[BUG] npm update not scoped to workspace when no package targeted #3960
Comments
jharvey10
added
Bug
|
I also found something. If you just do The package/s version in package-lock.json FILE will be updated, but the package/s version in package.json FILES of the workspaces with the updated package/s are not updated I think this should actually be escalated as it has a huge impact, packages may potentially not be able to be updated properly. |
Running Effectively when I have dependencies at the top level (as opposed to any underneath workspace) which is great for sharing packages, they need to be installed with a separate This was initially confusing but it makes sense to apply install/update or any other command for a specific workspace or to all workspaces but that never includes the top level. I suppose it would be great to have a flag to also add the top level to avoid running a separate command. |
|
I think even with ws option to specify, it does not work
packages/*
…On Mon, 29 Nov 2021, 6:19 pm Gilles Dubreuil, ***@***.***> wrote:
I also found something.
If you just do npm update
The package/s version in package-lock.json *FILE* will be updated, but
the package/s version in package.json *FILES* of the workspaces with the
updated package/s are not updated
I think this should actually be escalated as it has a huge impact,
packages may potentially not be able to be updated properly.
Running npm update is not the same as npm update -ws or npm update
--workspaces.
When using workspaces, my understanding is to use the -ws or --workspaces
flag otherwise it mean working only a the top level.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#3960 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABAWBHTEHCD4EC77EO5SS6DUONHUHANCNFSM5G57IKQA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
|
It looks like this was fixed. Using npm@8.8.0
~/D/n/s/ws (main|●5) $ npm ls
ws@1.0.2 /Users/wraithgar/Development/npm/scratch/ws
├── abbrev@1.0.3
├─┬ wsa@1.0.0 -> ./wsa
│ └── wsa@1.0.0 deduped -> ./wsa
└─┬ wsb@1.0.0 -> ./wsb
├── lodash@1.0.0
└── wsa@1.0.0 deduped -> ./wsa
~/D/n/s/ws (main|●5) $ npm update --no-audit
added 1 package, removed 1 package, and changed 1 package in 196ms
~/D/n/s/ws (main|●5✚1) $ npm ls
ws@1.0.2 /Users/wraithgar/Development/npm/scratch/ws
├── abbrev@1.1.1
├─┬ wsa@1.0.0 -> ./wsa
│ └── wsa@1.0.0 deduped -> ./wsa
└─┬ wsb@1.0.0 -> ./wsb
├── lodash@1.3.1
└── wsa@1.0.0 deduped -> ./wsa
~/D/n/s/ws (main|●5) $ npm ls
npws@1.0.2 /Users/wraithgar/Development/npm/scratch/ws
├── abbrev@1.0.3
├─┬ wsa@1.0.0 -> ./wsa
│ └── wsa@1.0.0 deduped -> ./wsa
└─┬ wsb@1.0.0 -> ./wsb
├── lodash@1.0.0
└── wsa@1.0.0 deduped -> ./wsa
~/D/n/s/ws (main|●5) $ npm update -w wsb --no-audit
npm WARN workspaces wsb in filter set, but no workspace folder present
added 1 package, and removed 1 package in 204ms
~/D/n/s/ws (main|●5✚1) $ npm ls
ws@1.0.2 /Users/wraithgar/Development/npm/scratch/ws
├── abbrev@1.0.3
├─┬ wsa@1.0.0 -> ./wsa
│ └── wsa@1.0.0 deduped -> ./wsa
└─┬ wsb@1.0.0 -> ./wsb
├── lodash@1.3.1
└── wsa@1.0.0 deduped -> ./wsa
|
Is there an existing issue for this?
Current Behavior
Running an npm update in a workspaces environment is updating the deps for all workspaces unless you provide a specific package to update.
Works properly:
npm --workspace="some/workspace" update immerDoes not work properly:
npm --workspace="some/workspace" updateWhat it currently does:
Expected Behavior
npm updatecommand should be scoped to updating only the specified workspace.Steps To Reproduce
packages/first-packageandpackages/second-packagenpm install --workspaces --include-workspace-root immer@7to install immer (as an example) in all three packages"immer": "^8""immer": "^9"npm --workspace packages/first-package updateimmer@8(good)immer@9(bad)Note that the manual update is irrelevant to the end result. The same behavior can be seen when simply trying to update a node module that has a newer version published on npmjs.com.
I did a little research into the code by adding some logging statements and discovered that when a command like
npm installis run, thetree.inventoryprovided to getWorkspaceNodes has many entries in it for the node modules across the project. However, when this is called for thenpm --workspace packages/first-package updatecommand, there is only a single entry in the inventory. It maps to'', or the root of the project. I suspect this is related to the issue, but I don't know how the flow works to actually provide a tree to this function, or whose responsibility it is to ensure it is fully populated prior to the getWorkspaceNodes call.Environment
The text was updated successfully, but these errors were encountered: