Login/Register
Rolling back to previous version of npm package doesn't work?
Asked Answered
typescriptnpmgithub-actionsnpxcommitlint
T

0

0

(This question revolves more around npm and how dependencies and versions work in this ecosystem; commitlint is just an example of the issue at hand, but I imagine it could happen with any npm package.)

I was using commitlint npm package happily for the past few months to lint my commit messages. I even developed some commitlint plugins in TypeScript to enhance it with our repo's policies.

Now comes version 17.4.0 of commitlint: apparently they raised the version of their TypeScript dependency, so my plugins don't compile anymore (some issue with any types that I will look into later).

So then I decide to rollback to commitlint v17.3.0 in my CI recipe, as a temporary workaround until I can look into fixing our plugins, via:

npm install @commitlint/[email protected]

But, it doesn't work! I keep getting the TypeScript compiler error. Oh, then I try with -g:

npm install -g @commitlint/[email protected]

Same thing, I keep getting the error. Oh, maybe -g requires sudo?

sudo npm install -g @commitlint/[email protected]

No! Still same error. What the hell might be going on here? Then I look at the CI log and I notice this in the npx call:

npm WARN exec The following package was not found and will be installed: [email protected]

Aha! So, somehow, npx is not seeing the recently installed commitlint version that the previous npm install step performed. How is this possible? Any ideas?

Well, then I thought, let's do a workaround, removing the npm install step and just specifying the version in the npx call:

npx [email protected] --from HEAD~1 --to HEAD --verbose

...and guess what? It doesn't work either! This is the log:

Run npx [email protected] --from HEAD~1 --to HEAD --verbose
npm WARN exec The following package was not found and will be installed: [email protected]
/home/runner/.npm/_npx/f46b942c1a6d2ab7/node_modules/ts-node/src/index.ts:859
    return new TSError(diagnosticText, diagnosticCodes, diagnostics);
           ^
TSError: ⨯ Unable to compile TypeScript:
...

How is this possible? Is it that previous versions of npm packages still point to the dependencies of the latest version? Wouldn't this be an npm/npx bug?

UPDATE: Interesting discovery so far: commitlint package seems to depend on package commitlint/types, which doesn't seem to have a 17.3.0 version.

Transgression answered 5/1, 2023 at 5:47 Comment(5)
Did you try to install the old version using npm install xyz—force? Iirc npm checks to see if a newer version already exists, and if so uses that from the local node_modules folder.Rubyeruch
but there is no node_modules folder, it would be created by npm install in CITransgression
So are you trying to get things working in a CI system (and if so, which one?). From the commands it looked like you were doing this locally. Does it work as explicated locally?Rubyeruch
actually I just tested locally and I have the same problem; --force didn't help :'(Transgression
calling node_modules/commit-lint/cli.js --version returns 17.3.0 so it did install the previous version; but somehow the TypeScript compiler downloaded is the one from the new versionTransgression

© 2022 - 2024 — McMap. All rights reserved.