npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

npm list not showing correct tree of dependencies

What I Wanted to Do

I wanted to list a tree of a single dependency.
npm list mixin-deep

What Happened Instead

It showed only one appearance of mixin-deep.

Reproduction Steps

This is my package.json:
This is my package-lock.json:
mixin-deep should appear in several dozens of places in the dependency tree.
Instead it appears only as:

dark-diagnosis-frontend@1.0.0 /home/korisnik/Desktop/Programiranje/Projects/darkDiagnosis/frontend
└─┬ webpack@4.35.3
  └─┬ micromatch@3.1.10
    └─┬ snapdragon@0.8.2
      └─┬ base@0.11.2
        └── mixin-deep@1.3.1 


Platform Info

$ npm --versions
$ node -p process.platform

It looks like there’s one instance of mixin-deep in your package-lock.json file, and one package (base) that depends on it. So this npm ls output looks correct to me?

What do you get when you run find node_modules -name mixin-deep? What packages do you think should be depending on it?

Oh, I see, the issue is that a bunch of stuff depends on snapdragon, which depends on base -> mixin-deep? Yeah, I can see how that’s weird.

Yes. As far as I see the end of each branch is snapdragon->base->mixin-deep.
But several things depend on snapdragon.

If I do npm audit I see several dozens of paths to mixin-deep as this is a dependency with vulnerability so it gets shown in all paths.

npm list should find all these paths similar as how npm audit does.