Do you want to request a feature or report a bug?
It might not be a bug but my misunderstanding of how yarn lock works with yarn workspaces.
What is the current behavior?
yarn.lock is not working with yarn workspaces. I am using yarn workspaces for my project. I have a dependency in a workspace with a caret/tilde before its version. But whenever I run yarn install –pure-lockfile or yarn install –frozen-lock file, the dependency gets updated to latest version and does not honour yarn.lock whenever the library owner publishes a new version. This leads to breaking my app’s build due to non-compatible changes in newer version.
If the current behavior is a bug, please provide the steps to reproduce.
I have created a sample repo with setup. Please follow the following steps to reproduce:
- Clone the repo.
- Do fresh yarn install.
- Now add caret to the dependency “cross-env” mentioned in workspace-b.
- Run yarn install again (with –pure-lockfile or –frozen-lockfile)
- Check yarn.lock doesn’t get updated but in node modules new version is installed.
What is the expected behavior?
yarn install –frozen-lockfile should fail.
Please mention your node.js, yarn and operating system version.
OS: MacOS mojave (10.14.5)