Renovate drops dev=true for npm transitive dependency #33745

kisaiev · 2025-01-22T00:00:32Z

kisaiev
Jan 22, 2025

How are you running Renovate?

Self-hosted Renovate

If you're self-hosting Renovate, tell us which platform (GitHub, GitLab, etc) and which version of Renovate.

self-hosted on GitHub Enterprise, v39.120.3

Please tell us more about your question or problem

Overview

Runtime:
- Node.js v22.13.1
- npm 10.9.2
Renovate: v39.120.3
Minimal reproduction:
- Repo: https://github.com/kisaiev/renovate-npm-devdep-issue
- Renovate PR: chore(deps): update npm to v10.9.2 kisaiev/renovate-npm-devdep-issue#1

Problem

Renovate updates package-lock.json file for the npm transitive dev dependency by moving it under dependencies and dropping "dev": true flag.

Steps to reproduce

Node.js project has a single dev dependency: @semantic-release/npm, which on its own depends on npm. We intentionally start with the outdated npm, so Renovate could pick up the change.

After the initial installation package-lock.json looks something like this:

{
  "packages": {
    "": {
      "devDependencies": {
        "@semantic-release/npm": "^12.0.0"
      },
      // ...
    },
    "node_modules/npm": {
      "version": "10.9.1",
      "dev": true,
      // ...
    },
    // ...
  }
}

When Renovate picks up the change for npm it moves it under the dependencies and drops the "dev": true flag for the lock file:

{
  "packages": {
    "": {
+    "dependencies": {
+       "npm": "^10.9.2"
+     },
      "devDependencies": {
        "@semantic-release/npm": "^12.0.0"
      },
      // ...
    },
    "node_modules/npm": {
+     "version": "10.9.2",
-     "dev": true,
      // ...
    },
    // ...
  }
}

Effect on consumer

This change seems to have a minimum effect on the end user, since npm fixes produced by Renovate inaccuracy during the installation.

Both:

❯ npm ci --omit=dev

and

❯ npm ci
// something else, e.g. build, test, lint
❯ npm prune --omit=dev

will revert the unwanted change. While npm ci --omit=dev does it silently, npm prune will mutate the package-lock.json.

Logs (if relevant)

Logs


DEBUG: Using RE2 regex engine
DEBUG: Parsing configs
DEBUG: Checking for config file in config.js
DEBUG: No config file found on disk - skipping
DEBUG: Converting GITHUB_COM_TOKEN into a global host rule
DEBUG: File config
       "config": {}
DEBUG: CLI config
       "config": {"repositories": ["kisaiev/renovate-npm-devdep-issue"], "token": "***********"}
DEBUG: Env config
       "config": {
         "hostRules": [
           {"hostType": "github", "matchHost": "github.com", "token": "***********"}
         ]
       }
DEBUG: Combined config
       "config": {
         "hostRules": [
           {"hostType": "github", "matchHost": "github.com", "token": "***********"}
         ],
         "repositories": ["kisaiev/renovate-npm-devdep-issue"],
         "token": "***********"
       }
DEBUG: Enabling forkProcessing while in non-autodiscover mode
DEBUG: Enabling onboardingNoDeps while in non-autodiscover mode
DEBUG: Found valid git version: 2.43.0
DEBUG: Setting global hostRules
DEBUG: Adding token authentication for github.com (hostType=github) to hostRules
DEBUG: Using default github endpoint: https://api.github.com/
DEBUG: hostRules: authentication already set for api.github.com
DEBUG: Using queue: host=api.github.com, concurrency=16
DEBUG: GET https://api.github.com/user/emails = (code=ERR_NON_2XX_3XX_RESPONSE, statusCode=404 retryCount=0, duration=78)
DEBUG: Cannot read user/emails endpoint on GitHub to retrieve gitAuthor
DEBUG: Platform config
       "platformConfig": {
         "hostType": "github",
         "endpoint": "https://api.github.com/",
         "isGHApp": false,
         "isGhe": false,
         "userDetails": {
           "username": "kisaiev",
           "name": "Kostiantyn Isaiev",
           "id": ***********
         },
         "userEmail": null
       },
       "renovateUsername": "kisaiev"
DEBUG: Adding token authentication for api.github.com (hostType=github) to hostRules
DEBUG: Using baseDir: /var/folders/5x/v_cv7vj57v7d54tg0xkt121m0000gn/T/renovate
DEBUG: Using cacheDir: /var/folders/5x/v_cv7vj57v7d54tg0xkt121m0000gn/T/renovate/cache
DEBUG: Using containerbaseDir: /var/folders/5x/v_cv7vj57v7d54tg0xkt121m0000gn/T/renovate/cache/containerbase
DEBUG: Initializing Renovate internal cache into /var/folders/5x/v_cv7vj57v7d54tg0xkt121m0000gn/T/renovate/cache/renovate/renovate-cache-v1
DEBUG: Commits limit = null
DEBUG: Setting global hostRules
DEBUG: Adding token authentication for github.com (hostType=github) to hostRules
DEBUG: Adding token authentication for api.github.com (hostType=github) to hostRules
DEBUG: validatePresets()
DEBUG: Reinitializing hostRules for repo
DEBUG: Clearing hostRules
DEBUG: Adding token authentication for github.com (hostType=github) to hostRules
DEBUG: Adding token authentication for api.github.com (hostType=github) to hostRules
 INFO: Repository started (repository=kisaiev/renovate-npm-devdep-issue)
       "renovateVersion": "39.120.3"
DEBUG: Using localDir: /var/folders/5x/v_cv7vj57v7d54tg0xkt121m0000gn/T/renovate/repos/github/kisaiev/renovate-npm-devdep-issue (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: PackageFiles.clear() - Package files deleted (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: initRepo("kisaiev/renovate-npm-devdep-issue") (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: hostRules: authentication already set for api.github.com (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using queue: host=api.github.com, concurrency=16 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: kisaiev/renovate-npm-devdep-issue default branch = main (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using personal access token for git init (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Resetting npmrc (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Resetting npmrc (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: checkOnboarding() (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: isOnboarded() (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: findPr(renovate/configure, Configure Renovate, !open) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: http cache: saving https://api.github.com/repos/kisaiev/renovate-npm-devdep-issue/pulls?per_page=100&state=all&sort=updated&direction=desc&page=1 (etag=W/"e14e52d253b0b03c9e6a9a2bfccb96d816b0cfde60105f6f3a283492188e1feb", lastModified=undefined) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: getPrList success (repository=kisaiev/renovate-npm-devdep-issue)
       "pullsTotal": 2,
       "requestsTotal": 1,
       "apiQuotaAffected": true
DEBUG: findPr(renovate/configure, chore: Configure Renovate, !open) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: findFile(renovate.json) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Initializing git repository into /var/folders/5x/v_cv7vj57v7d54tg0xkt121m0000gn/T/renovate/repos/github/kisaiev/renovate-npm-devdep-issue (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Performing blobless clone (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: git clone completed (repository=kisaiev/renovate-npm-devdep-issue)
       "durationMs": 939
DEBUG: latest repository commit (repository=kisaiev/renovate-npm-devdep-issue)
       "latestCommit": {
         "hash": "c0f469c7b6186f067b9c762e1c0515a3e5d2eb87",
         "date": "2025-01-21T18:06:19-06:00",
         "message": "docs: added README",
         "refs": "HEAD -> main, origin/main, origin/HEAD",
         "body": "",
         "author_name": "Kostiantyn Isaiev",
         "author_email": "***********"
       }
DEBUG: Config file exists, fileName: renovate.json (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Retrieving issueList (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Retrieved 1 issues (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Repo is onboarded (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Found renovate.json config file (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Repository config (repository=kisaiev/renovate-npm-devdep-issue)
       "fileName": "renovate.json",
       "config": {
         "$schema": "https://docs.renovatebot.com/renovate-schema.json",
         "extends": ["config:recommended"]
       }
DEBUG: migrateAndValidate() (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: No config migration necessary (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Found repo ignorePaths (repository=kisaiev/renovate-npm-devdep-issue)
       "ignorePaths": [
         "**/node_modules/**",
         "**/bower_components/**",
         "**/vendor/**",
         "**/examples/**",
         "**/__tests__/**",
         "**/test/**",
         "**/tests/**",
         "**/__fixtures__/**"
       ]
DEBUG: No vulnerability alerts enabled for repo (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: No vulnerability alerts found (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: findIssue(Dependency Dashboard) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Found issue 3 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: http cache: saving https://api.github.com/repos/kisaiev/renovate-npm-devdep-issue/issues/3 (etag=W/"da6b6a8da1576853422ed95e22a7fd86c57b2064a7389f4d663ed941e097725a", lastModified=Tue, 21 Jan 2025 23:12:28 GMT) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: No baseBranches (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: extract() (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Setting current branch to main (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: latest commit (repository=kisaiev/renovate-npm-devdep-issue)
       "branchName": "main",
       "latestCommitDate": "2025-01-21T18:06:19-06:00"
DEBUG: Using file match: (^|/)tasks/[^/]+\.ya?ml$ for manager ansible (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)(galaxy|requirements)(\.ansible)?\.ya?ml$ for manager ansible-galaxy (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.tool-versions$ for manager asdf (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/).azuredevops/.+\.ya?ml$ for manager azure-pipelines (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: azure.*pipelines?.*\.ya?ml$ for manager azure-pipelines (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)batect(-bundle)?\.ya?ml$ for manager batect (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)batect$ for manager batect-wrapper (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)WORKSPACE(|\.bazel|\.bzlmod)$ for manager bazel (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.WORKSPACE\.bazel$ for manager bazel (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.bzl$ for manager bazel (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/|\.)MODULE\.bazel$ for manager bazel-module (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.bazelversion$ for manager bazelisk (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.bicep$ for manager bicep (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.?bitbucket-pipelines\.ya?ml$ for manager bitbucket-pipelines (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)bitrise\.ya?ml$ for manager bitrise (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: buildkite\.ya?ml for manager buildkite (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.buildkite/.+\.ya?ml$ for manager buildkite (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)project\.toml$ for manager buildpacks (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)bun\.lockb?$ for manager bun (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.bun-version$ for manager bun-version (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)Gemfile$ for manager bundler (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.cake$ for manager cake (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)Cargo\.toml$ for manager cargo (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.circleci/.+\.ya?ml$ for manager circleci (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)cloudbuild\.ya?ml for manager cloudbuild (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)Podfile$ for manager cocoapods (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)([\w-]*)composer\.json$ for manager composer (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)conanfile\.(txt|py)$ for manager conan (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.copier-answers(\..+)?\.ya?ml for manager copier (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)cpanfile$ for manager cpanfile (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)(?:deps|bb)\.edn$ for manager deps-edn (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: ^.devcontainer/devcontainer.json$ for manager devcontainer (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: ^.devcontainer.json$ for manager devcontainer (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)(?:docker-)?compose[^/]*\.ya?ml$ for manager docker-compose (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/|\.)([Dd]ocker|[Cc]ontainer)file$ for manager dockerfile (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)([Dd]ocker|[Cc]ontainer)file[^/]*$ for manager dockerfile (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.drone\.yml$ for manager droneci (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)fleet\.ya?ml for manager fleet (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (?:^|/)gotk-components\.ya?ml$ for manager flux (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.fvm/fvm_config\.json$ for manager fvm (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.fvmrc$ for manager fvm (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.gitmodules$ for manager git-submodules (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)(workflow-templates|\.(?:github|gitea|forgejo)/(?:workflows|actions))/.+\.ya?ml$ for manager github-actions (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)action\.ya?ml$ for manager github-actions (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.gitlab-ci\.ya?ml$ for manager gitlabci (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.gitlab-ci\.ya?ml$ for manager gitlabci-include (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)gleam.toml$ for manager gleam (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)go\.mod$ for manager gomod (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.gradle(\.kts)?$ for manager gradle (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)gradle\.properties$ for manager gradle (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)gradle/.+\.toml$ for manager gradle (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)buildSrc/.+\.kt$ for manager gradle (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.versions\.toml$ for manager gradle (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)versions.props$ for manager gradle (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)versions.lock$ for manager gradle (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)gradle/wrapper/gradle-wrapper\.properties$ for manager gradle-wrapper (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.cabal$ for manager haskell-cabal (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)requirements\.ya?ml$ for manager helm-requirements (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)values\.ya?ml$ for manager helm-values (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)helmfile\.ya?ml(?:\.gotmpl)?$ for manager helmfile (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)Chart\.ya?ml$ for manager helmv3 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)bin/hermit$ for manager hermit (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: ^Formula/[^/]+[.]rb$ for manager homebrew (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.html?$ for manager html (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)plugins\.(txt|ya?ml)$ for manager jenkins (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)jsonnetfile\.json$ for manager jsonnet-bundler (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: ^.+\.main\.kts$ for manager kotlin-script (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)kustomization\.ya?ml$ for manager kustomize (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)project\.clj$ for manager leiningen (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/|\.)pom\.xml$ for manager maven (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: ^(((\.mvn)|(\.m2))/)?settings\.xml$ for manager maven (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.mvn/extensions\.xml$ for manager maven (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|\/).mvn/wrapper/maven-wrapper.properties$ for manager maven-wrapper (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)package\.js$ for manager meteor (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)Mintfile$ for manager mint (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.?mise\.toml$ for manager mise (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.?mise/config\.toml$ for manager mise (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)mix\.exs$ for manager mix (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)flake\.nix$ for manager nix (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.node-version$ for manager nodenv (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)package\.json$ for manager npm (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.(?:cs|fs|vb)proj$ for manager nuget (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.(?:props|targets)$ for manager nuget (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)dotnet-tools\.json$ for manager nuget (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)global\.json$ for manager nuget (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.nvmrc$ for manager nvm (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)src/main/features/.+\.json$ for manager osgi (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)pyproject\.toml$ for manager pep621 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)[\w-]*requirements([-.]\w+)?\.(txt|pip)$ for manager pip_requirements (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)setup\.py$ for manager pip_setup (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)Pipfile$ for manager pipenv (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)pyproject\.toml$ for manager poetry (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.pre-commit-config\.ya?ml$ for manager pre-commit (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)pubspec\.ya?ml$ for manager pub (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)Puppetfile$ for manager puppet (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.python-version$ for manager pyenv (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.ruby-version$ for manager ruby-version (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)runtime.txt$ for manager runtime-version (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.sbt$ for manager sbt (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: project/[^/]*\.scala$ for manager sbt (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: project/build\.properties$ for manager sbt (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)repositories$ for manager sbt (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.scalafmt.conf$ for manager scalafmt (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)setup\.cfg$ for manager setup-cfg (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)Package\.swift for manager swift (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.tf$ for manager terraform (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.terraform-version$ for manager terraform-version (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)terragrunt\.hcl$ for manager terragrunt (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.terragrunt-version$ for manager terragrunt-version (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: \.tflint\.hcl$ for manager tflint-plugin (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: ^\.travis\.ya?ml$ for manager travis (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)\.vela\.ya?ml$ for manager velaci (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: (^|/)vendir\.yml$ for manager vendir (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using file match: ^\.woodpecker(?:/[^/]+)?\.ya?ml$ for manager woodpecker (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Matched 1 file(s) for manager npm: package.json (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Matched 1 file(s) for manager nvm: .nvmrc (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: npm file package.json has name "cat-renovate-test" (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Detecting pnpm Workspaces (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Detecting workspaces (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Finding locked versions (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Found package-lock.json for package.json (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: manager extract durations (ms) (repository=kisaiev/renovate-npm-devdep-issue)
       "managers": {"nvm": 1, "npm": 10}
DEBUG: Found npm package files (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Found nvm package files (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Found 2 package file(s) (repository=kisaiev/renovate-npm-devdep-issue)
 INFO: Dependency extraction complete (repository=kisaiev/renovate-npm-devdep-issue, baseBranch=main)
       "stats": {
         "managers": {
           "npm": {"fileCount": 1, "depCount": 3},
           "nvm": {"fileCount": 1, "depCount": 1}
         },
         "total": {"fileCount": 2, "depCount": 4}
       }
DEBUG: hostRules: no authentication for registry.npmjs.org (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using queue: host=registry.npmjs.org, concurrency=999 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Using queue: host=nodejs.org, concurrency=16 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: PackageFiles.add() - Package file saved for base branch (repository=kisaiev/renovate-npm-devdep-issue, baseBranch=main)
DEBUG: Package releases lookups complete (repository=kisaiev/renovate-npm-devdep-issue, baseBranch=main)
DEBUG: Repository libYears (repository=kisaiev/renovate-npm-devdep-issue)
       "managerLibYears": {"npm": 0.0679686467529173, "nvm": 0},
       "totalLibYears": 0.0679686467529173
DEBUG: branchifyUpgrades (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: detectSemanticCommits() (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: getCommitMessages (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: semanticCommits: detected "angular" (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: semanticCommits: enabled (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: 2 flattened updates found: npm, npm (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Returning 2 branch(es) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: config.repoIsOnboarded=true (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: packageFiles with updates (repository=kisaiev/renovate-npm-devdep-issue, baseBranch=main)
       "config": {
         "npm": [
           {
             "deps": [
               {
                 "depType": "devDependencies",
                 "depName": "@semantic-release/npm",
                 "currentValue": "^12.0.0",
                 "datasource": "npm",
                 "prettyDepType": "devDependency",
                 "lockedVersion": "12.0.1",
                 "updates": [],
                 "packageName": "@semantic-release/npm",
                 "versioning": "npm",
                 "warnings": [],
                 "sourceUrl": "https://github.com/semantic-release/npm",
                 "registryUrl": "https://registry.npmjs.org",
                 "currentVersion": "12.0.1",
                 "currentVersionTimestamp": "2024-05-09T16:33:42.254Z",
                 "currentVersionAgeInDays": 258,
                 "fixedVersion": "12.0.1"
               },
               {
                 "depType": "engines",
                 "depName": "node",
                 "currentValue": ">=22.0.0",
                 "datasource": "node-version",
                 "commitMessageTopic": "Node.js",
                 "prettyDepType": "engine",
                 "lockedVersion": null,
                 "updates": [],
                 "packageName": "node",
                 "versioning": "node",
                 "warnings": [],
                 "sourceUrl": "https://github.com/nodejs/node",
                 "registryUrl": "https://nodejs.org/dist",
                 "homepage": "https://nodejs.org",
                 "currentVersion": "v23.6.1",
                 "currentVersionTimestamp": "2025-01-21T00:00:00.000Z",
                 "currentVersionAgeInDays": 1
               },
               {
                 "depType": "engines",
                 "depName": "npm",
                 "currentValue": ">=10.0.0",
                 "datasource": "npm",
                 "commitMessageTopic": "npm",
                 "prettyDepType": "engine",
                 "lockedVersion": "10.9.1",
                 "updates": [
                   {
                     "bucket": "non-major",
                     "newVersion": "10.9.2",
                     "newValue": ">=10.0.0",
                     "releaseTimestamp": "2024-12-04T23:33:03.038Z",
                     "newVersionAgeInDays": 48,
                     "newMajor": 10,
                     "newMinor": 9,
                     "newPatch": 2,
                     "updateType": "patch",
                     "isRange": true,
                     "isLockfileUpdate": true,
                     "libYears": 0.03581419327118214,
                     "branchName": "renovate/npm-10.x-lockfile"
                   },
                   {
                     "bucket": "major",
                     "newVersion": "11.0.0",
                     "newValue": ">=10.0.0",
                     "releaseTimestamp": "2024-12-16T17:13:25.883Z",
                     "newVersionAgeInDays": 37,
                     "newMajor": 11,
                     "newMinor": 0,
                     "newPatch": 0,
                     "updateType": "major",
                     "isRange": true,
                     "isLockfileUpdate": true,
                     "libYears": 0.0679686467529173,
                     "branchName": "renovate/npm-11.x-lockfile"
                   }
                 ],
                 "packageName": "npm",
                 "versioning": "npm",
                 "warnings": [],
                 "sourceUrl": "https://github.com/npm/cli",
                 "registryUrl": "https://registry.npmjs.org",
                 "homepage": "https://docs.npmjs.com/",
                 "currentVersion": "10.9.1",
                 "currentVersionTimestamp": "2024-11-21T21:49:06.639Z",
                 "currentVersionAgeInDays": 61,
                 "isSingleVersion": true,
                 "fixedVersion": "10.9.1"
               }
             ],
             "extractedConstraints": {"node": ">=22.0.0", "npm": ">=10.0.0"},
             "packageFileVersion": "1.0.0",
             "managerData": {
               "packageJsonName": "cat-renovate-test",
               "hasPackageManager": false,
               "npmLock": "package-lock.json",
               "yarnZeroInstall": false
             },
             "skipInstalls": true,
             "packageFile": "package.json",
             "lockFiles": ["package-lock.json"]
           }
         ],
         "nvm": [
           {
             "deps": [
               {
                 "depName": "node",
                 "currentValue": "22",
                 "datasource": "node-version",
                 "updates": [],
                 "packageName": "node",
                 "versioning": "node",
                 "warnings": [],
                 "sourceUrl": "https://github.com/nodejs/node",
                 "registryUrl": "https://nodejs.org/dist",
                 "homepage": "https://nodejs.org",
                 "currentVersion": "v22.13.1",
                 "currentVersionTimestamp": "2025-01-21T00:00:00.000Z",
                 "currentVersionAgeInDays": 1
               }
             ],
             "packageFile": ".nvmrc"
           }
         ]
       }
DEBUG: detectSemanticCommits() (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: semanticCommits: returning "enabled" from cache (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: processRepo() (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Processing 2 branches: renovate/npm-10.x-lockfile, renovate/npm-11.x-lockfile (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: getBranchPr(renovate/npm-10.x-lockfile) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: findPr(renovate/npm-10.x-lockfile, undefined, open) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Found PR #1 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: getBranchPr(renovate/npm-11.x-lockfile) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: findPr(renovate/npm-11.x-lockfile, undefined, open) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Found PR #2 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: 2 PRs are currently open (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: ConcurrentPRs count = 2 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: 2 already existing branches found. (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Branches count = 2 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Calculating PRs created so far in this hour currentHourStart=2025-01-22T20:00:00.000Z (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: 0 PRs have been created so far in this hour. (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: HourlyPRs count = 0 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: syncBranchState() (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: syncBranchState(): Branch cache not found, creating minimal branchState (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: getBranchPr(renovate/npm-10.x-lockfile) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: findPr(renovate/npm-10.x-lockfile, undefined, open) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Found PR #1 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: branchExists=true (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: dependencyDashboardCheck=undefined (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Manual rebase requested via PR checkbox for #1 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: PR rebase requested=true (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Open PR Count: 2, Existing Branch Count: 2, Hourly PR Count: 0 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Checking if PR has been edited (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: branch.isModified(): using git to calculate (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: branch.isModified() = false (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Found existing branch PR (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Checking schedule(schedule=at any time, tz=null, now=2025-01-22T20:46:29.940Z) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: No schedule defined (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: User has requested rebase (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Using reuseExistingBranch: false (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Setting current branch to main (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: latest commit (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
       "branchName": "main",
       "latestCommitDate": "2025-01-21T18:06:19-06:00"
DEBUG: manager.getUpdatedPackageFiles() reuseExistingBranch=false (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: npm.updateLockedDependency: [email protected] -> 10.9.2 [package-lock.json] (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Found lockfileVersion 3 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: No package files need updating (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Getting updated lock files (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Writing package.json files (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
       "packageFiles": ["package.json"]
DEBUG: Writing package-lock.json (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Massaging npm lock file before writing to disk (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Writing any updated package files (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Found 0 npm host rule(s) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Writing updated .npmrc file to .npmrc (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Generating package-lock.json for . (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Spawning npm install to create ./package-lock.json (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Found npm constraint in package.json engines: >=10.0.0 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Updating lock file only (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Using node constraint "22" from .nvmrc (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Performing lockfileUpdate (npm) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Setting CONTAINERBASE_CACHE_DIR to /var/folders/5x/v_cv7vj57v7d54tg0xkt121m0000gn/T/renovate/cache/containerbase (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Falling back to binarySource=global (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Executing command (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
       "command": "npm install --package-lock-only --no-audit --ignore-scripts [email protected]"
DEBUG: exec completed (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
       "durationMs": 11071,
       "stdout": "\nup to date in 11s\n\n79 packages are looking for funding\n  run `npm fund` for details\n",
       "stderr": ""
DEBUG: package-lock.json needs updating (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Updated 1 lock files (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
       "updatedArtifacts": ["package-lock.json"]
DEBUG: Getting comments for #1 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: http cache: saving https://api.github.com/repos/kisaiev/renovate-npm-devdep-issue/issues/1/comments?per_page=100 (etag="f59733a5a063ef578104654257db6b117c8a8492544dfe68871ba706faabffad", lastModified=undefined) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Found 0 comments (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Getting comments for #1 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: http cache: saving https://api.github.com/repos/kisaiev/renovate-npm-devdep-issue/issues/1/comments?per_page=100 (etag="f59733a5a063ef578104654257db6b117c8a8492544dfe68871ba706faabffad", lastModified=undefined) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Found 0 comments (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: isBranchConflicted(main, renovate/npm-10.x-lockfile) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: branch.isConflicted(): using git to calculate (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Setting git author name: Renovate Bot (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Setting git author email: [email protected] (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: branch.isConflicted(): false (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: 1 file(s) to commit (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Preparing files for committing to branch renovate/npm-10.x-lockfile (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: git commit (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
       "deletedFiles": [],
       "ignoredFiles": [],
       "result": {
         "author": null,
         "branch": "renovate/npm-10.x-lockfile",
         "commit": "a63bca2247521b51026d6ffd883a96ff2200270f",
         "root": false,
         "summary": {"changes": 1, "insertions": 128, "deletions": 2887}
       }
DEBUG: Pushing refSpec renovate/npm-10.x-lockfile:renovate/npm-10.x-lockfile (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: git push (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
       "result": {
         "pushed": [],
         "ref": {"local": "refs/remotes/origin/renovate/npm-10.x-lockfile"},
         "remoteMessages": {"all": []}
       }
DEBUG: Setting current branch to main (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: latest commit (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
       "branchName": "main",
       "latestCommitDate": "2025-01-21T18:06:19-06:00"
 INFO: Branch updated (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
       "commitSha": "a63bca2247521b51026d6ffd883a96ff2200270f"
DEBUG: Ensuring PR (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: There are 0 errors and 0 warnings (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: getBranchPr(renovate/npm-10.x-lockfile) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: findPr(renovate/npm-10.x-lockfile, undefined, open) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Found PR #1 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Found existing PR (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: PR rebase requested, so skipping cache check (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Fetching changelog: https://github.com/npm/cli (10.9.1 -> 10.9.2) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: Processing existing PR (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: updatePr(1, chore(deps): update npm to v10.9.2, body) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: PR updated...prNo: 1 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
 INFO: PR updated (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
       "pr": 1,
       "prTitle": "chore(deps): update npm to v10.9.2"
DEBUG: setPrCache() (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: PR is not configured for automerge (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: setBranchCommit() (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-10.x-lockfile)
DEBUG: syncBranchState() (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: syncBranchState(): Branch cache not found, creating minimal branchState (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: getBranchPr(renovate/npm-11.x-lockfile) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: findPr(renovate/npm-11.x-lockfile, undefined, open) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Found PR #2 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: branchExists=true (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: dependencyDashboardCheck=undefined (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: PR rebase requested=false (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Open PR Count: 2, Existing Branch Count: 2, Hourly PR Count: 0 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Checking if PR has been edited (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: branch.isModified(): using git to calculate (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: branch.isModified() = false (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Found existing branch PR (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Checking schedule(schedule=at any time, tz=null, now=2025-01-22T20:46:46.275Z) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: No schedule defined (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: GET https://api.github.com/repos/kisaiev/renovate-npm-devdep-issue/branches/main/protection = (code=ERR_NON_2XX_3XX_RESPONSE, statusCode=404 retryCount=0, duration=112) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: No branch protection found for main (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Converting rebaseWhen=auto to rebaseWhen=conflicted because no rule for behind-base-branch applies (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Branch already exists (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Skipping behind base branch check due to rebaseWhen=conflicted (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: isBranchConflicted(main, renovate/npm-11.x-lockfile) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: branch.isConflicted(): using git to calculate (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: branch.isConflicted(): false (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Branch does not need rebasing (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Using reuseExistingBranch: true (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Setting current branch to main (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: latest commit (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
       "branchName": "main",
       "latestCommitDate": "2025-01-21T18:06:19-06:00"
DEBUG: manager.getUpdatedPackageFiles() reuseExistingBranch=true (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: npm.updateLockedDependency: [email protected] -> 11.0.0 [package-lock.json] (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Found lockfileVersion 3 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Need to retry branch as upgrade requirements are not mets (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
       "lockFile": "package-lock.json",
       "depName": "npm",
       "status": "update-failed"
DEBUG: manager.getUpdatedPackageFiles() reuseExistingBranch=false (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: npm.updateLockedDependency: [email protected] -> 11.0.0 [package-lock.json] (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Found lockfileVersion 3 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: No package files need updating (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Getting updated lock files (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Writing package.json files (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
       "packageFiles": ["package.json"]
DEBUG: Writing package-lock.json (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Massaging npm lock file before writing to disk (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Writing any updated package files (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Found 0 npm host rule(s) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Writing updated .npmrc file to .npmrc (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Generating package-lock.json for . (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Spawning npm install to create ./package-lock.json (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Found npm constraint in package.json engines: >=10.0.0 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Updating lock file only (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Using node constraint "22" from .nvmrc (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Performing lockfileUpdate (npm) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Setting CONTAINERBASE_CACHE_DIR to /var/folders/5x/v_cv7vj57v7d54tg0xkt121m0000gn/T/renovate/cache/containerbase (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Falling back to binarySource=global (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Executing command (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
       "command": "npm install --package-lock-only --no-audit --ignore-scripts [email protected]"
DEBUG: exec completed (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
       "durationMs": 3938,
       "stdout": "\nup to date in 4s\n\n79 packages are looking for funding\n  run `npm fund` for details\n",
       "stderr": ""
DEBUG: package-lock.json needs updating (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Updated 1 lock files (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
       "updatedArtifacts": ["package-lock.json"]
DEBUG: Getting comments for #2 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: http cache: saving https://api.github.com/repos/kisaiev/renovate-npm-devdep-issue/issues/2/comments?per_page=100 (etag="f59733a5a063ef578104654257db6b117c8a8492544dfe68871ba706faabffad", lastModified=undefined) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Found 0 comments (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Getting comments for #2 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: http cache: saving https://api.github.com/repos/kisaiev/renovate-npm-devdep-issue/issues/2/comments?per_page=100 (etag="f59733a5a063ef578104654257db6b117c8a8492544dfe68871ba706faabffad", lastModified=undefined) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Found 0 comments (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: 1 file(s) to commit (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Preparing files for committing to branch renovate/npm-11.x-lockfile (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: git commit (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
       "deletedFiles": [],
       "ignoredFiles": [],
       "result": {
         "author": null,
         "branch": "renovate/npm-11.x-lockfile",
         "commit": "6574d1ee70b02f0b334d1147acf2e3ad872f89d4",
         "root": false,
         "summary": {"changes": 1, "insertions": 227, "deletions": 0}
       }
DEBUG: Pushing refSpec renovate/npm-11.x-lockfile:renovate/npm-11.x-lockfile (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: git push (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
       "result": {
         "pushed": [],
         "ref": {"local": "refs/remotes/origin/renovate/npm-11.x-lockfile"},
         "remoteMessages": {"all": []}
       }
DEBUG: Setting current branch to main (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: latest commit (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
       "branchName": "main",
       "latestCommitDate": "2025-01-21T18:06:19-06:00"
 INFO: Branch updated (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
       "commitSha": "6574d1ee70b02f0b334d1147acf2e3ad872f89d4"
DEBUG: Ensuring PR (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: There are 0 errors and 0 warnings (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: getBranchPr(renovate/npm-11.x-lockfile) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: findPr(renovate/npm-11.x-lockfile, undefined, open) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Found PR #2 (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Found existing PR (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Fetching changelog: https://github.com/npm/cli (10.9.1 -> 11.0.0) (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Processing existing PR (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: setPrCache() (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: Pull Request #2 does not need updating (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: PR is not configured for automerge (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: setBranchCommit() (repository=kisaiev/renovate-npm-devdep-issue, branch=renovate/npm-11.x-lockfile)
DEBUG: getBranchPr(renovate/npm-10.x-lockfile) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: findPr(renovate/npm-10.x-lockfile, undefined, open) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Found PR #1 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: getBranchPr(renovate/npm-11.x-lockfile) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: findPr(renovate/npm-11.x-lockfile, undefined, open) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Found PR #2 (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: http cache: saving https://api.github.com/repos/kisaiev/renovate-npm-devdep-issue/contents/renovate.json (etag=W/"22a994324a0eaa41756cba09e125fdca2ed29fce", lastModified=Wed, 22 Jan 2025 00:06:19 GMT) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Config does not need migration (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: ensureDependencyDashboard() (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Ensuring Dependency Dashboard (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Checking packageFiles for deprecated packages (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: http cache: saving https://api.github.com/repos/kisaiev/renovate-npm-devdep-issue/issues/3 (etag=W/"da6b6a8da1576853422ed95e22a7fd86c57b2064a7389f4d663ed941e097725a", lastModified=Tue, 21 Jan 2025 23:12:28 GMT) (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: No changes to dependency dashboard issue needed (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: checkReconfigureBranch() (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: No reconfigure branch found (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Removing any stale branches (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: config.repoIsOnboarded=true (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Branch lists (repository=kisaiev/renovate-npm-devdep-issue)
       "branchList": ["renovate/npm-10.x-lockfile", "renovate/npm-11.x-lockfile"],
       "renovateBranches": ["renovate/npm-10.x-lockfile", "renovate/npm-11.x-lockfile"]
DEBUG: remainingBranches= (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: No branches to clean up (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: PackageFiles.clear() - Package files deleted (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Branch summary (repository=kisaiev/renovate-npm-devdep-issue)
       "cacheModified": undefined,
       "baseBranches": [{"branchName": "main", "sha": "c0f469c7b6186f067b9c762e1c0515a3e5d2eb87"}],
       "branches": [
         {
           "automerge": false,
           "baseBranch": "main",
           "baseBranchSha": "c0f469c7b6186f067b9c762e1c0515a3e5d2eb87",
           "branchName": "renovate/npm-10.x-lockfile",
           "branchSha": "a63bca2247521b51026d6ffd883a96ff2200270f",
           "isModified": false,
           "isPristine": true
         },
         {
           "automerge": false,
           "baseBranch": "main",
           "baseBranchSha": "c0f469c7b6186f067b9c762e1c0515a3e5d2eb87",
           "branchName": "renovate/npm-11.x-lockfile",
           "branchSha": "6574d1ee70b02f0b334d1147acf2e3ad872f89d4",
           "isModified": false,
           "isPristine": true
         }
       ],
       "defaultBranch": "main",
       "inactiveBranches": []
DEBUG: branches info extended (repository=kisaiev/renovate-npm-devdep-issue)
       "branchesInformation": [
         {
           "branchName": "renovate/npm-10.x-lockfile",
           "prNo": 1,
           "prTitle": "chore(deps): update npm to v10.9.2",
           "result": "done",
           "upgrades": [
             {
               "datasource": "npm",
               "depName": "npm",
               "displayPending": "",
               "fixedVersion": "10.9.1",
               "currentVersion": "10.9.1",
               "currentValue": ">=10.0.0",
               "newValue": ">=10.0.0",
               "newVersion": "10.9.2",
               "packageFile": "package.json",
               "updateType": "patch",
               "packageName": "npm"
             }
           ]
         },
         {
           "branchName": "renovate/npm-11.x-lockfile",
           "prNo": 2,
           "prTitle": "chore(deps): update npm to v11",
           "result": "done",
           "upgrades": [
             {
               "datasource": "npm",
               "depName": "npm",
               "displayPending": "",
               "fixedVersion": "10.9.1",
               "currentVersion": "10.9.1",
               "currentValue": ">=10.0.0",
               "newValue": ">=10.0.0",
               "newVersion": "11.0.0",
               "packageFile": "package.json",
               "updateType": "major",
               "packageName": "npm"
             }
           ]
         }
       ]
DEBUG: Renovate repository PR statistics (repository=kisaiev/renovate-npm-devdep-issue)
       "stats": {"total": 2, "open": 2, "closed": 0, "merged": 0}
DEBUG: Repository result: done, status: onboarded, enabled: true, onboarded: true (repository=kisaiev/renovate-npm-devdep-issue)
DEBUG: Repository timing splits (milliseconds) (repository=kisaiev/renovate-npm-devdep-issue)
       "splits": {"init": 2531, "extract": 582, "lookup": 1437, "onboarding": 0, "update": 23985},
       "total": 28728
DEBUG: Package cache statistics (repository=kisaiev/renovate-npm-devdep-issue)
       "get": {"count": 12, "avgMs": 11, "medianMs": 10, "maxMs": 23, "totalMs": 127},
       "set": {"count": 11, "avgMs": 6, "medianMs": 3, "maxMs": 26, "totalMs": 64}
DEBUG: Datasource cache statistics (repository=kisaiev/renovate-npm-devdep-issue)
       "node-version": {"https://nodejs.org/dist": {"hit": 0, "miss": 1, "set": 1, "skip": 0}}
DEBUG: HTTP statistics (repository=kisaiev/renovate-npm-devdep-issue)
       "hosts": {
         "api.github.com": {
           "count": 11,
           "reqAvgMs": 261,
           "reqMedianMs": 242,
           "reqMaxMs": 537,
           "queueAvgMs": 0,
           "queueMedianMs": 0,
           "queueMaxMs": 0
         },
         "nodejs.org": {
           "count": 1,
           "reqAvgMs": 177,
           "reqMedianMs": 177,
           "reqMaxMs": 177,
           "queueAvgMs": 1,
           "queueMedianMs": 1,
           "queueMaxMs": 1
         },
         "registry.npmjs.org": {
           "count": 2,
           "reqAvgMs": 598,
           "reqMedianMs": 1033,
           "reqMaxMs": 1033,
           "queueAvgMs": 1,
           "queueMedianMs": 1,
           "queueMaxMs": 1
         }
       },
       "requests": 14
DEBUG: HTTP cache statistics (repository=kisaiev/renovate-npm-devdep-issue)
       "https://api.github.com": {
         "/repos/kisaiev/renovate-npm-devdep-issue/contents/renovate.json": {
           "hit": 0,
           "miss": 1
         },
         "/repos/kisaiev/renovate-npm-devdep-issue/issues/1/comments": {
           "hit": 0,
           "miss": 2
         },
         "/repos/kisaiev/renovate-npm-devdep-issue/issues/2/comments": {
           "hit": 0,
           "miss": 2
         },
         "/repos/kisaiev/renovate-npm-devdep-issue/issues/3": {"hit": 0, "miss": 2},
         "/repos/kisaiev/renovate-npm-devdep-issue/pulls": {"hit": 0, "miss": 1}
       },
       "https://registry.npmjs.org": {
         "/@semantic-release%2Fnpm": {"hit": 0, "miss": 1, "localMiss": 1},
         "/npm": {"hit": 0, "miss": 1, "localMiss": 1}
       }
DEBUG: Lookup statistics (repository=kisaiev/renovate-npm-devdep-issue)
       "npm": {"count": 2, "avgMs": 753, "medianMs": 1303, "maxMs": 1303, "totalMs": 1506},
       "node-version": {"count": 2, "avgMs": 249, "medianMs": 249, "maxMs": 249, "totalMs": 497}
 INFO: Repository finished (repository=kisaiev/renovate-npm-devdep-issue)
       "cloned": true,
       "durationMs": 28728
DEBUG: Checking file package cache for expired items
DEBUG: Deleted 20 of 55 file cached entries in 167ms

rarkins · 2025-01-22T05:34:00Z

rarkins
Jan 22, 2025
Maintainer

Renovate is not doing this itself - npm is doing this. Unless you think renovate is running an incorrect npm command, there's nothing renovate can do about this.

5 replies

kisaiev Jan 22, 2025
Author

Unless you think renovate is running an incorrect npm command

In a way I think it does, but it's due to the limitation from npm CLI.

Both, Renovate and Dependabot, use npm install --package-lock-only to address updates in the package-lock.json. But I don't think that desired result for this command always matches what it actually does and we cannot blame npm CLI for that, because we do run npm install, not update...

The expected behaviour for the the use case shared in this discussion can be achieved via

❯ npm update --no-audit --ignore-scripts --no-fund npm

It will only produce the change to the lock file, since npm update doesn't change the package.json by default, and it will only change the versions of the dependencies, either direct or transitive, without moving them around.

The limitation is, that npm update does not support a specific tag for the requested package, thus it will always update package to the latest version allowed (configured via SemVer in package.json).

Renovate has its own configuration and packageRules, which may not allow the latest version for specific packages, but if there is no such limitation, I think it makes sense to consider using npm update instead, which was designed for this specific case.

rarkins Jan 22, 2025
Maintainer

That describes an npm bug for lock file updates. If npm install --package-lock-only is buggy and drops fields from the lock file, it does not mean Renovate has a bug

kisaiev Jan 22, 2025
Author

I have to disagree. There is nothing unexpected in results we receive from npm.

We deal with a transitive dependency, which means it's listed neither in dependencies nor devDependencies.

When we run npm install for the package, it is expected to be added under dependencies (by default, unless --save-dev or --no-save are specified) and it is. So npm doesn't treat it as an update, since package wasn't listed in pacakge.json, but rather an installation of a new direct dependency. Having --package-lock-only flag in place, we see this change only reflected in package-lock.json, but the result is expected: transitive dependency became direct dependency and since by default any installation is saved to dependencies we got dev=true dropped as well.

I don't know if Renovate is expected to handle updates for the transitive dependencies in this manner, because I couldn't find any other PRs for transitive dependencies unless caused by vulnerability. To me it looks like Renovate have some special handling for npm despite whether it's a direct dependency or transitive, but I may be wrong of course.

rarkins Jan 22, 2025
Maintainer

Please share the debug logs from when this change is made, and I'll take a deeper look

kisaiev Jan 22, 2025
Author

Added to the description. Thanks.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Renovate drops dev=true for npm transitive dependency #33745

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 1 comment 5 replies

{{title}}

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{title}}

{{title}}

Select a reply

Renovate drops dev=true for npm transitive dependency #33745

kisaiev Jan 22, 2025

How are you running Renovate?

If you're self-hosting Renovate, tell us which platform (GitHub, GitLab, etc) and which version of Renovate.

Please tell us more about your question or problem

Overview

Problem

Steps to reproduce

Effect on consumer

Logs (if relevant)

Replies: 1 comment · 5 replies

rarkins Jan 22, 2025 Maintainer

kisaiev Jan 22, 2025 Author

rarkins Jan 22, 2025 Maintainer

kisaiev Jan 22, 2025 Author

rarkins Jan 22, 2025 Maintainer

kisaiev Jan 22, 2025 Author

kisaiev
Jan 22, 2025

Replies: 1 comment 5 replies

rarkins
Jan 22, 2025
Maintainer

kisaiev Jan 22, 2025
Author

rarkins Jan 22, 2025
Maintainer

kisaiev Jan 22, 2025
Author

rarkins Jan 22, 2025
Maintainer

kisaiev Jan 22, 2025
Author