-
Notifications
You must be signed in to change notification settings - Fork 3.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] npx does not attempt to get newer versions #2329
Comments
If it’s installed locally or globally, it won’t fetch a version. If you want to force that, add |
If I never "install" it and only use |
I should amend ... yes, if the command exists it should obviously prefer that one. However, a command installed by npx should not be considered "installed" |
I ran into this issue as well (see #2329). Here’s some more information I gathered:
I think the best solution would be to mimic the behavior of running commands installed via
|
I respectfully disagree. Unless actually installed (globally, or locally) the cache should only be used if the current match matches, otherwise it should pull a new one (and in npm7's case prompt, unless --yes is present). The whole reason for For your use case, you would be better off by installing the command and running with the |
You make good points. Thanks for reading my proposal and for the feedback.
For me, the whole reason for |
@leafac I believe we are saying the same thing at this point. However, where I think we differ is the point of updating. I believe the convenance of not installing should come with the burden of always getting the latest... only falling back to cache if the latest is cached. |
You make a good point… |
pull latest packument when getting info about package to run, also install newer version if one is available and user has not specified a version (i.e. is defaulting to @latest) PR-URL: #2592 Credit: @wraithgar Closes: #2395 Closes: #2329 Reviewed-by: @darcyclarke
v7 should once again match v6 behavior in the next release ( |
@jsg2021: It seems like you got your way 😃 |
I am using npm 7.11.1. I still uses an outdated package of mine. When using npx myPackage, it uses v1.2.2, using npx myPackage@latest, uses v1.2.4, as expected. What the hell? I don't have it globally installed. I don't want to tell my users to append @latest when calling my command. I don't want to append @latest to my npx calls. npx should always use the latest version of the package. Unless maybe if there is no connection and there is a cached version that may or not be the latest one. |
Maybe, leave the devs an option to allow or not for the package to be executed at older versions in package.json. I chose a 3 letter name for my package to be easy to call. I really don't want to add @latest every time. |
As a user, I never want to install something I already have available. I would much rather type If I wanted that, I'd |
As a user, I like to use the latest versions by default because I don't really bother waiting 3-30s for a new version (that won't always happen) that may fix a breaking bug I don't know about and I may fall into it or add a cool new feature, and really dislike having to add @latest every single time because I don't know if I already have that package cached in a lower version. For me, as an user, seems way better to use @current (or even @c) if for some reason I've never had during those years of npx is around, want to use the outdated cached version. If I really want to use regularly a package and at a specific version, I can just If this is just a matter of personal choice, it should be configurable and it won't be bad to have a poll on what should be the default value.
I don't get this. How could I Also, wasn't it fixed in 7.5.2, AFAIK? What about not only this issue itself, but as I found out now, #2641 and facebook/create-react-app#10601? This behaviour seems way too prone for user errors, like the issues above. People, like me, will have to find out that their npx call is not using the latest package version and that may be leading to unexpected results. I am glad that I added the require("../package.json").version to the error messages, else, I don't really know how much longer it would take me to find that out. |
Hey there! I know this has been closed, but I am now facing this issue again. I created a package a while ago So what is the reason for this? Anyone knows how to fix it? |
I insist to the npm devs: Add a new option to the package.json like "npxCheckLatest: true". Being it true and this package being npx'cuted, it will check if the cached version is the latest available one and will fetch the new one if required. This will leave the choice to the developers of the package, so the desired and intended behaviour of the respective npx package will be reached. |
That seems like a choice that should be up to the consumers of the package only - just like it already is in a package.json dependencies entry. |
@ljharb maybe i am misreading it, but how would you code this in a way that every consumer of my package gets the latest version? I always assume that npx gives me the latest version if i dont have something installed globally |
Again, I have my specific case: I ALWAYS want for my users to use the latest version of my package without having to type @latest. I chose a 3 letter package name to be quickly written and executed. It's a specific case that isn't impossible for other projects to have the same intention. In case, my comment above has 2 likes, so I ain't a crazy single one with that request. It's a project boilerplate starter and every update is a improved / fixed version of the previous version. The philosophy of it is to always use the latest version, mainly because it's a project I made for myself. Like it or not, that's what I want for my package. If an user for some strange reason don't want to wait 5s to download a new version, he can just not use my project (and creating the boilerplate can take some minutes, so 5s to download the newer version is like nothing), I don't care. So, the use case exists, I am one. How a project is used isn't up to the npm dev team, with all the respect. Your personal opinion shouldn't have priority over what the developers want for their packages. |
ftr I think the default behavior of How a project is used is also not up to the package author - it's up to the consumers. |
It's up to the consumers to use or not a package that its philosophy is to use the latest version. I am both a regular user and a dev of my package. I already explained my use case, it exists and it's valid. It's simple, as an user I always want to use the latest version of this package when using npx without having to type @latest every single time. There isn't such an option for that. As a dev, I want all my users to be able to do that. If they don't like it, they can just don't use it at all. |
Such an option would only work for npx tho, and |
Actually not. The wanted behavior of
It is important to do the |
@yw662 "conceptually identical" encompasses the steps you described. |
But 'npm i -g' would introduce a side effect that 'npx' should not. It is not identical. |
I think this issue should probably be locked. (It's already closed) npx is operating as expected (as far as I can tell) Bugs happen. This issue was originally to document a perceived departure from v6 to v7. That has been clarified and rectified. |
Seeing as the issue is not locked, yet, I'd like to add my own comment in support of NPX always installing the latest version of the package no matter what. The current behavior of being stuck on whatever version happened to be the latest the first time the user has run |
npx is designed to always pull latest if the command is not already present. If you are getting an old one when running the command you are experiencing a bug. |
For other devs, here is my implementation to always use the latest version in my cli program: const spinner = ora().start('Ensuring latest version');
const latestVer = await latestVersion('gev');
if (compareSemver(VERSION, latestVer) === -1) {
spinner.info(`The current version of gev [${chalk.keyword('brown')(VERSION)}] is lower than the latest available version [${chalk.yellow(latestVer)}]. Recalling gev with @latest...`);
const rawProgramArgs = process.argv.slice(2);
await execa('npx', ['gev@latest', '--no-check-latest', ...rawProgramArgs], { env: {
npm_config_yes: 'true', // https://github.com/npm/cli/issues/2226#issuecomment-732475247
} });
return;
} else { // Same version. We are running the latest one!
spinner.succeed();
} Anyway, there is indeed a bug there. Running (the auto @latest wasn't present in the 1.x.x)
edit: I removed |
#3430 This may solve some issues I guess. Anyone tried it after version 7.18.0 ? |
My comment before happened on npm 7.15.x. The same happened now on 7.19.1. |
The workaround is quite smart. I think ill implement this for my cli then. |
Just for your information, the VERSION in imported/required from the
../package.json
Em ter, 6 de jul de 2021 08:02, André de Albuquerque <
***@***.***> escreveu:
… For other devs, here is my implementation to always use the latest version
in my cli program:
const spinner = ora().start('Ensuring latest version');const latestVer = await latestVersion('gev');if (compareSemver(VERSION, latestVer) === -1) {
spinner.info(`The current version of gev [${chalk.keyword('brown')(VERSION)}] is lower than the latest available version [${chalk.yellow(latestVer)}]. Recalling gev with @latest...`);
const rawProgramArgs = process.argv.slice(2);
await execa('npx', ***@***.***', '--no-check-latest', ...rawProgramArgs], { env: {
npm_config_yes: 'true', // #2226 (comment)
} });
return;} else { // Same version. We are running the latest one!
spinner.succeed();}
Anyway, there is indeed a bug there.
Running npx ***@***.*** won't update the cached version. Just tested with
my program. Running npx gev after npx ***@***.*** will still use the older
cached version.
[image: image]
<https://user-images.githubusercontent.com/28177550/124369538-07665a80-dc43-11eb-906f-bc5127498f0f.png>
(the auto @latest <https://github.com/latest> wasn't present in the 1.x.x)
npm cache clear --force is not fixing this.
edit: I removed ~/.npm/_npx and npx gev -v is now returning the @latest
<https://github.com/latest> one.
The workaround is quite smart. I think ill implement this for my cli then.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#2329 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AGW7JDVVP4KC7YGITISU3J3TWLPDFANCNFSM4UW5JAWQ>
.
|
This issue still appears to be present in |
The bug as written has been fixed. With a clean cache: ~/D/npm $ npx [email protected] -v
Need to install the following packages:
[email protected]
Ok to proceed? (y)
15.0.8
~/D/npm $ npx tap -v
Need to install the following packages:
tap
Ok to proceed? (y)
15.0.9 I am going to lock this issue because further comments are not going to get anyone's problems troubleshooted. If you feel there is a bug, please open a new issue but please be aware that if you have a package globally installed, |
Current Behavior:
I have been using
npx <some-workflow-helper>
over the past year to run the current version of a command without having to manage updating it. npm7 does not pull the latest version if I have run it once before... i suspect because its no longer a temp install...Expected Behavior:
npx some-package
always runs the latest published version.Steps To Reproduce:
npx <test-package>
npx <test-package>
Environment:
The text was updated successfully, but these errors were encountered: