chore(deps): resync package-lock.json + yarn.lock with eslint 10 (unblock CI installs)#2402
chore(deps): resync package-lock.json + yarn.lock with eslint 10 (unblock CI installs)#2402pythonstrup wants to merge 2 commits into
Conversation
The dependabot batch bumped eslint to ^10.6.0 in package.json but package-lock.json still pinned eslint@9.39.2 (+ its @eslint/* deps), so 'npm ci' fails with EUSAGE on every CI job (Lint, Validate, Security, Coverage, and the npm test cells) before any step runs. Regenerate the lockfile with 'npm install --package-lock-only' so it matches package.json. 'npm ci --ignore-scripts --dry-run' now resolves cleanly (eslint 10.6.0). npm-native change only; no source edits.
|
No reviewable files after applying ignore patterns. |
|
Important Review skippedReview was skipped due to path filters ⛔ Files ignored due to path filters (2)
CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including ⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
…ells) The repo pins packageManager yarn@4.9.2, but yarn.lock was still in Yarn 1 classic (v1) format. CI runs corepack Yarn 4 in hardened/immutable mode, so every yarn test cell failed with: YN0028: The lockfile would have been modified by this install, which is explicitly forbidden. Regenerate with 'yarn@4.9.2 install --mode update-lockfile' — yarn.lock is now Yarn 4 format (__metadata v8) and picks up eslint 10.6.0. Verified with 'yarn@4.9.2 install --immutable' (passes, no YN0028). yarn.lock-only change.
What Changed
Resyncs both Node lockfiles with
package.jsonsomain's CI can install again. Two commits:package-lock.json— regenerated to match the dependaboteslint^10.6.0bump.yarn.lock— regenerated in Yarn 4 format (it was still Yarn 1 classic).Why
After the dependabot batch,
package.jsondeclareseslint@^10.6.0, but the lockfiles were stale, so every install-time CI job fails onmainand on every open PR:Lint,Validate Components,Security Scan,Coverage, npm test cells):packageManager: yarn@4.9.2, butyarn.lockwas still Yarn 1 classic (v1) format, so corepack Yarn 4 in hardened/immutable mode fails:Fix
npm install --package-lock-only→npm ci --ignore-scripts --dry-runresolves cleanly (eslint→ 10.6.0).yarn@4.9.2 install --mode update-lockfile→yarn.lockis now Yarn 4 (__metadatav8);yarn@4.9.2 install --immutablepasses (no YN0028).Lockfiles only — no
package.json, source, or config edits.Verified locally
npm ci --ignore-scripts --dry-run— resolves (eslint 10.6.0).yarn@4.9.2 install --immutable— passes (no YN0028).Lint,Validate Components,Security Scan,Coverage, and the ubuntu/macOS npm test cells went green with the package-lock commit alone.Out of scope
Python Testsfails on a missingPyYAML. Those need separate fixes.Type of Change
chore(deps):— CI/build unblock🤖 Generated with Claude Code