Pass --no-frozen-lockfile in pnpm dev mode to prevent CI failures#23794
Pass --no-frozen-lockfile in pnpm dev mode to prevent CI failures#23794
Conversation
|
Why? The lockfile defines the installed versions. When you upgrade Vaadin, you run dev mode or mvn install locally, and that upgrades what is needed. You cannot and should not upgrade a version in the repo and assume ”npm ci” would work. How would even the new lock file end up in the repo if you would do that? |
|
The lockfile here is not user-committed, it is generated by Flow during dev mode. When a user bumps Independently of the CI issue, That said, a broader fix might be better: Flow could pass |
caalador
left a comment
caalador
left a comment
There was a problem hiding this comment.
This is trying to fix the wrong thing and should instead fix the issue that pnpm 10 does unexpected extra enforcing depending on the environment.
I feel the more correct fix would be to add a dev mode flag that would skip the copy from devbundle if set for use in CI environment upgrade tests.
flow-build-tools/src/main/java/com/vaadin/flow/server/frontend/FrontendBuildUtils.java
Outdated
Show resolved
Hide resolved
|
I agree that changing isPlatformMajorVersionUpdated semantics is not the right approach. Looking at this more carefully, the cleanest fix is to pass --no-frozen-lockfile explicitly when Flow runs pnpm install in dev mode. The reasoning:
A dev mode flag to skip the devbundle copy would work around the symptom but not the cause: even without the bundle copy, a stale pnpm-lock.yaml already on disk triggers the same ERR_PNPM_LOCKFILE_CONFIG_MISMATCH. The --no-frozen-lockfile approach covers both paths. I will update the PR but need a clear answer what flowers prefer for this fix |
|
I would say run with |
pnpm 10 auto-enables --frozen-lockfile when it detects CI via ci-info, causing ERR_PNPM_LOCKFILE_CONFIG_MISMATCH when overrides change between Vaadin versions. Explicitly pass --no-frozen-lockfile in dev mode (ciBuild==false) since Flow is resolving dependencies, not reproducing a locked build. Revert isPlatformMajorVersionUpdated changes as the lockfile flag approach fixes the root cause.
manolo
force-pushed
the
fix/skip-lockfile-copy-on-version-change
branch
from
40567da to
6653f45
Compare
manolo
changed the title
done |
|
…3794) pnpm 10 auto-enables --frozen-lockfile when it detects CI via ci-info, causing ERR_PNPM_LOCKFILE_CONFIG_MISMATCH when overrides change between Vaadin versions. Explicitly pass --no-frozen-lockfile in dev mode (ciBuild==false) since Flow is resolving dependencies, not reproducing a locked build. Revert isPlatformMajorVersionUpdated changes as the lockfile flag approach fixes the root cause.
…3794) (#23842) pnpm 10 auto-enables --frozen-lockfile when it detects CI via ci-info, causing ERR_PNPM_LOCKFILE_CONFIG_MISMATCH when overrides change between Vaadin versions. Explicitly pass --no-frozen-lockfile in dev mode (ciBuild==false) since Flow is resolving dependencies, not reproducing a locked build. Revert isPlatformMajorVersionUpdated changes as the lockfile flag approach fixes the root cause. Co-authored-by: Manuel Carrasco Moñino <manolo@vaadin.com>
4 participants
Summary
--frozen-lockfilewhen it detects CI environments(via
ci-info, checkingGITHUB_ACTIONS,CI, etc.)ciBuilddefaults tofalsein dev modevaadin.versionand pushes, the stalepnpm-lock.yamlcauses
ERR_PNPM_LOCKFILE_CONFIG_MISMATCHin CI but works locally--no-frozen-lockfilewhen running pnpm installin dev mode (
ciBuild==false), since Flow is resolving dependencies,not reproducing a locked build
Context
When
ciBuild==true, Flow already passes--frozen-lockfileexplicitly.This change makes the non-CI path equally explicit, preventing pnpm from
silently inheriting a stricter mode based on environment detection.
Fixes #23530