diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb index 822b989f4db..6f1bcd5efff 100644 --- a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb +++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb @@ -161,7 +161,7 @@ def run_yarn_berry_top_level_updater(top_level_dependency_updates:, yarn_lock:) # updated to a single new version, so we just pick the first one. "#{dep[:name]}@#{dep[:requirements].first[:requirement]}" end - command = "yarn add #{updates.join(' ')}" + command = "yarn add #{updates.join(' ')} --mode=update-lockfile" Helpers.run_yarn_commands(command) { yarn_lock.name => File.read(yarn_lock.name) } end @@ -171,9 +171,9 @@ def run_yarn_berry_subdependency_updater(yarn_lock:) update = "#{dep.name}@#{dep.version}" Helpers.run_yarn_commands( - "yarn add #{update}", - "yarn dedupe #{dep.name}", - "yarn remove #{dep.name}" + "yarn add #{update} --mode=update-lockfile", + "yarn dedupe #{dep.name} --mode=update-lockfile", + "yarn remove #{dep.name} --mode=update-lockfile" ) { yarn_lock.name => File.read(yarn_lock.name) } end diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater_spec.rb index c8eb16ebafb..eab2664d368 100644 --- a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater_spec.rb +++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater_spec.rb @@ -2995,7 +2995,6 @@ it "updates the .yarn/cache folder" do expect(updated_files.map(&:name)).to match_array( [ - ".yarn/cache/fetch-factory-npm-0.0.1-e67abc1f87-ff7fe6fdb8.zip", ".yarn/cache/fetch-factory-npm-0.0.2-816f8766e1-200ddd8ae3.zip", ".yarn/install-state.gz", "package.json",