This is to get some clarification on the behaviour of npm with regards to package.json and package-lock.json.
The scenario is this, my package.json has an dependency like this:
"xxx-package" : "^7.34.0"
When I ran 'npm install' on a fresh machine (with no node_modules folder and no package-lock.json), the installer found a newer version of the package "7.36.0" and installed that instead. This is correct since we have the caret(^) sign in the dependency list.
But here is the confusing part: npm then created a package-lock.json with the new updated version but never changed the package.json listing. So now the package-lock.json shows "7.36.0" but package.json is still showing the lower version.
Also, 'npm outdated' and 'npm update' will not do anything since the version in package-lock matches the latest.
My app ran fine on "7.34.0" but a fresh install breaks it, and I spent a lot of time trying to fix a possible bug in my app. Only when I checked the package-lock did I realize that this was due to a newer version and not my code.
Is there a way to make sure package.json is updated whenever a new version gets installed using 'npm install'?
Or are we doing something wrong ?
npm version is 7.9.0
node version is 15.3.0
Related
I am following the following guide from GitHub Here but when I enter npm init I keep getting the error:
Sorry, there's a problem with nodist. Couldn't resolve node version
spec %s: %s 11.13.0 Couldn't find any matching version
I have followed the previous steps and set the version to v10.15.3, but the error keeps appearing every time I use nvm. I have also set the version to v11.13.0, as this is what the error is requesting, but I still get the same result. Installed versions include: 11.13.0, 10.16.0, 10.15.3, 8.11.2, 0.12.0
Any help with this would be much appreciated!
There are several reasons which can cause this problem:
If due to some reasons like poor internet connection your node or npm versions you have downloaded are corrupted. In this case you need to remove the files .npm-version-global and .node-version-global as well as empty the folders v, v-64 and npmv within the installation of the Nodist folder.
You have a local version of the node specified in .node-version file in the root directory of your project. In this case you need to install that version by nodist local XXX where XXX is the version of the node in .node-version file.
In my case, the problem was that I had a node version specified in my code repo that didn't match the node version installed on my machine. I needed the updated node version on my machine, so
I opened file explorer to the root of my repo.
I opened .node-version and edited the version number to the updated version I needed.
npm cache clean --force to start with a fresh cache. (Note: Others have said that npm cache clean --force is outdated, but this command worked for both my teammate and for me using npm version 6.9.0.)
npm install to reinstall my node modules.
npm run build and I had a clean build. Yay!
For Node 18 and npm 8.19.1, I found the advice at https://github.com/nullivex/nodist/issues/252#issuecomment-1170897428 useful.
I was getting cb.apply errors, and problems with #npmcli/arborist and libnpmfund, but I created those two links from the list.
I was using npx. This installs an old (v 5.8) version of npm inside its node_modules. That npm contains graceful-fs inside its node_modules. The cb.apply error was coming frome graceful-fs's polyfill.js.
I installed the latest version of graceful-fs, and copied the newer polyfill.js into the abovementioned (child of npm's) graceful-fs. This seemed to fix the problem for me.
Previously my company had been using node-sass v3.13.1 which is out of date and will return a 404 now. I updated it a while back to load v4.9.4. It was a pain and it kept wanting to reload 3.13.1 but eventually it worked, I forget how. Anyways, now I am on a new computer and reinstalling the npm packages using npm install and it is AGAIN searching for this v3.13.1. This stupid thing just doesn't die. Of course it fails with a 404.
Things I've done:
I confirmed that the only node-sass reference in package.json is 4.9.4.
I confirmed that the only node-sass reference in package-lock.json is 4.9.4
I ran npm cache clean --force
I double checked that my git bash is set to the correct directory when running npm install
I double checked that the correct package.json and package-lock.json are in that same directory
I ran npm install node-sass#4.9.4 and it responded saying it was loading a cached binary found at .... then it started loading node-sass#3.13.1
I'm at a loss. How do I kill this thing once and for all to never ever allow npm to try to load this stupid outdated package?
I ended up finding a solution. The problem was that I had another package gulp-sass that was out of date. I updated it to 3.0.0 in the package.json and it worked. The solution I found was here:
https://github.com/codecombat/codecombat/issues/4430
I have a colleague who's having issues with npm install, I'm wondering if anyone else has had the same issue...
Win 10 x64
Node 8.9.3
Global npm packages installed:
npm 5.6.0
rimraf 2.6.2
(We have multiple PCs all running identical node/npm versions for consistency, so this can't be updated on a whim)
We have a package json with a dev dependency of "typescript": ^"2.0.6"
On all other dev machines, doing npm install on a fresh clone of our repo (no node_modules / typings), we get given typescript 2.7.2, the latest minor version of typescript to date.
On this one machine, we are given 2.6.2, consistently.
We have completely uninstalled node, removed %UserProfile%\AppData\Roaming\npm & %UserProfile%\AppData\Roaming\npm-cache to no avail.
For completeness we have also run npm cache verify.
Any thoughts would be appreciated, we are stumped.
Might be the same problem here. I think below link helps you to get more about working with package versions.
as you specified that you have a package.json with a dev dependency of "typescript": ^"2.0.6".
Just try by replacing the below line in your package.json file.
"typescript": "exact version you needed"
Ex. "typescript": "2.0.6"
Including with this before running npm install just delete the package-lock.json file from your projects root directory if any.
Should I manually update dependencies versions in the package.json after creating a new project with npm?
I have the following scenario:
project with installed node_modules
work directory is emptied
project is freshly cloned from git
npm install is run
I have a dependency required as ~1.0.0 in package.json. This dependency was previously installed in version 1.0.1. It has now newer versions, e.g. 1.0.2, available but still gets installed as 1.0.1 by npm install. But I want the dependency to get updated within the range that I specified.
Why is that and how could I solve this? Would using npm update instead/ afterwards help?
BR
Chris
I have a project with a local file dependency in my package.json like this:
"dependencies": {
"dep_1": "file:../../dep_1"
}
}
When I do npm install it is installed into node_modules. But if I make changes to dep_1 how do I update the module version in node_modules?
I tried doing npm update but nothing happens.
If you are using a relatively new version of npm (I used version 2.14.2) you can bump the version number in package.json and npm update dep_1 should work. Otherwise how can npm know that something needs to be updated?
Note: This will only work if the version is higher than what has previously been installed. You will have to clean the cache to reset this behaviour.
However, you can forceably (and lazily) update local modules by simply running npm install again. e.g.
npm install dep_1
It should be fast since its on your local computer and you don't have to play around with version numbers.
For more detail see the discussion about this issue on the official npm repository page: https://github.com/npm/npm/issues/7426