I have created my own npm feed in Azure Artifacts. I can publish my package and use it in my applications.
In my applications, the package is referenced like this in the package.json
`"#op/breeze-helpers": "^0.1.5"`
If I now publish version 0.1.6 of my package, delete my package from node_modules and run npm i , npm installs version 0.1.5 again !
I even tried npm i --cache c:/tmp/empty-cache to make sure it was not getting the package from cache, but it ends up the same. npm keeps installing version 0.1.5
what am doing wrong, I thought with the caret, the next minor should be downloaded when running npm i ?
The package-lock.json sets your currently installed version of each package in stone, and npm will use those exact versions when running npm install.
So it will download the package versions from the package-lock.json file.
I want to be on latest version always.
You could try to set the "*" as the dependency package version.
For example:
"dependencies": {
"#types/bootstrap": "*",
"#types/jquery": "*",
"bootstrap": "*"
}
Then it will always download the latest version of the target packages.
Related
I'm trying to build a repository/package for my personal ESLint config files. I have all of my configuration files built the way I would like, and now I am trying to install this package to test it.
In this scenario, I have two packages:
#me/eslint-config is the package containing my ESLint config files.
test-package is the package on/in which I am trying to install #me/eslint-config.
When I try to install the #me/eslint-config package, peer dependencies are not installed, nor are they even mentioned during the installation.
Both packages currently only reside locally on my machine, side-by-side, in the same directory:
<parent_dir>:
- eslint-config
- package.json
- ...
- test-package
- package.json
- ...
The package.json file for #me/eslint-config looks as follows:
{
...
"dependencies": {
"#typescript-eslint/parser": "5.29.0"
},
"peerDependencies": {
"eslint": "8.18.0",
"eslint-plugin-import": "2.26.0",
"eslint-plugin-jsdoc": "39.3.3",
"eslint-plugin-prefer-arrow": "1.2.3",
"#typescript-eslint/eslint-plugin": "5.29.0"
}
...
}
I am installing this package in test-package as follows:
$> cd /path/to/test-package
$> npm i ../eslint-config --save-dev
NPM properly installs all other dependencies, including the #me/eslint-config package itself, but does not install the peerDependencies of #me/eslint-config.
This is using NPM v8.1.0.
This article seems to suggest that NPM >7 installs peer dependencies automatically. This is obviously not working for me.
Things I have already tried that have not fixed the problem:
Deleting node_modules/ and package-lock.json from test-package and reinstalling everything.
Pinning all peerDependencies versions in #me/eslint-config.
Adding all peerDependencies in #me/eslint-config as both dependencies and peerDependencies in #me/eslint-config.
tl;dr NPM isn't installing peerDependencies
I had the same error on former version of npm and as you mention, npm ^8 now install peer dependencies.
But here could be ways of fining your problem
1 : estlint is a devDependencies (A guess)
eslint should be devDependencies and not a peerDependencies.
Maybe npm doesn't accept you to install it then.
I search a bit but couldn't find any real thread discussing about this
That said, I wouldn't install it as dependencies since it will be pushed to your production build, what, I think, you do not want.
2 : Being up to date
Try it with the latest version of npm
download the latest version of npm : npm install -g npm#latest
Delet node_modules/ and package-lock.json from test-package and reinstall everything. as you did already
2 : allowJs
If eslint is an js package & you see it being installed in the node_modules folder.
Inside the tsconfig.json file, under the compilerOptions add allowJs: true and set strict: false
"compilerOptions": {
"allowJs": true,
"strict": false,
Close all your instance of vs-code
Restart & retry (No need to remove the package-lock or so)
I am publishing artifact to npm repository with a custom tag 'dev-latest'. After executing npm install in a project where I have this dependency defined, the latest version is not updated.
After new artifact is published I see that dev-latest points to the latest version:
npm view #kosmos/equote-lib dist-tags
{ 'dev-latest': '1.0.0-dev20190125.1',
latest: '1.0.0-rel20190122.0',
'rel-latest': '1.0.0-rel20190123.0' }
Locally i have installed previous version. In my package.json my dependency is defined:
"#kosmos/equote-lib": "dev-latest",
after executing npm install to update whole project my package is not updated to the latest version.
When I do npm install #kosmos/equote-lib#dev-latest it will update it but also change my package.json entry to the specific package version.
Other solution is to remove node_modules and the I will get latest version as well.
I would expect that using tag will remove the need of specifying the version in package.json Is there a way to implement the desired behavior ?
I think I found the good answer here: https://stackoverflow.com/a/19824154/1347496
Basically in case you have already installed the modules locally you should use npm update to update one/all dependencies. In my case while using tags I do
npm update --no-save
to not to overwrite my package.json
I want to use latest distribution tag in my package.json for internal packages. This allows me to always get their latest versions when I npm install in local environment, without updating all external 3rd parties.
The issue comes when I'm hotfixing deployed verion:
For hotfix purpose I generate and save package-lock.json for each deployed version of the application.
But when I npm install during hotfix preparation, there is a conflict between versions of internal package in package.json and package-lock.json: package-lock.json points to version that was used in deployed application, but package.json point to latest distribution tag, which itself points to later version.
Since version specified in package-lock.json doesn't suit to version range specified in package.json (which is very specific - only the latest version will suit), npm install ignores package-lock.json and installs the latest version.
I searched through documentation and internet and didn't find any existing solution for the issue:
I didn't find any npm install flag that would treat package-lock.json versions with higher priority than distribution tag in package.json
I dind't find any tool that would reconstruct package.json from package-lock.json, or at least replace aliases (distribution tags) in package.json with specific versions from package-lock.json.
Is there any solution for my issue (besides writing a tool that will implement last approach)?
Sandbox:
https://github.com/maxlk/npm-lock-version-should-override-latest (clone and run npm install or its alternative)
I found a solution - to use npm ci instead of npm install.
It doesn't exit with error, despite the claim in the documentation: https://docs.npmjs.com/cli/ci
If dependencies in the package lock do not match those in package.json, npm ci will exit with an error, instead of updating the package lock.
If I npm install -g ember-cli#2.7.0, then in my project, if I do npm install --save-dev ember-cli#2.7.0, shouldn't the global ember-cli be copied over to my project right away, and just bump up version number in package.json?
Am I right?
Technically it will use the cached version (in the npm_cache folder) to do the install, not the copy that you installed globally. As for the version number, it should update your package.json file to "ember-cli": "^2.7.0"
I want to be able to compare my locally installed packages against my project package.json file without making a call against the npm online repo. If there is a package that is out of date based on the package.json file, then and only then will it go to the npm online repo and install the package.
The reason for this is that I want to be able to update the package.json file to require a newer version of a package, commit this change to the project repo and when other developers on the team get latest their npm package is updated. I do not want to slow down the process if everything is up-to-date or cause the build to fail if access to the npm repo or the internet is down.
I am wondering if this is an already solved use-case or do I need to parse the package.json file and compare it to a "npm ls" output myself?
you will need to setup a local repository (by duplicating the NPM couchdb localy)
( see https://stackoverflow.com/a/7577265/406458)
then you could use npm-check-updates.
npm-check-updates will give you a list of packages that can be updated in your package.json file see
https://www.npmjs.org/package/npm-check-updates
$ npm-check-updates
"connect" can be updated from 2.8.x to 2.11.x (Installed: 2.8.8,
Latest: 2.11.0) "commander" can be updated from 1.3.x to 2.0.x
(Installed: 1.3.2, Latest: 2.0.0)
Run 'npm-check-updates -u' to upgrade your package.json automatically
Check global npm packages for updates:
$ npm-check-updates -u