch lists
{
  "branchList": [
    "renovate/dependency-upgrades-non-major"
  ],
  "renovateBranches": [
    "renovate/dependency-upgrades-non-major"
  ]
}
DEBUG: remainingBranches=
DEBUG: No branches to clean up
DEBUG: Cleaning up Renovate refs: refs/renovate/*
DEBUG: PackageFiles.clear() - Package files deleted
DEBUG: Repo is activated
DEBUG: Branch summary
{
  "cacheModified": true,
  "baseBranches": [
    {
      "branchName": "main",
      "sha": "3cd4d43bd5b0a066304d4593255f8ca7fcb64379"
    }
  ],
  "branches": [
    {
      "automerge": true,
      "baseBranch": "main",
      "baseBranchSha": "3cd4d43bd5b0a066304d4593255f8ca7fcb64379",
      "branchName": "renovate/dependency-upgrades-non-major",
      "branchSha": "0b832aa37c3065af35266067872075817210917c",
      "isModified": false,
      "isPristine": true
    }
  ],
  "defaultBranch": "main",
  "inactiveBranches": []
}
DEBUG: branches info extended
{
  "branchesInformation": [
    {
      "branchName": "renovate/dependency-upgrades-non-major",
      "prNo": 144,
      "prTitle": "Update dependency upgrades - non-major",
      "result": "done",
      "upgrades": [
        {
          "datasource": "npm",
          "depName": "@types/eslint",
          "displayPending": "",
          "fixedVersion": "8.37.0",
          "currentVersion": "8.37.0",
          "currentValue": "8.37.0",
          "newValue": "8.40.0",
          "newVersion": "8.40.0",
          "packageFile": "package.json",
          "updateType": "minor",
          "packageName": "@types/eslint"
        },
        {
          "datasource": "npm",
          "depName": "@types/node",
          "displayPending": "",
          "fixedVersion": "20.2.1",
          "currentVersion": "20.2.1",
          "currentValue": "20.2.1",
          "newValue": "20.2.4",
          "newVersion": "20.2.4",
          "packageFile": "package.json",
          "updateType": "patch",
          "packageName": "@types/node"
        },
        {
          "datasource": "npm",
          "depName": "eslint",
          "displayPending": "",
          "fixedVersion": "8.40.0",
          "currentVersion": "8.40.0",
          "currentValue": "^8.40.0",
          "newValue": "^8.41.0",
          "newVersion": "8.41.0",
          "packageFile": "package.json",
          "updateType": "minor",
          "packageName": "eslint"
        },
        {
          "datasource": "npm",
          "depName": "eslint-config-upleveled",
          "displayPending": "",
          "fixedVersion": "4.3.2",
          "currentVersion": "4.3.2",
          "currentValue": "4.3.2",
          "newValue": "4.5.0",
          "newVersion": "4.5.0",
          "packageFile": "package.json",
          "updateType": "minor",
          "packageName": "eslint-config-upleveled"
        }
      ]
    }
  ]
}
DEBUG: Renovate repository PR statistics
{
  "stats": {
    "total": 128,
    "open": 1,
    "closed": 1,
    "merged": 126
  }
}
DEBUG: Repository result: done, status: activated, enabled: true, onboarded: true
DEBUG: Repository timing splits (milliseconds)
{
  "splits": {
    "init": 3525,
    "extract": 781,
    "lookup": 2795,
    "onboarding": 1,
    "update": 34121
  },
  "total": 42935
}
DEBUG: Package cache statistics
{
  "get": {
    "count": 28,
    "avgMs": 28,
    "medianMs": 1,
    "maxMs": 346
  },
  "set": {
    "count": 10,
    "avgMs": 4,
    "medianMs": 2,
    "maxMs": 10
  }
}
DEBUG: http statistics
{
  "urls": {
    "https://api.github.com/graphql (POST,200)": 12,
    "https://api.github.com/repos/karlhorky/renovate-config/contents/default.json5 (GET,200)": 1,
    "https://api.github.com/repos/upleveled/eslint-config-upleveled (GET,200)": 1,
    "https://api.github.com/repos/upleveled/eslint-config-upleveled/git/trees/main (GET,200)": 1,
    "https://api.github.com/repos/upleveled/eslint-plugin-upleveled/commits/renovate/dependency-upgrades-non-major/check-runs (GET,200)": 1,
    "https://api.github.com/repos/upleveled/eslint-plugin-upleveled/commits/renovate/dependency-upgrades-non-major/status (GET,200)": 1,
    "https://api.github.com/repos/upleveled/eslint-plugin-upleveled/contents/renovate.json (GET,200)": 1,
    "https://api.github.com/repos/upleveled/eslint-plugin-upleveled/git/commits (POST,201)": 1,
    "https://api.github.com/repos/upleveled/eslint-plugin-upleveled/git/refs/heads/renovate/dependency-upgrades-non-major (HEAD,200)": 1,
    "https://api.github.com/repos/upleveled/eslint-plugin-upleveled/git/refs/heads/renovate/dependency-upgrades-non-major (PATCH,200)": 1,
    "https://api.github.com/repos/upleveled/eslint-plugin-upleveled/git/trees (POST,201)": 1,
    "https://api.github.com/repos/upleveled/eslint-plugin-upleveled/issues/144/comments (GET,200)": 1,
    "https://api.github.com/repos/upleveled/eslint-plugin-upleveled/issues/2 (GET,200)": 2,
    "https://api.github.com/repos/upleveled/eslint-plugin-upleveled/pulls (GET,200)": 1,
    "https://api.github.com/repos/upleveled/eslint-plugin-upleveled/pulls/144 (PATCH,200)": 1,
    "https://api.github.com/repos/whitesource/merge-confidence/contents/beta.json (GET,200)": 1
  },
  "hostStats": {
    "api.github.com": {
      "requestCount": 28,
      "requestAvgMs": 422,
      "queueAvgMs": 0
    }
  },
  "totalRequests": 28
}
DEBUG: Package lookup durations
{
  "npm": {
    "count": 6,
    "averageMs": 324,
    "totalMs": 1945,
    "maximumMs": 1289
  },
  "github-tags": {
    "count": 3,
    "averageMs": 1590,
    "totalMs": 4769,
    "maximumMs": 1606
  }
}
DEBUG: dns cache
{
  "hosts": [
    "api.github.com"
  ]
}
INFO: Repository finished
{
  "cloned": true,
  "durationMs": 42935
}

karlhorky · 2023-05-27T16:27:11Z

karlhorky
May 27, 2023
Author

Also reported an issue over in the pnpm GitHub repo:

pnpm install --recursive updates version to 'link:' in non-monorepo (automatic with Renovate bot) pnpm/pnpm#6599

0 replies

rarkins · 2023-05-27T16:34:01Z

rarkins
May 27, 2023
Maintainer

I originally reported this issue over at #22457 but auto-closed from the bot 😫

Did you decide to ignore the instructions to create a Discussion first, or did you just click through without paying attention to the two warnings?

6 replies

rarkins May 28, 2023
Maintainer

If users already ignore the existing warnings then I think we'll find them ignoring the text of any checkbox too, but we can try it.

Ultimately 90% of bug reports turned out to be a mistake (this one is an example too, despite being well written) and the result was wasted maintainer time and polluted issues.

karlhorky May 28, 2023
Author

Yeah, I've heard of similar situations from other open source teams. Eg. Vercel has set up a separate private issue tracker in Linear and leaves the GitHub issues for the users. They watch the issues from their users and link the relevant, real issues to their tracker. Some similarities to what Renovate is trying to achieve with GitHub issues and discussions, although involving an extra private platform, which may be extra setup / overhead that Renovate wants to avoid.

rarkins May 28, 2023
Maintainer

Interesting info. I also prefer the transparency of public Discussions+Issues, including that users can comment/contribute to Feature Requests and Bug Reports once they've been created by a maintainer

HonkingGoose May 28, 2023
Collaborator

Missing the current warnings

Didn't see the two warnings (they are in muted text and not very visible)

I can see how you can miss the first warning here:

But I'm surprised that you missed these warnings in the issue form:

Pit of failure and the proper fix

also, it's not a very common UX pattern across open source for an available option to lead to a pit of failure).

I agree this is a bad user experience for people new to our repository. To fix this properly we would need GitHub to:

Have a list of "allowed issue-openers" that people with write access to the repository can update
Only show "Create issue buttons" for users on the allow list
For people not on the list, only show the create a Discussion button

Inattentional blindness

As is I think pretty common for people submitting issues, I was focused on capturing the details carefully and filling out the form quickly.

This sounds similar to the study where people were asked to count how many basketballs a group of people where passing. Many people focus so much on counting the throws, they completely miss the person in the ape suit walking through the group. 😜

Checkbox to the rescue???

If you're open to suggestions, I would suggest that this be marked more clearly - eg. a required checkbox form field (default unchecked) that says "I am a maintainer" at the beginning of the form, and a link to the Discussions submission page

I doubt adding a checkbox is a good roadblock. We already have:

The muted text in the issue chooser screen
Big bold text in the issue forms
Explanatory text that explains what a non-maintainer should do

I agree with @rarkins comment:

If users already ignore the existing warnings then I think we'll find them ignoring the text of any checkbox too, but we can try it.

Adding a checkbox clutters up the form, and is another thing for the maintainer to do before getting to fill out the form proper. Anyway, here's a PR for the checkbox idea, so we can preview the forms on my branch:

chore: add i am a maintainer checkbox to issue forms #22468

Edit: the closed PR above is replaced by this one:

chore: create admin-only issue form, improve and add discussion forms #22469

Other methods like Vercel

Yeah, I've heard of similar situations from other open source teams. Eg. Vercel has set up a separate private issue tracker in Linear and leaves the GitHub issues for the users. They watch the issues from their users and link the relevant, real issues to their tracker. Some similarities to what Renovate is trying to achieve with GitHub issues and discussions, although involving an extra private platform, which may be extra setup / overhead that Renovate wants to avoid.

That sounds like a lot of work for us. I prefer keeping things on GitHub, so everything is in one place only.

rarkins May 28, 2023
Maintainer

I think that if users already click past our warnings today then a checkbox is unlikely to make a difference other than more work for maintainers, so let's not do that

karlhorky · 2024-03-28T12:23:20Z

karlhorky
Mar 28, 2024
Author

Just to circle back around here and note that this usage by Renovate of the --recursive flag with pnpm is still causing problems where the project:

Uses pnpm
Refers to itself in its dependencies
Is not a monorepo

Eg. this PR here:

Update dependency eslint-config-upleveled to v7 upleveled/eslint-plugin-upleveled#170

Diff of first commit by Renovate bot (the link: specifier introduced):

First commit by Renovate bot broken, second commit fixed with my GitHub Actions workflow workaround:

1 reply

rarkins Apr 11, 2024
Maintainer

@karlhorky can you create a reproduction of this? i.e. a repo which has ideally one PR, where that PR is broken due to the problem you describe?

2024-04-11T05:16:12Z

github-actions[bot]
bot Apr 11, 2024

Hi there,

Get your discussion fixed faster by creating a minimal reproduction. This means a repository dedicated to reproducing this issue with the minimal dependencies and config possible.

Before we start working on your issue we need to know exactly what's causing the current behavior. A minimal reproduction helps us with this. Discussions without reproductions are less likely to be converted to Issues.

To get started, please read our guide on creating a minimal reproduction.

Good luck,

The Renovate team

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

pnpm `--recursive` flag in non-monorepo causes unwanted 'link:' version #22458

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 4 comments 7 replies

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{title}}

{{title}}

{{title}}

Select a reply

pnpm --recursive flag in non-monorepo causes unwanted 'link:' version #22458

karlhorky May 27, 2023

How are you running Renovate?

If you're self-hosting Renovate, tell us what version of Renovate you run.

If you're self-hosting Renovate, select which platform you are using.

If you're self-hosting Renovate, tell us what version of the platform you run.

Was this something which used to work for you, and then stopped?

Wanted end result.

Suggested Solution

Workaround (GitHub Actions workflow)

What you tried so far.

Relevant debug logs

Replies: 4 comments · 7 replies

karlhorky May 27, 2023 Author

rarkins May 27, 2023 Maintainer

rarkins May 28, 2023 Maintainer

karlhorky May 28, 2023 Author

rarkins May 28, 2023 Maintainer

HonkingGoose May 28, 2023 Collaborator

Missing the current warnings

Pit of failure and the proper fix

Inattentional blindness

Checkbox to the rescue???

Other methods like Vercel

rarkins May 28, 2023 Maintainer

karlhorky Mar 28, 2024 Author

rarkins Apr 11, 2024 Maintainer

github-actions[bot] bot Apr 11, 2024

pnpm `--recursive` flag in non-monorepo causes unwanted 'link:' version #22458

karlhorky
May 27, 2023

Replies: 4 comments 7 replies

karlhorky
May 27, 2023
Author

rarkins
May 27, 2023
Maintainer

rarkins May 28, 2023
Maintainer

karlhorky May 28, 2023
Author

rarkins May 28, 2023
Maintainer

HonkingGoose May 28, 2023
Collaborator

rarkins May 28, 2023
Maintainer

karlhorky
Mar 28, 2024
Author

rarkins Apr 11, 2024
Maintainer

github-actions[bot]
bot Apr 11, 2024