shrinkpack: Change made in npm 3.8.8 breaks shrinkpacked projects
We are not able to run npm install with recent npm versions
Expected behaviour
npm install with success on all (at least recent npm versions)
For now, we’ll just keep on using a compatible npm version, but at some point, this is going to be an issue. …
Actual behaviour
Did not try for all npm versions, but with 3.8.3 it is working fine, while with 3.8.9 or 3.9.2 (currently latest) npm install no longer finds the files.
From the error logs, the issue is pretty clear, the meaning of ‘./’ changed in a version between 3.8.3 and 3.8.9 and now, for dependencies, npm is building the path starting from the node_modules/package repertory instead of the working directory …
Steps to reproduce
on a shrinkwrapped project npm install -g npm@3.8.3 rm -rf node_modules npm install => all good
npm install -g npm@3.9.2 rm -rf node_modules npm install => all dependencies are failing …
Software versions used
OS : Ubuntu 14.04
node.js : 5.10.1
npm : 3.8.3 => ok, 3.8.9 or 3.9.2 => not ok
shrinkpack : 0.12.3
Log output when running shrinkpack
$ rm -rf node_modules
$ npm install
Running node v5.10.1
npm ERR! addLocal Could not install /.../node_modules/dom-serializer/node_shrinkwrap/domelementtype-1.1.3.tgz
npm ERR! addLocal Could not install /.../node_modules/dom-serializer/node_shrinkwrap/entities-1.1.1.tgz
npm ERR! addLocal Could not install /.../node_modules/readline2/node_shrinkwrap/ansi-regex-1.1.1.tgz
npm ERR! addLocal Could not install /.../node_modules/readline2/node_shrinkwrap/mute-stream-0.0.4.tgz
npm ERR! addLocal Could not install /.../node_modules/readline2/node_shrinkwrap/strip-ansi-2.0.1.tgz
npm ERR! addLocal Could not install /.../node_modules/camelcase-keys/node_shrinkwrap/camelcase-2.1.0.tgz
npm ERR! addLocal Could not install /.../node_modules/indent-string/node_shrinkwrap/repeating-2.0.0.tgz
...
About this issue
- Original URL
- State: closed
- Created 8 years ago
- Reactions: 5
- Comments: 20 (13 by maintainers)
Commits related to this issue
- chore(tests): add dependency which will reproduce #45 — committed to JamieMason/shrinkpack by JamieMason 8 years ago
- chore(tests): add dependency which will reproduce #45 — committed to JamieMason/shrinkpack by JamieMason 8 years ago
- Use older version of npm https://github.com/JamieMason/shrinkpack/issues/45 — committed to scott113341/website by scott113341 8 years ago
- fix(npm): regression fixed in npm 3.10.4 closes #45 — committed to JamieMason/shrinkpack by JamieMason 8 years ago
- Check if npm is installed and detect buggy version shrinkpack won't work with npm versions between <3.9.0, 3.10.3>, for details, see https://github.com/JamieMason/shrinkpack/issues/45 Change-Id: I65... — committed to LibreOffice/online by deleted user 7 years ago
Hi all! My plan is to get a fix for this into this week’s npm release. It’s a short week for me (I’m only in today and tomorrow) but I’m optimistic. My colleague @zkat will be handling the release this week.
The fix was released today in 3.10.4!
Hey you all:
So, the change here was that local-type dependencies are resolved relative to the package that required them.
This is, I think, absolutely the correct behavior for specs coming from the
package.json.But it does seem confusing (and probably wrong) for
npm-shrinkwrap.json, there I think it should resolve relative to the location of thenpm-shrinkwrap.json. Initial testing shows that this would fix the class of errors you all are seeing.Work remaining to get this fixed in npm:
npm shrinkwrapon existing local deps produces compatible specs.My current plan is to tackle shrinkwrap related big-bugs next (and this is one of those), so hopefully we’ll get this out the door soon.