npm_and_yarn json parse error

[peijianju]

Deaer dependabot-script team,
We are experiencing some issue with dependabot/dependabot-core image and its scripts

symptoms

We saw this error in our pipeline,

/home/dependabot/dependabot-script/vendor/ruby/2.6.0/gems/dependabot-common-0.118.8/lib/dependabot/shared_helpers.rb:116:in `rescue in run_helper_subprocess': Dependabot::SharedHelpers::HelperSubprocessFailed
	from /home/dependabot/dependabot-script/vendor/ruby/2.6.0/gems/dependabot-common-0.118.8/lib/dependabot/shared_helpers.rb:84:in `run_helper_subprocess'
	...
	from /home/dependabot/dependabot-script/vendor/ruby/2.6.0/gems/dependabot-npm_and_yarn-0.118.8/lib/dependabot/npm_and_yarn/file_updater.rb:39:in `updated_dependency_files'
	from ./generic-update-script.rb:212:in `block in <main>'
	from ./generic-update-script.rb:174:in `each'
	from ./generic-update-script.rb:174:in `<main>'
/usr/lib/ruby/2.6.0/json/common.rb:156:in `parse': 767: unexpected token at '' (JSON::ParserError)
	from /usr/lib/ruby/2.6.0/json/common.rb:156:in `parse'

We used the latest dependabot/dependabot-core image. so I think the latest dependabot/dependabot-core is broken

root cause suspects

Further investigation point me to this file shared_helpers.rb and this line

response = JSON.parse(stdout)

By printing the stderr in shared_helpers.rb I found this

Error: Cannot find module './lib/npm'
Require stack:
- /opt/npm_and_yarn/run.js
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:880:15)
    at Function.Module._load (internal/modules/cjs/loader.js:725:27)
    at Module.require (internal/modules/cjs/loader.js:952:19)
    at require (internal/modules/cjs/helpers.js:88:18)
    at Socket.<anonymous> (/opt/npm_and_yarn/run.js:12:19)
    at Socket.emit (events.js:327:22)
    at endReadableNT (internal/streams/readable.js:1327:12)
    at processTicksAndRejections (internal/process/task_queues.js:80:21) {
  code: 'MODULE_NOT_FOUND',
  requireStack: [ '/opt/npm_and_yarn/run.js' ]
}

By inspecting the image file, I found this

root@301c0231d8c2:/home/dependabot/dependabot-script# ls /opt/npm_and_yarn/lib/
npm6  yarn

So is /opt/npm_and_yarn/run.js expecting npm instead of npm6 ?

Thank you

[peijianju]

could be related to this #416

[LanceTheDev]

We experience the same problems, but also with composer:

The cause seems to be a change of composer location. When I exec into the docker container, there is no path /opt/composer/helpers/bin/run, but only /opt/composer/helpers/v1/bin/run and /opt/composer/helpers/v2/bin/run. Any help would be appreciated.

[timbru31]

I think this PR is the culprit: dependabot/dependabot-core#2971 it moved npm to npm6

[timbru31]

Updating the dependabot-omnibus dependency in the Gemfile solves the issue. (remember to use the correct Bundler version: bundle _1.17.3_ update

[jrs40492]

Updating the dependabot-omnibus dependency in the Gemfile solves the issue. (remember to use the correct Bundler version: bundle _1.17.3_ update

Tried updating dependabot-omnibus to 0.130.2 and running with bundler 1.17.3 but that errors out on trying to install commonmarker which is a dependency of dependabot-omnibus

[nachogarcia]

Changing the dependabot-omnibus in the Gemfile to 0.130.2 and doing bundle _1.17.3_ install and bundle _1.17.3_ update worked for me.

[MassivDash]

I struggled getting dependbot going on Azure Dev Ops Pipeline, I had very similar issues with npm and yarn, in the beginning I tried to get it going on Ruby bundle, but I could not just seem to set the paths for npm helpers correctly (plus the npm and other bins), according to docs you need to build and copy those. Finally I got it going using docker and latest image dependabot-omnibus (~> 0.152.1). It has all the paths and bins set up, just pass the vars to the docker container

[do-nat]

I struggled getting dependbot going on Azure Dev Ops Pipeline, I had very similar issues with npm and yarn, in the beginning I tried to get it going on Ruby bundle, but I could not just seem to set the paths for npm helpers correctly (plus the npm and other bins), according to docs you need to build and copy those. Finally I got it going using docker and latest image dependabot-omnibus (~> 0.152.1). It has all the paths and bins set up, just pass the vars to the docker container

how did you get it running with the docker container?

If I'm using the docker container as well as the lastest omnibus as you mentioned, I still get the error ...

usr/lib/ruby/gems/2.7.0/gems/bundler-1.17.3/lib/bundler/rubygems_integration.rb:200: warning: constant Gem::ConfigMap is deprecated
/usr/lib/ruby/gems/2.7.0/gems/bundler-1.17.3/lib/bundler/rubygems_integration.rb:200: warning: constant Gem::ConfigMap is deprecated
warning: parser/current is loading parser/ruby27, which recognizes
warning: 2.7.3-compliant syntax, but you are running 2.7.1.
warning: please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.
/usr/lib/ruby/2.7.0/json/common.rb:156:in `parse': 783: unexpected token at '' (JSON::ParserError)
	from /usr/lib/ruby/2.7.0/json/common.rb:156:in `parse'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/clients/azure.rb:53:in `fetch_commit'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:73:in `commit'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:360:in `_full_specification_for'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:370:in `_fetch_file_content'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:140:in `fetch_file_from_host'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-maven-0.152.1/lib/dependabot/maven/file_fetcher.rb:32:in `pom'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-maven-0.152.1/lib/dependabot/maven/file_fetcher.rb:25:in `fetch_files'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:65:in `files'
	from ./generic-update-script.rb:154:in `<main>'

[MassivDash]

I struggled getting dependbot going on Azure Dev Ops Pipeline, I had very similar issues with npm and yarn, in the beginning I tried to get it going on Ruby bundle, but I could not just seem to set the paths for npm helpers correctly (plus the npm and other bins), according to docs you need to build and copy those. Finally I got it going using docker and latest image dependabot-omnibus (~> 0.152.1). It has all the paths and bins set up, just pass the vars to the docker container

how did you get it running with the docker container?

If I'm using the docker container as well as the lastest omnibus as you mentioned, I still get the error ...

usr/lib/ruby/gems/2.7.0/gems/bundler-1.17.3/lib/bundler/rubygems_integration.rb:200: warning: constant Gem::ConfigMap is deprecated
/usr/lib/ruby/gems/2.7.0/gems/bundler-1.17.3/lib/bundler/rubygems_integration.rb:200: warning: constant Gem::ConfigMap is deprecated
warning: parser/current is loading parser/ruby27, which recognizes
warning: 2.7.3-compliant syntax, but you are running 2.7.1.
warning: please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.
/usr/lib/ruby/2.7.0/json/common.rb:156:in `parse': 783: unexpected token at '' (JSON::ParserError)
	from /usr/lib/ruby/2.7.0/json/common.rb:156:in `parse'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/clients/azure.rb:53:in `fetch_commit'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:73:in `commit'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:360:in `_full_specification_for'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:370:in `_fetch_file_content'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:140:in `fetch_file_from_host'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-maven-0.152.1/lib/dependabot/maven/file_fetcher.rb:32:in `pom'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-maven-0.152.1/lib/dependabot/maven/file_fetcher.rb:25:in `fetch_files'
	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.152.1/lib/dependabot/file_fetchers/base.rb:65:in `files'
	from ./generic-update-script.rb:154:in `<main>'

So I have set up the dependobot as a seperate (standalone) project, project consists of pipeline yaml, dockerfile, gemfile and gemfile lock and the update scripts from this project https://github.com/tinglesoftware/dependabot-azure-devops. I had made some changes for security reasons and in this project implementation there is a npm private registry bug that does not allow me to connect to private npm registry, so semi fixed / hacked that in the update-script.rb ( I also gave an issue, but no reply so far).

trigger:
- none

pool:
  vmImage: 'Ubuntu-20.04'

steps:

- script: |
    mkdir repo
    git clone https://$(AZURE_ACCESS_TOKEN)@dev.azure.com/$(AZURE_ORGANIZATION)/$(AZURE_PROJECT)/_git/$(AZURE_REPOSITORY) repo
    cd repo
    git checkout $(DEPENDABOT_TARGET_BRANCH) 
    git pull
  displayName: 'Create and checkout git project'

- script: |
    docker build -f Dockerfile -t dependobot .
  displayName: Build dependobot with project

- script: |
    docker run --rm -t \
           -e GITHUB_ACCESS_TOKEN=$(GITHUB_ACCESS_TOKEN) \
           -e AZURE_PROTOCOL=$(AZURE_PROTOCOL) \
           -e AZURE_HOST=$(AZURE_HOSTNAME) \
           -e AZURE_PORT=$(AZURE_PORT) \
           -e AZURE_ACCESS_TOKEN=$(AZURE_ACCESS_TOKEN) \
           -e AZURE_ORGANIZATION=$(AZURE_ORGANIZATION) \
           -e AZURE_PROJECT=$(AZURE_PROJECT) \
           -e AZURE_REPOSITORY=$(AZURE_REPOSITORY) \
           -e DEPENDABOT_PACKAGE_MANAGER=$(DEPENDABOT_PACKAGE_MANAGER) \
           -e DEPENDABOT_NPM_CREDENTIALS=$(DEPENDABOT_NPM_CREDENTIALS) \
           -e DEPENDABOT_TARGET_BRANCH=$(DEPENDABOT_TARGET_BRANCH) \
           -e DEPENDABOT_VERSIONING_STRATEGY=$(DEPENDABOT_VERSIONING_STRATEGY) \
           -e DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT=$(DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT) \
           -e DEPENDABOT_VERSIONING_STRATEGY=$(DEPENDABOT_VERSIONING_STRATEGY) \
           -e DEPENDABOT_SEC_ONLY=$(DEPENDABOT_SEC_ONLY) \
           -e DEPENDABOT_DIRECTORY=$DEPENDABOT_DIRECTORY \
           dependobot


  env:
    GITHUB_ACCESS_TOKEN: $(GITHUB_ACCESS_TOKEN)
    AZURE_ACCESS_TOKEN: $(AZURE_ACCESS_TOKEN)
    AZURE_ORGANIZATION: $(AZURE_ORGANIZATION)
    AZURE_PROJECT: $(AZURE_PROJECT)
    AZURE_REPOSITORY: $(AZURE_REPOSITORY)
    DEPENDABOT_PACKAGE_MANAGER: $(DEPENDABOT_PACKAGE_MANAGER)
    DEPENDABOT_TARGET_BRANCH: $(DEPENDABOT_TARGET_BRANCH)
    DEPENDABOT_VERSIONING_STRATEGY: $(DEPENDABOT_VERSIONING_STRATEGY)
    DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT: $(DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT)
    AZURE_PROTOCOL: $(AZURE_PROTOCOL)
    AZURE_HOST: $(AZURE_HOST)
    AZURE_PORT: $(AZURE_PORT)
    DEPENDABOT_NPM_CREDENTIALS: $(DEPENDABOT_NPM_CREDENTIALS)
    DEPENDABOT_SEC_ONLY: $(DEPENDABOT_SEC_ONLY)


  displayName: 'Execute dependobot script'

Whats its important is to copy the repo, scrtipts, gemlock.file into container, I do this with following Dockerfile

FROM dependabot/dependabot-core:0.155.0

# Copy the Gemfile and Gemfile.lock
ARG CODE_DIR=/home/dependabot/dependabot-script
RUN mkdir -p ${CODE_DIR}
COPY --chown=dependabot:dependabot Gemfile Gemfile.lock ${CODE_DIR}/
WORKDIR ${CODE_DIR}

# Install dependencies
RUN bundle config set --local path "vendor" \
  && bundle install --jobs 4 --retry 3


# Copy the Ruby scripts
COPY --chown=dependabot:dependabot update.rb ${CODE_DIR}
COPY --chown=dependabot:dependabot azure_helpers.rb ${CODE_DIR}

# Copy the repository
COPY --chown=dependabot:dependabot ./repo/ ${CODE_DIR}
# Run update script
ENTRYPOINT ["bundle", "exec", "ruby", "./update.rb"] 

[caugner]

This is still an issue, and I'm currently experiencing this with dependabot-gitlab.

[ianbunag]

This has recently surfaced in Github's dependabot alerts. We have detected this as the most recent alerts show Dependabot::DependencyFileNotParseable errors. I have tried running dependabot-script locally for package manager npm_and_yarn with the following error logs:

/Users/retracted/.rvm/rubies/ruby-3.0.0/lib/ruby/3.0.0/json/common.rb:216:in `parse': 809: unexpected token at '' (JSON::ParserError)
        from /Users/retracted/.rvm/rubies/ruby-3.0.0/lib/ruby/3.0.0/json/common.rb:216:in `parse'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb:197:in `parse_package_lock'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb:56:in `npm_lockfile_details'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb:27:in `block in lockfile_details'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb:24:in `each'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser/lockfile_parser.rb:24:in `lockfile_details'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:96:in `build_dependency'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:74:in `block (3 levels) in manifest_dependencies'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:70:in `each'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:70:in `block (2 levels) in manifest_dependencies'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:68:in `each'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:68:in `block in manifest_dependencies'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:62:in `each'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:62:in `manifest_dependencies'
        from /Users/retracted/.rvm/gems/ruby-3.0.0/gems/dependabot-npm_and_yarn-0.142.0/lib/dependabot/npm_and_yarn/file_parser.rb:41:in `parse'
        from ./generic-update-script.rb:167:in `<main>'

I have also confirmed that the bug is not due to updates in the package-lock.json file as the following dependabot-script runs result in the same error:

• Ran locally against a previous lockfile version
• Ran locally against a regenerated-from-scratch lockfile
  • By deleting node modules
  • Clearing npm cache
  • Running npm install
  • Pushing to remote branch
  • Running dependabot-script against that branch
• Triggered a retry from Github's dependabot alerts
  • From another repository
  • Created prior to the introduction of the bug
  • It now shows the same Dependabot::DependencyFileNotParseable error

[AurimasNav]

same issue:

2022-06-12T07:06:18.3167374Z ##[section]Starting: react-frontend
2022-06-12T07:06:18.3176921Z ==============================================================================
2022-06-12T07:06:18.3177262Z Task         : Dependabot
2022-06-12T07:06:18.3177602Z Description  : Automatically update dependencies and vulnerabilities in your code
2022-06-12T07:06:18.3177913Z Version      : 1.6.202
2022-06-12T07:06:18.3178156Z Author       : Tingle Software
2022-06-12T07:06:18.3178541Z Help         : For help please visit https://github.com/tinglesoftware/dependabot-azure-devops
2022-06-12T07:06:18.3178963Z ==============================================================================
2022-06-12T07:06:18.4910315Z [command]/usr/bin/docker run --rm -i -e DEPENDABOT_PACKAGE_MANAGER=npm -e DEPENDABOT_FAIL_ON_EXCEPTION=true -e DEPENDABOT_EXCLUDE_REQUIREMENTS_TO_UNLOCK= -e AZURE_PROTOCOL=https -e AZURE_HOSTNAME=dev.azure.com -e AZURE_ORGANIZATION=<org> -e AZURE_PROJECT=<project> -e AZURE_REPOSITORY=react-frontend -e AZURE_ACCESS_TOKEN=*** -e AZURE_SET_AUTO_COMPLETE=true -e AZURE_MERGE_STRATEGY=1 -e DEPENDABOT_VERSIONING_STRATEGY=auto -e DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT=50 -e DEPENDABOT_EXTRA_CREDENTIALS=*** -e GITHUB_ACCESS_TOKEN=*** -e AZURE_AUTO_APPROVE_PR=false tingle/dependabot-azure-devops:0.6
2022-06-12T07:06:21.1432312Z warning: parser/current is loading parser/ruby27, which recognizes2.7.6-compliant syntax, but you are running 2.7.5.
2022-06-12T07:06:21.1434525Z Please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.
2022-06-12T07:06:21.8171089Z GitHub access token has been provided.
2022-06-12T07:06:21.8177426Z Using hostname = 'dev.azure.com', protocol = 'https', port = '443'.
2022-06-12T07:06:21.8178120Z Using 'https://dev.azure.com:443/' as API endpoint
2022-06-12T07:06:21.8178773Z Fetching npm_and_yarn dependency files for <org>/<project>/_git/react-frontend
2022-06-12T07:06:21.8179310Z Targeting 'default' branch under '/' directory
2022-06-12T07:06:21.8179812Z Using 'bump_versions' requirements update strategy
2022-06-12T07:06:21.8180179Z Parsing dependencies information
2022-06-12T07:06:28.2132784Z Checking if @craco/craco 6.4.3 needs updating
2022-06-12T07:06:28.2133308Z No update needed for @craco/craco 6.4.3
2022-06-12T07:06:28.2133748Z Checking if @emotion/react 11.9.0 needs updating
2022-06-12T07:06:28.2134168Z No update needed for @emotion/react 11.9.0
2022-06-12T07:06:28.2134635Z Checking if @emotion/styled 11.8.1 needs updating
2022-06-12T07:06:28.2135055Z No update needed for @emotion/styled 11.8.1
2022-06-12T07:06:28.2135497Z Checking if @hookform/resolvers 2.9.0 needs updating
2022-06-12T07:08:41.2192383Z Requirements to unlock own
2022-06-12T07:08:41.2192772Z Updating @hookform/resolvers from 2.9.0 to 2.9.1
2022-06-12T07:09:30.0347154Z /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:129:in `rescue in run_helper_subprocess': Dependabot::SharedHelpers::HelperSubprocessFailed
2022-06-12T07:09:30.0375096Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:78:in `run_helper_subprocess'
2022-06-12T07:09:30.0376565Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:137:in `run_yarn_top_level_updater'
2022-06-12T07:09:30.0377731Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:108:in `block (2 levels) in run_yarn_updater'
2022-06-12T07:09:30.0378838Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:106:in `chdir'
2022-06-12T07:09:30.0379915Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:106:in `block in run_yarn_updater'
2022-06-12T07:09:30.0381244Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:168:in `with_git_configured'
2022-06-12T07:09:30.0382281Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:105:in `run_yarn_updater'
2022-06-12T07:09:30.0383376Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:77:in `run_current_yarn_update'
2022-06-12T07:09:30.0384495Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:58:in `block in updated_yarn_lock'
2022-06-12T07:09:30.0385648Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:49:in `block in in_a_temporary_directory'
2022-06-12T07:09:30.0386446Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:49:in `chdir'
2022-06-12T07:09:30.0387257Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-common-0.187.0/lib/dependabot/shared_helpers.rb:49:in `in_a_temporary_directory'
2022-06-12T07:09:30.0388281Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:54:in `updated_yarn_lock'
2022-06-12T07:09:30.0389248Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater/yarn_lockfile_updater.rb:30:in `updated_yarn_lock_content'
2022-06-12T07:09:30.0390175Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:170:in `updated_yarn_lock_content'
2022-06-12T07:09:30.0391052Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:114:in `yarn_lock_changed?'
2022-06-12T07:09:30.0391942Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:138:in `block in updated_lockfiles'
2022-06-12T07:09:30.0392780Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:137:in `each'
2022-06-12T07:09:30.0393632Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:137:in `updated_lockfiles'
2022-06-12T07:09:30.0394518Z 	from /home/dependabot/dependabot-script/vendor/ruby/2.7.0/gems/dependabot-npm_and_yarn-0.187.0/lib/dependabot/npm_and_yarn/file_updater.rb:39:in `updated_dependency_files'
2022-06-12T07:09:30.0395134Z 	from ./update-script.rb:335:in `block in <main>'
2022-06-12T07:09:30.0395589Z 	from ./update-script.rb:273:in `each'
2022-06-12T07:09:30.0396011Z 	from ./update-script.rb:273:in `<main>'

[jeffwidman]

We've updated this repo's README with a deprecation note which points to a new example repo we setup to demonstrate how to self-host Dependabot using the Dependabot CLI. As a result, we are archiving this repo.