Skip to content

fix(npm): approve-scripts detects packages when lockfile is disabled#32842

Merged
bartlomieju merged 1 commit intodenoland:mainfrom
bartlomieju:fix/approve-scripts-no-lock
Mar 20, 2026
Merged

fix(npm): approve-scripts detects packages when lockfile is disabled#32842
bartlomieju merged 1 commit intodenoland:mainfrom
bartlomieju:fix/approve-scripts-no-lock

Conversation

@bartlomieju
Copy link
Member

@bartlomieju bartlomieju commented Mar 19, 2026

Summary

  • Fix deno approve-scripts failing to detect packages with lifecycle scripts when "lock": false is set in deno.json
  • The issue was that approve-scripts queried the npm resolution snapshot without first resolving packages — with no lockfile, the snapshot was empty
  • Fix by calling ensure_top_level_package_json_install() before querying the snapshot

Closes #32781

Test plan

  • Added spec test approve_scripts_no_lock with two cases:
    • approve_scripts_explicit_package — verifies explicit package approval works with lock: false
    • approve_scripts_detects_packages — verifies the no-args path finds packages (previously returned "nothing to approve")
  • Verified test fails without the fix (outputs "No npm packages with lifecycle scripts need approval" instead of detecting candidates)

🤖 Generated with Claude Code

@bartlomieju @claude
fix(npm): approve-scripts detects packages when lockfile is disabled
9f2210a 
When `lock: false` is set in deno.json, `deno approve-scripts` (without
args) would report "No npm packages with lifecycle scripts need approval"
even though `deno install` correctly warned about packages with scripts.

The issue was that `approve-scripts` queried the npm resolution snapshot
without first resolving packages. With no lockfile, the snapshot was empty.
Fix by calling `ensure_top_level_package_json_install()` before querying.

Closes denoland#32781

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
nathanwhit
nathanwhit approved these changes Mar 19, 2026
View reviewed changes
Copy link
Member

@nathanwhit nathanwhit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@bartlomieju bartlomieju merged commit 8f200f1 into denoland:main Mar 20, 2026
218 of 222 checks passed
@bartlomieju bartlomieju deleted the fix/approve-scripts-no-lock branch March 20, 2026 06:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nathanwhit nathanwhit nathanwhit approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

deno approve-scripts fails to detect scripts

2 participants

@bartlomieju @nathanwhit