npm install not creating a new package-lock.json - npm

I accidentally deleted my package-lock.json file. npm install is not generating a new one. How do I get npm to recreate this file.

There might be a file called .npmrc which can contain
package-lock=false
which will cause the package lock file to not be generated.
In theory you could also have turned on npm config set package-lock false globally (change to true to turn on again), but that's less likely to happen unintentionally.

The package-lock.json file was introduced in npm v5, so the steps you need to take to regenerate package-lock.json depend on which version of npm you're using.
FYI. Let's verify what version of node and npm.
npm -v
prints: x.x.x
node -v
prints: x.x.x
I believe for package-lock.json is auto-generated if the 2 conditions
npm version > 5.x.x and node version > 7.x.x are met
Then, try the following steps depending on which version you have:
npm v5+:
Regenerate the package-lock.json by running npm install. You may also regenerate the file without actually downloading dependencies by using npm install --package-lock-only
npm v4.x & earlier:
Generate a npm-shrinkwrap.json by running npm shrinkwrap. This file has the same format as package-lock.json and achieves essentially the same purpose in earlier versions of npm (see https://docs.npmjs.com/files/package-lock.json and https://docs.npmjs.com/files/shrinkwrap.json for detailed information on this point)
Rename the npm-shrinkwrap.json to package-lock.json

To resolve this issue I have tried below mentioned things and it worked for me :
Make sure your package-lock globally enabled, you can enable it using:
npm config set package-lock true
To make sure your .npmrc is not blocking the creation of package-lock file, set this to your .npmrc
echo 'package-lock=true' >> .npmrc
note: package-lock.json is automatically generated for any operations where npm modifies either the node_modules tree, or package.json for npm -v > 5.x.x.
check your npm version: npm -v
update your npm to latest version using:
npm install -g npm#latest
npm i -g npm-upgrade
#will

Make sure you are in the right folder in the command line (use pwd in Linux/macOS to get the current path you're in).
I've run npm install many times, just to find out later I was doing it in the wrong folder.

I was also facing the same issue
I just removed the package-lock=false from .npmrc and now it is creating the lock file

If your npm version is <5 you will have a shrinkwrap.json file created when running npm install.
Otherwise package-lock will be created on npm versions 5 and above.

Related

How to fix "unable to resolve dependency tree" [duplicate]

When trying to install the npm packages using npm i command, I am getting the following exception:
I have tried reinstalling the Node.js package and setting the proxy to off using:
set HTTP_PROXY=
set HTTPS_PROXY=
The issue is still there. What I am doing wrong?
Update:
When I run the following command:
npm install --legacy-peer-deps
The following error is displayed:
This is not related to an HTTP proxy.
You have dependency conflict (incorrect and potentially broken dependency) as it says, so try to run the command with --force, or --legacy-peer-deps. If it doesn't take effect, the temporary solution is using prior versions of the Node.js (downgrading the Node.js version) as it causes this kind of errors to happen sometimes.
Update based on the OP's update:
As you see, it fires the following error:
No matching version found for #angular/http#^9.1.4.
Take a look at angular/http page. Note that the latest version for that deprecated package is 7.2.16 while you request an upper version (e.g., ^9.1.4)! So, try to check the project dependencies and follow the raised errors in order to solve the problem.
Try this command-
npm install --save --legacy-peer-deps
First to understand the problem. Here is what I have as error:
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: project-admin#11.0.0
npm ERR! Found: #angular/common#11.0.3
npm ERR! node_modules/#angular/common
npm ERR! #angular/common#"11.0.3" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer #angular/common#"^9.1.0 || ^10.0.0" from #agm/core#3.0.0-beta.0
npm ERR! node_modules/#agm/core
npm ERR! #agm/core#"3.0.0-beta.0" from the root project
First you should start to read the problem from the bottom to the top. Here #agm/core#3.0.0-beta.0 requires angular common 9.1.0 or 10.0.0. And the top message says that the angular common found is actually 11.0.3.
(If you want to understand dependencies little bit better, here is very simple site: How npm3 Works)
dependencies — these are the essential dependencies that you rely on and call in your project’s code
devDependencies — these are your development dependencies, for example, a prettier library for formatting code
peerDependencies — if you set a peer dependency in your package.json, you are telling the person who installs your package that they need that dependency with the specified version
optionalDependencies — these dependencies are optional and failing to install them will not break the installation process
bundledDependencies — it’s an array of packages that will come bundled with your package. This is useful when some 3rd party library is not on NPM, or you want to include some of your projects as modules
So what should be the solution then? The problem is about peer dependencies. The solution is to downgrade angular common or the solution is to use legacy dependencies logic for installing packages using --legacy-peer-deps. So --legacy-peer-deps does not try to install the peerDependencies automatically. Is this going to work for you? Probably, yes. But you should add specific instructions how to do that, or to make the use of --legacy-peer-deps automatic for future installation of the project packages with this code from one of the previous answers:
npm config set legacy-peer-deps true
In my case I installed the package and I tried to run ng serve, but because --legacy-peer-deps was used, there were dependency packages which were not installed. I had to install those manually (because I did not set the configuration from the code above). At the end installing about five packages manually, all with --legacy-peer-deps, I ended to a package that could not be installed and I did not try to continue, because my project was throwing warnings like crazy and there were a lot of packages for audit too. So my decision was not to use this package and to find an alternative.
Other solutions that I read about along the way:
downgrade Node.js to v14. This will downgrade npm. It might not be v14, but this was the version that was most widely downgraded to.
Some people use Yarn to force package installation - personally I don't understand how this works, because I haven't used Yarn.
downgrading Angular and the global Angular CLI version to version that will satisfy the requirement. In my case it is angular/common, and in the question it's angular/core, but both require downgrading the whole angular right (I am not sure about this here).
the package you install might have a higher version that doesn't require downgrading Angular. You might try to use the https://updatepackagejson.com/ to upgrade your packages to the latest, but this is in case your project is quite new.
In addition to using the --legacy-peer-deps command line option, this can also be set more permanently as a config option:
npm config set legacy-peer-deps true
Finally, I found the answer. Try this command -
npm install --save --legacy-peer-deps
Described here legacy-peer-deps
When using npm 7, this comes up a lot because peer dependencies issues are treated as errors in version 7 whereas they were generally only warnings in version 6. Usually using --legacy-peer-deps makes it work with npm 7.
When that doesn't work, an option is to downgrade to npm 6. Downgrading Node.js is not necessary (but not harmful either). The relevant dependency management code is in npm. Downgrading Node.js will often work coincidentally because doing so will often downgrade npm as well.
Another option that is less disruptive than downgrading npm is using npx to use the previous version of npm for just the install command: npx -p npm#6 npm install
And when all else fails, it's often worth a shot to remove the node_modules directory and package-lock.json, and then run npm install again. That regenerates node_modules and package-lock.json.
