-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
shrinkwrap + prune + npm3 = packages being re-downloaded #282
Comments
Thanks for the issue and description! The reason It'd be great to discover whether |
That both aren't true right now are among the many places where shrinkwrap is underspecified around the edges (see also the discussions about how best to handle So yes, there are bugs, or maybe just holes in npm's functionality here. We're in the process of shoring up npm's tests for the rest of the year, so we're not going to have time to fix any bugs filed around this for a while, but I would be completely behind somebody taking a stab at making orune's behavior more consistent here. That said, the initial description of the problem isn't complete – the behavior described should happen only with trees initially installed with I'm not, however, completely sure how the presence of a shrinkwrap might change how that metadata gets added, and there in fact might be other bugs around the interaction of shrinkwraps and various other commands with |
Thanks @othiym23! I'll close this since we try to resolve root issues rather than work around them at the buildpack level. At the moment I typically recommend using |
@hunterloftis unfortunately Personally, I can imagine that there will be many Heroku apps that upgrade from npm2 > 3, and so will see this issue. I'll try to do some further testing, but IMO the buildpack is running |
When you change versions of node or npm, the buildpack invalidates your
|
@hunterloftis of course. Silly me. So basically this is a bug with how shrinkwrap works, so should be tracked upstream. That's fair enough. Thanks for your comments! |
@fiznool would the buildpack skipping the |
Yes, that would be a useful workaround. Can this be achieved for npm3 only?
|
@fiznool it could be, though I hesitate to put in version-specific workarounds (over time the complexity and backwards compatibility requirements really add up, and I have to support them). For now let's test a branch that simply doesn't prune dependencies. Long-term the buildpack will need to prune dependencies occasionally; this could be done by caching the number of unpruned builds and then pruning every X builds... or more ideally npm-next will make
|
Currently, when building the dependencies, the buildpack runs
npm prune
and thennpm install
.npm3 has changed to installing dependencies 'maximally flat', i.e. npm has tried to pull out as many nested dependencies as possible, and put them at the top level in the
node_modules
dir.As a result, when subsequently running
npm shrinkwrap
, you'll potentially end up with a shrinkwrap file with lots of 'top-level' dependencies that don't necessarily correspond to what is described inpackage.json
.npm prune
doesn't take into account the shrinkwrap at all - it just looks in thepackage.json
and uninstalls any top level packages that are in thenode_modules
folder, but not inpackage.json
.So you can see there is an issue:
node_modules
cache previously installed by a maximally flat shrinkwrap won't really correspond to apackage.json
.npm prune
will remove many top level dependencies that aren't inpackage.json
.npm install
will (probably) re-download many that were removed bynpm prune
.Obviously this isn't really desirable, and somewhat negates the benefits of the
node_modules
cache.The text was updated successfully, but these errors were encountered: