-
Notifications
You must be signed in to change notification settings - Fork 3.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] npm update not updating package.json #708
Comments
Why would npm install ever modify package.json? |
@ljharb Hey man! I did that just to illustrate that I did a fresh install from scratch before running npm update. So I did an install then I did an update, but the update didn't change the package.json? |
Ah. npm update also shouldn’t change it afaik, it updates what’s on disk to match the package.json. |
@basickarl, you are specifying exact versions in your package.json instead of specifying minimum versions with caret or tilde dependencies. If you want npm update to work, use tilde or caret deps: https://stackoverflow.com/questions/22343224/whats-the-difference-between-tilde-and-caret-in-package-json Please close this issue. |
Seems answered; can reopen if not. |
I have the same issue,
I can confirm that this only happens with npm v7.5.1 and not v6.x. node v15.8.0 (official script install) As a side note, I also have nvm installed, but pointing to the system node binary, so should not affect anything. |
I'm experiencing the same thing as @jalik, using caret or tilde, it does not update the package.json after running install or update. |
Versions Below
|
I'm experiencing the same issue with @jalik, can we reopen this? |
I am having these same issues and even downgrading to 6.14.11 and 6.14.8 had no effect. |
Confirm - the same issue -> npm update will leave the package.json untouched. This is terribly confusing as it does not reflect the actual component's version. |
I have to use |
This issue just started for me the other day. Same as everyone else, npm version 7.6.3 is not updating package.json. This issue needs to be reopened. |
Same here. Worked yesterday. Updated to latest version. After that - no updating of the package.json. An "npm out" shows that things are updated though. So something is wrong here. Installed version: NodeJS v.14.16.0. |
Seems like they removed these sentences from the official docs... There is no info anymore, that npm update will change the package.json. |
Having same issue! Please reopen! |
@ljharb Did someone maintaining this repo has only seen our messages ? |
@jalik it was an intended change in npm 7. There is not any way to do that as a single npm command anymore. This type of feedback was brought up on this week's Open RFC call, so it is being considered. |
@ljharb thank you for answering. Also I did not see in the docs any info about the v7 behavior, can it be updated ? So please consider at least a mean to offer a "v6-legacy" behavior (like
|
yes, that's what i've done on every project i maintain for half a decade |
@ljharb so we should do the same for the next decade ⸮ |
"npm out" ignores packages that need to be updated!!!! package.json: "npm out" does not report that @mdi/font has a v.5.9.55. To do individual "npm i xx@version" is non-sense if you have a lot of dependencies and running automatic testing with sufficient coverage. New test:
So "npm i" installs a newer version of @mdi/font without me allowing it. "npm update" is now integrated in "npm i" or what? |
@ZwapKillrath please read the official npm docs --> "About semantic versioning"!! This issue is not related to semantic versioning! We are talking about the new behavior of |
npm update && npm list --json | jq --slurpfile package package.json 'def replaceVersion($replacements): with_entries(if .value | startswith("^") then .value = ("^" + $replacements[.key].version) else . end); .dependencies as $resolved | reduce ["dependencies", "devDependencies"][] as $deps ($package[0]; if .[$deps] | type == "object" then .[$deps] |= replaceVersion($resolved) else . end)' > package.json~ && mv package.json~ package.json && npm install
Edit: Now using it in all of my projects. Works very well. npm update
npm list --json | jq --slurpfile package package.json '
def replaceVersion($replacements):
with_entries(
if .value | startswith("^")
then
.value = ("^" + $replacements[.key].version)
else
.
end
);
.dependencies as $resolved
| reduce ["dependencies", "devDependencies"][] as $deps (
$package[0];
if .[$deps] | type == "object"
then
.[$deps] |= replaceVersion($resolved)
else
.
end
)' > package.json~
mv package.json~ package.json
npm install |
I know that it is not related to semantic versioning, and have read the official npm docs :-) |
Why is the issue closed? This is a bug and should be resolved or provide alternative such as |
THIS IS HORRIBLE HAPPENING WITH ME ALSO... BUT yarn got same behaviour lately... probably something more complex... node? wsl2? |
Having the same issue now ... |
current work around...
|
Somebody mentioned
It would definitely be nice to have a simple Another option is to use
|
Não estava atualizando o arquivo package.json Bug? npm/cli#708
Having the same issue after I updated from NPM 7.x to 8.x. Previously, |
My team has build processes that rely on this function (updating package.json) to keep our dependencies up to date with pending minors. If there is a workaround I would love to hear about. This is a breaking change that hit us after updating Node to 16.13.1 LTS. Based on the discussion on this thread, we're going to have to write a script that iterates over the output from npm outdated and runs the install command in a loop. |
@mlandisbqs I also had scripts involving package.json, but figured relying on package-lock.json is safer. |
What is the source of truth, the package.json or package-lock.json? |
can confim that just happened to me, still an issue with Node 16.3.0 and npm 7.15.1 |
I'm having this issue also since updating from 7.x to 8.x |
Previously `npm update` was not respecting the `save` option, it would be impossible for users to use `npm update` and automatically update their `package.json` files. This fixes it by adding extra steps on `Arborist.reify._saveIdealTree` to read direct dependencies of any `package.json` and update them as needed when reifying using the `update` and `save` options. Fixes: npm#708 Fixes: npm#2704 Relates to: npm/feedback#270
Previously `npm update` was not respecting the `save` option, it would be impossible for users to use `npm update` and automatically update their `package.json` files. This fixes it by adding extra steps on `Arborist.reify._saveIdealTree` to read direct dependencies of any `package.json` and update them as needed when reifying using the `update` and `save` options. Fixes: npm#708 Fixes: npm#2704 Relates to: npm/feedback#270
Thanks @basickarl and everyone else who helped out in the discussion here! The team has decided that fixing usage of
|
Thanks @ruyadorno and the team :) |
Thanks @ruyadorno for the work. Takes exactly 2 years! But prefer late than never! THANKS! |
|
Excellent that the experience will now be improved! And thanks for updating the docs: https://docs.npmjs.com/cli/v8/commands/npm-update |
--save doesn't work when updating patches using ~ at |
npm update does not update and write to package.json
node v12.14.1
npm v6.13.4
windows 10 pro 64-bit 1903 build 18362.592
Delete node_modules directory and package-lock.json, open cmd.exe and run the following:
I'm expecting the contents of package.json to be updated.
Here is my package.json:
The text was updated successfully, but these errors were encountered: