-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
[BUG] Npm not installing expected package version #3411
Comments
Presumably because storybook/components has a peer dep on v13 of react-syntax-highlighter, so that’s the only way the two can possibly be used together (just a guess; haven’t verified) |
@ljharb there is a dependencie towards Content of the
If NPM choose to take the version of a sub-dependencie instead of the latest when doing |
Ah, i see what happened. You installed storybook/components first, and the second install command didn’t specify If you’d included a version specifier, then npm would have installed that. In other words, if you want latest, you’ve always had to add “ |
@ljharb That is indeed what happened, but isn't that counter intuitive for the user ? When the user want to install a package that he saw on github, he does When installing a new package, we most of the time get the latest version (no?), meaning that the user won't expect getting an outdated package. Also, we can't expect someone to know of all the sub dependencies of the installed packages. I think a warning message would be helpful, I am probably not the only one being throw off by this behavior, the warning could be something like:
And why does NPM prefer a package already present ? Is it only to save space ? |
To minimize conflicts and duplication, i assume. You might already implicitly be depending on v13 of that package, and installing v15 unintentionally might break things. |
In light of #3494 pointing folks to The install docs do say:
and I am not sure what cases shouldn't do this. I'm pretty sure "some other subdependency is requiring something a semver major away from We'll probably need to discuss this a little internally just to be sure we're not missing something. |
I'd definitely call this a bug. There's no reason why it couldn't install the latest one, it's just a side effect of the "can we avoid having to replace the current thing because it satisfies the dep" coupled with the way that we install new packages by adding a new dependency to the root project on What it ought to do is note that the parent dep is an explicit request (which is info we have at the time, but aren't using), and clobber it even though it doesn't "technically" have to based on the spec it's working with at the time, unless The only case where it maybe shouldn't do that, I think, is if the existing dep is held in place by a peerDep from another package. Ie, you install I'll get a test for this in the Arborist.buildIdealTree refactor I'm working on now, and fix it there. |
Also, this includes the fix for npm/cli#3411
Also, this includes the fix for npm/cli#3411
Is there an existing issue for this?
Current Behavior
When installing a new package with
npm i <package_name>
, if the package already exist as sub-dependencie of another package, it will install that version of the package (example 13.5.3). Instead of installing latest version (example 15.4.3). If that is a design choice, I find it counter-intuitive and hard to debug.Expected Behavior
Should give me:
Doing
npm i <package_name>
when the package is absent frompackage.json
should install the latest version by default of that package, ignoring smaller versions installed as sub-dependencie of other installed packages.Steps To Reproduce
I have the latest version, hourra !
Why do I have
13.5.3
version ? It seem to be the same version as the one used by@storybook/components
internally.Environment
The text was updated successfully, but these errors were encountered: