Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

package-lock.json file has erroneous resolved = false fields #15408

Closed
infinisil opened this issue Sep 18, 2019 · 7 comments
Closed

package-lock.json file has erroneous resolved = false fields #15408

infinisil opened this issue Sep 18, 2019 · 7 comments

Comments

@infinisil
Copy link

Description:

The package-lock.json file contains lines of the form

Rocket.Chat/package-lock.json

Lines 2991 to 2995 in f2f73af

"abbrev": {
"version": "1.1.1",
"resolved": false,
"integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q=="
},

Where the resolved field doesn't actually point to the resolved URI, but is just false. This prevents certain tools, such as node2nix in my case, from being able to use the lock file to fully resolve dependencies.

I found this issue which mentions such a problem: https://npm.community/t/npm-install-or-npm-update-turns-a-bunch-of-resolved-in-package-lock-json-from-real-values-to-false/3308, but without any good solutions other than rm -rf node_modules && npm install.

It would be great if this problem could at least be temporarily fixed on the 2.0.0 release branch.

Expected behavior:

package-lock.json should point all resolved fields to URI's

Actual behavior:

Some URI's are false
@infinisil
Copy link
Author

For now I was able to write a hacky jq script to fix it:

cat package-lock.json | jq 'walk(if type == "object" then with_entries(if (.value | type) == "object" and .value.resolved == false then .value.resolved = "https://registry.npmjs.org/\(.key)/-/\(.key)-\(.value.version).tgz" else . end) else . end)' > package-lock-new.json

@muelli muelli mentioned this issue Nov 6, 2019
Closed
@muelli
Copy link

muelli commented Nov 7, 2019

FWIW: There are some other people reporting this behaviour, e.g.
https://npm.community/t/npm-install-or-npm-update-turns-a-bunch-of-resolved-in-package-lock-json-from-real-values-to-false/3308
or
https://npm.community/t/constant-resolved-false-toggle/276

@muelli muelli mentioned this issue Nov 7, 2019
Closed
@infinisil infinisil mentioned this issue Nov 30, 2019
Closed
@katiecrane katiecrane mentioned this issue Jan 3, 2020
Merged
3 tasks
@taylorjdawson taylorjdawson mentioned this issue Apr 10, 2020
Closed
@Noste
Copy link

Noste commented May 27, 2020

Is there an explanation about why this is happening ?

@jgreen210
Copy link

At least two people (probably more) in my team are seeing this. We've been on npm 6.13.4 for a while, and have started seeing false values appearing in the last few weeks I think (for me, it started today).

For me, removing node_modules isn't helping. The package.json file in the one package I looked at had a URL for _resolved, not false.

@jgreen210
Copy link

I've never used npm link.

@jgreen210
Copy link

jgreen210 commented Jul 1, 2020
edited
Loading

Oops. This isn't the npm project. Oh well.

I've never used RocketChat.

@sampaiodiego
Copy link
Member

there are no more "resolved": false but if that happens to some of you, you can try the following npm/npm#20106 (comment)

@DmitriyLewen DmitriyLewen mentioned this issue Apr 14, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@muelli @sampaiodiego @infinisil @jgreen210 @Noste