Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] npm install installs an invalid tree (as validated by npm ci) #5854

Open
2 tasks done
billyjanitsch opened this issue Nov 14, 2022 · 1 comment
Open
2 tasks done
Labels
Bug thing that needs fixing Priority 1 high priority issue Release 9.x work is associated with a specific npm 9 release

Comments

@billyjanitsch
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

This issue exists in the latest npm version

  • I am using the latest npm

Current Behavior

See the two commits in this repo.

The first commit is the result of running:

> npm install @pmmmwh/[email protected] [email protected]
added 135 packages in 6s

This command exits without error, and correctly installs to node_modules/ and package-lock.json. However, the resulting tree is invalid, according to npm ci:

❯ npm ci
npm ERR! code EUSAGE
npm ERR! 
npm ERR! `npm ci` can only install packages when your package.json and package-lock.json or npm-shrinkwrap.json are in sync. Please update your lock file with `npm install` before continuing.

The second commit is the result of running npm install again. This updates the package lock to a valid tree, and npm ci now completes successfully.

Expected Behavior

It shouldn't be necessary to run npm install twice to get a valid tree.

Steps To Reproduce

See current behavior for a minimal repro repository.

Environment

  • npm: 9.1.1
  • Node.js: 18.12.0
  • OS Name: macOS
  • System Model Name: MacBook Pro (16-inch, 2019)
  • npm config: none
@billyjanitsch billyjanitsch added Bug thing that needs fixing Needs Triage needs review for next steps Release 9.x work is associated with a specific npm 9 release labels Nov 14, 2022
@wraithgar
Copy link
Member

@pmmmwh/react-refresh-webpack-plugin is asking for a peerDependency of type-fest that is incompatible with what read-pkg-up is asking for as a dependency. npm is hoisting what read-pkg-up wants, colliding w/ what @pmmmwh/react-refresh-webpack-plugin wants as its peer dep

~/D/n/s/file $ npm view @pmmmwh/[email protected] peerDependencies["type-fest"]
>=0.17.0 <4.0.0
~/D/n/s/file $ npm view [email protected] dependencies["type-fest"]
^0.8.1
~/D/n/s/file $ npm query '#type-fest'|json -a _id location from
[email protected] node_modules/read-pkg/node_modules/type-fest [
  "node_modules/read-pkg"
]
[email protected] node_modules/type-fest [
  "node_modules/read-pkg-up",
  "node_modules/@pmmmwh/react-refresh-webpack-plugin"
]

@wraithgar wraithgar added Priority 1 high priority issue and removed Needs Triage needs review for next steps labels Nov 17, 2022
@jpg619 jpg619 assigned jpg619 and unassigned jpg619 Sep 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bug thing that needs fixing Priority 1 high priority issue Release 9.x work is associated with a specific npm 9 release
Projects
None yet
Development

No branches or pull requests

3 participants