Menu
How to safely npm install/update when deploying/upgrading ?
Problem 1 : npm install is a statefull operation that depends on the latest versions of dependencies in the time when the command is executed. This causes surprises when deploying since package.json file indicates ranges but not specific versions.
Problem 2 : everytime I make npm update or use ncu, I spend hours/days trying to handle incoherences between modules. Why would this happens in 2018 ?
Problem 3 : How to have package.json file that describes exactly the state of installed packages instead of ranges so that I can deploy without surprises ?
NB: I use Angular
923
you need to change that to npm --logevel=error install , and that will suppress the WARN message and Team Foundation Server will stop complaining about it.
As of [email protected] , the npm update will change package. json to save the new version as the minimum required dependency. To get the old behavior, use npm update --no-save .
To Save : npm install --save {package_name} . This will save the package to package. json and install using npm install . You can't particularly control the dependencies(fully).
The easiest way to fix the issue is to pass an additional parameter –legacy-peer-deps to npm install. The --legacy-peer-deps tells the npm to ignore the peer dependencies and continue the installation of the package. Try the below command to install the dependencies for your project.
If you use yarn or a more recent version of npm, it will generate for you a yarn.lock or package-lock.json.
This will keep exactly the version of any package when it's first installed, so further calls to yarn or npm install will fetch and install exactly those versions.
Of course you should add these lock files to your repository so anyone doing a fresh clone get the same dependencies installed.
See the npm docs: https://docs.npmjs.com/files/package-lock.json
And the yarn docs: https://yarnpkg.com/lang/en/docs/yarn-lock/
151
package.json file indicates ranges but not specific versions : Re-read the documentation, you can specify specific versions. See point 3 for an example.Why would this happens in 2018 <= I/we can't speculate as to problems where you did not include any specific details, it might be a valid general gripe you have but StackOverflow is not the correct place to vent it.Again, see the documentation. You just have to include the version number with an = sign. Example below would get only the version 5.0.0 of @angular/cdk.
"@angular/cdk": "5.0.0"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
