Skip to content

[BUG] npm update fails when overriding dependency of local file with local file #4397

New issue
New issue
Closed
#5233
Closed
[BUG] npm update fails when overriding dependency of local file with local file#4397
#5233
Assignees
nlf
Labels
Bugthing that needs fixingPriority 2secondary priority issueRelease 8.xwork is associated with a specific npm 8 releaseconfig:overridesIssues dealing with the overrides feature
@draperunner

Description

@draperunner
draperunner
opened on Feb 10, 2022

Is there an existing issue for this?

  • I have searched the existing issues

This issue exists in the latest npm version

  • I am using the latest npm

Current Behavior

We are using some local files as dependencies that we put in a directory we call vendor. These dependencies are added to package.json with the "file:" prefix. In addition to this, we use "overrides" to override some dependency of the local vendor package. This overriden dependency is also a local file living in vendor.

This works well – except when using npm update, which fails with an incorrect path for the overridden dependency. This path includes /vendor/vendor/, so seems the path resolution is not correct.

I have reproduced the issue in this repo: https://github.com/draperunner/npm-update-bug-repro

Full error log from npm update:

npm WARN tarball tarball data for escape-string-regexp@file:vendor/matcher-5.0.0.tar.gz (null) seems to be corrupted. Trying again.
npm WARN tarball tarball data for escape-string-regexp@file:vendor/matcher-5.0.0.tar.gz (null) seems to be corrupted. Trying again.
npm ERR! code ENOENT
npm ERR! syscall open
npm ERR! path <redacted-path>/npm-update-bug-repro/vendor/vendor/matcher-5.0.0.tar.gz
npm ERR! errno -2
npm ERR! enoent ENOENT: no such file or directory, open '<redacted-path>/npm-update-bug-repro/vendor/vendor/matcher-5.0.0.tar.gz'
npm ERR! enoent This is related to npm not being able to find a file.
npm ERR! enoent

npm ERR! A complete log of this run can be found in:
npm ERR!     /<redacted-path>/.npm/_logs/2022-02-10T09_35_25_467Z-debug-0.log

Expected Behavior

npm update should not fail, but update depencies as normal. It could either ignore the local files or resolve the path correctly.

Steps To Reproduce

  1. Clone the repro repo: https://github.com/draperunner/npm-update-bug-repro
  2. Run npm install to install dependencies
  3. Run npm update
  4. See error...

Environment

  • npm: 8.4.1
  • Node.js: v14.17.6
  • OS Name: MacOS
  • System Model Name: Macbook Pro
  • npm config:
; "user" config from /Users/<redacted>/.npmrc

//registry.npmjs.org/:_authToken = (protected)
python = "/usr/bin/python"

; node bin location = /Users/<redacted>/.nvm/versions/node/v14.17.6/bin/node
; cwd = /Users/<redacted>/prog/npm-update-bug-repro
; HOME = /Users/<redacted>
; Run `npm config ls -l` to show all defaults.

Metadata

Metadata

Assignees

Labels

Bugthing that needs fixingPriority 2secondary priority issueRelease 8.xwork is associated with a specific npm 8 releaseconfig:overridesIssues dealing with the overrides feature

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions