Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(updater): npm7 package lock's inner version not being updated #713

Merged
merged 4 commits into from Jul 14, 2021
Merged

fix(updater): npm7 package lock's inner version not being updated #713

merged 4 commits into from Jul 14, 2021

Conversation

vicrep
Copy link
Contributor

@vicrep vicrep commented Feb 10, 2021

NPM v7 introduces a new package-lock.json version, which now stores the project's version in two places: lock.version and lock.packages[''].version. This updates writeVersion to also bump the latter if present in the file.

Please let me know if you have any further questions.

@vicrep
Copy link
Contributor Author

vicrep commented Apr 5, 2021

Hi @bcoe , sorry for bothering you and please forward to someone else if more appropriate.

I was wondering if there was any chance of having this PR looked at sometime soon. I'm not the only one dealing with this issue, and it's creating a lot of noise for my projects which use renovate / automatic package-lock maintenance. Many thanks! :)

@rusekr
Copy link

rusekr commented Jun 17, 2021

+100. for npm 7 without this patch people must write custom updaters.

Hello @vicrep, can you use reabase instead of merge on master to not to multiply merge commits?

@rusekr
Copy link

rusekr commented Jun 17, 2021

Updater for package-lock/npm-shrinkwrap v2 instead of json to use in config with no dependencies:

'use strict';
// updater for standard-version
module.exports.readVersion = function (contents) {
  return JSON.parse(contents).version;
};

module.exports.writeVersion = function (contents, version) {
  const json = JSON.parse(contents);
  json.version = version;
  if (json.packages && json.packages['']) {
    json.packages[''].version = version;
  }
  return JSON.stringify(json, null, 2) + '\n'; // like npm defaults
};

@vicrep
Copy link
Contributor Author

vicrep commented Jun 17, 2021

Hi @rusekr, are you asking me to rebase this branch / clean up history? I usually squash and merge PRs to keep master clean :)

@rusekr
Copy link

rusekr commented Jun 17, 2021

Hi @rusekr, are you asking me to rebase this branch / clean up history? I usually squash and merge PRs to keep master clean :)

Just saw "Comits 3" on tab here and thought what big in this patch then saw all changes which a small and from first commit

@vicrep
Copy link
Contributor Author

vicrep commented Jul 13, 2021

Hi @jbottigliero and @bcoe , sorry for pinging you directly, but this PR has been open for almost 6 months, and brings a relatively simple / nice QoL fix related to NPM7, I would greatly appreciate if you could take a look :) Many thanks!

(Also, it seems I'm not the only one requesting this, it's currently the second most upvoted open PR in the project).

@bcoe bcoe merged commit a316dd0 into conventional-changelog:master Jul 14, 2021
@bcoe
Copy link
Member

bcoe commented Jul 14, 2021

@vicrep thank you for the nudge.

@vicrep vicrep deleted the fix/npm7-lockfile-bump branch July 14, 2021 20:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants