Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Yarn v4 #8610

Open
1 task done
arusahni opened this issue Dec 14, 2023 · 9 comments
Open
1 task done

Support Yarn v4 #8610

arusahni opened this issue Dec 14, 2023 · 9 comments
Labels
dependencies Keep Exempt this from being marked by stalebot L: javascript:yarn npm packages via yarn T: feature-request Requests for new features

Comments

@arusahni
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Feature description

Yarn v4 was released a little under two months ago. It brings quite a few performance improvements which convinced my team to finally upgrade from v1. However, we had to pause our migration when we discovered Dependabot did not support v4. Since Dependabot does support v1-3, supporting v4 seems to be a reasonable thing to do.
@arusahni arusahni added the T: feature-request Requests for new features label Dec 14, 2023
@izi-p
Copy link

izi-p commented Dec 20, 2023
edited
Loading

We recently updated our monorepo to yarn v4 , and I confirm dependabot does not work. It updates dependencies but does not commit updated yarn.lock file.

@deivid-rodriguez
Copy link
Contributor

Wondering if this works if you set packageManager to yarn v4 in your package.json file. We use corepack internally to select the yarn version to be used so there's a chance that helps?

@tyzh-dev
Copy link

tyzh-dev commented Jan 30, 2024
edited
Loading

A PR exists to bump Yarn to V4: #8265. Only one check out of 44 seems to be failing.

@yeikel yeikel mentioned this issue Feb 2, 2024
Merged
@brocef
Copy link

brocef commented Mar 27, 2024

Any update on yarn v4 support? To expound on the original reasoning for why this would be nice, it provides a way to change how yarn creates symlinks on Windows which–selfishly speaking–would make my job easier.

@jpandersen87
Copy link
Contributor

I have a PR that fixes the issue causing the test to fail here: #9405

@jonjanego jonjanego added L: javascript:yarn npm packages via yarn Keep Exempt this from being marked by stalebot labels May 2, 2024
@billhimmelsbach billhimmelsbach mentioned this issue May 9, 2024
Merged
@ramondeklein ramondeklein mentioned this issue Jun 5, 2024
Closed
@jonjanego jonjanego moved this to Scoping in Dependabot Jun 6, 2024
@jonjanego jonjanego moved this from Scoping to Planned in Dependabot Jun 7, 2024
@abdulapopoola abdulapopoola moved this from Planned to Ready in Dependabot Jun 7, 2024
@abdulapopoola
Copy link
Member

abdulapopoola commented Jul 1, 2024
edited
Loading

@brocef , @jpandersen87 's PR (thanks @jpandersen87 !) was already merged, please reactivate if yarn4 still doesn't work

@github-project-automation github-project-automation bot moved this from Ready to Done in Dependabot Jul 1, 2024
@alexbchr
Copy link

alexbchr commented Jul 2, 2024

We've been using Dependabot since the last few weeks with Yarn v4 and so can confirm it does "work" and update the yarn.lock.

However, just asking a question here and I'll open a separate issue with more context if I see it's related to Yarn v4, but we're having a bit of trouble with Yarn v4 and the Dependabot groups. Our dependabot.yml file contains quite a few groups configurations but for some reasons, some dependencies like next or jose seem to just be ignoring those group configurations completely, as they get added to groups defined at the complete end of our groups configuration.

Since this issue was still opened, I thought it was something to do with Yarn v4 support, but now that @abdulapopoola says it has been available since a few weeks already, I feel like it might just be an issue with Dependabot itself...

@abdulapopoola
Copy link
Member

Thanks @alexbchr for the confirmation; yes, please file an issue with the details of the error so we can triage it.

@abdulapopoola abdulapopoola reopened this Jan 8, 2025
@abdulapopoola
Copy link
Member

We still have a few more features to add to enable full Yarn4 support.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dependencies Keep Exempt this from being marked by stalebot L: javascript:yarn npm packages via yarn T: feature-request Requests for new features
Projects
Dependabot
Archived in project
Milestone
No milestone
Development

No branches or pull requests
9 participants
@arusahni @abdulapopoola @jonjanego @deivid-rodriguez @alexbchr @brocef @izi-p @jpandersen87 @tyzh-dev