-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] npm install --production
runs scripts
#4027
Comments
I think it might also be running The behaviour is certainly different to version 6 and (as far as I can see) not clearly documented. |
I agree that this behavior doesn’t match what the documentation says:
It’s also unfortunate, because under the previous behavior, it made sense to use the |
Node 10 support in the ecosystem is fading, and npm apparently ignores the engines package.json field, making it increasingly tedious to pick Node 10-compatible versions when upgrading packages. This also makes us use npm v7, which introduces an undocumented behavior change (reported as a bug at [1]): the prepare script now runs during `npm install --only=production` as well, where it will fail because its dependencies are only devDependencies. We don’t actually want this script to run during the production-only install in the release pipeline, so wrap the imports in try/catch and exit with a warning if they fail. Also, update service-runner to a version that uses wikimedia-kad-fork instead of kad; the previous version was causing problems in some cases (“cannot find module 'merge'”, see P18027). [1]: npm/cli#4027 Bug: T297006 Change-Id: I845199975455b6426efacbcf33f1ac0c8563a107
Agree. After update to npm 8 (from 6) we've observed unexpected run of |
Is there any progress on this issue? |
With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. The modification method is different from other node modules. The reason is due to the npm@8 issue. npm/cli#4027 Signed-off-by: Hirokazu MORIKAWA <[email protected]>
With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. The modification method is different from other node modules. The reason is due to the npm@8 issue. npm/cli#4027 Signed-off-by: Hirokazu MORIKAWA <[email protected]>
With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. The modification method is different from other node modules. The reason is due to the npm@8 issue. npm/cli#4027 Signed-off-by: Hirokazu MORIKAWA <[email protected]>
With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. The modification method is different from other node modules. The reason is due to the npm@8 issue. npm/cli#4027 Signed-off-by: Hirokazu MORIKAWA <[email protected]> (cherry picked from commit eee26db)
With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. The modification method is different from other node modules. The reason is due to the npm@8 issue. npm/cli#4027 Signed-off-by: Hirokazu MORIKAWA <[email protected]> (cherry picked from commit eee26db)
* node-homebridge: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * Revert "node-yarn: bump to v1.22.17" This reverts commit 38b18a5. * node-yarn: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * node-hid: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * javascript-obfuscator: bump to 2.19.0 and switch to autorelease New version of package node-javascript-obfuscator. Signed-off-by: Zbyněk Kocur <[email protected]> * node-javascript-obfuscator: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. The modification method is different from other node modules. The reason is due to the npm@8 issue. npm/cli#4027 Signed-off-by: Hirokazu MORIKAWA <[email protected]> * node-serialport: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * node-cylon: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * node-arduino-firmata: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * node-serialport-bindings: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> Co-authored-by: Hirokazu MORIKAWA <[email protected]> Co-authored-by: Zbyněk Kocur <[email protected]>
Given that the documentation states:
Looks like
In any of the cases, it would make sense to print a warning. |
Any update on this issue? |
With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. The modification method is different from other node modules. The reason is due to the npm@8 issue. npm/cli#4027 Signed-off-by: Hirokazu MORIKAWA <[email protected]> (cherry picked from commit eee26db)
any update? as a workaround set prepare script to "" in RUN stage of Docker ??? |
For what it's worth, I've just started using postinstall/prepare with a NodeJS script that checks // only run these scripts if we install dev deps & npm install was ran inside style-dictionary package itself
// since our consumers don't ever need to run these themselves.
if (process.env.NODE_ENV !== 'production' && process.env.PWD === process.env.INIT_CWD) {
const husky = require('husky');
husky.install();
// we're only patching dev deps
require('patch-package');
} I didn't confirm this but it seems the 2nd check in the if condition may be redundant if you use
|
Why are we now on |
* node-homebridge: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * Revert "node-yarn: bump to v1.22.17" This reverts commit 38b18a5. * node-yarn: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * node-hid: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * javascript-obfuscator: bump to 2.19.0 and switch to autorelease New version of package node-javascript-obfuscator. Signed-off-by: Zbyněk Kocur <[email protected]> * node-javascript-obfuscator: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. The modification method is different from other node modules. The reason is due to the npm@8 issue. npm/cli#4027 Signed-off-by: Hirokazu MORIKAWA <[email protected]> * node-serialport: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * node-cylon: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * node-arduino-firmata: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> * node-serialport-bindings: Support for npm@8 With the upgrade of node.js to version 16, the npm version will also change to version 8. This fix is to support npm@8. npm@6 can also build without problems. Signed-off-by: Hirokazu MORIKAWA <[email protected]> Co-authored-by: Hirokazu MORIKAWA <[email protected]> Co-authored-by: Zbyněk Kocur <[email protected]>
I lost a few hours on this issue several weeks ago. I can't speak to what the behavior should be (at the moment I'm using a tiny shell script that checks for
meant that including the In my use case, Maybe that line ought simply to be removed from the docs. I don't think I would have spent so much time scratching my head without its apparent contradiction of what I was seeing. |
@tannerstern you can add |
For cases where dev dependencies don't exist when running npm install on your CI, this little snippet did the trick for me:
However, this would only work for Unix-based systems where we are ignoring any errors from the first command. |
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
When using
npm install --production
it executes theprepare
scripts in version 7+. In version 6 it didn't execute them.Workaround:
npm install --production --ignore-scripts
(Didn't see that the behaviour has changed in the changelog or in the docs, thats why I'm filing it. The workaround is working for us)
Expected Behavior
The
prepare
script does not get executed.Steps To Reproduce
package.json
npm install --production
prepare
script gets executedEnvironment
The text was updated successfully, but these errors were encountered: