Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
npm shrinkwrap fails >= 2.5.0 #5687
I'm encountering the following error when trying to do
Reverting eslint to
Fair warning, this is my first time working with some of this stuff, so please correct me if I'm wrong :)
This only seems to affect npm@2 (I am able to replicate the original poster's error with npm@2, but npm@3 seems to be working as expected), so it seems like @platinumazure's comment above is probably what's going on.
@ilyavolodin shared this npm/npm#8396, which seems to be the relevant workaround. Testing locally it looks to me like adding
The link in my comment above explains what's going on, but the issue seems to be that dev dependencies are not bundled in npm@2 even if they are a sub-dependency of a non-dev dependency. This is only a problem in npm@2 because npm@3 fills in the missing dependencies.
Specifically to this case,
added a commit
Mar 26, 2016
@alberto From my understanding, the packages in bundledDependencies are bundled when
Realizing this, it seems like my PR actually isn't the right solution, since I think we dynamically generate this list with the build script. Can you confirm, @nzakas? If so, I'll close my PR.
Unless I'm missing something, it seems like the underlying issue is the aforementioned bug. If we want to continue using bundledDependencies in an npm@2 compatible way we could update the build script to account for this bug (i.e. reach out to the 3rd party package author and notify them of the bug and see if they can fix it or just write our own script that does something similar).
This only occurred because npm was flakey when the package was created. I already updated the release script in #5688, so there shouldn't be any other change necessary besides doing a new release, which I'll do sometime today.
@ljharb this is just a bug, not a breaking change. It's akin to forgetting to include a dependency in package.json. We are doing the best we can to resolve this as quickly as possible, si a bit of patience would be greatly appreciated.