AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Npm update specific package9/28/2023 Npm ciīefore explaining how I fixed the issue, even though you may have already guessed the difference between npm install and npm ci, it is worth explaining it. What this meant for the patch I was trying to build was that now it was generating a different dependency tree that had incompatible versions of dependencies registered and failing the build. A more detailed description of the file's usage can be found in npm documentation. The purpose of package-lock.json is to describe the exact dependency tree that was used by npm to install needed packages and to guarantee a single representation of a dependency tree across deployments and continuous integration. Next, I checked the history of the branch and found out that a developer most likely has thought that since package-lock.json is auto generated, it can be removed, and the build server will generate it again without knowing the purpose of this file. Using npm install on build servers may update the dependency tree which will make builds inconsistent and nondeterministic.īut this was not the only red flag, the second red flag was that when I changed the build script to run npm ci it started failing with an error saying it can only install packages with an existing package-lock.json. Never use npm install on your build servers, there is a dedicated npm command for CI/CD. The first red flag was that when I looked at the CI/CD build script I saw that it was executing an npm install to install the npm packages used by the React client. Upon further inspection there was couple of issues found, that raised some red flags of some developers misunderstanding on how to build an application with npm. It was throwing errors on resolving the dependencies. The fix was purely a back-end fix behind the API, which should not have had any effect on the React client, but when the build server started building the pull request in GitHub, it was failing to build the React client. The product consisted of an API and a React client that communicated with the API. An old customer reported a bug in one of the older versions of the product, and a decision was made to fix the bug and release a patch for it.
0 Comments
Read More
Leave a Reply. |