Page MenuHomePhabricator

libup run of repo WikibaseMediaInfo fails on npm ci with failing wikibase dependencies
Closed, ResolvedPublic

Description

https://libraryupgrader2.wmflabs.org/r/mediawiki/extensions/WikibaseMediaInfo

Verifying that tests still pass
$ npm ci
npm WARN prepare removing existing node_modules/ before installation
npm ERR! cipm can only install packages when your package.json and package-lock.json or npm-shrinkwrap.json are in sync. Please update your lock file with `npm install` before continuing.
npm ERR! 
npm ERR! 
npm ERR! Missing: wikibase-data-model@latest
npm ERR! Missing: wikibase-data-values@latest
npm ERR! Missing: wikibase-serialization@latest
npm ERR! 

npm ERR! A complete log of this run can be found in:
npm ERR!     /cache/_logs/2020-01-27T05_33_46_847Z-debug.log

Traceback (most recent call last):
  File "/src/libup/ng.py", line 945, in main
    libup.run(args.repo, args.output)
  File "/src/libup/ng.py", line 895, in run
    self.npm_audit_fix(self.output['npm-audit'])
  File "/src/libup/ng.py", line 178, in npm_audit_fix
    self.check_call(['npm', 'ci'])
  File "/src/libup/shell.py", line 38, in check_call
    res.check_returncode()
  File "/usr/lib/python3.7/subprocess.py", line 428, in check_returncode
    self.stderr)
subprocess.CalledProcessError: Command '['npm', 'ci']' returned non-zero exit status 1.

package.json contains

		"wikibase-data-model": "latest",
		"wikibase-data-values": "latest",
		"wikibase-serialization": "latest"

How to get the tests running in libup?

Event Timeline

cipm can only install packages when your package.json and package-lock.json or npm-shrinkwrap.json are in sync. Please update your lock file with npm install before continuing.

Could be that the .lock file is just out of date?

You musn't use "latest" in package files, as every time latest changes, CI will break for this reason. (Also, the whole dratted point of lock files is to *avoid* dependencies randomly upgrading themselves without human oversight for security vulnerabilities and the code actually working.)

Change 605574 had a related patch set uploaded (by Jforrester; owner: Jforrester):
[mediawiki/extensions/WikibaseMediaInfo@master] Revert "Fix vendor versions"

https://gerrit.wikimedia.org/r/605574

The latest is actually intentional in this case, because it's only used in tests and we want to ensure that those run against the latest code (that matches what is automatically going to be on production later on)
That said, if it's causing issues elsewhere, we can pin it to a specific version. That patch LGTM - do you want it merged?

That said, if it's causing issues elsewhere, we can pin it to a specific version. That patch LGTM - do you want it merged?

Yes please.

Change 605574 merged by Matthias Mullie:
[mediawiki/extensions/WikibaseMediaInfo@master] Revert "Fix vendor versions"

https://gerrit.wikimedia.org/r/605574

Change 653990 had a related patch set uploaded (by Umherirrender; owner: Jforrester):
[mediawiki/extensions/WikibaseMediaInfo@REL1_35] Revert "Fix vendor versions"

https://gerrit.wikimedia.org/r/653990

Change 653990 merged by jenkins-bot:
[mediawiki/extensions/WikibaseMediaInfo@REL1_35] Revert "Fix vendor versions"

https://gerrit.wikimedia.org/r/653990

Umherirrender triaged this task as Medium priority.