getsentry/fastify-otel - pnpm install/fetch not working in CI on dependabot PRs - error code 128 #16300

jlowcs · 2025-05-14T17:29:44Z

Is there an existing issue for this?

I have checked for existing issues https://github.com/getsentry/sentry-javascript/issues
I have reviewed the documentation https://docs.sentry.io/
I am using the latest SDK release https://github.com/getsentry/sentry-javascript/releases

How do you use Sentry?

Sentry Saas (sentry.io)

Which SDK are you using?

@sentry/browser

SDK Version

Framework Version

No response

Link to Sentry event

No response

Reproduction Example/SDK Setup

No response

Steps to Reproduce

A dependabot PR updated our pnpm lockfile, replacing https://codeload.github.com with git+https://git@github.com

For instance,

'@fastify/otel@https://codeload.github.com/getsentry/fastify-otel/tar.gz/d6bb1756c3db3d00d4d82c39c93ee3316e06d305(@opentelemetry/api@1.9.0)':

became

'@fastify/otel@git+https://git@github.com:getsentry/fastify-otel.git#ae3088d65e286bdc94ac5d722573537d6a6671bb(@opentelemetry/api@1.9.0)':

This change is being applied on all dependabot PRs, even those that don't bump Sentry.

This results in our CI not passing anymore, both in CircleCI and in Github Actions:

Run pnpm i --ignore-scripts
Scope: all 27 workspace projects
Lockfile is up to date, resolution step is skipped
Progress: resolved 1, reused 0, downloaded 0, added 0
Packages: +3551
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Progress: resolved 3551, reused 0, downloaded 0, added 0
Progress: resolved 3551, reused 0, downloaded 15, added 0
Progress: resolved 3551, reused 0, downloaded 11[9](https://github.com/change/corgi/actions/runs/15026969483/job/42230030476?pr=16015#step:6:10), added 117
Progress: resolved 3551, reused 0, downloaded 264, added 254
Progress: resolved 3551, reused 0, downloaded 327, added 327
Progress: resolved 3551, reused 0, downloaded 498, added 493
Progress: resolved 3551, reused 0, downloaded 522, added 513
Progress: resolved 3551, reused 0, downloaded 599, added 593
Progress: resolved 3551, reused 0, downloaded 698, added 690
 ERROR  Command failed with exit code 128: /usr/bin/git clone git@github.com:getsentry/fastify-otel.git /home/runner/setup-pnpm/node_modules/.bin/store/v3/tmp/_tmp_1886_c2c62726d7df692904a22abcf0638edc
Cloning into '/home/runner/setup-pnpm/node_modules/.bin/store/v3/tmp/_tmp_1886_c2c62726d7df692904a22abcf0638edc'...
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

pnpm: Command failed with exit code 128: /usr/bin/git clone git@github.com:getsentry/fastify-otel.git /home/runner/setup-pnpm/node_modules/.bin/store/v3/tmp/_tmp_1886_c2c62726d7df692904a22abcf0638edc
Cloning into '/home/runner/setup-pnpm/node_modules/.bin/store/v3/tmp/_tmp_1886_c2c62726d7df692904a22abcf0638edc'...
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
    at makeError (/home/runner/setup-pnpm/node_modules/.pnpm/pnpm@9.15.4/node_modules/pnpm/dist/pnpm.cjs:17875:17)
    at handlePromise (/home/runner/setup-pnpm/node_modules/.pnpm/pnpm@9.15.4/node_modules/pnpm/dist/pnpm.cjs:18446:33)
    at process.processTicksAndRejections (node:internal/process/task_queues:[10](https://github.com/change/corgi/actions/runs/15026969483/job/42230030476?pr=16015#step:6:11)5:5)
    at async execGit (/home/runner/setup-pnpm/node_modules/.pnpm/pnpm@9.15.4/node_modules/pnpm/dist/pnpm.cjs:[11](https://github.com/change/corgi/actions/runs/15026969483/job/42230030476?pr=16015#step:6:12)4213:7)
    at async gitFetcher (/home/runner/setup-pnpm/node_modules/.pnpm/pnpm@9.15.4/node_modules/pnpm/dist/pnpm.cjs:114168:11)
    at async fetcher (/home/runner/setup-pnpm/node_modules/.pnpm/pnpm@9.15.4/node_modules/pnpm/dist/pnpm.cjs:[13](https://github.com/change/corgi/actions/runs/15026969483/job/42230030476?pr=16015#step:6:14)3730:16)
    at async run (/home/runner/setup-pnpm/node_modules/.pnpm/pnpm@9.15.4/node_modules/pnpm/dist/pnpm.cjs:133180:23)
Error: Process completed with exit code 1.

This might be related to #16295.

Expected Result

pnpm i should work on dependabot PRs.

Actual Result

pnpm i fails on dependabot PRs.

The text was updated successfully, but these errors were encountered:

jlowcs · 2025-05-14T17:32:24Z

My guess is that it is somehow related to #16287

jlowcs · 2025-05-14T17:41:03Z

possibly related: dependabot/dependabot-core#10124

jlowcs · 2025-05-14T17:42:42Z

They're suggesting a workaround by adding a ssh key just for the purpose of pnpm being able to clone, but it's a bit hacky imho.

andreiborza · 2025-05-15T11:52:39Z

Hi @jlowcs, thanks for bringing this up. Tricky one, seems to be a pnpm issue but we'll need to think of possible alternatives.

That being said, we are not expecting to push many updates to that fork. It's also a temporary fork until our next major where we'll switch back to installing the upstream package.

I know it's not satisfactory but my only suggestion for now is to fix the lockfile manually.

jlowcs · 2025-05-15T13:16:18Z

After bumping Sentry to the latest version, it seems to have fixed the issue. The dependabot PRs are now passing the CI without issues. I don't know if it's the Sentry bump or if it's a change on dependabot's side that fixed it though.

andreiborza · 2025-05-15T14:26:35Z

This will probably reappear the next time dependabot tries to update this. Thanks again for raising this, we're looking into just vendoring the instrumentation in directly.

andreiborza · 2025-05-20T12:19:10Z

Hi, this has been resolved with 9.21.0, we vendored in @fastify/otel.

jlowcs added the Bug label May 14, 2025

getsantry bot added the Waiting for: Product Owner label May 14, 2025

getsantry bot added this to GitHub Issues with 👀 3 May 14, 2025

getsantry bot moved this to Waiting for: Product Owner in GitHub Issues with 👀 3 May 14, 2025

github-actions bot added the Browser label May 14, 2025

jlowcs changed the title ~~pnpm install/fetch not working in CI on dependabot PRs~~ pnpm install/fetch not working in CI on dependabot PRs - error code 128 May 14, 2025

jlowcs changed the title ~~pnpm install/fetch not working in CI on dependabot PRs - error code 128~~ getsentry/fastify-otel - pnpm install/fetch not working in CI on dependabot PRs - error code 128 May 14, 2025

getsantry bot removed the Waiting for: Product Owner label May 15, 2025

getsantry bot removed the status in GitHub Issues with 👀 3 May 15, 2025

getsantry bot added the Waiting for: Product Owner label May 15, 2025

getsantry bot moved this to Waiting for: Product Owner in GitHub Issues with 👀 3 May 15, 2025

andreiborza mentioned this issue May 15, 2025

Vendor @fastify/otel instrumentation #16309

Closed

getsantry bot removed the Waiting for: Product Owner label May 15, 2025

getsantry bot removed the status in GitHub Issues with 👀 3 May 15, 2025

andreiborza closed this as completed May 20, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

getsentry/fastify-otel - pnpm install/fetch not working in CI on dependabot PRs - error code 128 #16300

getsentry/fastify-otel - pnpm install/fetch not working in CI on dependabot PRs - error code 128 #16300

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

getsentry/fastify-otel - pnpm install/fetch not working in CI on dependabot PRs - error code 128 #16300

getsentry/fastify-otel - pnpm install/fetch not working in CI on dependabot PRs - error code 128 #16300

Comments

Is there an existing issue for this?

How do you use Sentry?

Which SDK are you using?

SDK Version

Framework Version

Link to Sentry event

Reproduction Example/SDK Setup

Steps to Reproduce

Expected Result

Actual Result

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!