Expand my Community achievements bar.

SOLVED

Use Yarn for Frontend Code Pipelines in Cloud Manager

Avatar

Level 1
Level 1
2/22/23 11:41:28 AM

I'm trying to set up a Frontend Code Pipeline but it's immediately failing due to the following error: 

 

[BUILD] Running npm audit command(s)
Executing command npm --progress false audit --production --audit-level=critical
npm ERR! code ELOCKVERIFY
npm ERR! Errors were found in your package-lock.json, run  npm install  to fix them.

 

If I delete the package-lock.json, I get:

[BUILD] Running npm audit command(s)
Executing command npm --progress false audit --production --audit-level=critical
npm ERR! code EAUDITNOLOCK
npm ERR! audit Neither npm-shrinkwrap.json nor package-lock.json found: Cannot audit a project without a lockfile
npm ERR! audit Try creating one first with: npm i --package-lock-only

 

Is there a way to execute the command using yarn instead of npm?

Views

792

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
3/1/23 8:30:07 AM

Hi @sowhatdoido,

 

Please go through this article to understand how npm audit works - https://satejsawant.dev/blog/npm-audit-how-it-works

 

You need to have package.json and package-lock.json files to be present for npm audit to work. When you run npm install package-lock.json is automatically generated.

 

Please let me know the steps that you're taking if this does not help.

 

Thanks,

Chitra

View solution in original post

Views

716

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Community Advisor
Community Advisor
3/1/23 8:30:07 AM

Hi @sowhatdoido,

 

Please go through this article to understand how npm audit works - https://satejsawant.dev/blog/npm-audit-how-it-works

 

You need to have package.json and package-lock.json files to be present for npm audit to work. When you run npm install package-lock.json is automatically generated.

 

Please let me know the steps that you're taking if this does not help.

 

Thanks,

Chitra

Views

717

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 1
Level 1
3/14/23 10:48:40 AM

Sorry, I should have been clearer in my question: I understand that npm requires the package.json and package-lock.json files to be present for npm audit to work. Internally our project uses Yarn, and thus generates a corresponding yarn.lock file, and yarn has the ability to run an audit command as well (https://classic.yarnpkg.com/lang/en/docs/cli/audit/).

Overall, there is more than one package manager in the market, Yarn being one alternative, PNPM being another. See this for more info.

 

Is it possible to swap package managers in the frontend pipeline/are there plans to support such tooling?

Views

695

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
can somebody please explain the use of the workflow model in /var? Solved

Views

91

Likes

0

Replies

3
How to open page in universal editor Solved

Views

102

Likes

0

Replies

6
Translation in CF Solved

Views

87

Likes

0

Replies

3
Add desired child component in core accordion component

Views

28

Likes

0

Replies

1
I'm encountering an error when adding my component to a page and trying to view it in publish mode

Views

84

Likes

0

Replies

3