fix(ci): lock file validation #4363
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ruyadorno
added
Release 8.x
ruyadorno
force-pushed
the
npm-ci-validate-inventories
branch
from
5319356
to
7a51d96
Compare
Make sure to validate any lock file (either package-lock.json or npm-shrinkwrap.json) against the current install. This will properly throw an error in case any of the dependencies being installed don't match the dependencies that are currently listed in the lock file. Fixes: npm#2701 Fixes: npm#3947
ruyadorno
force-pushed
the
npm-ci-validate-inventories
branch
from
7a51d96
to
2620447
Compare
wraithgar
reviewed
Feb 3, 2022
| throw new Error( | ||
| '`npm ci` can only install packages when your package.json and ' + | ||
| 'package-lock.json or npm-shrinkwrap.json are in sync. Please ' + | ||
| 'update your lock file with `npm install` ' + |
There was a problem hiding this comment.
💯 having a path to resolution here explicitly laid out
There was a problem hiding this comment.
agreed! to be fair it's not my doing 😁 I'm just reinstating the message from v6:
https://github.com/npm/libcipm/blob/9ab1a620db485c137b1c89979c80beddf7e2da42/index.js#L172-L178
wraithgar
reviewed
Feb 3, 2022
wraithgar
approved these changes
Feb 3, 2022
Merged
wraithgar
added a commit
to wraithgar/react
that referenced
this pull request
Feb 17, 2022
Invalid typescript version makes `npm ci` fail in the latest npm npm/cli#4363 Merge conflict was introduced in primer#1771
siddharthkp
pushed a commit
to primer/react
that referenced
this pull request
Feb 17, 2022
Invalid typescript version makes `npm ci` fail in the latest npm npm/cli#4363 Merge conflict was introduced in #1771
|
Hi! Are there plans for back-porting this fix to npm@v7? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Make sure to validate any lock file (either
package-lock.jsonornpm-shrinkwrap.json) against the current install. This will properlythrow an error in case any of the dependencies being installed don't
match the dependencies that are currently listed in the lock file.
References
Fixes: #2701
Fixes: #3947