Verify the package.json version of git dependencies matches what gets installed.
Add npm-check-installed-git-tags as a script:
If the current package will be installed with npm:
- use the following
preparescript - add this package to
devDependencies
"script": {
"prepare": "npm-check-installed-git-tags"
},
"devDependencies":{
"npm-check-installed-git-tags": "<version>"
}If the current this package will be installed using git
- add the following
postinstallscript - add this package to
dependencies
"script": {
"postinstall": "npm-check-installed-git-tags"
},
"dependencies":{
"npm-check-installed-git-tags": "<version>"
}We use
postinstallanddependenciesforgitversioned packages because npm lifecycle scripts do special things on prepare for git packages. For more information see the NOTE on thepreparelifecycle script here: https://docs.npmjs.com/cli/v8/using-npm/scripts
This will make your installation fail if you use git dependencies and the tag specified in package.json for the version, is not actually what is installed. This is useful for ci runs so that things fail when package versions are updated.
After running npm install you can run npm-check-installed-git-tags to see if packages that are installed are incorrect. If they are you will be prompted to run npm-check-installed-git-tags-and-fix to fix the issues in a minimal way (see #2 in the Why is this needed section).
Remove the prepare/postinstall script or set DO_NOT_RUN_NPM_CHECK_INSTALLED_GIT_TAGS=1 as an environment variable
The incorrect version can be installed when the git tag is updated in package.json as npm does not update package-lock.json for git dependencies in that case. This can be fixed by doing one of two things:
- minimally by doing
npm install <git-repo#tag> - removing
package-lock.jsonand doingnpm installto generate it again.
See: npm/cli#3973 for information on why npm isn't going to fix this.