Versions of node/npm in the Azure/static-web-apps-deploy Github action

[donniehale-awh]

I don't know for sure if these versions (see below) are tied to the Azure/static-web-apps-deploy Github action or if they're tied to the Github runner which is executing the action.

Here's the output I see when the action runs:

Using Node version:
v14.19.1

Using Npm version:
6.14.16

Running 'npm install --unsafe-perm'...

npm WARN read-shrinkwrap This version of npm is compatible with lockfileVersion@1, but package-lock.json was generated for lockfileVersion@2. I'll try to do my best with it!

Those are pretty old versions of node and npm. And the warning about the lockfile version is concerning.

So far it hasn't caused any errors when building our app. But if the "environment" (not sure if that's the best word - maybe "container") for the Azure/static-web-apps-deploy Github action is what's resulting in those versions, it would great to update them to something like 16.4.x for node and 8.4.x or 8.5.0 for npm.

Thanks.

[Strepto]

By adding this:

{
....
    "engines": {
        "node": ">=16.0.0",
        "npm": " >=8.0.0"
    },
...
}

to your package.json its possible to influence the choice of npm and node used in the build. Its not always completely up to date, but this might be good enough for your use-case?

This also enforces that developers use the same or similar tooling.
See https://docs.npmjs.com/cli/v8/configuring-npm/package-json#engines for spec on how to specify version ranges etc.

[Reshmi-Sriram]

Hey all,

As mentioned correctly by @Strepto, this is a possibility as of today to specify the engine versions in package.json. You can also follow the given thread to get status updates on the progress from Oryx end for the same. :)

[aidenlang3]

Still having this issue despite updating package.json to use a newer Node engine. Any fix for this? @Reshmi-Sriram