[BUG] dev dependency binaries not linked after upgrading package-lock.json
from v1 to v2 using npm install --production
and then running npm install
#3125
Labels
Current Behavior:
Upgrading
package-lock.json
fromlockfileVersion: 1
tolockfileVersion: 2
usingnpm install --production
causes future calls tonpm install
to not link the binaries of the dev dependencies undernode_modules/.bin
. This seems like it may be caused by the dev dependencies inpackage-lock.json
not being updated.Expected Behavior:
Subsequent calls to
npm install
should correctly link the dev dependency binaries innode_modules/.bin
if needed.Steps To Reproduce:
npm
version 61.1. Create a project (
npm init --yes
).1.2. Install a dev dependency that has a binary, also generating a
package-lock.json
file in lockfileVersion 1 (npm install --save-dev typescript
).1.3. Delete
node_modules
(rm -rf node_modules
).npm
version 72.1. Install only production dependencies, also causing
package-lock.json
to be upgraded to lockfileVersion 2 (npm install --production
).2.2 Install all dependencies (
npm install
)2.3 Try executing one of the binaries that should have been linked (
npx -c 'tsc -v'
), it produces error/bin/sh: 1: tsc: not found
because the binary has not been linked vianode_modules/.bin/
.Docker Reproduction
This
Dockerfile
can be used to reproduce an environment where the corruptedpackage-lock.json
has been created. You can build and run it usingdocker build -t node-issue . && docker run node-issue
Example output of running this container:
More info:
Example files
Here is an example of a corrupted
package-lock.json
and its correspondingpackage.json
:package-lock.json
package.json
Workaround
If you use
npm ci
or deletepackage-lock.json
and reinstall it should update the binary links correctly.Environment:
Host
Docker
NPM 6
NPM 7
The text was updated successfully, but these errors were encountered: