-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] npm install --production
fails to install dependencies overlapping with devDependencies
#4178
Comments
npm is so bugged i had to remove devDependencies for eslint to install properly -_-' seems related: npm/cli#4178
I can not duplicate this in ~/D/n/scratch $ npm pkg get dependencies devDependencies
{
"dependencies": {
"gatsby": "^4.10.0"
},
"devDependencies": {
"@storybook/react": "^6.4.19"
}
}
~/D/n/scratch $ npm i --production
changed 2 packages, and audited 1516 packages in 4s
19 vulnerabilities (6 moderate, 13 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
~/D/n/scratch $ npm ls fs-extra
scratch@1.0.0 /Users/wraithgar/Development/npm/scratch
└─┬ gatsby@4.10.0
├── fs-extra@10.0.1
├─┬ gatsby-cli@4.10.0
│ └── fs-extra@10.0.1 deduped
├─┬ gatsby-core-utils@3.10.0
│ └── fs-extra@10.0.1 deduped
└─┬ gatsby-telemetry@3.10.0
└── fs-extra@10.0.1 deduped
~/D/n/scratch $ grep version node_modules/fs-extra/package.json
"version": "10.0.1", |
After clearing my node_modules and package-lock and trying again I was able to get into that state. Note that it does exist on disk, but gatsby can not require it for some reason
|
Found it. This is a bug in ~/D/n/scratch $ cat node_modules/gatsby-plugin-utils/package.json
{
"name": "gatsby-plugin-utils",
"version": "3.4.0",
"description": "Gatsby utils that help creating plugins",
[...]
"dependencies": {
"@babel/runtime": "^7.15.4",
"gatsby-core-utils": "^3.10.0",
"gatsby-sharp": "^0.4.0",
"graphql-compose": "^9.0.7",
"import-from": "^4.0.0",
"joi": "^17.4.2",
"mime": "^3.0.0"
}
[...]
} It was only working by coincidence before, relying on |
Thank you for digging into this @wraithgar, apologies if I wasted your time. I'll open an issue on |
No worries, we'd prefer folks open a ticket just in cast it is a bug w/ npm. |
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
Create this package in an empty directory:
Then attempt to run:
Notice how
fs-extra
which is a direct dependency ofgatsby
is missing from the installed node-modules.fs-extra
is also a direct dependency (with a mismatched version) of@storybook/react
, however@storybook/react
is adevDependency
so my understanding is that it should be ignored completely when installing with the--production
flag.Expected Behavior
fs-extra
should be installed innode_modules
because it is a direct dependency ofgatsby
which is a direct dependency of the root package.Steps To Reproduce
npm
version 8.3.0npm install --production
fs-extra
module is missing from the installed modules, and when gatsby runs (npm run build
) it fails to resolve the dependency.Environment
The text was updated successfully, but these errors were encountered: