Can't find yarn.lock

[BBboy01]

Is there an existing issue for this?

• I have searched the existing issues

Package ecosystem

npm

Package manager version

pnpm 8.7.1

Language version

node.js 18.17.0

Manifest location and content before the Dependabot update

No response

dependabot.yml content

version: 2
registries:
  npm-private:
    type: npm-registry
    url: http://npm-private.com/
    replaces-base: true
updates:
  - package-ecosystem: npm
    registries:
      - npm-private
    directory: '/'
    schedule:
      interval: monthly
    open-pull-requests-limit: 20
    versioning-strategy: lockfile-only

Updated dependency

No response

What you expected to see, versus what you actually saw

Here is a section of update log, and only pnpm-lock.yaml file in my repo, but dependabot check the yarn.lock .

I think the reason is there is no pnpm helper.

dependabot-core/npm_and_yarn/lib/dependabot/npm_and_yarn/update_checker/conflicting_dependency_resolver.rb

Lines 46 to 59 in 853aada

	if dependency_files_builder.package_locks.any? ||
	dependency_files_builder.shrinkwraps.any?
	SharedHelpers.run_helper_subprocess(
	command: NativeHelpers.helper_path,
	function: "npm:findConflictingDependencies",
	args: [Dir.pwd, dependency.name, target_version.to_s]
	)
	else
	SharedHelpers.run_helper_subprocess(
	command: NativeHelpers.helper_path,
	function: "yarn:findConflictingDependencies",
	args: [Dir.pwd, dependency.name, target_version.to_s]
	)
	end

[2023-09-05 02:16:41 +0000] INFO  -- [dep-update: mm/ff=>npm] Processing dependency codemirror
[2023-09-05 02:16:45 +0000] WARN  -- [dep-update: mm/ff=>npm]   update for codemirror: 5.65.15 is impossible
[2023-09-05 02:16:45 +0000] ERROR -- [dep-update: mm/ff=>npm] [core] Helpers output: {"command":"node /opt/npm_and_yarn/run.js","function":"yarn:findConflictingDependencies","args":["/home/dependabot/app/tmp/20230905-1-y1w0t4/dependabot_20230905-1-gz8eb1","codemirror","6.0.0"],"time_taken":0.129007959,"stderr_output":"","process_exit_value":"pid 451 exit 1","process_termsig":null,"response":{"error":"ENOENT: no such file or directory, open '/home/dependabot/app/tmp/20230905-1-y1w0t4/dependabot_20230905-1-gz8eb1/yarn.lock'"}}

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

No response

[deivid-rodriguez]

Thanks! Yes, this looks like it was missed in the PNPM implementation. Do you have a public repository that reproduces this?

[aperigault]

Hi,
same problem here. How can I help to solved it ?

[2024-06-25 07:59:51 +0000] WARN  -- [dep-update: test/myrepo=>npm=>/front/core]   update for autoprefixer: 10.4.5 is impossible
[2024-06-25 07:59:51 +0000] WARN  -- [dep-update: test/myrepo=>npm=>/front/core] [core] Helpers output:
{
  "command": "node /opt/npm_and_yarn/run.js",
  "function": "yarn:findConflictingDependencies",
  "args": [
    "/home/dependabot/app/tmp/20240625-34-qz3ttl/dependabot_20240625-34-1aj9yq",
    "autoprefixer",
    ""
  ],
  "time_taken": 0.19430674,
  "stderr_output": "",
  "process_exit_value": "pid 640 exit 1",
  "process_termsig": null,
  "response": {
    "error": "ENOENT: no such file or directory, open '/home/dependabot/app/tmp/20240625-34-qz3ttl/dependabot_20240625-34-1aj9yq/yarn.lock'"
  }
}

[receperdogan]

Same here, any update?