This happens for some packages after updating to npm 7.
Parameter --legacy-peer-deps can help:
npm i --legacy-peer-deps
Described here legacy-peer-deps
Causes npm to completely ignore peerDependencies when building a
package tree, as in npm versions 3 through 6.
If a package cannot be installed because of overly strict
peerDependencies that collide, it provides a way to move forward
resolving the situation.
...
You can set this option to true by default (not recommended by npm):
npm config set legacy-peer-deps true
Or just wait until these packages get up to date.
Just do two simple steps:
First, execute this in your terminal.
npm config set legacy-peer-deps true
Second, clear the cache:
npm cache clean --force
And finally, execute your command. This will work for sure.
The problem is related to a dependency conflict or broken dependency. You can proceed by accepting the incorrection of dependency by forcing an install.
Solution: Using command with --force.
Your command will be like npm install --force #your-npm-package.
Note: You can use yarn to install a dependency if it's available in to install with the yarn package manager.
NPM can be used to install and manage versions of dependencies in your projects.
I had it the same issue on React versions in relation with the npm version:
npm error found types/react#16.14.20
So it might be package-versions that need to be installed based on your package.json file.
It gives errors in the npm 7 version and cannot install Node.js modules.
If you will downgrade npm version to 6, those problems will become warnings and the problem will be resolved.
Try to prove this command: npm install -g npm#6
Check if version is already installed: npm --version
Remove and install node_modules package:
a) Remove rm -rf node_modules
b) Install: npm i
Try removing the node modules and package-lock.json file and run command npm install
or
Try npm cache clean --force
First I tried
npm install
It gave me error unable to resolve dependency tree and based on the help information from this command,
Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
I tried this command:
npm install --legacy-peer-deps
And it solved my problem.
Try two options to resolve this issue:
Option 1: Delete folder node_modules folder and file package_lock.json after running:
npm cache clean --force after npm i --force
Option 2: run npm install --save --legacy-peer-deps
The fastest solution: npm install --legacy-peer-deps
Explanation:
In npm versions 3 through 6, peerDependencies were not automatically installed, and would raise a warning if an invalid version of the peer dependency was found in the tree. As of npm v7, peerDependencies are installed by default.
npm docs: peerDependencies
Your dependency contains some peerDependencies that conflict with the root project's dependency.
As it described in the npm ERR log.
Disclaimer: This assumes you're on npm v7
Note: If you follow the instructions of sibling commenters, it will create a user-scoped config that won't sync consistently across teammates / machines / buildbots.
Project-based legacy peer dependencies
You will probably want legacy-peer-deps tied to your project so it proliferates across machines / developers, and doesn't contaminate your other projects.
npm config set legacy-peer-deps true --location project
This will create a local file at .npmrc which you can commit to your repository:
legacy-peer-deps=true
Then afterwards, you can just run:
npm install
Then commit the updated lockfile.
Remember, location, location, location:
per-project configuration (/path/to/my/project/.npmrc, see more):
npm config set legacy-peer-deps true --location project
per-user configuration (defaults to $HOME/.npmrc, see more)
npm config set legacy-peer-deps true --location user
or, as the default location is user anyway:
npm config set legacy-peer-deps true
global configuration (defalts to $PREFIX/etc/npmrc, see more)
npm config set legacy-peer-deps true --location global
or, as --global infers --location global
npm config set legacy-peer-deps true --global
For some projects, fixing dependencies may be non-trivial
In my case, a critical dependency we have a legacy version of wants to pull in webpack v3 (!) - but that's a build dependency of that project's.
The best solution on a short term basis is to use legacy-peer-deps as a hold over.
If you are in a pinch, you could also consider forking the dependency and adjusting its peer dependencies accordingly - them point your project to the fork.
You can install the packages using two ways it is showing this error
ERESOLVE unable to resolve dependency tree
Install the package using npm install and having --legacy-peer-deps
npm install --save --legacy-peer-deps
This is a combination of two commands
a. Set legacy-peer-deps true in npm config
npm config set legacy-peer-deps true
b. Now install packages using npm install
npm install
The problem seems to be that gf-kautomata-pipeline-ui is using Angular 9, while #angular/http requires Angular 7. (#angular/http was deprecated and eventually removed, and all its functionality was moved into #angular/common instead.)
See: https://www.npmjs.com/package/#angular/http
If you're running Angular 9, then
delete #angular/http from your package.json (You don't need it in Angular 9)
Make sure you have #angular/common in your package.json.
Run npm i.
If you're running Angular 7, then open up your package.json and check to make sure all of your Angular packages are no higher than ^7.0.0. You may also need remove gf-kautomata-pipeline-ui, or contact the author of gf-kautomata-pipeline-ui and find out if the library is compatible with Angular 7.
This works for me:
npm install --save --legacy-peer-deps
In my case, I started getting the error (below) after upgrading npm from version 6 to 7.
npm ERR! code ERESOLVE npm ERR! ERESOLVE unable to resolve dependency
tree
...
npm ERR! Fix the upstream dependency conflict, or retry this command with --force, or --legacy-peer-deps to accept an incorrect (and potentially broken) dependency resolution.
In my case compiling with either --legacy-peer-deps or --force flags resulted in a useless bundle.
So I tried deleting the node_modules, package-lock.json, and bundle using yarn install. This generated a yarn.lock file and created package-lock.json that worked fine in subsequent npm runs.
P.S.: I am using the temporary workaround until npm 7 works fine with my project: after that, I will delete yarn.lock, package-lock.json and folder node_modules, and recompile with npm
rm -rf node_modules
rm package-lock.json
yarn install
# Generates a yarn.lock file and a new package-lock.json
# Continue with npm
npm start
I just update my Node.js and it works for me:
node -v
Output:
V xxxx
And:
sudo npm install -g n
(Use this command to install the stable node release.)
sudo n stable
If you have node_modules folder and package-lock.json file in your root directory then remove those:
rm -r node_modules
rm package-lock.json
Then run commands:
npm install --save --legacy-peer-deps
npm audit fix --force
Create .env file in the root directory and paste below code:
SKIP_PREFLIGHT_CHECK=true
Now, start your project:
npm start
I have faced this issue many times. At last I found a solution:
npm install react-native-paper --legacy-peer-deps
Use
npm install --legacy-peer-deps
This worked for me.
For this case, I was having the issue
ERESOLVE unable to resolve dependency tree
in an Angular 13 project that used some packages from a private npm feed in Azure DevOps.
To access this repository, I created an .npmrc file. Because of this, the npm install command would search all packages in my private repository and not in npm feed any more. The unable to resolve the dependency tree error happened because the npm install command could not find many of the packages that were hosted in the npm feed and not my private feed.
I found this amazing answer on how to scope packages.
Based on this, I made some changes:
In my library Package.json, update the name to have a scope name #mylib
"name": "#myLib/command-queue",
Build and publish this package to my private feed
In my client app (the one that uses this package), update the .npmrc file to use my private feed for packages in this scope only
#myLib:registry=https://pkgs.dev.azure.com/...
always-auth=true
Now, whenever I run the command npm install, if the package has the scope #myLib, it will look for it in my private feed, and use the npm feed for all other cases (i.e., #angular/...)
This is an example of my client app Package.json file:
"#angular/platform-browser-dynamic": "~13.3.0",
"#angular/router": "~13.3.0", <-- this comes from npm
"#myLib/jcg-command-queue": "^2.2.0", <-- This comes from my private feed
Also, with this change, there isn't any need to add --legacy-peer-deps to the npm install command any more.
We had the same issue resulting in the error bellow:
npm ERR! code ERESOLVE npm
ERR! ERESOLVE could not resolve npm
ERR!
npm ERR! While resolving: #angular/material-moment-adapter#12.1.4 npm
ERR! Found: #angular/material#12.0.6 npm ERR!
node_modules/#angular/material npm ERR! #angular/material#"~12.0.4"
from the root project
...
We use npm ci for clean install in Azure-Pipelines.
The issue was very often, that package.json and package-lock.json were not in sync anymore.
Solution to it was to execute npm install local and push the new package-lock.json.
As and additional hint we added a new task in the pipeline for additional informations if the the job fails.
- task: Npm#1
displayName: npm install
inputs:
command: custom
customCommand: ci
customRegistry: useNpmrc
# ##vso[task.logissue type=error] writes the text to the summary page (error-log).
- bash: echo "##vso[task.logissue type=error] If 'npm install' fails with 'ERESOLVE could not resolve', 'package.json' and 'package-lock.json' (needed for 'npm ci') may be out of sync. Run 'npm install' locally and push the new package-lock.json."
condition: failed() # Only execute on fail
displayName: npm install failed hint
Resetting package-lock.json works good for me all the time:
git checkout -- package-lock.json
Details:
Been experiencing this a lot when updating all packages of the legacy project - I highly don't recommend using npm audit fix nor npm i --force. Deleting the package-lock.json didn't work for me all the time as well. Rollback to the working version of package.json + package-lock.json and add packages turned out to be the safest and fastest variant for me.
Just in case, I did have similar behavior, when I tried either npm upgrade my current Angular 11.x based boilerplate from previous ng new or create new ng new abc based on Angular 12.x. I simply forgot to upgrade Angular CLI. So this npm install -g #angular/cli#latest solved my errors during ng new abc.
In my case I was having trouble with a #babel/core dependency, but I didn't want to use --force, because I was not sure about the consequences, so I went to https://www.npmjs.com/, looked for the package and replaced my old version with the newest one. That did the work.
This is an issue of Node.js version. Some latest versions of Node.js could show errors like these.
https://github.com/nvm-sh/nvm
I use NVM to manage Node.js versions on the system and use Node.js 12 to get past this error.
Command to change version:
nvm use 12
Downgrade Node.js to v14 works for me.
Use these commands:
source ~/.bash_profile
nvm use v14.16.1
npm install

Why is Npm modifying package-lock.json?

I’ve got the lock file under Git. After performing several Npm commands, the lock file gets modified - a bunch of new packages get added to it. The commands are:
npm config -g set ...
npm install -g ...
npm run test
That’s it. No new packages are added to the project, package.json is untouched. Why would the lock file change please?

NPM insists on using the wrong registry URL

Using NPM to install dependencies, including one that is stored in Verdaccio running locally.
Somehow NPM is stuck attempting to load the Verdaccio dependency from localhost even though the command to install from the corrected location has been run npm install --save --registry http://CORRECT-URL ...
Using rm -rf node_modules package-lock.json and removing the dependency from package.json, then running the install again - still DOES NOT WORK. Every time the install command completes, package-lock.json STILL uses localhost to resolve the registry.
Removing localhost from ~/.npmrc and running npm set registry http://CORRECT-URL also didn't help.
Please help. Where is NPM remembering localhost and insisting on using it???
UPDATE - Using npm install -ddd
Attempted to use npm install -ddd to see where npm is picking up the package. The output shows the CORRECT-URL, but when it is done, package-lock.json still lists localhost.
Note all of the following:
Removed all references to the PACKAGE from package.json and package-lock.json
Verified no references to localhost in either file
Removed node_modules/PACKAGE_DIR with rm -rf
Removed PACKAGE from node_modules/.package-lock.json
Searched for .npmrc and npmrc in the build tree and found two empty files:
node/node_modules/npm/docs/public/configuring-npm/npmrc
node/node_modules/npm/.npmrc
~/.npmrc has 2 entries for the CORRECT_URL in the following forms:
//:/:_authToken="<AUTH_TOKEN>"
registry=http://:/
Stumbled upon this post while trying to debug the exact same situation. What ended up solving this for me was to blow out package-lock, run npm rebuild, then npm install --registry . Hope this helps someone in the future!

npm - tarball data for material-design-icons seems to be corrupted

I'm having this error while running a npm install material-design-icons#3.0.1:
tarball data for material-design-icons#3.0.1 (sha1-mnHEh0chjrylHlGmbaaCA4zct78=) seems to be corrupted
npm ERR! path D:\speech-analytics\node_modules\.staging\material-design-icons-7d5a1f73\action\drawable-xxhdpi\ic_assignment_ind_white_48dp.png
npm ERR! code EPERM
npm ERR! errno -4048
npm ERR! syscall unlink
npm ERR! Error: EPERM: operation not permitted, unlink 'D:\\speech-analytics\node_modules\.staging\material-design-icons-7d5a1f73\action\drawable-xxhdpi\ic_assignment_ind_white_48dp.png'
npm ERR! { Error: EPERM: operation not permitted, unlink 'D:\\speech-analytics\node_modules\.staging\material-design-icons-7d5a1f73\action\drawable-xxhdpi\ic_assignment_ind_white_48dp.png'
Here it's documented as a bug, but still without an answer nor a fix.
I've tried to reinstall node, upgraded to latest npm version (currently running 6.4.1), did a cache clean --force, tried a npm install --no-optional, removed package-lock.json, removed npm & npm-cache folders from AppData directory, running everything as Administrator, but still no luck.
I even tried with material-design-icons#3.0.0 but the error remains.
If I navigate to the folder that appears in the log (node_modules\.staging\material-design-icons-7d5a1f73\action\drawable-xxhdpi), it's empty, and is the only folder that exists in the entire node_modules directory. I can delete that dir without any problems, so it does not seem to be a permissions/lock issue.
Any suggestions?
Finally, I got this fixed by:
Removing node_modules folder
Running npm update
Running npm install
As far I understand, the npm update should have updated the package.json file, but all dependencies kept the same versions as we had it before.
I resolved this with the command: npm cache verify which output:
Cache verified and compressed (C:\Programs\DCPS\npm-cache\_cacache):
Content verified: 1344 (164824963 bytes)
Content garbage-collected: 1 (3491551 bytes)
Index entries: 1522
Finished in 8.187s
The line that stands out to me is: Content garbage-collected: 1 (3491551 bytes)
Does this sort of thing happen because a new version of a package is published to npmjs without a version bump?
No need to run npm update (I didn't want to update any packages) or delete the entire node_modules folder. I solved this by
deleting package-lock.json
deleting node_modules\material-design-icons-xxxxxxx
running npm install again
If npm update is not a solution, and as deleting package-lock.json can bring issues of its own, I could solve it simply by:
deleting the node_modules/ folder
in package-lock.json, deleting the sections referencing to the corrupted package
running npm install again
If you are on windows env, I fixed it by running the cmd as administrator
You need to confirm whether the Typescript is installed and after installing typescript it worked for me
running the below comment will show the typescript version
tsc -v
If it shows some error install the typescript
npm install -g typescript
If then typescript is installed you can try checking the Angular Cli version
ng --version
If it shows some error then install Angular Cli Ref: https://cli.angular.io/
npm install -g #angular/cli
" If you are on windows env, I fixed it by running the cmd as administrator "
This worked for me. However, chromedriver was not installed. So, i installed it separately using the command 'npm install chromedriver'.
None of the answers solved my problem, because in my case was the git. Maybe someone can have the same problem.
I had some dependencies from git in the project and my git was not working on the terminal. So fixing the path for git fixed it!
I had this in Bitbucket Pipeline when using a private package.
I was missing to install git in pipeline:
script:
- apk update && apk upgrade && apk add --no-cache bash git openssh # <- THIS
- npm ci --prefer-offline
Dependency was
"some-private-package": "git+ssh://git#bitbucket.org/workspace/some-private-package#v1.0.12",`
Well I could not resolve this problem with a lot of tries so I made the download of the github ZIP, unzip and install and it worked !
download material-design-icons from github
unzip to the directory of your project (or c:\tmp)
npm install ./material-design-icons
or
npm install c:/tmp/material-design-icons

Can I re-create node_modules from package-lock.json?

I cloned a repository from github which has a package-lock.json (but no package.json). Then in a git bash terminal I go to the directory and run npm install but I just get a message saying there is no package.json and then everything in package-lock.json gets deleted so it's basically empty except for the project name and version.
I thought running npm install with a package-lock.json in the directory was enough to re-create node_modules, but am I seriously misunderstanding how this works? By the way I have node 8.12.0 and npm 6.4.1 and am running on Windows 10. Also, I think the package-lock.json was created on a unix system so could there be problems when using package-lock.json on a different OS?
I already tried running npm init just to get a package.json file and then running npm install but that still didn't get me a node_modules folder.
Starting from Mar 5, 2018, you can run npm ci to install packages from package-lock.json.
npm ci bypasses a package’s package.json to install modules from a
package’s lockfile.
https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable
package-lock.json records the exact version and url of packages need to install, thus you can use npm to install them accordingly:
npm can install from urls that point to tarballs
--no-package-lock option to tell npm to not touch package-lock.json file
For example, to install all packages in package-lock.json:
cat package-lock.json | jq '.dependencies[].resolved' | xargs npm i --no-package-lock
jq is a command line tool to pares jq, you can write a simple JavaScript script to parse it instead (if you do not want to install jq or learn jq's query syntax).
AFAIK, the package-lock.json file relies on the presence of a package.json file, so you'll not be able to recreate your node_modules folder from the package-lock.json file alone (happy to be proved wrong here).
Therefore, your best bet is to (mis)use a module like auto-install that is capable of generating the package.json file based on a project's dependencies, as they appear in the files.
Install it globally (npm install -g auto-install), then you'll need to generate an empty package.json file for it to run (use npm init -y in your project root). Kick things off with the command auto-install and it should add the dependencies to the package.json file.
HTH