fix: prevent automation from producing broken PRs#2354
fix: prevent automation from producing broken PRs#2354PeterDaveHello wants to merge 1 commit intomainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
This pull request fixes critical issues in the automatic update workflow that were causing broken PRs with incorrect YARN_VERSION values and empty PR titles. The changes ensure that security updates preserve existing Yarn versions, the automation script processes all available Node.js versions even when some lack musl builds, and PR creation is skipped when no updates are available.
Changes:
- Fixed
update.shto preserve existing YARN_VERSION from Dockerfiles during security updates (SKIP=true mode) instead of leaving the template placeholder0.0.0 - Updated
build-automation.mjsto continue processing all versions when musl builds are unavailable, only exiting if no versions were successfully updated - Added workflow condition to prevent creating PRs with empty titles when no updates are produced
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| update.sh | Preserves existing YARN_VERSION when SKIP=true by extracting it from the current Dockerfile before replacement |
| build-automation.mjs | Changes early exit on missing musl builds to continue loop; only exits after processing all versions if none were updated |
| .github/workflows/automatic-updates.yml | Adds condition to skip PR creation when automation script returns empty result |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Preserve existing YARN_VERSION when running update.sh with -s flag instead of leaving template placeholder (0.0.0) in Dockerfiles - Change build-automation.mjs to skip versions without musl builds instead of exiting early, preventing partial updates - Add condition to workflow to skip PR creation when no versions were updated, preventing empty PR titles Fixes issues seen in PRs #2341, #2347, #2350 where automation produced Dockerfiles with YARN_VERSION=0.0.0 and/or empty PR titles. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
PeterDaveHello
force-pushed
the
fix/automation-broken-prs
branch
from
6eeadfd to
8d9e10e
Compare
|
Presumably the partial updates thing would be a solution that conflicted with the proposed chanages in #2353? |
|
Maybe, though, the purpose here is just to prevent broken PRs from being generated. |
|
Honestly, I'm not sure if this issue can be accurately reproduced at this moment. If the problem has indeed been resolved in the new PR, maybe I'll just close this one directly. |
|
The issues that this PR describes are from the January 2026 security update. I didn't see those issues occurring with the recent March 2026 security update. The Debian updates for March were created correctly and automatically. The Alpine updates were created manually, just to speed up release. You could rebase and add your additional safeguards into the workflow or close for the time being and monitor what happens for the next (security) release. The part that changes the Yarn handling would however need to be removed, as the Yarn version is no longer updated dynamically, and instead is hard-coded inline. |
| else | ||
| # Preserve existing YARN_VERSION from current Dockerfile when SKIP=true | ||
| existingYarnVersion=$(sed -n 's/^ENV YARN_VERSION=//p' "${dockerfile}") | ||
| if [ -n "${existingYarnVersion}" ]; then | ||
| sed -Ei -e 's/^(ENV YARN_VERSION)=.*/\1='"${existingYarnVersion}"'/' "${dockerfile}-tmp" | ||
| fi |
There was a problem hiding this comment.
| else | |
| # Preserve existing YARN_VERSION from current Dockerfile when SKIP=true | |
| existingYarnVersion=$(sed -n 's/^ENV YARN_VERSION=//p' "${dockerfile}") | |
| if [ -n "${existingYarnVersion}" ]; then | |
| sed -Ei -e 's/^(ENV YARN_VERSION)=.*/\1='"${existingYarnVersion}"'/' "${dockerfile}-tmp" | |
| fi |
Remove to avoid rebase conflict, as this code section no longer exists
Description
Fixes issues in the automatic update workflow that caused broken PRs with
YARN_VERSION=0.0.0and empty PR titles.Changes:
update.sh: Preserve existingYARN_VERSIONfrom current Dockerfile whenSKIP=trueinstead of leaving template placeholderbuild-automation.mjs: Skip versions without musl builds instead of exiting early; only exit after loop if no versions were updatedautomatic-updates.yml: Add condition to skip PR creation when result is emptyMotivation and Context
The automatic update workflow was producing broken PRs:
YARN_VERSION=0.0.0 bug: When running
update.sh -s(security update), the template placeholder0.0.0was written to Dockerfiles instead of preserving the existing yarn version. This was a regression from commit 61380fa.Partial updates / empty PR titles:
build-automation.mjswouldprocess.exit(0)when encountering a version without musl builds, leaving partial changes and causing empty PR titles.Related issues seen in PRs #2341, #2347, #2350.
Testing Details
./update.sh -s 24 bookworm- verified YARN_VERSION preserved (not 0.0.0)node --check build-automation.mjs- syntax validshellcheck update.sh- no errorsshfmt -d -sr -i 2 -ci update.sh- formatting check passedTypes of changes
Checklist