Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] npm i add invalid version to package.json #2320

Closed
Jack-Works opened this issue Dec 10, 2020 · 6 comments · Fixed by npm/arborist#192
Closed

[BUG] npm i add invalid version to package.json #2320

Jack-Works opened this issue Dec 10, 2020 · 6 comments · Fixed by npm/arborist#192
Labels
Bug thing that needs fixing Needs Triage needs review for next steps Release 7.x work is associated with a specific npm 7 release

Comments

@Jack-Works
Copy link

Steps To Reproduce:

/package.json

{ "workspaces": [ "sub" ] }

/sub/package.json

{ "name": "sub" }

Run npm i sub in /. Sub package will be linked (that is correct). But wrong item is added to /package.json "sub": "^", which should be "sub": "*" because sub doesn't have a version field.

Environment:

  • Node: 14
  • npm: 7.1.1
@Jack-Works Jack-Works added Bug thing that needs fixing Needs Triage needs review for next steps Release 7.x work is associated with a specific npm 7 release labels Dec 10, 2020
@Jack-Works Jack-Works mentioned this issue Dec 10, 2020
Closed
@ljharb
Copy link
Contributor

ljharb commented Dec 10, 2020

cc @ruyadorno

@isaacs
Copy link
Contributor

isaacs commented Dec 10, 2020

Maybe ^ should be a valid range? ^* is valid, and '' is equivalent to '*', after all. 🤔

@ljharb
Copy link
Contributor

ljharb commented Dec 11, 2020

eesh, that seems too magic to me. ~ would be, would >= and < etc all be also?

@isaacs
Copy link
Contributor

isaacs commented Dec 11, 2020

>* and <* are both null sets (since they're "less than everything" or "greater than everything"). But >=, <=, ^, =, and ~ would all become synonyms for * if we did that.

Kind of off-topic, sorry. Bottom line, we shouldn't be saving a dep range with a prefix attached to an empty version field 😅

@Jack-Works
Copy link
Author

Maybe ^ should be a valid range? ^* is valid, and '' is equivalent to '*', after all. 🤔

So it's a dependabot bug? 🤔 (See DimensionDev/Maskbook#2073)

isaacs added a commit to npm/arborist that referenced this issue Dec 11, 2020
@isaacs
Do not save with ^ and no version
c96e61f 
Fix: npm/cli#2320
@isaacs isaacs mentioned this issue Dec 11, 2020
Merged
isaacs added a commit that referenced this issue Dec 11, 2020
@isaacs
@npmcli/arborist@2.0.1
011bb12 
* Do not save with ^ and no version

Fix: #2320
@isaacs isaacs mentioned this issue Dec 11, 2020
Merged
@isaacs
Copy link
Contributor

isaacs commented Dec 11, 2020

So it's a dependabot bug? 🤔 (See DimensionDev/Maskbook#2073)

I think I'm suggesting a SemVer feature request, actually. Dependabot is fine 😅

This was referenced Dec 11, 2020
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug thing that needs fixing Needs Triage needs review for next steps Release 7.x work is associated with a specific npm 7 release
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Do not save with ^ and no version npm/arborist
3 participants
@isaacs @ljharb @Jack-Works