Open
Description
Is there an existing issue for this?
- I have searched the existing issues
This issue exists in the latest npm version
- I am using the latest npm
Current Behavior
Running npm install in a workspace with package A using preact@latest and package B using preact@experimental only installs preact@latest.
Expected Behavior
Each package should install its own version of the dependency matching the dist tag.
Steps To Reproduce
In a workspaces based environment, for example:
packages.json
{
"name": "example",
"version": "1.0.0",
"license": "UNLICENSED",
"workspaces": [
"packages/*"
]
}
packages/a/package.json
{
"name": "a",
"version": "1.0.0",
"license": "UNLICENSED",
"dependencies": {
"preact": "experimental"
}
}packages/b/package.json
{
"name": "b",
"version": "1.0.0",
"license": "UNLICENSED",
"dependencies": {
"preact": "latest"
}
}- Run
npm install - Run
npm ls --package-lock-only - Observe that it incorrectly dedupes
preactto pull only10.26.5fromlatest
├─┬ a@1.0.0 -> ./packages/a
│ └── preact@10.26.5
└─┬ b@1.0.0 -> ./packages/b
└── preact@10.26.5 deduped
- Modify a's dependency to use a version
packages/a/package.json
{
"name": "a",
"version": "1.0.0",
"license": "UNLICENSED",
"dependencies": {
"preact": "11.0.0-experimental.1"
}
}- Modify b's dependency to use a version
packages/b/package.json
{
"name": "a",
"version": "1.0.0",
"license": "UNLICENSED",
"dependencies": {
"preact": "10.26.5"
}
}- Run
npm install - Run
npm ls --package-lock-only - Observe that it now has the correct dependencies for both packages
├─┬ a@1.0.0 -> ./packages/a
│ └── preact@11.0.0-experimental.1
└─┬ b@1.0.0 -> ./packages/a
└── preact@10.26.5
Environment
- npm: 10.9.2
- Node.js: v23.7.0
- OS Name: MacOS Sequoia 15.3.1
- System Model Name: Macbook Pro