Lerna does not call "npm ci" when hoisting
See original GitHub issueI know it’s disabled per the following issue but in my testing I couldn’t reproduce the same error neither in the istanbuljs
repo nor in our own repo
https://github.com/lerna/lerna/issues/1865
Expected Behavior
When the CI
environment variable is set, e.g. CI=1
, Lerna should call npm ci
Current Behavior
Lerna calls npm install
with --global-style
and --no-save
arguments
Possible Solution
Remove the code block here: https://github.com/lerna/lerna/blob/master/commands/bootstrap/index.js#L112
Steps to Reproduce (for bugs)
- Create a minimal repo with one package
- Add
hoist: ["is-ci"]
tolerna.json
- Add
is-ci
to the package’s own dependencies - Run
lerna bootstrap --loglevel=silly
-> output shows['npm', ['install']]
is called - Set the
CI
environment variable to1
and call lerna:CI=1 lerna bootstrap --loglevel=silly
-> output shows['npm', ['install', '--global-style', '--no-save']]
is called
lerna.json
<!-- Please paste your `lerna.json` here -->
{
"command": {
"bootstrap": {
"npmClientArgs": [
"--loglevel=verbose",
"--fetch-retries=5",
"--fetch-retry-factor=20",
"--fetch-retry-maxtimeout=180000",
"--fetch-retry-mintimeout=5000"
]
}
},
"hoist": [
"class-validator",
"deep-equal",
"json-long",
"long",
"node-sass",
"reflect-metadata",
"typescript"
],
"packages": [
"packages/*"
],
"version": "0.0.0"
}
Context
I’m trying to prevent developers from (mostly by forgetting) submitting changes in the package.json files but not updating package-lock.json files.
Your Environment
We use Buildbot for our CI (which isn’t recognized by the ci-info
package, that’s why we explicitly set the CI
env var
Executable | Version |
---|---|
lerna --version |
3.13.2 |
npm --version |
6.9.0 |
node --version |
8.14.0 |
OS | Version |
---|---|
Ubuntu | 18.10 |
Issue Analytics
- State:
- Created 4 years ago
- Reactions:3
- Comments:17 (2 by maintainers)
Top Results From Across the Web
FAQ | Lerna
Sometimes, lerna publish does not work. Your network may have had a hiccup, you may have not been logged on to npm, etc....
Read more >lerna/bootstrap - npm.io
When using the default --npm-client , lerna bootstrap will call npm ci instead of npm install in CI environments. To disable this behavior,...
Read more >npm ci can only install packages with an ... - Stack Overflow
After a lot of research, I was able to figure out that this happens when you are not using npm install for installing...
Read more >lerna-dockerize - npm
If a package has no Dockerfile lerna-dockerize will try to use the ... You can add parameters to the RUN npm install command,...
Read more >lerna bootstrap - Fig.io
This is only useful if you do a lot of publishing from feature branches, which is not generally recommended. --npm-client <client>, The exececutable...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@evocateur wrote:
It’s even more counter-intuitive when you run
lerna bootstrap --ci
and… Lerna doesn’t runnpm ci
!We spent countless hours wrestling with unexpected package upgrades despite having
package-lock.json
files all over the place, scratching our heads what could possibly be going wrong. This issue breaks any serious CI setup, where we want to build with only controlled package versions and fail otherwise.Could you please reconsider this and provide a way to run
npm ci
with--hoist
?If the developer went to the trouble of discovering the
--ci
parameter and callinglerna bootstrap --ci
, they damn well expect Lerna to invokenpm ci
! To silently ignore the--ci
parameter without any warning (especially on a CI server) is way more problematic than some developer trundling into a package folder and runningnpm install
there.This doesn’t even affect normal
lerna bootstrap
usage which runsnpm install
anyway, so users who don’t care about--ci
won’t even notice anything.@mzyil thanks! I missed that when looking at the thread though it’s not clear what the PR actually changed in regards to this issue. I’ll have to review it some more.