Whenever I run npm install <package> it installs the package alright, but then it automatically runs the prepare script.
It's worth mentioning that I've already checked that there is no postinstall script in the package.json.
From https://docs.npmjs.com/misc/scripts:
prepare: Run both BEFORE the package is packed and published, and on
local npm install without any arguments (See below). This is run AFTER
prepublish, but BEFORE prepublishOnly.
Since NPM v5, prepare script is executed when you run npm install
The other answers are fine, but for some additional context, this is to support a workflow where you can use devDependencies to build assets or other generated content for your project.
For example, say you want to use node-sass (CSS preprocessor). You add "node-sass" as a devDependency, then you run the sass command in your "prepare" script, which generates your CSS.
So, when you run npm install, the following happens:
dependencies and devDependencies get installed
your "prepare" script generates your CSS
your project is ready to go with all necessary CSS
And when you run npm publish, something similar happens:
your "prepare" script generates your CSS
your code and generated CSS are published to the npm repo
So now when someone comes along and installs your package, they don't need node-sass or any of your devDependencies. They only need to runtime deps.
The prepare script runs on local install and when installing git dependencies:
prepare: Run both BEFORE the package is packed and published, on local npm install without any arguments, and when installing git dependencies (See below). This is run AFTER prepublish, but BEFORE prepublishOnly.
https://docs.npmjs.com/misc/scripts
You can avoid it with the --ignore-scripts flag:
$ npm install <package> --ignore-scripts
source: https://docs.npmjs.com/cli/install
From the doc https://docs.npmjs.com/misc/scripts
prepare: Run both BEFORE the package is packed and published, and on local npm install without any arguments (See below). This is run AFTER prepublish, but BEFORE prepublishOnly.
prepare script run before publishing and after npm install.
Now if you make an npm install and one of the packages has a prepare script, like for building, and it fails the whole install will fail.
We have two options:
Ignore scripts
npm install --ignore-scripts
That will run the ignore to all packages, which might be not the desired behavior. Imagine a third party package that needs to run prepare and build. If you run with --ignore-scripts this will get skipped.
Make the script optional (better option)
Add a package to the optionalDependencies:
{
optionalDependencies: {
"myPackage": "^1.0.0"
}
}
If a dependency can be used, but you would like npm to proceed if it cannot be found or fails to install, then you may put it in the optionalDependencies object. This is a map of package name to version or url, just like the dependencies object. The difference is that build failures do not cause installation to fail.
Entries in optionalDependencies will override entries of the same name in dependencies, so it's usually best to only put in one place.
Check the doc:
https://docs.npmjs.com/cli/v7/configuring-npm/package-json#optionaldependencies
Note: With this, only the chosen package is concerned. And if it fails the installation will continue. That's usually what you want.
Go with optionalDependencies
As per this answer in this thread:
https://github.com/npm/npm/issues/2817#issuecomment-368661749
the problem with --ignore-scripts is that is ignores all scripts. I just need to be able to ignore a script(s) for a particular package (the one where a build fails to compile on certain platforms). This option usually breaks my code because it has ignored ALL scripts in other packages that actually do need to run.
Anyway, to make this work like the OP I make the offending package optional. Then do a regular install, then a second install with --ignore-scripts. That way I get the scripts of other packages run first before ignoring them all (including the intended) the second time which then "fetches" the source of that package.
It's generally better to go with optionalDependencies. That will most likely suit your needs.
Related
I'm trying to set up a development environment with several packages, and as a result I need to manually install some dependencies. More specifically, I have some local changes in several packages which I need to test before I can push them to github, so I can't just npm install the top level because it won't pick up those change. So I run the first npm install manually on packages which are missing, and then try to run my node code and see which package it is still missing, then try to npm install what it says is missing.
However, when I go to install the second package, it ends up with this message:
added 3 packages from 4 contributors, removed 799 packages and audited 3 packages in 4.197s
The second install removed practically every package that was already installed! I didn't notice this until about the third time, when I realized that I seemed to be installing the same thing over and over.
However can I prevent this particularly naughty behavior and force npm to only install what I tell it to and leave everything else alone?
Have a look at npm link if you need to test against modified packages.
From npm link:
This is handy for installing your own stuff, so that you can work on it and test it iteratively without having to continually rebuild.
Say b is a dependency of a. You made changes to b and want to check if a still works with those changes. Instead of using b in node_modules installed from npm, use your local, modified version:
cd ~/projects/b # go into the package directory
npm link # creates global link
cd ~/projects/a # go into some other package directory.
npm link b # link-install the package
Now, any changes to ~/projects/b will be reflected in ~/projects/a/node_modules/b/.
If your development flow involves updating in parallel packages which depend on one another, you might consider switching your project's package manager to from npm to yarn to take advantage of yarn's workspaces feature.
Yarns's workspaces allow you to easily setup a single monorepo containing all your interconnected dependencies, and let yarn thinking how to link them together in your dev environment.
i had a similar problem today , & thought this might help someone in the future and l have found out that if you install simultaneouly it
npm install --save package1 package2 package3 ...
it worked as l had
npm install xlsx angular-oauth2-oidc
but if you install separately it will have issues
Edit 2 More infor by #Michael
installing multiple packages in the same command also prevents hooks from being installed multiple times
Remove "package-lock.json" file befor installing the new package.
Are you saving the dependencies to package.json?
To Save : npm install --save {package_name}. This will save the package to package.json and install using npm install.
You can't particularly control the dependencies(fully). The dependencies which you have installed might be using dependencies themselves.So when you remove a package, npm deletes all the package's dependencies and the package.
So I'm in the process of publishing a package to npm. It is basically just a simple module that lets users make Ajax calls and can be configured in a few ways.
I have read that it is a good idea to test the install locally and tried that. I have packed the package via the "npm pack" command, change into another directory and then tried installing the packge via "npm install path-to-file-that-was-just-created.tgz".
So far everything works, I have a node_modules folder, that contains my bundled code.
However, is also has installed all the dependencies that I have listed as devDependencies in the package.json of my actual module, even though the only the bundled file is needed and no other depenedencies are defined.
I have tried updating the npm-shrinkwrap.json, and checked that every dependency has the dev property marked as true.
The goal is actually for the user to install this module and then have no dependencies installed, because they do not need babel or mocha, to run the module.
How can I exclude these from the packge?
Thanks!
https://docs.npmjs.com/cli/install
use the --production flag to avoid installing dev dependencies
For published modules, you don't need to do anything, when a user installs your library, only the non-dev dependencies will be installed
If you want your published module to have no dependencies but you still need to have some to build it you can also try to use this command before publishing:
npx json -f package.json -I -e "delete this.devDependencies"
This way only works in CI/CD.
Update: it turned out that npm pkg delete devDependencies does the same without any additional dependency
After running your install, you can prune dev dependencies by running this command:
npm prune --production
this will keep only production dependencies. Documentation from npm here:
If the --production flag is specified or the NODE_ENV environment
variable is set to production, this command will remove the packages
specified in your devDependencies
I'm working on a larger project that is split into a number of npm packages. There are several dependencies between the packages. The whole code base is stored in a main directory like this:
main/
pkg1/
pkg2/
...
Suppose that pkg2 depends on pkg1, so in main/pkg2/package.json I have:
"dependencies": {
"pkg1": "^0.1.0"
}
I have linked my packages together using npm link. However when I start development on a new machine or for some reason I have to reinstall the packages I can't simply say npm install in pkg2/. It would fail because pkg1 couldn't be found. (It's not published, but anyway, I want the local version because I'm developing both packages).
Of course I can do all the linking manually than call npm install but it's a hassle. Is there any way to do it in a single step?
My previous research:
This question proposes writing a preinstall script, but I don't want to keep linking in production, only in the development environment, as another answer points it out.
I've also tried npm link in pkg1/ then npm install --link in pkg2/. According to the manual,
The --link argument will cause npm to link global installs into the local space in some cases.
Not in my case though.
You can use zelda for this. Written by Feross, it was designed for exactly this purpose.
I'm not a fan of doing it this way; I'd generally prefer running a local repository or using git URLs for dependencies like this.
That said, if you want to keep using npm link you can always use the preinstall script approach but not use the preinstall key.
"autolink": "cd ../project1 && npm link && cd ../project2 && npm link project1_name",
Then in your cli you can do $ npm run autolink when you first setup a dev env.
So, in writing command-line utilities with node, if my command requires certain modules, should I include a package.json file to list those dependencies? Obviously this will require running > npm install on the package file.
Without doing so, packages are not found, even though I've installed them globally. How are others distributing these types of cli scripts?
if my command requires certain modules, should I include a package.json file to list those dependencies?
Yes. This is standard.
Obviously this will require running > npm install on the package file.
This isn't exactly the case. You have to run npm install during development to initialize your environment. However, if someone installs your script through npm (e.g. npm install -g your-script-name), the dependencies for your script will automatically be installed. This is a recursive operation, meaning the dependencies of your dependencies will be installed as well, and so on.
A typical approach to handle private npm modules is to put them to a Git repository, and then use npm install with the path to that repository to install the module.
If you enter the dependency into your package.json file, you can even install using npm install without the need to specify the repository url every time. I.e., if you add
"myPrivateModule": "git+ssh://git#github.com:myGitHubAccount/myPrivateModule.git"
as a dependency, you can install using
$ npm install myPrivateModule
and everything works fine :-).
Now I have a problem in that myPrivateModule is private, yes, but not a dependency. Instead, it's a dependency only for development time, hence I put it into the section devDependencies in the package.json file.
Once you do this,
$ npm install myPrivateModule
does not work any longer, as it now searches the public registry instead of using the registered path to the repository.
Is there a possibility to make this work, without the need to specify the full-blown path each and every time?
Just npm install with no arguments should read package.json and install it.