Skip to content

fix(plugin-js-packages): pnpm outdated fallback #1155

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hanna-skryl merged 1 commit into from
Nov 27, 2025
Merged

fix(plugin-js-packages): pnpm outdated fallback #1155

hanna-skryl merged 1 commit into from
Nov 27, 2025

Conversation

@hanna-skryl
Copy link
Collaborator

@hanna-skryl hanna-skryl commented Nov 26, 2025

This bug surfaced in CI when a pull request removed a dependency.

The Code PushUp GitHub Action installs dependencies for the PR branch, which no longer includes the removed package in node_modules. When the action switches to the base branch for comparison, it does not reinstall dependencies. The base branch's package.json still references the removed dependency, so pnpm outdated --json reports it but without a current field since the package is not in node_modules.

Example

The plugin then crashes when calling semver.clean(undefined) on the missing current value.

@hanna-skryl hanna-skryl self-assigned this Nov 26, 2025
@github-actions github-actions bot added 🔬 testing writing tests 🧩 js-packages-plugin Plugin for audit and outdated dependencies labels Nov 26, 2025
@nx-cloud
Copy link

nx-cloud bot commented Nov 26, 2025
edited
Loading

View your CI Pipeline Execution ↗ for commit 12174df

Command Status Duration Result
nx code-pushup --nx-bail -- compare ✅ Succeeded 58s View ↗
nx code-pushup --nx-bail -- ✅ Succeeded 1m 4s View ↗
nx code-pushup --nx-bail -- print-config --outp... ✅ Succeeded 5m 8s View ↗

☁️ Nx Cloud last updated this comment at 2025-11-26 23:46:04 UTC

@pkg-pr-new
Copy link

pkg-pr-new bot commented Nov 26, 2025

Open in StackBlitz

@code-pushup/ci

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/ci@1155

@code-pushup/cli

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/cli@1155

@code-pushup/core

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/core@1155

@code-pushup/create-cli

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/create-cli@1155

@code-pushup/models

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/models@1155

@code-pushup/nx-plugin

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/nx-plugin@1155

@code-pushup/axe-plugin

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/axe-plugin@1155

@code-pushup/coverage-plugin

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/coverage-plugin@1155

@code-pushup/eslint-plugin

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/eslint-plugin@1155

@code-pushup/js-packages-plugin

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/js-packages-plugin@1155

@code-pushup/jsdocs-plugin

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/jsdocs-plugin@1155

@code-pushup/lighthouse-plugin

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/lighthouse-plugin@1155

@code-pushup/typescript-plugin

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/typescript-plugin@1155

@code-pushup/utils

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/utils@1155

@code-pushup/models-transformers

npm i https://pkg.pr.new/code-pushup/cli/@code-pushup/models-transformers@1155

commit: 12174df

@github-actions
Copy link
Contributor

github-actions bot commented Nov 26, 2025

Code PushUp

🤨 Code PushUp report has both improvements and regressions – compared current commit d9afe13 with previous commit e1152f2.

🕵️ See full comparison in Code PushUp portal 🔍

🏷️ Categories

🏷️ Category ⭐ Previous score ⭐ Current score 🔄 Score change
Performance 🔴 36 🔴 34 ↓ −1.8
Code coverage 🟡 89 🟡 89
Security 🔴 43 🔴 43
Updates 🟡 71 🟡 71
Accessibility 🟢 92 🟢 92
Best Practices 🟢 100 🟢 100
SEO 🟢 92 🟢 92
Type Safety 🟢 100 🟢 100
Bug prevention 🟢 100 🟢 100
Miscellaneous 🟢 100 🟢 100
Code style 🟢 100 🟢 100
Documentation 🔴 35 🔴 35
👎 1 group regressed, 👍 1 audit improved, 👎 3 audits regressed, 15 audits changed without impacting score

🗃️ Groups

🔌 Plugin 🗃️ Group ⭐ Previous score ⭐ Current score 🔄 Score change
Lighthouse Performance 🔴 36 🔴 34 ↓ −1.8

22 other groups are unchanged.

🛡️ Audits

🔌 Plugin 🛡️ Audit 📏 Previous value 📏 Current value 🔄 Value change
Lighthouse Total Blocking Time 🟥 1,750 ms 🟥 2,290 ms ↑ +31.2 %
Lighthouse Speed Index 🟥 6.8 s 🟥 7.1 s ↑ +4.3 %
Lighthouse First Contentful Paint 🟥 3.3 s 🟥 3.2 s ↓ −0.3 %
Lighthouse Time to Interactive 🟥 13.2 s 🟥 13.6 s ↑ +2.6 %
Lighthouse Avoids enormous network payloads 🟩 Total size was 2,020 KiB 🟩 Total size was 2,024 KiB ↑ +0.2 %
Lighthouse Minimizes main-thread work 🟥 12.1 s 🟥 13.7 s ↑ +13.7 %
Lighthouse Largest Contentful Paint 🟥 11.3 s 🟥 11.8 s ↑ +4.9 %
Lighthouse Max Potential First Input Delay 🟥 1,260 ms 🟥 1,720 ms ↑ +37 %
Lighthouse JavaScript execution time 🟥 5.0 s 🟥 5.4 s ↑ +9.3 %
Lighthouse Uses efficient cache policy on static assets 🟨 30 resources found 🟨 30 resources found ↑ +0.1 %
Lighthouse Server Backend Latencies 🟩 1,230 ms 🟩 830 ms ↓ −32.4 %
Lighthouse Remove duplicate modules in JavaScript bundles 🟥 Potential savings of 104 KiB 🟥 Potential savings of 104 KiB ↑ +109.4 %
Lighthouse Metrics 🟩 100% 🟩 100% ↑ +2.6 %
Lighthouse Initial server response time was short 🟩 Root document took 430 ms 🟩 Root document took 520 ms ↑ +18.6 %
Lighthouse Reduce unused JavaScript 🟥 Potential savings of 184 KiB 🟥 Potential savings of 184 KiB ↑ +6.3 %
Lighthouse Reduce unused CSS 🟥 Potential savings of 105 KiB 🟥 Potential savings of 105 KiB ↑ +6.4 %
Lighthouse Network Round Trip Times 🟩 60 ms 🟩 50 ms ↓ −11 %
Code coverage Branch coverage 🟨 87.3 % 🟨 87.3 % ↑ +0.1 %
Code coverage Line coverage 🟨 85.3 % 🟨 85.3 % ↑ +0.1 %

659 other audits are unchanged.

@hanna-skryl hanna-skryl marked this pull request as ready for review November 26, 2025 23:49
@hanna-skryl hanna-skryl requested a review from vmasek November 26, 2025 23:49
matejchalk
matejchalk approved these changes Nov 27, 2025
View reviewed changes
Copy link
Collaborator

@matejchalk matejchalk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense, thanks for the fix 👍

@hanna-skryl hanna-skryl merged commit d893cb2 into main Nov 27, 2025
23 checks passed
@hanna-skryl hanna-skryl deleted the pnpm-missing-current-package branch November 27, 2025 22:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vmasek vmasek vmasek approved these changes

@matejchalk matejchalk matejchalk approved these changes

Assignees

@hanna-skryl hanna-skryl

Labels

🧩 js-packages-plugin Plugin for audit and outdated dependencies 🔬 testing writing tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@hanna-skryl @vmasek @matejchalk