Skip to content

[BUG] NPM Install includes transitive devDependencies for file: dependencies. #492

Closed
Closed
[BUG] NPM Install includes transitive devDependencies for file: dependencies.#492
Labels
Bugthing that needs fixing
@MicahZoltu

Description

@MicahZoltu
MicahZoltu
opened on Nov 18, 2019

What / Why

If you have a file reference dependencies like { "dependencies": { "a": "file:../a" } }, when you npm install the transitive devDependencies of the package will be installed and added to your package-lock.json.

When

When you include a depnedency as a file reference when it has a transitive devDependency.

Where

NPM CLI

How

Current Behavior

<root>/b/package-lock.json will look like:

{
	"requires": true,
	"lockfileVersion": 1,
	"dependencies": {
		"a": {
			"version": "file:../a",
			"dependencies": {
				"typescript": {
					"version": "3.7.2",
					"resolved": "https://registry.npmjs.org/typescript/-/typescript-3.7.2.tgz",
					"integrity": "sha512-ml7V7JfiN2Xwvcer+XAf2csGO1bPBdRbFCkYBczNZggrBZ9c7G3riSUeJmqEU5uOtXNPMhE3n+R4FA/3YOAWOQ=="
				}
			}
		}
	}
}

Steps to Reproduce

<root>/a/package.json

{
	"devDependencies": {
		"typescript": "3.7.2"
	}
}

<root>/b/package.json

{
	"dependencies": {
		"a": "file:../a"
	}
}
cd a
npm install
cd ../b
npm install

Expected Behavior

<root>/b/package-lock.json should look like this:

{
	"requires": true,
	"lockfileVersion": 1,
	"dependencies": {
		"a": {
			"version": "file:../a",
			"dependencies": {}
		}
	}
}

Who

  • n/a

References

  • n/a

Metadata

Metadata

Assignees

No one assigned

    Labels

    Bugthing that needs fixing

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions