From 6e4f670661e59d6793a4bddbaaa3bb014318593a Mon Sep 17 00:00:00 2001 From: Knut Wannheden Date: Thu, 2 Apr 2026 13:09:00 +0200 Subject: [PATCH 1/2] Fix flaky upgrade-dependency-version test The test asserted an exact resolved version (4.17.23) for lodash when using a ^4.17.20 constraint, but npm now resolves to 4.18.1. Use semver.satisfies() instead to check that the resolved version satisfies the constraint, making the test resilient to new lodash releases. --- .../javascript/recipes/upgrade-dependency-version.test.ts | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/rewrite-javascript/rewrite/test/javascript/recipes/upgrade-dependency-version.test.ts b/rewrite-javascript/rewrite/test/javascript/recipes/upgrade-dependency-version.test.ts index 4307ff6c3f..7232d24884 100644 --- a/rewrite-javascript/rewrite/test/javascript/recipes/upgrade-dependency-version.test.ts +++ b/rewrite-javascript/rewrite/test/javascript/recipes/upgrade-dependency-version.test.ts @@ -26,6 +26,7 @@ import {RecipeSpec} from "../../../src/test"; import {withDir} from "tmp-promise"; import * as fs from "fs"; import * as path from "path"; +import * as semver from "semver"; describe("UpgradeDependencyVersion", () => { @@ -505,9 +506,11 @@ describe("UpgradeDependencyVersion", () => { const marker = findNodeResolutionResult(doc); expect(marker).toBeDefined(); expect(marker!.dependencies[0].versionConstraint).toBe("^4.17.23"); - // The resolved version should still be 4.17.23 (unchanged) + // The resolved version should still satisfy ^4.17.23 (unchanged) // This proves we didn't run npm install - just updated the constraint - expect(marker!.resolvedDependencies?.[0]?.version).toBe("4.17.23"); + const resolvedVersion = marker!.resolvedDependencies?.[0]?.version; + expect(resolvedVersion).toBeDefined(); + expect(semver.satisfies(resolvedVersion!, "^4.17.23")).toBe(true); } } ) From eb9f65f804abc2f90d6d8e815c57d57714ffe409 Mon Sep 17 00:00:00 2001 From: Knut Wannheden Date: Thu, 2 Apr 2026 13:21:11 +0200 Subject: [PATCH 2/2] Fix flaky add-dependency test for lodash version check Same issue as the upgrade-dependency-version test: the lock file version assertion used startsWith("4.17.") which breaks now that lodash 4.18.1 exists. Use semver.satisfies() instead. --- .../rewrite/test/javascript/recipes/add-dependency.test.ts | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/rewrite-javascript/rewrite/test/javascript/recipes/add-dependency.test.ts b/rewrite-javascript/rewrite/test/javascript/recipes/add-dependency.test.ts index 5afe724277..8fda810d60 100644 --- a/rewrite-javascript/rewrite/test/javascript/recipes/add-dependency.test.ts +++ b/rewrite-javascript/rewrite/test/javascript/recipes/add-dependency.test.ts @@ -25,6 +25,7 @@ import {Json} from "../../../src/json"; import {RecipeSpec} from "../../../src/test"; import {withDir} from "tmp-promise"; import {findMarker, MarkersKind} from "../../../src"; +import * as semver from "semver"; describe("AddDependency", () => { @@ -346,10 +347,10 @@ describe("AddDependency", () => { throw new Error(`Expected root dependency lodash to be ^4.17.21, got ${rootPkg?.dependencies?.["lodash"]}`); } - // lodash should be in node_modules + // lodash should be in node_modules with a version satisfying ^4.17.21 const lodashPkg = lockData.packages["node_modules/lodash"]; - if (!lodashPkg?.version?.startsWith("4.17.")) { - throw new Error(`Expected lodash version to start with 4.17., got ${lodashPkg?.version}`); + if (!lodashPkg?.version || !semver.satisfies(lodashPkg.version, "^4.17.21")) { + throw new Error(`Expected lodash version satisfying ^4.17.21, got ${lodashPkg?.version}`); } return actual;