[BUG] npm ci does not appear to respect the lock file #3041
Labels
Bug
thing that needs fixing
Needs Triage
needs review for next steps
Release 7.x
work is associated with a specific npm 7 release
Current Behavior:
I'm currently in the middle of trying to create a patch build for my prod env and my builds are failing because my lock file is not pinning my internal git dependencies like it used to. It also takes 5mins vs npm 6's 15sec.
Expected Behavior:
The lock file is respected and only it is consulted... no updates, no resolutions, no healing.
Steps To Reproduce:
Install a project that has a git dependency... observe the lock file has a git hash. Blow away the node_modules, use
npm ci
after making some obvious change in the git dependency and observe the locked version without the change is not present and the latest is.Environment:
OS: linux
node: 15.12.0
npm: 7.8.0 (tested all the way back to 7.6...) npm 6 works as expected.
The text was updated successfully, but these errors were encountered: