[npm] minimumReleaseAge Doesn't Work with rangeStrategy bump on Lock File #30920
Replies: 2 comments
-
If you want an exact version in the lock file then you'll need to pin the version in package.json. This is not a bug, but please feel free to improve the docs to clarify the limitation |
Beta Was this translation helpful? Give feedback.
-
Hi there, A maintainer decided this is not a bug, and behaving as designed. The maintainer will explain why this behavior is correct. To avoid confusing future readers, we will close this Discussion. We want Bug-type Discussions to be about things that we rate as bugs. For more details, please read our development docs about bug handling. If this bug report makes you think of an idea for a new feature, or how to improve a current feature, feel free to create a new Suggest an Idea Discussion. Thanks, the Renovate team |
Beta Was this translation helpful? Give feedback.
-
What would you like help with?
I think I found a bug
How are you running Renovate?
Self-hosted
If you're self-hosting Renovate, tell us which platform (GitHub, GitLab, etc) and which version of Renovate.
Bitbucket, 38.44.3
Please tell us more about your question or problem
In my npm repository, I have rangeStrategy set to
bump
and minimumReleaseAge set to7 days
, I also havenpmDedupe
in the postUpdateOptions. When renovate was run, thepackage.json
was updated as expected, i.e. it will bump to the version that meets the minimumReleaseAge, however, thepackage-lock.json
would be updated to the latest version. The behavior of thepackage-lock.json
does meet the semVer inpackage.json
, but it doesn't meet the minimumReleaseAge limit.Config:
Logs (if relevant)
Logs
Beta Was this translation helpful? Give feedback.
All reactions