Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] npm update downgrades lockfile version #3920

Closed
1 task done
valtlai opened this issue Oct 20, 2021 · 0 comments
Closed
1 task done

[BUG] npm update downgrades lockfile version #3920

valtlai opened this issue Oct 20, 2021 · 0 comments
Assignees
@lukekarrys
Labels
Bug thing that needs fixing Priority 1 high priority issue Release 8.x work is associated with a specific npm 8 release

Comments

@valtlai
Copy link

valtlai commented Oct 20, 2021
edited

Is there an existing issue for this?

  • I have searched the existing issues

Current Behavior

lockfileVersion set to 3 in package-lock.json is downgraded back to 2 when running npm update.

Expected Behavior

I think the lockfile version should be preserved as is, not downgraded.

Steps To Reproduce

  1. Set the lockfileVersion property to 3 in a package-lock.json file. (You have to do it manually for now as the new lockfile-version option doesn’t yet really work.1)
  2. Run npm install, which deletes the legacy dependencies object and upgrades the hidden lockfile.
  3. Run npm update and you’ll see how the lockfile version is downgraded.

Environment

  • OS: MacOS 11.6
  • Node: 16.12.0, 17.0.1
  • npm: 8.1.0

Footnotes

  1. fix: --lockfile-version to handle string number #3900

@valtlai valtlai added Bug thing that needs fixing Needs Triage needs review for next steps Release 8.x work is associated with a specific npm 8 release labels Oct 20, 2021
@lukekarrys lukekarrys added Priority 1 high priority issue and removed Needs Triage needs review for next steps labels Oct 20, 2021
@lukekarrys lukekarrys self-assigned this Oct 21, 2021
lukekarrys added a commit to npm/arborist that referenced this issue Oct 21, 2021
@lukekarrys
fix: set lockfileVersion from file during reset
c5bc305 
Fix: npm/cli#3920

When loading the initial tree while updating all, a shrinkwrap file
loaded from disk with an existing `lockfileVersion` was not having the
`lockfileVersion` preserved when saving the file back to disk.

With this patch, an existing `lockfileVersion` is preserved if it is
greater than the `defaultLockfileVersion`.
@lukekarrys lukekarrys mentioned this issue Oct 21, 2021
Closed
lukekarrys added a commit to npm/arborist that referenced this issue Oct 21, 2021
@lukekarrys
fix: set lockfileVersion from file during reset
95d850a 
Fix: npm/cli#3920

When loading the initial tree while updating all, a shrinkwrap file
loaded from disk with an existing `lockfileVersion` was not having the
`lockfileVersion` preserved when saving the file back to disk.

With this patch, an existing `lockfileVersion` is preserved if it is
greater than the `defaultLockfileVersion`.

Co-authored-by: @isaacs
lukekarrys added a commit to npm/arborist that referenced this issue Oct 21, 2021
@lukekarrys
fix: set lockfileVersion from file during reset
5aaf60c 
Fix: npm/cli#3920

When loading the initial tree while updating all, a shrinkwrap file
loaded from disk with an existing `lockfileVersion` was not having the
`lockfileVersion` preserved when saving the file back to disk.

With this patch, an existing `lockfileVersion` is preserved if it is
greater than the `defaultLockfileVersion`.

Co-authored-by: @isaacs
lukekarrys added a commit to npm/arborist that referenced this issue Oct 21, 2021
@lukekarrys
fix: set lockfileVersion from file during reset
bb14047 
Fix: npm/cli#3920

When loading the initial tree while updating all, a shrinkwrap file
loaded from disk with an existing `lockfileVersion` was not having the
`lockfileVersion` preserved when saving the file back to disk.

With this patch, an existing `lockfileVersion` is preserved if it is
greater than the `defaultLockfileVersion`.

Co-authored-by: @isaacs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lukekarrys lukekarrys

Labels
Bug thing that needs fixing Priority 1 high priority issue Release 8.x work is associated with a specific npm 8 release
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: set lockfileVersion from file during reset npm/arborist
2 participants
@lukekarrys @valtlai