Skip to content

chore(ci): Opt out of Yarn 4 security for our internal packages on e2e CI tests#12046

Merged
slorber merged 1 commit into
mainfrom
slorber/fix-yarn4-quarantine-cooldown
May 21, 2026
Merged

chore(ci): Opt out of Yarn 4 security for our internal packages on e2e CI tests#12046
slorber merged 1 commit into
mainfrom
slorber/fix-yarn4-quarantine-cooldown

Conversation

@slorber
Copy link
Copy Markdown
Collaborator

@slorber slorber commented May 21, 2026
edited
Loading

Motivation

Our Yarn Berry tests are failing on CI: https://github.com/facebook/docusaurus/actions/runs/26219679740/job/77151106100?pr=12045

Yarn recently added npmMinimalAgeGate: 1d by default:

➤ YN0000: Yarn detected that the current workflow is executed from a public pull request. For safety the hardened mode has been enabled.
➤ YN0000: It will prevent malicious lockfile manipulations, in exchange for a slower install time. You can opt-out if necessary; check our documentation for more details.

➤ YN0000: · Yarn 4.15.0
➤ YN0000: ┌ Resolution step
Resolution step
➤ YN0016: @docusaurus/core@npm:3.10.1-NEW-5590: All versions satisfying "3.10.1-NEW-5590" are quarantined

Our own packages are safe and do not need to be quarantined when downloaded from our e2e test Verdaccio repository.

Related:

Test Plan

CI

@slorber slorber requested a review from Josh-Cena as a code owner May 21, 2026 10:29
@meta-cla meta-cla Bot added the CLA Signed Signed Facebook CLA label May 21, 2026
@slorber slorber added pr: ignore This PR is not meaningful enough to appear in the changelog. and removed CLA Signed Signed Facebook CLA labels May 21, 2026
@netlify
Copy link
Copy Markdown

netlify Bot commented May 21, 2026

[V2]

Name Link
🔨 Latest commit 363906c
🔍 Latest deploy log https://app.netlify.com/projects/docusaurus-2/deploys/6a0ede7d36777f00087ba4c4
😎 Deploy Preview https://deploy-preview-12046--docusaurus-2.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 21, 2026

⚡️ Lighthouse report for the deploy preview of this PR

URL Performance Accessibility Best Practices SEO Report
/ 🟠 57 🟢 98 🟢 100 🟢 100 Report
/docs/installation 🟠 55 🟢 97 🟢 100 🟢 100 Report
/docs/category/getting-started 🟠 69 🟢 100 🟢 100 🟠 86 Report
/blog 🟠 66 🟢 96 🟢 100 🟠 86 Report
/blog/preparing-your-site-for-docusaurus-v3 🟠 64 🟢 92 🟢 100 🟢 100 Report
/blog/tags/release 🟠 69 🟢 96 🟢 100 🟠 86 Report
/blog/tags 🟠 70 🟢 100 🟢 100 🟠 86 Report

@slorber
Copy link
Copy Markdown
Collaborator Author

slorber commented May 21, 2026

It installs now, the Yarn PnP failures are something else

@slorber slorber merged commit 6196cd5 into main May 21, 2026
22 of 26 checks passed
@slorber slorber deleted the slorber/fix-yarn4-quarantine-cooldown branch May 21, 2026 10:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Josh-Cena Josh-Cena Awaiting requested review from Josh-Cena Josh-Cena is a code owner

Assignees

No one assigned

Labels

pr: ignore This PR is not meaningful enough to appear in the changelog.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@slorber @davidcanington18-ctrl