npm: specifiers still use version in lockfile when updating config
#20868
Comments
marvinhagemeister
added
bug
|
After deleting my Before that I could reproduce, and saw the following in {
"packages": {
"specifiers": {
"npm:[email protected]": "npm:[email protected][email protected]",
// ...
}
// ...
}
}Not sure what that mechanism is. |
|
That makes it sound like there is a stale cache somewhere. Maybe it stores the dependencies at the time the module was downloaded or something. |
|
preact-render-to-string is locked to preact 10.15.1: Clearing out the lockfile after upgrading dependencies is probably the best thing to do without BYONM. Perhaps maybe the lockfile could be invalidated when adding or changing a top level dependency, though that might be hard to figure out. |
|
Just ran into this again while trying to use more |
|
I think when we see a specifier we haven't seen before, we should just invalidate the lockfile, but maintain the collection of npm specifiers to package name and version (not id with peer deps). I can look into this today. |
|
Yeah, I can't think of any other solution myself. Like you said, it seems like when we add a new npm dep we need to re-evaluate the dependency graph and re-create the lockfile to make peer dependencies work. |
|
One other thing we could do is give precedence to npm specifiers in the import map. If one of them changes then we can assume that's the reference used in the project, remove it from the lockfile, then invalidate the other parts of the lockfile. That would require storing these specifiers in the lockfile though, but it would handle the scenario where you switch back and forth between a dep version. |
|
Not sure it's the same issue but I'm trying to override a "ws" import inside the "puppeteer-core" package wich is a dependency of my direct dependency "npm:[email protected]". Is this supposed to work? Or should I use npm: specifier somewhere? Or version specifier? |
|
@guillaume86 no, that is #18191 In the meantime, there are two ways to get around this. One is using |
|
I'm currently facing a similar issue on a try to override a dependency from a my project's dependency I tried to use this, to fix an issue caused by the latest version of reestructure in my project, as per docs , but it does not seem to behave as expected I've also tried to vendor it, setting |
|
@luizfilipe depend on what "fontkit" is, I think that's #18191 |
dsherret
changed the title
npm: specifiers ignore import mapnpm: specifiers still use version in lockfile when updating config
|
Also, I think this issue original issue was essentially fixed by #22004. Going to close this now, but maybe let's open a targeted issue about anything remaining. |
I'm running into a bug with Fresh when trying to switch over to
npm:specifiers. When using bothpreact-render-to-stringandpreactDeno loads multiple copies of Preact. This breaks preact's coreoptionAPI which relies on a signleton.It seems like anything I set in the import map is ignored. There I specifically request
[email protected], but somehow[email protected]is still getting installed bypreact-render-to-string.{ "vendor": true, "imports": { "preact": "npm:[email protected]", "preact/": "npm:/[email protected]/", "preact-render-to-string": "npm:[email protected]" }, "compilerOptions": { "jsx": "react-jsx", "jsxImportSource": "preact" } }Steps to reproduce
deno run foo.tsxIt will print
it workswhen the bug is resolved, otherwise it will printit doesn't workif the bug is still present.The text was updated successfully, but these errors were encountered: