I'm using the scripts section of the package.json
to force resolutions:
"preinstall": "npx npm-force-resolutions"
in the resolutions section, I have entered graceful-fs
with a specified version:
"resolutions": {
"graceful-fs": "^4.2.4",
},
When i run npm i
everything is installed correctly, the set versions are taken in to account. But later on when I install an additional module, e.g. npm i random-package
, my set versions are being thrown away and I endup with [email protected]
and other low versions in some dependencies.
If I clear the node_modules folder and run npm i
again, everything is alright again.
I also tried setting the resolution more specific, like
"resolutions": {
"glob/**/graceful-fs": "^4.2.4",
},
but this doesn't help.
I also tried:
but no luck.
what am I missing?
"preinstall": "npx force-resolutions" npx force-resolutions does not run when no package-lock.json is detected, and allows the next command inline to be executed as normal.
This packages modifies package-lock. json to force the installation of specific version of a transitive dependency (dependency of dependency), similar to yarn's selective dependency resolutions, but without having to migrate to yarn.
The -f or --force argument will force npm to fetch remote resources even if a local copy exists on disk. The -g or --global argument will cause npm to install the package globally rather than locally.
The best solution for me to automate this was modifying preinstall script as above:
"preinstall": "npm install --package-lock-only --ignore-scripts && npx npm-force-resolutions",
Best way is to change the preinstall
script to this:
"preinstall": "([ ! -f package-lock.json ] && npm install --package-lock-only --ignore-scripts --no-audit); npx npm-force-resolutions"
This will only run npm install
to create your initial package-lock.json when it does not exist yet.
This is much faster than always running both (npm + npx).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With