Cannot install 2 versions of the same public package
See original GitHub issueDescribe the bug I try installing a different version of a package that was already cached by verdaccio, and it fails
To Reproduce
Install version x.0.0
of a package and then try installing version y.0.0
.
npm set registry http://localhost:4873/
npm i @angular/cdk@7.0.3 # successful, updates package.json to only have version `7.0.3`.
npm i @angular/cdk@9.2.4 # fails, because version is unknown to verdaccio.
Expected behavior Both packages are installed successfully.
Screenshots
npm ERR! code ETARGET
npm ERR! notarget No matching version found for @angular/common@9.1.12.
npm ERR! notarget In most cases you or one of your dependencies are requesting
npm ERR! notarget a package version that doesn't exist.
npm ERR! A complete log of this run can be found in:
npm ERR! C:\Users\rony.fragin\AppData\Roaming\npm-cache\_logs\2020-09-18T22_16_05_892Z-debug.log
Configuration File (cat ~/.config/verdaccio/config.yaml)
#
# This is the default config file. It allows all users to do anything,
# so don't use it on production systems.
#
# Look here for more config file examples:
# https://github.com/verdaccio/verdaccio/tree/master/conf
#
# path to a directory with all packages
storage: /root/.local/share/verdaccio/storage
store:
offline-storage:
# path to a directory with plugins to include
plugins: ./plugins
web:
title: Verdaccio
# comment out to disable gravatar support
# gravatar: false
# by default packages are ordercer ascendant (asc|desc)
# sort_packages: asc
# convert your UI to the dark side
# darkMode: true
listen: 0.0.0.0:4873
# translate your registry, api i18n not available yet
# i18n:
# list of the available translations https://github.com/verdaccio/ui/tree/master/i18n/translations
# web: en-US
auth:
htpasswd:
file: ./htpasswd
# Maximum amount of users allowed to register, defaults to "+inf".
# You can set this to -1 to disable registration.
# max_users: 1000
# a list of other known repositories we can talk to
uplinks:
npmjs:
url: https://registry.npmjs.org/
timeout: 100ms
cache: false
fail_timeout: 1m
max_fails: 100
server2:
url: http://mirror.local.net/
timeout: 100ms
cache: false
fail_timeout: 1m
packages:
'@*/*':
# scoped packages
access: $all
publish: $authenticated
unpublish: $authenticated
proxy: npmjs
'**':
# allow all users (including non-authenticated users) to read and
# publish all packages
#
# you can specify usernames/groupnames (depending on your auth plugin)
# and three keywords: "$all", "$anonymous", "$authenticated"
access: $all
# allow all known users to publish/publish packages
# (anyone can register by default, remember?)
publish: $authenticated
unpublish: $authenticated
# if package is not available locally, proxy requests to 'npmjs' registry
proxy: npmjs
# You can specify HTTP/1.1 server keep alive timeout in seconds for incoming connections.
# A value of 0 makes the http server behave similarly to Node.js versions prior to 8.0.0, which did not have a keep-alive timeout.
# WORKAROUND: Through given configuration you can workaround following issue https://github.com/verdaccio/verdaccio/issues/301. Set to 0 in case 60 is not enough.
server:
keepAliveTimeout: 180
middlewares:
audit:
enabled: true
# log settings
logs:
- { type: stdout, format: pretty, level: http }
#- {type: file, path: verdaccio.log, level: info}
#experiments:
# # support for npm token command
# token: false
# # support for the new v1 search endpoint, functional by incomplete read more on ticket 1732
# search: false
# This affect the web and api (not developed yet)
#i18n:
#web: en-US
Environment information
*** WARNING: Verdaccio doesn't need superuser privileges. Don't run it under root! ***
Environment Info:
System:
OS: Linux 4.15 Ubuntu 18.04.4 LTS (Bionic Beaver)
CPU: (2) x64 Intel(R) Xeon(R) CPU E5-2680 v2 @ 2.80GHz
Binaries:
Node: 10.22.0 - ~/.nvm/versions/node/v10.22.0/bin/node
npm: 6.14.6 - ~/.nvm/versions/node/v10.22.0/bin/npm
npmGlobalPackages:
verdaccio: 4.8.1
Workaround
I manually go to the url
https://registry.npmjs.org/@angular/common
copy the data to the package.json
in the storage folder and then it works
I ran the following python script to do it for all packages:
import json
import urllib
my_list = [<list of package names>]
BASE_DIR = '/root/.local/share/verdaccio/storage'
for item in my_list:
data = json.loads(urllib.request.urlopen(f"https://registry.npmjs.org/{item}").read())
with open(f'{BASE_DIR}/{item}/package.json', 'w') as outfile:
json.dump(data, outfile)
print(f"done - {item}")
every time I install a new version, I need to fetch the package.json
again from the npm repo… how do I make verdaccio not update package.json
to only contain specific versions?
Issue Analytics
- State:
- Created 3 years ago
- Comments:8 (4 by maintainers)
Top Results From Across the Web
apt - Can multiple versions of the same package co-exist on ...
No, it is not possible to have two versions of the same package, because there will be conflicting files. If a library is...
Read more >how to install multiple versions of package using npm
I am not an expert in npm, but I had the following problem: two dependencies where competing for a version. I give the...
Read more >Why can't I install multiple versions of a shared library?
Actually, you can install multiple versions of a shared library if it's done properly. Shared libraries are usually named as follows:
Read more >Install multiple versions of a dependency · Issue #5499 - GitHub
I have a need to install multiple versions of a dependency at once. This is a subset of aliasing features that were rejected...
Read more >Referencing Multiple Versions of the Same Assembly in a ...
The real problem arises when the DLLs are incompatible — the public types and members of the API differ, etc. If you're lucky,...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@juanpicado you’re right. It looks like an issue with https://github.com/g3ngar/verdaccio-offline-storage
I’ll repost it there
@juanpicado I’ll try reproducing it on a clean environment and will update you 🙏