Skip to content
This repository

`npm link` should check for installed packages before querying the npm registry #1182

augustl opened this Issue July 24, 2011 · 4 comments

4 participants

August Lilleaas Daniel Bell Felix Geisendörfer Isaac Z. Schlueter
August Lilleaas

When I npm link a package with a dependency that I have installed via npm link or a tarball, that isn't in the npm registry, npm fails.

Update 1:
Seems like npm link will npm install itself post link, to handle dependencies. And npm install doesn't seem to check if a dependency of a package is already installed before querying the registry. So that's the only fix needed it seems.

Update 2:
targetResolver in npm install only checks for existing installs in node_modules of the package from where npm link is executed. As seen below, this means it won't find packages that has been linked, since linking installs to ~/local/node/lib/node_modules.

So a sensible fix as far as I know would be to have targetResolver do a full scale check - i.e. NODE_PATH and node_modules in all parent directories.

Piggybacking on require.resolve is probably not a good idea, as some packages might only have a bin/ for example, and is not requireable.

How to reproduce

In ~/package-foo/package.json:

    "name": "package-foo",
    "version": "0.5.0"

In ~/package-bar/package.json:

    "name": "package-bar",
    "version": "0.5.0",
    "dependencies": {
        "package-foo": "*"

Then run:

$> cd ~/package-foo
$> npm-link
../local/node/lib/node_modules/package-foo -> /home/augustl/package-foo
$> cd ~/package-bar
$> npm link
npm ERR! 404 'package-foo' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it.
npm ERR! 404 Note that you can also install from a tarball or folder.
npm ERR! 
npm ERR! System Linux 2.6.39-ARCH
npm ERR! command "node" "/home/augustl/local/node/bin/npm" "link"
npm ERR! cwd /home/augustl/sandbox/package-bar
npm ERR! node -v v0.4.8
npm ERR! npm -v 1.0.20
npm ERR! 
npm ERR! Additional logging details can be found in:
npm ERR!     /home/augustl/package-bar/npm-debug.log
npm not ok
Daniel Bell

+1. This is similar to the issue I raised in #1024. I have worked around this by commenting out the dependencies in the packages that I want to link... but this isn't ideal.

August Lilleaas

Thanks for the workaround, sounds like a sensible temporary "fix".

Felix Geisendörfer

+1 This keeps me from using npm offline.

Isaac Z. Schlueter

In general, I'd like to be able to make the following guarantees:

  1. If the registry is set to null, or a registry request returns a 404, but it's in the cache already, then cache.add should return the existing data, rather than failing. (Ie, treat 404s as a 304, if we had some kind of data.)
  2. If npm.config.get("link") is true, and the global package is suitable, then it should not contact the registry for any reason. That is, don't even fetch the available versions from the registry in that case, just use whatever's linked.
  3. npm link should imply the --link flag when it does the local install.
Isaac Z. Schlueter isaacs referenced this issue from a commit December 07, 2011
Isaac Z. Schlueter Reproduction for #1182 759c1fa
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.