Add an overrides definition to the root of the workspace. Pnpm requires this to be defined at the root level
Use packager: pnpm and mark a dependency as external
Run sls package in the package. This works
Run CI=true sls package in the package. You will get ERR_PNPM_LOCKFILE_CONFIG_MISMATCH Cannot proceed with the frozen installation. The current "overrides" configuration doesn't match the value found in the lockfile. This appears to be due to pnpm prune enforcing --frozen-lockfile in a CI environment
Screenshots or Logs
If applicable, add screenshots or logs to help explain your problem.
Versions (please complete the following information):
OS: Mac
Serverless Framework Version: 3.39.0
Plugin Version: 1.52.1(esbuild@0.20.2)
pnpm version: 9.5.0
Additional context
During some debugging, I found that the pnpm install step with the copied dependencies works, as that manually passes in --no-frozen-lockfile. This fails on the pnpm prune step. prune does not appear to support a --no-frozen-lockfile step. I don't exactly understand what pnpm prune is accomplishing in this case either as we are only copying over production dependencies from the package.json file. Do we see an issue with either not calling prune or using the ignoreLockfile argument added for yarn and using that to conditionally not run prune for pnpm?
Alternatively, we could update the pnpm packager to copy over the pnpm.overrides configuration from the root package.json? This might be more correct as the overrides definition can change the resolved versions of modules that are installed.
Describe the bug When using
overridesin apnpmmonorepo, packaging will always break on theprunestep due to the overrides not being included.To Reproduce https://github.com/loganyott/serverless-esbuild-pnpm-prune-example In the repo, run
pnpm installcd package-oneCI=true pnpm buildFor any other repo,
overridesdefinition to the root of the workspace. Pnpm requires this to be defined at the root levelpackager: pnpmand mark a dependency asexternalsls packagein the package. This worksCI=true sls packagein the package. You will getERR_PNPM_LOCKFILE_CONFIG_MISMATCH Cannot proceed with the frozen installation. The current "overrides" configuration doesn't match the value found in the lockfile. This appears to be due topnpm pruneenforcing--frozen-lockfilein a CI environmentExpected behavior
CI=true sls packageexecutes successfullyScreenshots or Logs If applicable, add screenshots or logs to help explain your problem.
Versions (please complete the following information):
Additional context During some debugging, I found that the
pnpm installstep with the copied dependencies works, as that manually passes in--no-frozen-lockfile. This fails on thepnpm prunestep.prunedoes not appear to support a--no-frozen-lockfilestep. I don't exactly understand whatpnpm pruneis accomplishing in this case either as we are only copying over production dependencies from thepackage.jsonfile. Do we see an issue with either not callingpruneor using theignoreLockfileargument added for yarn and using that to conditionally not run prune for pnpm?Alternatively, we could update the pnpm packager to copy over the
pnpm.overridesconfiguration from the rootpackage.json? This might be more correct as the overrides definition can change the resolved versions of modules that are installed.