npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

npm install with package-lock.json fails to install git dependencies

What I Wanted to Do

We have the same problem with old issue #17405 described in we want the case descibed in #17405 can work in lastest npm verion 6.x.

What Happened Instead

The owner of issue #17405 claimed that the problem had been fixed in 5.1.0. Yes, it is indeed fixed in 5.1.0, but it can be recreated in any other newer npm version, such as npm v6.5.0,npm6.1.0.

Reproduction Steps

Please refer issue #17405 for reproduce steps.


In addition to the information described in issue #17405, we also observed something else:

  1. The problem is git dependence only
  2. The problem is actually sensitive with a parameter “from”.
    If without “from” parameter, the problem just go away. npm5.1.0 will not add “from” parameter into
    package-lock.json, that is the reason why it can work for the problem. But npm 6.x will update package- lock.json by adding the “from” parameter when doing “npm install”. when you install with the packag-lock.json, then the problem is recreated.

Here is the package-lock.json created in npm6.1.0, you can get the difference compared with the one in
package-lock.json (717 字节)

Possible but not acceptable Workround

option1: npm install by removing node_modules directory and deleting file package-lock.json
option2: npm install with package-lock.json firstly, then installed the failed package seperately by executing
“npm install npm-test-package-b”
option3: Remove the “from” parameter from package-lock.json and then npm install with package-lock.json

Platform Info

$ npm --versions
$ node -p process.platform

I got the exact same issue as described. Any update? thanks!