You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Aug 11, 2022. It is now read-only.
When you npm install a module A, npm install may dedupe any of module A's dependencies if they already exist in the node_modules tree.
Now if you were to install a newer version of the deduped module in the tree npm does not go and find all the locations where it deduped the module deeper in the tree and install the old version if its a semver range mismatch
Example
cd~/tmp
mkdir foobar
cd foobar
npm init
npm i negotiator@0.2.5 -S
npm i st -S
npm i negotiator@latest -S
npm ls
echo$?; 1
Expected output
any npm install --save should not cause an npm ls to fail after the install. (assuming npm ls worked before the install)
Suggested fix
we can update npm install {{module}}@version so that it searches the entire dependency tree (based on package.json, not node_modules) for all references to {{module}}. We can then manually check that each referenced range matches the new version and if it does not invoke npm install {{module}}@range in that location in the node_modules tree
we can remove the deduping feature from npm install
When you npm install a module A,
npm install
may dedupe any of module A's dependencies if they already exist in the node_modules tree.Now if you were to install a newer version of the deduped module in the tree npm does not go and find all the locations where it deduped the module deeper in the tree and install the old version if its a semver range mismatch
Example
Expected output
any
npm install --save
should not cause annpm ls
to fail after the install. (assumingnpm ls
worked before the install)Suggested fix
npm install {{module}}@version
so that it searches the entire dependency tree (based on package.json, not node_modules) for all references to {{module}}. We can then manually check that each referenced range matches the new version and if it does not invokenpm install {{module}}@range
in that location in the node_modules treenpm install
cc @isaacs @othiym23
The text was updated successfully, but these errors were encountered: