Why does npm-shrinkwrap flip-flops between names and URLs every time? - node.js

Using:
node v4.6.2, npm 2.15.5, nvm 0.29.0, Homebrew 1.1.1-64-g17bad9a, macOS 10.12.1
Steps:
I update package.json,
delete all my modules: rm -fr node_modules,
reinstall everything: nvm exec npm install,
and update the shrinkwrap: nvm exec npm shrinkwrap --dev.
Result:
Every time, the from field of every module will change between a name and a URL, as pictured in this partial capture of npm-shrinkwrap.json diff:
diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json
index e1f679a..476febe 100644
--- a/npm-shrinkwrap.json
+++ b/npm-shrinkwrap.json
## -4,86 +4,86 ##
"dependencies": {
"active-model-adapter": {
"version": "2.1.1",
- "from": "active-model-adapter#2.1.1",
+ "from": "https://registry.npmjs.org/active-model-adapter/-/active-model-adapter-2.1.1.tgz",
"resolved": "https://registry.npmjs.org/active-model-adapter/-/active-model-adapter-2.1.1.tgz"
},
"bootstrap-daterangepicker": {
"version": "2.1.21",
- "from": "bootstrap-daterangepicker#2.1.21",
+ "from": "https://registry.npmjs.org/bootstrap-daterangepicker/-/bootstrap-daterangepicker-2.1.21.tgz",
"resolved": "https://registry.npmjs.org/bootstrap-daterangepicker/-/bootstrap-daterangepicker-2.1.21.tgz",
"dependencies": {
"jquery": {
"version": "3.1.1",
- "from": "jquery#>=1.10.0",
+ "from": "https://registry.npmjs.org/jquery/-/jquery-3.1.1.tgz",
"resolved": "https://registry.npmjs.org/jquery/-/jquery-3.1.1.tgz"
}
}
},
"bower": {
"version": "1.8.0",
- "from": "bower#1.8.0",
+ "from": "https://registry.npmjs.org/bower/-/bower-1.8.0.tgz",
"resolved": "https://registry.npmjs.org/bower/-/bower-1.8.0.tgz"
},
"broccoli-asset-rev": {
"version": "2.5.0",
- "from": "broccoli-asset-rev#>=2.2.0 <3.0.0",
+ "from": "https://registry.npmjs.org/broccoli-asset-rev/-/broccoli-asset-rev-2.5.0.tgz",
"resolved": "https://registry.npmjs.org/broccoli-asset-rev/-/broccoli-asset-rev-2.5.0.tgz",
"dependencies": {
"broccoli-asset-rewrite": {
"version": "1.1.0",
- "from": "broccoli-asset-rewrite#>=1.1.0 <2.0.0",
+ "from": "https://registry.npmjs.org/broccoli-asset-rewrite/-/broccoli-asset-rewrite-1.1.0.tgz",
"resolved": "https://registry.npmjs.org/broccoli-asset-rewrite/-/broccoli-asset-rewrite-1.1.0.tgz"
Coming from a Ruby world with Bundler, I don't understand the logic behind this. Why should npm-shrinkwrap change between a URL and a name every time I run it? This makes npm-shrinkwrap.json impracticable for version control, in my opinion.
How can I make npm-shrinkwrap consistent and only use URLs or names?


It's more about how you install package with npm and when. You can read explanation here

Related

npm audit fix removes integrity value for ssri package

I just ran npm audit fix and after that checked the changes in package-lock.json.
before npm audit fix:
"ssri": {
"version": "6.0.1",
"resolved": "https://registry.npmjs.org/ssri/-/ssri-6.0.1.tgz",
"integrity": "sha512-3Wge10hNcT1Kur4PDFwEieXSCMCJs/7WvSACcrMYrNp+b8kDL1/0wJch5Ni2WrtwEa2IO8OsVfeKIciKCDx/QA==",
"requires": {
"figgy-pudding": "^3.5.1"
}
},
after npm audit fix:
"ssri": {
"version": "6.0.1",
"resolved": "",
"requires": {
"figgy-pudding": "^3.5.1"
}
},
How does that make sense? Doesn't this even decrease security?

Is calling "npm install" on a package of a specific (older) version expected to stay the same over time?

I'm using an older version of node (6.17.1) and had explicitly installed eslint#5.16.0 as the newer versions of eslint don't work with node 6. This had been working without any problems for a while.
Recently, when installing eslint#5.16.0 from package.json using npm install no longer works -- there is now an incompatible dependency that I assume is somewhere in eslint's dependency tree.
My question is, was npm install on a specific version of eslint expected to continue working forever in the same way? Or is this normal for npm packages (of a specific version) to have some package deep in the dependency tree change, and then break that specific version of the first package?
And if this cannot be prevented, is there any way to easily fix this once a dependency breaks? Is this what package-lock.json is for?
The error output from npm is below:
npm ERR! Darwin 18.5.0
npm ERR! argv "/Users/~/.nvm/versions/node/v6.17.1/bin/node" "/Users/~/.nvm/versions/node/v6.17.1/bin/npm" "install" "eslint#5.16.0"
npm ERR! node v6.17.1
npm ERR! npm v3.10.10
npm ERR! code ENOTSUP
npm ERR! notsup Unsupported engine for esquery#1.2.0: wanted: {"node":">=8.0"} (current: {"node":"6.17.1","npm":"3.10.10"})
npm ERR! notsup Not compatible with your version of node/npm: esquery#1.2.0
npm ERR! notsup Not compatible with your version of node/npm: esquery#1.2.0
npm ERR! notsup Required: {"node":">=8.0"}
npm ERR! notsup Actual: {"npm":"3.10.10","node":"6.17.1"}
Thanks in advance!

As you aluded to, this is what the lock file (package-lock.json for npm and yarn.lock for yarn) is for. Otherwise, npm will look for the latest package version that satisfy the constraints, for both the package you specified as well as its dependencies, and their dependencies, and so on.
However, package-lock.json was only introduced in npm v5, and so your current version of npm (v3.10.10) won't have a package-lock.json. You'd instead need to use npm shrinkwrap. I'd advice you to use yarn in the future if you are not able to update your version of Node.js.
From your error output, it seems like esquery requires an engine version of Node.js v8 or above. By using a newer version of Node.js, and running yarn why esquery to see why it's required, it seems like it's depended on directly by eslint.
$ yarn why esquery
yarn why v1.22.4
[1/4] Why do we have the module "esquery"...?
[2/4] Initialising dependency graph...
[3/4] Finding dependency...
[4/4] Calculating file sizes...
=> Found "esquery#1.2.0"
info Reasons this module exists
- "eslint" depends on it
- Hoisted from "eslint#esquery"
info Disk size without dependencies: "744KB"
info Disk size with unique dependencies: "796KB"
info Disk size with transitive dependencies: "796KB"
info Number of shared dependencies: 1
Done in 0.12s.
ESLint v5.16.0 specifies a dependency on esquery using the caret range ^1.0.1 which means it will use the latest version of esquery provided the major version is still 1. This was fine until esquery v1.1.0, since it supported Node.js v0.6 and above; but in v1.2.0, this was changed to v8 and above.
Since this is, evidently, a breaking change, if the authors were abiding by Semantic Versioning 2.0.0, they should have bumped the version number to v2.0.0 instead of v1.2.0, but nowhere in the README.md does it says it's following semver.
The proper fix would be to create a PR on the eslint repository proposing to change the version range from ^1.0.1 to 1.1.x (or ~1.1), but for now, you can try using this npm-shrinkwrap.json, which specifies the 1.1.0 version of esquery.
{
"name": "sonpminstall",
"version": "1.0.0",
"dependencies": {
"#babel/code-frame": {
"version": "7.8.3",
"from": "#babel/code-frame#>=7.0.0 <8.0.0",
"resolved": "https://registry.npmjs.org/#babel/code-frame/-/code-frame-7.8.3.tgz"
},
"#babel/helper-validator-identifier": {
"version": "7.9.0",
"from": "#babel/helper-validator-identifier#>=7.9.0 <8.0.0",
"resolved": "https://registry.npmjs.org/#babel/helper-validator-identifier/-/helper-validator-identifier-7.9.0.tgz"
},
"#babel/highlight": {
"version": "7.9.0",
"from": "#babel/highlight#>=7.8.3 <8.0.0",
"resolved": "https://registry.npmjs.org/#babel/highlight/-/highlight-7.9.0.tgz"
},
"acorn": {
"version": "6.4.1",
"from": "acorn#>=6.0.7 <7.0.0",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz"
},
"acorn-jsx": {
"version": "5.2.0",
"from": "acorn-jsx#>=5.0.0 <6.0.0",
"resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.2.0.tgz"
},
"ajv": {
"version": "6.12.0",
"from": "ajv#>=6.9.1 <7.0.0",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.0.tgz"
},
"ansi-escapes": {
"version": "3.2.0",
"from": "ansi-escapes#>=3.2.0 <4.0.0",
"resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-3.2.0.tgz"
},
"ansi-regex": {
"version": "3.0.0",
"from": "ansi-regex#>=3.0.0 <4.0.0",
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz"
},
"ansi-styles": {
"version": "3.2.1",
"from": "ansi-styles#>=3.2.1 <4.0.0",
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz"
},
"argparse": {
"version": "1.0.10",
"from": "argparse#>=1.0.7 <2.0.0",
"resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz"
},
"astral-regex": {
"version": "1.0.0",
"from": "astral-regex#>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-1.0.0.tgz"
},
"balanced-match": {
"version": "1.0.0",
"from": "balanced-match#>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz"
},
"brace-expansion": {
"version": "1.1.11",
"from": "brace-expansion#>=1.1.7 <2.0.0",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz"
},
"callsites": {
"version": "3.1.0",
"from": "callsites#>=3.0.0 <4.0.0",
"resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz"
},
"chalk": {
"version": "2.4.2",
"from": "chalk#>=2.1.0 <3.0.0",
"resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz"
},
"chardet": {
"version": "0.7.0",
"from": "chardet#>=0.7.0 <0.8.0",
"resolved": "https://registry.npmjs.org/chardet/-/chardet-0.7.0.tgz"
},
"cli-cursor": {
"version": "2.1.0",
"from": "cli-cursor#>=2.1.0 <3.0.0",
"resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-2.1.0.tgz"
},
"cli-width": {
"version": "2.2.0",
"from": "cli-width#>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/cli-width/-/cli-width-2.2.0.tgz"
},
"color-convert": {
"version": "1.9.3",
"from": "color-convert#>=1.9.0 <2.0.0",
"resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz"
},
"color-name": {
"version": "1.1.3",
"from": "color-name#1.1.3",
"resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz"
},
"concat-map": {
"version": "0.0.1",
"from": "concat-map#0.0.1",
"resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz"
},
"cross-spawn": {
"version": "6.0.5",
"from": "cross-spawn#>=6.0.5 <7.0.0",
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz"
},
"debug": {
"version": "4.1.1",
"from": "debug#>=4.0.1 <5.0.0",
"resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz"
},
"deep-is": {
"version": "0.1.3",
"from": "deep-is#>=0.1.3 <0.2.0",
"resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz"
},
"doctrine": {
"version": "3.0.0",
"from": "doctrine#>=3.0.0 <4.0.0",
"resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz"
},
"emoji-regex": {
"version": "7.0.3",
"from": "emoji-regex#>=7.0.1 <8.0.0",
"resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-7.0.3.tgz"
},
"escape-string-regexp": {
"version": "1.0.5",
"from": "escape-string-regexp#>=1.0.5 <2.0.0",
"resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz"
},
"eslint": {
"version": "5.16.0",
"from": "eslint#>=5.16.0 <6.0.0",
"resolved": "https://registry.npmjs.org/eslint/-/eslint-5.16.0.tgz"
},
"eslint-scope": {
"version": "4.0.3",
"from": "eslint-scope#>=4.0.3 <5.0.0",
"resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-4.0.3.tgz"
},
"eslint-utils": {
"version": "1.4.3",
"from": "eslint-utils#>=1.3.1 <2.0.0",
"resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-1.4.3.tgz"
},
"eslint-visitor-keys": {
"version": "1.1.0",
"from": "eslint-visitor-keys#>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.1.0.tgz"
},
"espree": {
"version": "5.0.1",
"from": "espree#>=5.0.1 <6.0.0",
"resolved": "https://registry.npmjs.org/espree/-/espree-5.0.1.tgz"
},
"esprima": {
"version": "4.0.1",
"from": "esprima#>=4.0.0 <5.0.0",
"resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz"
},
"esquery": {
"version": "1.1.0",
"from": "esquery#>=1.0.1 <1.2.0",
"resolved": "https://registry.npmjs.org/esquery/-/esquery-1.1.0.tgz",
"dependencies": {
"estraverse": {
"version": "4.0.0",
"from": "estraverse#>=4.0.0 <5.0.0",
"resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.0.0.tgz"
}
}
},
"esrecurse": {
"version": "4.2.1",
"from": "esrecurse#>=4.1.0 <5.0.0",
"resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.2.1.tgz"
},
"estraverse": {
"version": "4.3.0",
"from": "estraverse#>=4.1.1 <5.0.0",
"resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz"
},
"esutils": {
"version": "2.0.3",
"from": "esutils#>=2.0.2 <3.0.0",
"resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz"
},
"external-editor": {
"version": "3.1.0",
"from": "external-editor#>=3.0.3 <4.0.0",
"resolved": "https://registry.npmjs.org/external-editor/-/external-editor-3.1.0.tgz"
},
"fast-deep-equal": {
"version": "3.1.1",
"from": "fast-deep-equal#>=3.1.1 <4.0.0",
"resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.1.tgz"
},
"fast-json-stable-stringify": {
"version": "2.1.0",
"from": "fast-json-stable-stringify#>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz"
},
"fast-levenshtein": {
"version": "2.0.6",
"from": "fast-levenshtein#>=2.0.6 <2.1.0",
"resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz"
},
"figures": {
"version": "2.0.0",
"from": "figures#>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/figures/-/figures-2.0.0.tgz"
},
"file-entry-cache": {
"version": "5.0.1",
"from": "file-entry-cache#>=5.0.1 <6.0.0",
"resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-5.0.1.tgz"
},
"flat-cache": {
"version": "2.0.1",
"from": "flat-cache#>=2.0.1 <3.0.0",
"resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-2.0.1.tgz"
},
"flatted": {
"version": "2.0.1",
"from": "flatted#>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/flatted/-/flatted-2.0.1.tgz"
},
"fs.realpath": {
"version": "1.0.0",
"from": "fs.realpath#>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz"
},
"functional-red-black-tree": {
"version": "1.0.1",
"from": "functional-red-black-tree#>=1.0.1 <2.0.0",
"resolved": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz"
},
"glob": {
"version": "7.1.6",
"from": "glob#>=7.1.2 <8.0.0",
"resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz"
},
"globals": {
"version": "11.12.0",
"from": "globals#>=11.7.0 <12.0.0",
"resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz"
},
"has-flag": {
"version": "3.0.0",
"from": "has-flag#>=3.0.0 <4.0.0",
"resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz"
},
"iconv-lite": {
"version": "0.4.24",
"from": "iconv-lite#>=0.4.24 <0.5.0",
"resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz"
},
"ignore": {
"version": "4.0.6",
"from": "ignore#>=4.0.6 <5.0.0",
"resolved": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz"
},
"import-fresh": {
"version": "3.2.1",
"from": "import-fresh#>=3.0.0 <4.0.0",
"resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.2.1.tgz"
},
"imurmurhash": {
"version": "0.1.4",
"from": "imurmurhash#>=0.1.4 <0.2.0",
"resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz"
},
"inflight": {
"version": "1.0.6",
"from": "inflight#>=1.0.4 <2.0.0",
"resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz"
},
"inherits": {
"version": "2.0.4",
"from": "inherits#>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz"
},
"inquirer": {
"version": "6.5.2",
"from": "inquirer#>=6.2.2 <7.0.0",
"resolved": "https://registry.npmjs.org/inquirer/-/inquirer-6.5.2.tgz",
"dependencies": {
"ansi-regex": {
"version": "4.1.0",
"from": "ansi-regex#>=4.1.0 <5.0.0",
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz"
},
"strip-ansi": {
"version": "5.2.0",
"from": "strip-ansi#>=5.1.0 <6.0.0",
"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz"
}
}
},
"is-fullwidth-code-point": {
"version": "2.0.0",
"from": "is-fullwidth-code-point#>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz"
},
"is-promise": {
"version": "2.1.0",
"from": "is-promise#>=2.1.0 <3.0.0",
"resolved": "https://registry.npmjs.org/is-promise/-/is-promise-2.1.0.tgz"
},
"isexe": {
"version": "2.0.0",
"from": "isexe#>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz"
},
"js-tokens": {
"version": "4.0.0",
"from": "js-tokens#>=4.0.0 <5.0.0",
"resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz"
},
"js-yaml": {
"version": "3.13.1",
"from": "js-yaml#>=3.13.0 <4.0.0",
"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.13.1.tgz"
},
"json-schema-traverse": {
"version": "0.4.1",
"from": "json-schema-traverse#>=0.4.1 <0.5.0",
"resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz"
},
"json-stable-stringify-without-jsonify": {
"version": "1.0.1",
"from": "json-stable-stringify-without-jsonify#>=1.0.1 <2.0.0",
"resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz"
},
"levn": {
"version": "0.3.0",
"from": "levn#>=0.3.0 <0.4.0",
"resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz"
},
"lodash": {
"version": "4.17.15",
"from": "lodash#>=4.17.11 <5.0.0",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz"
},
"mimic-fn": {
"version": "1.2.0",
"from": "mimic-fn#>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-1.2.0.tgz"
},
"minimatch": {
"version": "3.0.4",
"from": "minimatch#>=3.0.4 <4.0.0",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz"
},
"minimist": {
"version": "1.2.5",
"from": "minimist#>=1.2.5 <2.0.0",
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz"
},
"mkdirp": {
"version": "0.5.4",
"from": "mkdirp#>=0.5.1 <0.6.0",
"resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.4.tgz"
},
"ms": {
"version": "2.1.2",
"from": "ms#>=2.1.1 <3.0.0",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz"
},
"mute-stream": {
"version": "0.0.7",
"from": "mute-stream#0.0.7",
"resolved": "https://registry.npmjs.org/mute-stream/-/mute-stream-0.0.7.tgz"
},
"natural-compare": {
"version": "1.4.0",
"from": "natural-compare#>=1.4.0 <2.0.0",
"resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz"
},
"nice-try": {
"version": "1.0.5",
"from": "nice-try#>=1.0.4 <2.0.0",
"resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz"
},
"once": {
"version": "1.4.0",
"from": "once#>=1.3.0 <2.0.0",
"resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz"
},
"onetime": {
"version": "2.0.1",
"from": "onetime#>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/onetime/-/onetime-2.0.1.tgz"
},
"optionator": {
"version": "0.8.3",
"from": "optionator#>=0.8.2 <0.9.0",
"resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz"
},
"os-tmpdir": {
"version": "1.0.2",
"from": "os-tmpdir#>=1.0.2 <1.1.0",
"resolved": "https://registry.npmjs.org/os-tmpdir/-/os-tmpdir-1.0.2.tgz"
},
"parent-module": {
"version": "1.0.1",
"from": "parent-module#>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz"
},
"path-is-absolute": {
"version": "1.0.1",
"from": "path-is-absolute#>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz"
},
"path-is-inside": {
"version": "1.0.2",
"from": "path-is-inside#>=1.0.2 <2.0.0",
"resolved": "https://registry.npmjs.org/path-is-inside/-/path-is-inside-1.0.2.tgz"
},
"path-key": {
"version": "2.0.1",
"from": "path-key#>=2.0.1 <3.0.0",
"resolved": "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz"
},
"prelude-ls": {
"version": "1.1.2",
"from": "prelude-ls#>=1.1.2 <1.2.0",
"resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz"
},
"progress": {
"version": "2.0.3",
"from": "progress#>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz"
},
"punycode": {
"version": "2.1.1",
"from": "punycode#>=2.1.0 <3.0.0",
"resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz"
},
"regexpp": {
"version": "2.0.1",
"from": "regexpp#>=2.0.1 <3.0.0",
"resolved": "https://registry.npmjs.org/regexpp/-/regexpp-2.0.1.tgz"
},
"resolve-from": {
"version": "4.0.0",
"from": "resolve-from#>=4.0.0 <5.0.0",
"resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz"
},
"restore-cursor": {
"version": "2.0.0",
"from": "restore-cursor#>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-2.0.0.tgz"
},
"rimraf": {
"version": "2.6.3",
"from": "rimraf#2.6.3",
"resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz"
},
"run-async": {
"version": "2.4.0",
"from": "run-async#>=2.2.0 <3.0.0",
"resolved": "https://registry.npmjs.org/run-async/-/run-async-2.4.0.tgz"
},
"rxjs": {
"version": "6.5.4",
"from": "rxjs#>=6.4.0 <7.0.0",
"resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.5.4.tgz"
},
"safer-buffer": {
"version": "2.1.2",
"from": "safer-buffer#>=2.1.2 <3.0.0",
"resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz"
},
"semver": {
"version": "5.7.1",
"from": "semver#>=5.5.1 <6.0.0",
"resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz"
},
"shebang-command": {
"version": "1.2.0",
"from": "shebang-command#>=1.2.0 <2.0.0",
"resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-1.2.0.tgz"
},
"shebang-regex": {
"version": "1.0.0",
"from": "shebang-regex#>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz"
},
"signal-exit": {
"version": "3.0.2",
"from": "signal-exit#>=3.0.2 <4.0.0",
"resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.2.tgz"
},
"slice-ansi": {
"version": "2.1.0",
"from": "slice-ansi#>=2.1.0 <3.0.0",
"resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-2.1.0.tgz"
},
"sprintf-js": {
"version": "1.0.3",
"from": "sprintf-js#>=1.0.2 <1.1.0",
"resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz"
},
"string-width": {
"version": "2.1.1",
"from": "string-width#>=2.1.0 <3.0.0",
"resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz"
},
"strip-ansi": {
"version": "4.0.0",
"from": "strip-ansi#>=4.0.0 <5.0.0",
"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz"
},
"strip-json-comments": {
"version": "2.0.1",
"from": "strip-json-comments#>=2.0.1 <3.0.0",
"resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-2.0.1.tgz"
},
"supports-color": {
"version": "5.5.0",
"from": "supports-color#>=5.3.0 <6.0.0",
"resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz"
},
"table": {
"version": "5.4.6",
"from": "table#>=5.2.3 <6.0.0",
"resolved": "https://registry.npmjs.org/table/-/table-5.4.6.tgz",
"dependencies": {
"ansi-regex": {
"version": "4.1.0",
"from": "ansi-regex#>=4.1.0 <5.0.0",
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz"
},
"string-width": {
"version": "3.1.0",
"from": "string-width#>=3.0.0 <4.0.0",
"resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz"
},
"strip-ansi": {
"version": "5.2.0",
"from": "strip-ansi#>=5.1.0 <6.0.0",
"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz"
}
}
},
"text-table": {
"version": "0.2.0",
"from": "text-table#>=0.2.0 <0.3.0",
"resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz"
},
"through": {
"version": "2.3.8",
"from": "through#>=2.3.6 <3.0.0",
"resolved": "https://registry.npmjs.org/through/-/through-2.3.8.tgz"
},
"tmp": {
"version": "0.0.33",
"from": "tmp#>=0.0.33 <0.0.34",
"resolved": "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz"
},
"tslib": {
"version": "1.11.1",
"from": "tslib#>=1.9.0 <2.0.0",
"resolved": "https://registry.npmjs.org/tslib/-/tslib-1.11.1.tgz"
},
"type-check": {
"version": "0.3.2",
"from": "type-check#>=0.3.2 <0.4.0",
"resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz"
},
"uri-js": {
"version": "4.2.2",
"from": "uri-js#>=4.2.2 <5.0.0",
"resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz"
},
"which": {
"version": "1.3.1",
"from": "which#>=1.2.9 <2.0.0",
"resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz"
},
"word-wrap": {
"version": "1.2.3",
"from": "word-wrap#>=1.2.3 <1.3.0",
"resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz"
},
"wrappy": {
"version": "1.0.2",
"from": "wrappy#>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz"
},
"write": {
"version": "1.0.3",
"from": "write#1.0.3",
"resolved": "https://registry.npmjs.org/write/-/write-1.0.3.tgz"
}
}
}
$ node -v
v6.17.1
$ npm -v
3.10.10
$ ls
npm-shrinkwrap.json package.json
$ npm install
...

Bower install display prompt input message debian

I am getting a problem trying to execute a bower install on my project
I am just executing bower install command on my debian OS
but when this is recognizing the dependencies defined on my bower.json.
its got stuck in a part that I dont understand
this is the last part that i see in my command line
"dependencies": {
"angular": {
"endpoint": {
"name": "angular",
"source": "angular",
"target": "^1.0.8"
},
"canonicalDir": "/home/ricco/.cache/bower/packages/060a9fe0e60a0d3d6c9ed350cde03e61/1.5.4",
"pkgMeta": {
"name": "angular",
"version": "1.5.4",
"license": "MIT",
"main": "./angular.js",
"ignore": [],
"dependencies": {},
"homepage": "https://github.com/angular/bower-angular",
"_release": "1.5.4",
"_resolution": {
"type": "version",
"tag": "v1.5.4",
"commit": "b972d5aa130bef5c4d931f22bd11627207ea35ca"
},
"_source": "https://github.com/angular/bower-angular.git",
"_target": ">=1"
},
"dependencies": {},
"nrDependants": 1
}
},
"nrDependants": 1
}
]
}
]
}
}, {
"type": "input",
"message": "Answer",
"name": "prompt",
"level": "prompt"
then there after dislpaying the
{
"type": "input",
"message": "Answer",
"name": "prompt",
"level": "prompt"
it got stuck there for some reason.
This is my bower.json
{
"name": "ng-boilerplate",
"version": "0.3.2",
"devDependencies": {
"angular": "~1.2",
"angular-mocks": "~1.2",
"bootstrap": "~3.1",
"angular-bootstrap": "~0.10.0",
"angular-ui-router": "~0.2",
"angular-route":"1.5.3",
"angular-resource":"1.5.3"
},
"dependencies": {}
}

I experienced the same issue using the Angular boilerplate ngbp.
I solved the issue by removing the following line from my .bowerrc file:
"json": "bower.json"
Alternatively, see the answer below by #NikolaB. which involves adding resolutions to your bower.json instead of removing this line.

When you specify dependencies for your app via Bower, some of the packages might rely on different versions of the same library. You will have to resolve what version of libraries you want in your app.
If you configure you Bower using "json": "bower.json" inside .bowerrc file, Bower will expect those resolutions to be inside bower.json file. This means that you must have "resolutions" property inside bower.json file.
So, you could try adding "resolutions" property into your bower.json:
{
"name": "ng-boilerplate",
"version": "0.3.2",
"devDependencies": {
"angular": "~1.2",
"angular-mocks": "~1.2",
"bootstrap": "~3.1",
"angular-bootstrap": "~0.10.0",
"angular-ui-router": "~0.2",
"angular-route":"1.5.3",
"angular-resource":"1.5.3"
},
"resolutions": {
"angular": "1.2.12"
}
}

Why does yo not recognize private yeoman generator?

I have a private yeoman generator on my gitlab.
After using npm install -g [url_to_my_generator], I found that yo can't recognize it.
But when I clone it to local and then use npm install && npm link, it works fine and appears in "Available Generators".
Here is my generator's package.json
{
"name": "generator-my-generator",
"version": "0.0.1",
"description": "xxx",
"keywords": [
"yeoman-generator",
"generator"
],
"author": {
"name": "xxx",
"email": "xxx",
"url": "xxx"
},
"main": "app/index.js",
"repository": {
"type": "git",
"url": "git+ssh://xxx/generator-my-generator.git"
},
"dependencies": {
"yeoman-generator": "^0.19.0",
"chalk": "^1.0.0",
"yosay": "^1.0.2"
},
"devDependencies": {},
"files": [
"app"
]
}
And my environments:
OS: Windows 7
yo: 1.4.7
npm: 2.13.5
Thank you for helping.

Two troubleshooting techniques:
Run yo doctor. That's your best friend for any issue with Yeoman.
Make sure the files property of your package.json includes your generators.

first publish npm module does not download dependencies

I just published my npm package. But now when I install it using sudo npm install package-name -g, it does download the package but does not download its dependencies. I know this because when I execute this package command packagename path/to/folder then shows an error about it dependencies that is Error: Cannot find module 'hound'. Hound is its dependency. Below is my package.json file
{
"name": "package-name",
"description": "description",
"version": "0.1.1",
"homepage": "url",
"author": {
"name": "Name",
"email": "email#gmail.com"
},
"repository": {
"type": "git",
"url": "url to git"
},
"bugs": {
"url": "url/issues"
},
"licenses": [
{
"type": "MIT",
"url": "url to LICENSE-MIT"
}
],
"main": "lib/package-name",
"engines": {
"node": "0.10.32"
},
"devDependencies": {
"hound": "1.0.4",
"async": "0.9.0",
"replace": "0.3.0",
"grunt": "~0.4.5",
"node-dir": "0.1.6"
},
"keywords": [],
"preferGlobal": "true",
"bin": {
"cssimport" : "lib/package-name.js"
}
}
How can I change this so when user install my package then its dependency automatically downloads and starts working?

Hound is set up as a devDepency, it's not going to be installed in a normal install. If you change that to dependencies it will be. If you need certain things as devDependencies to build your package (like grunt), leave them under that key.

Resources