Comments (3)
novemberborn
commented on July 17, 2024
2
I'm here to answer questions if need be.
from cli.
niparx
commented on July 17, 2024
2
@novemberborn
@mortentangen you are correct here:
*.podspec file of react native libraries often depend on the author field in package.json (i.e. https://github.com/react-native-webview/react-native-webview/blob/v11.0.2/react-native-webview.podspec#L11).
But here is what I'm getting, when running npm ci and npm install commands. I'm not an expert in npm/node/js development, so, sorry, if I'm wrong somewhere. It's just what I have found.
As an example, let's take this npm package: react-native-keep-awake.
Here it is author field from package.json file: author. Just for the record, what data is in package repo.
I'm on LTS node fermium
node v14.18.0npm 6.14.15
What I'm getting in ./node_modules/react-native-keep-awake/package.json author field after running npm install:
"author": { "name": "Kyle Corbitt" },package-lock.jsonfile is not modified
What I'm getting in ./node_modules/react-native-keep-awake/package.json author field after running npm ci:
"author": "Kyle Corbitt",package-lock.jsonfile is not modifiedauthorvalue is the same as in package repopackage.jsonfile. I don't know, if these values are tightly coupled, but, just want to point, that they are the same.
So, what do we have:
- by running
npm ciandnpm installwe are getting different results in./node_modules/react-native-keep-awake/package.jsonauthorsection - later, when we installing
cocoapodsdependencies, as you mentioned,authorfield frompackage.jsonis used for*.podspecfile *.podspecfile is used for checksum calculation- we'll have a mismatch in
authorfield -> mismatch in checksum
I tried the same npm ci/npm install on same project, but with updated node (active LTS will start shortly for this version, 2021-10-26):
node v16.11.0npm 8.0.0
And with such configuration I do not getauthorfield mismatch.
The fact, that there is no such issue with newer node/npm version, is giving me an assumption, that issue is on npm/node side, rather that on cocoapods side. As I said, I'm not an expert with these tools. I don't know, how exactly they are working, and, possibly, I'm missing something. But this is what I found.
from cli.
mortentangen
commented on July 17, 2024
Any progress on this bug? This is an issue for react native development with cocoapods as the *.podspec file of react native libraries often depend on the author field in package.json (i.e. https://github.com/react-native-webview/react-native-webview/blob/v11.0.2/react-native-webview.podspec#L11).
The Podfile.lock file contains a checksum of the library based on the content of the podspec file. npm install will create a different checksum than npm ci, which is an issue when running releases on CI servers.
from cli.
Related Issues (20)
- Npm install HOT 6
- Install Progress
- Progress bar HOT 1
- [BUG] "npm publish" tags pre-versions as "latest" HOT 8
- [BUG] `npm` doesn't correctly resolve workspaces when defining a dependency using GitHub URLs
- [BUG] Failed index access on utils/tar.js while trying to publish a package with node_modules HOT 3
- [BUG] npm pack in 10.5.0 introduces breaking change due to changed output HOT 4
- [BUG] dist-tag in package.json not re-evaluated HOT 1
- [BUG] #7495 Partially fixes #7413, but running scripts for workspaces in the / directoy is still broken. HOT 1
- [BUG] can't install HOT 4
- [BUG] Fsevents hanging HOT 3
- [BUG] <EACCES permissions errors when installing packages, npm is trying to use /.npm as its cache directory, which typically requires root permission > HOT 4
- [BUG] `npm outdated` no longer respects semver range for `npm:` style indirect versions
- [BUG] How do I know that which version of nodeJS and npm are using a mern stack project HOT 2
- [BUG] `npm ci` doesn't properly compare `package.json` with `package-lock.json` HOT 1
- [BUG] If the project name is node_modules, this error will be reported HOT 1
- [BUG] npm shows spinner while waiting for password
- [BUG] "There appears to be trouble with your network connection. Retrying..."
- [BUG] "There appears to be trouble with your network connection. Retrying..." HOT 2
- [Feature request] Support overriding `main`, `exports` and other package.json fields with `publishConfig`
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cli.