diff --git a/.changeset/perfect-forks-beg.md b/.changeset/perfect-forks-beg.md new file mode 100644 index 0000000000..07997e306c --- /dev/null +++ b/.changeset/perfect-forks-beg.md @@ -0,0 +1,6 @@ +--- +"@pnpm/core": patch +"pnpm": patch +--- + +`pnpm install --frozen-lockfile --lockfile-only` should fail if the lockfile is not up to date with the `package.json` files [#6913](https://github.com/pnpm/pnpm/issues/6913). diff --git a/pkg-manager/core/src/install/index.ts b/pkg-manager/core/src/install/index.ts index e7e843002e..73b024d958 100644 --- a/pkg-manager/core/src/install/index.ts +++ b/pkg-manager/core/src/install/index.ts @@ -373,7 +373,7 @@ export async function mutateModules ( !opts.dedupe && installsOnly && ( - frozenLockfile && !opts.lockfileOnly || + frozenLockfile || opts.ignorePackageManifest || !needsFullResolution && opts.preferFrozenLockfile && diff --git a/pkg-manager/core/test/install/lockfileOnly.ts b/pkg-manager/core/test/install/lockfileOnly.ts index 91027c0570..601e6ba51d 100644 --- a/pkg-manager/core/test/install/lockfileOnly.ts +++ b/pkg-manager/core/test/install/lockfileOnly.ts @@ -75,22 +75,17 @@ test('warn when installing with lockfileOnly = true and node_modules exists', as expect(currentLockfile.packages['/rimraf@2.5.1']).toBeFalsy() }) -// For @pnpm/core it might make sense to throw an exception in this case but for now it is better than having -// the https://github.com/pnpm/pnpm/issues/4951 issue. -test('always update the lockfile when lockfileOnly is used, even if frozenLockfile is used', async () => { - const project = prepareEmpty() +test('do not update the lockfile when lockfileOnly and frozenLockfile are both used', async () => { + prepareEmpty() await addDependenciesToPackage({}, ['is-positive@1.0.0'], await testDefaults({ lockfileOnly: true, })) - await install({ + await expect(install({ dependencies: { 'is-positive': '2.0.0', }, }, await testDefaults({ lockfileOnly: true, frozenLockfile: true, - })) - - const lockfile = await project.readLockfile() - expect(lockfile.dependencies['is-positive'].specifier).toBe('2.0.0') + }))).rejects.toThrow(/is not up to date/) })