How to safely npm install/update when deploying/upgrading ? <ul> <li>Problem 1 : <code>npm install</code> is a statefull operation that depends on the latest versions of dependencies in the time when the command is executed. This causes surprises when deploying since <code>package.json</code> file indicates ranges but not specific versions.</li> <li>Problem 2 : everytime I make <code>npm update</code> or use <code>ncu</code>, I spend hours/days trying to handle incoherences between modules. Why would this happens in 2018 ?</li> <li>Problem 3 : How to have <code>package.json</code> file that describes exactly the state of installed packages instead of ranges so that I can deploy without surprises ?</li> </ul> NB: I use Angular

If you use <code>yarn</code> or a more recent version of <code>npm</code>, it will generate for you a <code>yarn.lock</code> or <code>package-lock.json</code>. This will keep exactly the version of any package when it's first installed, so further calls to <code>yarn</code> or <code>npm install</code> will fetch and install exactly those versions. Of course you should add these lock files to your repository so anyone doing a fresh clone get the same dependencies installed. See the npm docs: https://docs.npmjs.com/files/package-lock.json And the yarn docs: https://yarnpkg.com/lang/en/docs/yarn-lock/

<ol> <li> <code>package.json file indicates ranges but not specific versions</code> : Re-read the documentation, you can specify specific versions. See point 3 for an example.</li> <li> <code>Why would this happens in 2018</code> <= I/we can't speculate as to problems where you did not include any specific details, it might be a valid general gripe you have but StackOverflow is not the correct place to vent it.</li> <li> Again, see the documentation. You just have to include the version number with an <code>=</code> sign. Example below would get only the version <code>5.0.0</code> of <code>@angular/cdk</code>. <pre class="prettyprint"><code>"@angular/cdk": "5.0.0" </code></pre> </li> </ol>

How to avoid npm install/update surprises?

Q: Does npm update change package json?

As of npm@5.0.0 , the npm update will change package. json to save the new version as the minimum required dependency. To get the old behavior, use npm update --no-save .

How to safely npm install/update when deploying/upgrading ?

Problem 1 : npm install is a statefull operation that depends on the latest versions of dependencies in the time when the command is executed. This causes surprises when deploying since package.json file indicates ranges but not specific versions.
Problem 2 : everytime I make npm update or use ncu, I spend hours/days trying to handle incoherences between modules. Why would this happens in 2018 ?
Problem 3 : How to have package.json file that describes exactly the state of installed packages instead of ranges so that I can deploy without surprises ?

NB: I use Angular

How do I turn off npm warnings?

you need to change that to npm --logevel=error install , and that will suppress the WARN message and Team Foundation Server will stop complaining about it.

Does npm update change package json?

As of [email protected] , the npm update will change package. json to save the new version as the minimum required dependency. To get the old behavior, use npm update --no-save .

How do I prevent npm install from removing packages?

To Save : npm install --save {package_name} . This will save the package to package. json and install using npm install . You can't particularly control the dependencies(fully).

How do I resolve npm installation issues?

The easiest way to fix the issue is to pass an additional parameter –legacy-peer-deps to npm install. The --legacy-peer-deps tells the npm to ignore the peer dependencies and continue the installation of the package. Try the below command to install the dependencies for your project.

If you use yarn or a more recent version of npm, it will generate for you a yarn.lock or package-lock.json.

This will keep exactly the version of any package when it's first installed, so further calls to yarn or npm install will fetch and install exactly those versions.

Of course you should add these lock files to your repository so anyone doing a fresh clone get the same dependencies installed.

See the npm docs: https://docs.npmjs.com/files/package-lock.json

And the yarn docs: https://yarnpkg.com/lang/en/docs/yarn-lock/

package.json file indicates ranges but not specific versions : Re-read the documentation, you can specify specific versions. See point 3 for an example.
Why would this happens in 2018 <= I/we can't speculate as to problems where you did not include any specific details, it might be a valid general gripe you have but StackOverflow is not the correct place to vent it.
Again, see the documentation. You just have to include the version number with an = sign. Example below would get only the version 5.0.0 of @angular/cdk.
```
"@angular/cdk": "5.0.0"
```

How to avoid npm install/update surprises?

Tags:

node.js

npm

angular

angular-cli

devops

user2080105

People also ask

2 Answers

CharlieBrown

Igor

Recent Activity

Donate For Us

How to avoid npm install/update surprises?

Tags:

node.js

npm

angular

angular-cli

devops

user2080105

People also ask

2 Answers

CharlieBrown

Igor

Related questions

Recent Activity

Donate For Us