Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Dependencies aren't included when they are a dependency of devDependencies

See original GitHub issue

This is a Bug Report

Description

Serverless package doesn’t correctly add node_modules when a node module is also a dependency of a devDependency

I have a package.json that contains this :

{
  "name": "myapp",
  "version": "1.0.0",
  "private": true,
  "dependencies": {
    "bluebird": "^3.5.0",
    "moment": "^2.18.1"
  },
  "devDependencies": {
    "aws-sdk": "*",
    "serverless": "^1.18.0"
  }
}

When I run serverless package then extract the resulting zip file, the node_modules folder only contains a .bin folder.

I think that this is due to the way the excludeDevDependencies functionality works.

I’m wondering if the issue might be coming from the fact that, as the serverless module relies on moment and bluedbird they are in the list of dependencies when running npm ls --dev=true but not added back when running npm ls --prod=true.

Similar or dependent issues:

This is probably related to #3889

Additional Data

Serverless 1.18.0
MacOS Sierra
package is created correctly ( but with the devDependencies) if I use excludeDevDependencies: false

Issue Analytics

State:
Created 6 years ago
Reactions:2
Comments:8 (8 by maintainers)

Top GitHub Comments

3reactions

pmuenscommented, Jul 25, 2017

Just a quick update for everyone who is reading this right now / is blocked by this bug.

There’s a config available to opt-out of dev dependency exclusion you can use in the meantime:

package:
  excludeDevDependencies: false

https://serverless.com/framework/docs/providers/aws/guide/packaging/#development-dependencies

1reaction

davidgoveacommented, Jul 23, 2017

Added a pull request #3975 for this. In short, a second temporary file is used for the --prod=true dependencies, and then lodash’s .difference() is used to make sure we preserve any explicitly-needed dependencies:

const dependenciesToExclude = _.difference(devDependencies, prodDependencies)

Top Results From Across the Web

Is this a dependency or devDependency? - With Blue Ink

Where to put NPM modules in package.json: it's not as simple as it seems. ... that are (almost) always going to be devDependencies...

node.js - What's the difference between dependencies ...

Dev dependencies are modules which are only required during development whereas dependencies are required at runtime. If you are deploying your application, ...

Adding dependencies to a package.json file - npm Docs

Specifying dependencies and devDependencies in a package.json file ... To specify the packages your project depends on, you must list them as "dependencies"...

Do "dependencies" and "devDependencies" matter when ...

Thus, all dependencies are devDependencies . This is how VueJs and React specify their dependencies.

The difference between dependencies and devDependencies ...

When you run npm install in the root of a project with a "package.json" file, all packages in both dependencies and devDependencies are ......