You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
My team recently ran into a problem where someone downloaded a branch for debugging and forgot to npm install before testing the app. They spent hours trying to hunt down the inconsistency and log into CI systems directly to reproduce the bug that they were not able to reproduce locally, all because node_modules was not in sync with package-lock.json.
Of course one reaction to this is to say, "Remember harder next time!" But we're not that cruel are we? 😉 In either case, coming from a Ruby background, I was shocked to find that npm didn't include (or even support!) any kind of warning when you try to npm run something while having the "wrong packages" installed. I'm used to using Ruby's bundle exec which complains itself to death if you try to run anything with a set of gems other than exactly what is specified in Gemfile.lock.
Proposal
Add a config flag (something like require-package-sync or require-locked-packages) that causes npm run to yell at you if your packages are not in sync with package-lock.json. npm ls (as a colleague pointed out) already returns a non-0 exit code if your packages are out of sync, so the following shell script essentially does what I'm proposing for this flag:
npm ls > /dev/null 2> /dev/null || (echo "Your node_modules are not in sync with package-lock.json. Run 'npm install'"&&exit 1)
But ideally this would just be a built in option (honestly it might even be a good default - I can't think of a reason to npm run something with the wrong packages installed... but then, I'm newer to the JS ecosystem) 😄
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
GitHub Community
-
Problem
My team recently ran into a problem where someone downloaded a branch for debugging and forgot to
npm installbefore testing the app. They spent hours trying to hunt down the inconsistency and log into CI systems directly to reproduce the bug that they were not able to reproduce locally, all because node_modules was not in sync with package-lock.json.Of course one reaction to this is to say, "Remember harder next time!" But we're not that cruel are we? 😉 In either case, coming from a Ruby background, I was shocked to find that npm didn't include (or even support!) any kind of warning when you try to
npm runsomething while having the "wrong packages" installed. I'm used to using Ruby'sbundle execwhich complains itself to death if you try to run anything with a set of gems other than exactly what is specified inGemfile.lock.Proposal
Add a config flag (something like
require-package-syncorrequire-locked-packages) that causesnpm runto yell at you if your packages are not in sync with package-lock.json.npm ls(as a colleague pointed out) already returns a non-0 exit code if your packages are out of sync, so the following shell script essentially does what I'm proposing for this flag:But ideally this would just be a built in option (honestly it might even be a good default - I can't think of a reason to
npm runsomething with the wrong packages installed... but then, I'm newer to the JS ecosystem) 😄Beta Was this translation helpful? Give feedback.
All reactions