`pnpm install --frozen-lockfile` fails with pnpm v9 about pnpm HOT 30 CLOSED

Can confirm and also looking to hear from the team if the lockfile not being backwards compatible was intended:

ERR_PNPM_FROZEN_LOCKFILE_WITH_OUTDATED_LOCKFILE  Cannot perform a frozen installation because the version of the lockfile is incompatible with this version of pnpm

from pnpm.

By default pnpm install fails in CI if it detects that updates should be made to the lockfile. That will be fixed in 9.0.1.

Not sure what the issue with corepack is

from pnpm.

A question: why is lockfile version 9.0 and not 7.0?

from pnpm.

Also if anyone stumble here in the same case as me - it seems like turborepo pruning fails with the new lockfile format and causes the same error as described here. I've opened issue on their side - vercel/turbo#7993

from pnpm.

A question: why is lockfile version 9.0 and not 7.0?

The lockfile version will be the same as the pnpm version where it was introduced.

from pnpm.

Can confirm and also looking to hear from the team if the lockfile not being backwards compatible was intended:

ERR_PNPM_FROZEN_LOCKFILE_WITH_OUTDATED_LOCKFILE  Cannot perform a frozen installation because the version of the lockfile is incompatible with this version of pnpm

I am seeing the exact same issue with pnpm v9 and a lock file with version 6. I thought only v5 was dropped?

from pnpm.

A temporary solution for me was to get my workflows to install a specific pnpm version rather than the latest version

from pnpm.

pnpm 9 seems to be incompatible with lockfile v6.0:

• Running pnpm install --frozen-lockfile on a v6 lockfile results in the error  ERR_PNPM_FROZEN_LOCKFILE_WITH_OUTDATED_LOCKFILE  Cannot perform a frozen installation because the version of the lockfile is incompatible with this version of pnpm
• Running pnpm install with no arguments updates the lockfile to v9, which is incompatible with pnpm 8

Is no lockfile version compatible with both pnpm 8 and 9?

The changelog seemed to suggest that Lockfile v6 is supported in pnpm 9, but I can't get it to work.

Edit: Readonly support for Lockfile v6 as introduced in pnpm 9.0.1 is a good compromise

from pnpm.

Lockfile v6 will work with pnpm v9 but only as readonly (after this fix: #7935). v9 will not make updates in the previous format.

As I said before. This is a breaking change for a reason. We had to change the lockfile format in order to fix some issues with peer dependencies. The fix was too big to port it to v8.

from pnpm.

I tested it in a node.js docker container (docker run --rm -it node sh). All seems to work correctly. Maybe you have a packageManager field in your package.json, try to use:

corepack use [email protected]

Which should update the field in package.json.

Yep, I also mentioned that section of pnpm docks with packageManager field in package.json, bc it solved the issue for us.

Nevertheless, I beg my pardon. Doublechecked the pipe logs. The below is not enough:

corepack enable
corepack prepare [email protected] --activate

It proceeds with enabling "pnpm@latest" instead of "[email protected]" that's is expected according to a node v.18 docs.

It's solely corepack documentation issue, and has nothing to do with pnpm.

from pnpm.

I can check.

But you should be able to run pnpm install locally to update the lockfile to the new format preserving versions. Although, I would recommend to remove the lockfile and node_modules to generate one from scratch as pnpm v9 has some fixes to resolution of peer dependencies.

from pnpm.

While I can also confirm incompatibility of lock-file versions between 8.15.5 & 9.0.0, there's the other thing related to corepack and 9.0.0.

If no packageManager field is provided in your package.json, running

corepack enable
corepack prepare [email protected] --activate

gives you 9.0.0.

with the notorious:

Scope: all 32 workspace projects
 ERR_PNPM_FROZEN_LOCKFILE_WITH_OUTDATED_LOCKFILE  Cannot perform a frozen installation because the version of the lockfile is incompatible with this version of pnpm

Try either:
1. Aligning the version of pnpm that generated the lockfile with the version that installs from it, or
2. Migrating the lockfile so that it is compatible with the newer version of pnpm, or
3. Using "pnpm install --no-frozen-lockfile".
Note that in CI environments, this setting is enabled by default.

That doesn't happen locally, but for some reason happens on a CI.

The solution is to check in the package.json after going with latest section of Using Corepack section.

@zkochan , isn't it a bit strange that any tag on corepack started pointing to 9.0.x?

EDIT: any tag -> any 8.15.x tag. I tried 1 to 5, and got 9.0.0 each time on CI

from pnpm.

@zkochan My guess would be that it's some issue with some part of node's ecosystem.
this installation of 9.0.0 against the requested 8.15.x stated happening right after the release ~3 hr ago.

from pnpm.

I tested it in a node.js docker container (docker run --rm -it node sh). All seems to work correctly. Maybe you have a packageManager field in your package.json, try to use:

corepack use [email protected]

Which should update the field in package.json.

from pnpm.

One thing you can observe is that: peer dependencies to react are mostly resolved to 18.2.0, not 0.0.0-experimental-8039e6d0b-20231026 as I specified in package.json/pnpm/peerDependencyRules/allowedVersions.

I tried to remove the whole section of allowedVersions and reinstall, then add it back hope it can re-resolve dependencies, but that does not work.

The allowedVersions field only affects warnings printed to the console. If you need to override a peer dependency version just install the dependency that you want (as a direct dependency).

from pnpm.

🚢 9.0.1

from pnpm.

What is this? I can't build a container. 9.0.1

from pnpm.

Doesn't seem related to this issue.

Which version of electron is it?

from pnpm.

Doesn't seem related to this issue.

Which version of electron is it?

I don't understand what electron we're talking about if I don't have it in my dependencies and it's not an electron.js application

from pnpm.

One thing you can observe is that: peer dependencies to react are mostly resolved to 18.2.0, not 0.0.0-experimental-8039e6d0b-20231026 as I specified in package.json/pnpm/peerDependencyRules/allowedVersions.
I tried to remove the whole section of allowedVersions and reinstall, then add it back hope it can re-resolve dependencies, but that does not work.

The allowedVersions field only affects warnings printed to the console. If you need to override a peer dependency version just install the dependency that you want (as a direct dependency).

This surprised me. I thought this is an override of the incompatible peer versions

I read the doc again. Thank you for pointing me out!

from pnpm.

Hi @zkochan It's still not working.

In DimensionDev/Maskbook@4f5f116 (#11571) (Good state), if you search "[email protected]" you'll find nothing, but if you change package.json to "packageManager": "[email protected]", and run pnpm install, now the lockfile contains "[email protected]" and the app is broken.

In the lockfile I can see my override is acknowledged: react: 0.0.0-experimental-8039e6d0b-20231026 but it does not work.

from pnpm.

A question: why is lockfile version 9.0 and not 7.0?

Could it be that they wanted to make it more streamlined with the pnpm version itself? 😄

from pnpm.

In DimensionDev/Maskbook@4f5f116 (#11571) (Good state), if you search "[email protected]" you'll find nothing, but if you change package.json to "packageManager": "[email protected]", and run pnpm install, now the lockfile contains "[email protected]" and the app is broken.

I you want to override the version of react, use an override

from pnpm.

In DimensionDev/Maskbook@4f5f116 (#11571) (Good state), if you search "[email protected]" you'll find nothing, but if you change package.json to "packageManager": "[email protected]", and run pnpm install, now the lockfile contains "[email protected]" and the app is broken.

I you want to override the version of react, use an override

Yes! I'm using it but still have the problem. Just tried again with 9.0.2

from pnpm.

packageManager

Hey

How did you solve this?
This is my build command:
corepack enable && corepack prepare [email protected] --activate && pnpm install --frozen-lockfile && npm install --global lerna && cd ./packages/database && npx prisma generate && cd ../.. && pnpm lerna run build

Ans still I am getting the following error:
 ERR_PNPM_BAD_PM_VERSION  This project is configured to use v8.10.4 of pnpm. Your current pnpm is v9.0.2

from pnpm.

@milanpajovic , you have to add packageManager to your package.json and check it in.
to do so, you'll have to run corepack use [email protected] with the version you need to stick to before going with pnpm i

from pnpm.

@milanpajovic
I assume, it would be:

corepack enable
corepack prepare [email protected] --activate
corepack use [email protected]
# ... rest commands

that works for us in node 18 LTS

PS: in my case, I ran that locally, pushed changed package.json to the repo. for CI just

corepack enable
corepack prepare [email protected] --activate

was enough.

from pnpm.

@milanpajovic, btw, according to the node 20.x docs you might not even need to run prepare

from pnpm.

corepack use [email protected]

Thank you.
I am using monorepo using lerna

this is how package.json looks like

"engines": {
"node": ">= 18.14.0",
"npm": "please-use-pnpm"
},
"packageManager": "[email protected]"
}
I moved all of them to [email protected]
We are on node 18
But it seems that pipeline is still getting the newest version of pnpm

from pnpm.

I have the same problem:
└─# pnpm -v 9.0.4
`
─# pnpm run dev
 ERR_PNPM_BAD_PM_VERSION  This project is configured to use v8.15.4 of pnpm. Your current pnpm is v9.0.4

If you want to bypass this version check, you can set the "package-manager-strict" configuration to "false" or set the "COREPACK_ENABLE_STRICT" environment variable to "0"

`

from pnpm.