Skip to content

[BUG] NPM Install includes transitive devDependencies for file: dependencies. #492

New issue
New issue
Closed
Closed
[BUG] NPM Install includes transitive devDependencies for file: dependencies.#492
Labels
Bugthing that needs fixing
@MicahZoltu

Description

@MicahZoltu
MicahZoltu
opened on Nov 18, 2019

What / Why

If you have a file reference dependencies like { "dependencies": { "a": "file:../a" } }, when you npm install the transitive devDependencies of the package will be installed and added to your package-lock.json.

When

When you include a depnedency as a file reference when it has a transitive devDependency.

Where

NPM CLI

How

Current Behavior

<root>/b/package-lock.json will look like:

{
	"requires": true,
	"lockfileVersion": 1,
	"dependencies": {
		"a": {
			"version": "file:../a",
			"dependencies": {
				"typescript": {
					"version": "3.7.2",
					"resolved": "https://registry.npmjs.org/typescript/-/typescript-3.7.2.tgz",
					"integrity": "sha512-ml7V7JfiN2Xwvcer+XAf2csGO1bPBdRbFCkYBczNZggrBZ9c7G3riSUeJmqEU5uOtXNPMhE3n+R4FA/3YOAWOQ=="
				}
			}
		}
	}
}

Steps to Reproduce

<root>/a/package.json

{
	"devDependencies": {
		"typescript": "3.7.2"
	}
}

<root>/b/package.json

{
	"dependencies": {
		"a": "file:../a"
	}
}
cd a
npm install
cd ../b
npm install

Expected Behavior

<root>/b/package-lock.json should look like this:

{
	"requires": true,
	"lockfileVersion": 1,
	"dependencies": {
		"a": {
			"version": "file:../a",
			"dependencies": {}
		}
	}
}

Who

  • n/a

References

  • n/a

Metadata

Metadata

Assignees

No one assigned

    Labels

    Bugthing that needs fixing

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions