Skip to content

docs(readme): add lockfile=true to recommended NPM_CONFIG_FILE for pnpm 10 compat#23

Merged
ob-aion merged 2 commits into
mainfrom
docs/pnpm-lockfile-compat
May 20, 2026
Merged

docs(readme): add lockfile=true to recommended NPM_CONFIG_FILE for pnpm 10 compat#23
ob-aion merged 2 commits into
mainfrom
docs/pnpm-lockfile-compat

Conversation

@ob-aion
Copy link
Copy Markdown
Contributor

@ob-aion ob-aion commented May 20, 2026
edited
Loading

Summary

Add lockfile=true to the recommended NPM_CONFIG_FILE template. Pnpm < 11.0.0 interprets the preceding package-lock=false line as lockfile=false and disables pnpm-lock.yaml reads — colliding with pnpm install --frozen-lockfile in javascript/base. The new line re-enables the pnpm lockfile explicitly. On pnpm >= 11 the line is harmless (already the default; package-lock is scoped to npm's own lockfile).

Surfaced today when a consumer pinned to pnpm@10.x hit ERR_PNPM_NO_LOCKFILE after the new NPM_CONFIG_FILE recommendation rolled out (#22).

Action required by consumers

Append lockfile=true after package-lock=false in your NPM_CONFIG_FILE org secret. New consumers should adopt the updated template as-is. No CI workflow change is needed.

Test plan

  • README renders cleanly on GitHub (lockfile=true row and updated code block).
  • A pnpm-10 consumer with the updated secret installs cleanly under javascript/base.
  • A pnpm-11 consumer is unaffected.

@ob-aion
docs(readme): add lockfile=true to recommended NPM_CONFIG_FILE for pn…
b708309 
…pm 10 compat

Pnpm < 11.0.0 interprets `package-lock=false` as `lockfile=false`,
disabling pnpm-lock.yaml reads and breaking the
`pnpm install --frozen-lockfile` step in javascript/base. Adding an
explicit `lockfile=true` on the next line re-enables the pnpm lockfile
on pnpm 10.x and is harmless (already the default) on pnpm >= 11.

Surfaced when a consumer pinned to pnpm@10.x hit ERR_PNPM_NO_LOCKFILE
after the previous NPM_CONFIG_FILE recommendation rolled out today.
Consumers updating NPM_CONFIG_FILE to this template should append the
new line; existing consumers on pnpm 11 keep working either way.
ob-aion
ob-aion commented May 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor Author

@ob-aion ob-aion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK

ob-aion
ob-aion commented May 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor Author

@ob-aion ob-aion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK

@ob-aion ob-aion merged commit f174724 into main May 20, 2026
6 checks passed
@ob-aion ob-aion deleted the docs/pnpm-lockfile-compat branch May 20, 2026 11:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ob-aion