Consider pulling `fixedVersion` or `currentVersion` from `renovate-graph` if present
{
"currentValue": "~> 3.6",
"currentVersion": "3.9.2",
"datasource": "hex",
"depName": "ecto_sql",
"homepage": "https://hex.pm/packages/ecto_sql",
"packageName": "ecto_sql",
"registryUrl": "https://hex.pm/",
"updates": [
],
"versioning": "hex",
"warnings": [
]
},
https://renovatebot.slack.com/archives/CAFH752JU/p1680881967858539 - prefer lockedVersion
/ fixedVersion
, or currentVersion
if not
Jamie Tanna
4:39 PM
Do we have anything documented around what the difference between currentVersion and lockedVersion is, if a project uses a lockfile? Seeing an Elixir dependency being resolved as:
"currentValue": "~> 3.6",
"currentVersion": "3.9.2",
Whereas I see on an npm dependency we've got a currentVersion, fixedVersion and a lockedVersion:
"currentValue": "^3.6.8",
"currentVersion": "3.37.1",
"datasource": "npm",
"depName": "apexcharts",
"fixedVersion": "3.37.1",
"lockedVersion": "3.37.1",
rarkins
4:40 PM
It’s only a fixed version if it’s locked, or specified with a single range constraint
4:40
Ie locked or pinned
4:41
Otherwise without locking it’s recalculated and could change each run
Jamie Tanna
4:44 PM
Awesome, thank you :raised_hands:
4:45
So I guess if a lockedVersion / fixedVersion is there, prefer relying on that, otherwise use the currentVersion?
(+1 from Rhys)
Edited by Jamie Tanna