Closed sanderploegsma closed 6 years ago
@boennemann could you have a look here. LGTM, but not too experienced with npm subtleties here. Mainly concerned with: does this break anything else?
I’m closing this as we are getting ready to retire 1.x. Please re-open/rebase if this is still relevant in master
This fixes a crash when a package.json has devDependencies that are not sorted alphabetically.
npm install --save-dev
sorts dependencies in the package.json, so when a lockfile is not changed by this script, it tries to commit nothing, which fails.Note: this only affects versions of npm where devDependencies are not shrinkwrapped, such as npm 3.
Example case: the
package.json
has the following devDependencies:Let's say
ts-jest
gets updated to 21.0.0. Greenkeeper would create a new commit where just the version in thepackage.json
is updated and thegreenkeeper-lockfile-update
script is triggered. This:git revert -n HEAD
package.json
usinggit reset HEAD
npm install --save-dev ts-jest@21.0.0
Now, the following happens:
git status --porcelain
containsM package.json
due to the sorting mentioned above, so the script does not returngit add npm-shrinkwrap.json
,git add package-lock.json
andgit add yarn.lock.json
results in no staged changesgit commit
exits with non-zero.