Npm deletes stuff from linked module's node_modules.

What I Wanted to Do

Run npm install without modifying linked module’s node_modules.

What Happened Instead

If npm doesn’t remove the linked module, then it may instead remove stuff from the linked module’s node_modules.

Reproduction Steps

npm link something, then run npm install, go back to the local something project and notice that dependencies are missing. It appears running npm install in the project where something is linked caused stuff from node_modules to be deleted.

Then I need to go back to the something project and run npm install to install missing dependencies so that I can run commands or build steps in the something project.

Details

Not sure it happens every time, just some times. Also other times, as noted above, the linked module is simply removed.

Platform Info

$ npm --versions
{ '@mapperai/mapper-annotator': '1.7.1',
  npm: '6.9.0',
  ares: '1.15.0',
  brotli: '1.0.7',
  cldr: '34.0',
  http_parser: '2.8.0',
  icu: '63.1',
  llhttp: '1.1.1',
  modules: '67',
  napi: '4',
  nghttp2: '1.37.0',
  node: '11.14.0',
  openssl: '1.1.1b',
  tz: '2018e',
  unicode: '11.0',
  uv: '1.27.0',
  v8: '7.0.276.38-node.18',
  zlib: '1.2.11' }
$ node -p process.platform
darwin

(I suggest you keep an eye on this problem and provide some specific reproduce steps if you identify a reproducible scenario.)

All my co-workers eventually run into this problem at some time or other. If the NPM team uses npm link workflow often enough, they should encounter it. I can’t post private repos unfortunately.

I made a video: https://youtu.be/-udkgr5aLFY

It also shows the problem in the other bug: Sometimes `npm install` deletes linked module, replaces it with downloaded module.

This is getting annoying. I wish there was an alternative to NPM without any of the problems. Yarn has its own set of other problems like features that don’t behave like NPM (f.e. not running certain package.json scripts automatically, etc).

I’m aware of this, and have root caused it. Unfortunately the fix is quite extensive, but it’ll be the focus of v7. https://npm.community/t/a-post-in-package-lock-json-keeps-changing-between-platforms-and-runs-requires-staff-attention/8094/4?u=isaacs

I believe this is the same or related to 8927