[BUG] Fresh npm install abides by overrides but subsequent installs revert #4727
Closed
2 tasks done
Assignees
Labels
Bug
thing that needs fixing
Priority 1
high priority issue
Release 8.x
work is associated with a specific npm 8 release
Comments
melink14
added
Bug
|
See #4232 (comment) for separate report of this issue on old bug. |
2 tasks
|
I'm hoping this is also fixed by #4709 but the other bugs referenced by that don't really talk about this exact behavior so I wanted to open it specifically. I do note that the out of sync error after |
2 tasks
|
Can no longer reproduce this in 8.7! Great work and thanks for including this. Will make handling downstream violations much easier! |
lukekarrys
added
Priority 1
|
Re-opening this as this does not seem to be fixed in 8.12.x |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
npm iwith new overrides does not completely override all dependencies. It seems deeper dependencies are more likely to not be updated.npm idoes override all deps as expected.npm lsreports invalid versions in this state andnpm cireports out of sync until annpm iruns again.npm auditreports clean passnpm iagain, the 'invalid' nodes get updated in package-lock.json but are still listed as invalid bynpm inpm auditreports failure.Aftert fresh install with overrides:
After subsequetn
npm iExpected Behavior
After adding overrides and running npm i, all packages should be overriden even if it's not fresh install.
Steps To Reproduce
Environment
The text was updated successfully, but these errors were encountered: