Update doesn't respect yarn patch

[tobiasdiez]

Is there an existing issue for this?

• [X] I have searched the existing issues

Package ecosystem

npm

Package manager version

yarn v3

Language version

No response

Manifest location and content before the Dependabot update

No response

dependabot.yml content

No response

Updated dependency

No response

What you expected to see, versus what you actually saw

The dependency had some yarn patches applied: https://yarnpkg.com/cli/patch/

However, the update just ignored the patches and erased them from the lock file. I expected the patch to stay there, so that yarn install still tries to apply it (this may fail depending on the changes in the updated package).

---

Tagging @jurre as requested in https://github.com/dependabot/dependabot-core/issues/1297.

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

https://github.com/JabRef/JabRefOnline/pull/1510

Smallest manifest that reproduces the issue

No response

[jurre]

@tobiasdiez it looks like this is just what yarn does by default?

JabRefOnline main % g co 21ecea541c94b148637e4a636f8e082ca4450697
JabRefOnline HEAD % yarn up @nuxtjs/tailwindcss@5.3.5 --mode=update-lockfile
JabRefOnline HEAD % g diff
diff --git a/package.json b/package.json
index 41e9eff..26d6e9f 100644
--- a/package.json
+++ b/package.json
@@ -103,7 +103,7 @@
     "@nuxtjs/eslint-config": "^11.0.0",
     "@nuxtjs/eslint-config-typescript": "^11.0.0",
     "@nuxtjs/eslint-module": "^3.1.0",
-    "@nuxtjs/tailwindcss": "5.3.3",
+    "@nuxtjs/tailwindcss": "5.3.5",
     "@storybook/builder-vite": "^0.2.4",
     "@storybook/vue3": "^6.5.10",
     "@tailwindcss/forms": "^0.5.3",
diff --git a/yarn.lock b/yarn.lock
index 70047a8..c0d5156 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3932,30 +3932,9 @@ __metadata:
   languageName: node
   linkType: hard

-"@nuxtjs/tailwindcss@npm:5.3.3":
-  version: 5.3.3
-  resolution: "@nuxtjs/tailwindcss@npm:5.3.3"
-  dependencies:
-    "@nuxt/kit": ^3.0.0-rc.9
-    "@nuxt/postcss8": ^1.1.3
-    autoprefixer: ^10.4.8
-    chalk: ^5.0.1
-    clear-module: ^4.1.2
-    consola: ^2.15.3
-    defu: ^6.1.0
-    postcss: ^8.4.16
-    postcss-custom-properties: ^12.1.8
-    postcss-nesting: ^10.1.10
-    tailwind-config-viewer: ^1.7.2
-    tailwindcss: ^3.1.8
-    ufo: ^0.8.5
-  checksum: f725c020c7ff3a618b9d0b0a99303034e229cb8ab1bfedfe1665c5a4b185e5e0ef4ecdd6f627668f5cf1739f152981e8c8a3312c65be2eef0e3ae59227a7ad17
-  languageName: node
-  linkType: hard
-
-"@nuxtjs/tailwindcss@patch:@nuxtjs/tailwindcss@npm%3A5.3.3#./.yarn/patches/@nuxtjs-tailwindcss-npm-5.3.3-e31175b5f6.patch::locator=jabref-online%40workspace%3A.":
-  version: 5.3.3
-  resolution: "@nuxtjs/tailwindcss@patch:@nuxtjs/tailwindcss@npm%3A5.3.3#./.yarn/patches/@nuxtjs-tailwindcss-npm-5.3.3-e31175b5f6.patch::version=5.3.3&hash=b84088&locator=jabref-online%40workspace%3A."
+"@nuxtjs/tailwindcss@npm:5.3.5":
+  version: 5.3.5
+  resolution: "@nuxtjs/tailwindcss@npm:5.3.5"
   dependencies:
     "@nuxt/kit": ^3.0.0-rc.9
     "@nuxt/postcss8": ^1.1.3
@@ -3970,7 +3949,7 @@ __metadata:
     tailwind-config-viewer: ^1.7.2
     tailwindcss: ^3.1.8
     ufo: ^0.8.5
-  checksum: dc50be94afaa55bdee8dbba349d0f61806d2a3451b2a3c48058b2031b4b4608aa6460897f6666eff0d58657d87f9ffb75751ab6a8b5c0c211c89b37dbdc364ab
+  checksum: e47927f9f1c782f3a08d70025ea764a3d0de74edfe187e32e59db4b835d859464a9c3d9e694e4dc04de8e04c09720d9765b340326768980f4766a33f3c9618c8
   languageName: node
   linkType: hard

@@ -15594,7 +15573,7 @@ __metadata:
     "@nuxtjs/eslint-config": ^11.0.0
     "@nuxtjs/eslint-config-typescript": ^11.0.0
     "@nuxtjs/eslint-module": ^3.1.0
-    "@nuxtjs/tailwindcss": 5.3.3
+    "@nuxtjs/tailwindcss": 5.3.5
     "@pinia/nuxt": ^0.4.2
     "@popperjs/core": ^2.11.6
     "@prisma/client": ^4.4.0

[tobiasdiez]

You are right, I've created https://github.com/yarnpkg/berry/issues/4970 to track this upstream.

[deivid-rodriguez]

Should we close in favor of the upstream issue?

[jeffwidman]

Closing in favor of upstream.