I have two local npm projects, A and B.
Let's say A depends on react and has it listed as a dependency in the package.json file. I use npm link to make A available for B.
B depends on A and react. I use npm link A to use the local version of A. However, as I know that A already depends on react, I do not include react in my package.json file of B.
When I call npm install I would expect npm to include transitive dependencies in the node_modules folder. However, I cannot find react in it nor can I use it in B's code as long as I don't include the transitive dependency in B's own package.json file.
When I include other modules like react, I also get transitive dependencies like fbjs or encoding resolved into my node_modules folder.
So, where is the mistake? / Why are the dependencies of A not included in B's node_modules folder?
I got the same behaviour with npm 5.6. After a downgrade of npm to 4.6 version, "npm install" ran right. After this I figured out the problem was a package-lock.json committed by a teammates of mine and not synchronized to package.json
Related
In my project i'm using git and node_modules folder is obviously ignored. i was working branch1 and added some dependencies(e.g redux) and installed them via npm install. then i switched to branch2 which was created same time with branch1 and now it has some different dependencies than branch1. i used npm install again inorder to install those packages.
so here is what happened: when i came back to branch1 none of my already installed packages during working in branch1 were found. i expected that 'cause node_modules is ignored both of branches packages exist. i had to run npm install again although i installed them before.
so my question is what caused this? is it git doing sth? or npm does sth?
Here’s a hypothetical scenario that may help explain:
On branch 1 you install “A”. It gets saved to node_modules and you commit changes to the package.json and package-lock.json.
You checkout branch 2, causing your package.json and package-lock.json to no longer have “A” - although your node_modules are left untouched (gitignored), meaning “A” is still there.
You run npm install on branch 2, which uses your package.json and package-lock.json to update your node_modules per their specifications. Because they don’t have “A”, it gets removed from your node_modules.
You checkout branch 1, and again your node_modules are unaffected by this git checkout - this means you’ll need to run “npm install” again to get “A” back in node_modules.
Every time I create a create-react-app project it throws this error:
The react-scripts package provided by Create React App requires a dependency:
"babel-loader": "8.0.4"
Don't try to install it manually: your package manager does it automatically.
However, a different version of babel-loader was detected higher up in the tree:
/Users/dalegrant/Desktop/hyberchat-dashboard/client/node_modules/babel-loader (version: 8.0.5)
I have tried downgrading to 8.0.4,
I've tried installing 8.0.5
I've even made sure all my dependencies for babel rely on a 8.0.5!
I have no idea what to do from here as the error persists for every create react app I now build!
This must be a common problem, does anybody have an idea on how to get around this?!
In your machine user folder there is a node_modules directory and package-lock.json remove them using rm -rf User/node_modules and rm -rf User/package-lock.json after that delete node_module directory and pack-lock.json file in your project run npm install again then it's works
Remove the babel-loader package (also globally):
npm uninstall babel-loader
npm uninstall babel-loader -g
Then run create-react-app again, it should install the correct dependency.
If you use the babel-loader somewhere else, pin the dependency there to ensure this problem does not happen again.
you probably installed node_modules in your main folders before. Search for them and remove.
In my case i have installed node_modules on my Home folder. When i removed files from this directory problem disapeared
Prior to publishing to NPM I need to bump the minor version. What I usually do is:
- Change package.json
- Run npm i which syncs package-lock.json with the change. Now both can be published.
Is there a way to do this with a single NPM command?
Use npm version.
For example, the following command
npm version 1.0.2
will bump both package.json and package-lock.json to 1.0.2
The following command
npm i -S <module>#<version>
installs the specific version of the given module.
-S or --save tells npm to save the reference of the module + version into both package.json and package-lock.json
It depends on the granularity of control you want to have. For example, if you just want to check for an update on an individual module you can run: npm update <pkg>. As this command will update your package.json file to save the newest version of this <pkg> as the now required version to build your project. Alternatively, you could run npm update to update all your project's top-level packages. Ok so those are the more general use cases but if you want a specific version of a package and you know the version of which you desire you can do the following: npm i --save <pkg>#<version> as this command will grab the package specified by your version number as well as update the package.json file to include this version of package as now being required to build your project. This will eliminate the need to first update the package.json file and then installing the newer version of said package, rather this will be condensed down to one step. Lastly, just for thoroughness the package-lock.json file is dynamically generated when you make important changes to your project, such as requiring new dependencies or updating existing dependencies. This file kind of serves as source of truth so others can build your project and have the same setup as you, for more information on this file take a look at the npm docs
Hopefully that helps!
I have a number of modules that use the same devDependencies and I would like to make those dependencies a module itself, or some other way to manage them centrally. Are there any established patterns for achieving this?
I've looked in to using npm scripts to install the dev dependencies in the parent module, however it does feel a bit hacky e.g.
module-x has a dev dependency on module-shared-dev-dependencies. module-shared-dev-dependencies has a postinstall script that changes the cwd to module-x and npm install --save-dev eslint prettier husky ... etc. It then copies over the relevant config info such as rc files. Modules like husky currently only have the config info in the package.json file itself, so that would need modified too.
There is also the potential to have a base module in the git that all other modules fork from, however, I'd rather stick to an npm module approach if possible.
Ok so I have an npm project at my work that a bunch of us are working on. It has dependencies on 'lodash' and 'jquery'.
I do an >npm install, and it pulls down my deps. Then I bundle it.
That creates a 'package-lock.json' on my system.
Now another developer adds a new dependency on 'moment'.
He does a >npm install -S moment.
That adds it to his package.json, and he checks that in. We don't check in the package-lock.json.
Now I do a 'git pull' and get the new package.json.
Now I do >npm install, BUT because I have my own package-lock.json, it doesnt install 'moment' for me. So now I have to:
>rm package-lock.json
>npm install
And now I have 'moment'. Seems like this package-lock.json isn't really helping my workflow. Could I get an explanation of how this should work for developers on a day-to-day basis, if we are all developing on a common npm module?
First, according to npm documentation:
This file is intended to be committed into source repositories
so you should commit your initial package-lock.json after you've done npm install.
Another developer pulls your changes, including the lockfile.
Then he does npm -S moment, which makes updates to both package.json and package-lock.json. The developer pushes a commit with these changes.
Now you pull his changes and do npm install. It should install moment for you . Furthermore, you both should now have exactly the same version of moment and it's dependencies installed - even if between his and your installs minor version of some dependency was incremented.
Merge conflicts
It all gets messy when both of you have installed new dependencies in parallel and then have a conflict on package-lock.json. This may be a huge file and quite a pain to merge manually. I haven't seen documented any official way of dealing with it. There is even an open issue in npm repo to provide solution to resolving conflicts.
One user shares his workaround workflow in the issue thread there, which basically means: override your local changes with package.json and package-lock.json pulled from master, then apply all your npm install -S and npm remove -S commands again. This seems to be a reasonable solution until the issue is resolved by npm.