firebase-tools icon indicating copy to clipboard operation
firebase-tools copied to clipboard
verified publisher icon firebase

firebase-frameworks: Deployment fails with npm ci lockfile errors (acorn, markdown-it) in NPM Workspaces monorepo

Open cshabsin opened this issue 1 month ago • 2 comments

[REQUIRED] Environment info

  • Platform: Ubuntu running in a WSL Environment
  • firebase-tools: 14.26.0
  • next: 15.5.6 (early preview of Next.js support on Firebase Hosting)
  • react: 19.0.0
  • Node: v20/v22 (Function runtime) / v24 (Local)
  • Package Manager: npm (Workspaces)

[REQUIRED] Test case

Description: I am using firebase-tools (latest) with the webframeworks experiment enabled to deploy a Next.js 15 app. My project is structured as an NPM Workspace (Root package.json has workspaces: ["frontend"]).

The project can be seen at github.com/cshabsin/conjunew in the "deploy" branch, and recent commits include the workaround alluded to below. (Detailed notes)

[REQUIRED] Steps to reproduce

Steps to Reproduce:

  1. Setup a standard NPM Workspace with a frontend (Next.js) and root package.json.
  2. Install dependencies at root (npm install). Dependencies are hoisted to root node_modules.
  3. Run firebase deploy.
  4. The build process for the SSR Cloud Function fails during the Cloud Build npm ci step.

[REQUIRED] Expected behavior

Server builds and deploys.

[REQUIRED] Actual behavior

Error Observed: Cloud Build fails with npm error code EUSAGE and messages like:

Workaround

Explicitly adding the missing transitive dependencies (acorn, markdown-it) to the frontend/package.json dependencies resolves the issue.

cshabsin avatar Dec 03 '25 05:12 cshabsin

Hey @cshabsin, thanks for the detailed report! I'm currently unable to reproduce the issue, and I'm not able to access links you provided - those repositories may be private.

One thing to check is the npm version you're using. We encountered an issue with npm(v11.6.1 and v11.6.2) where some of the dependencies were being removed from package-lock.json (https://github.com/npm/cli/issues/8725 related to https://github.com/npm/cli/issues/8669). It may be worth trying to switch to the latest npm version to see if that would change the generated package-lock.json so that it includes the missing dependencies. I'm using npm v11.6.4.

Also, could you try running firebase deploy --dry-run, then check the generated .firebase/PROJECT_ID/functions/package-lock.json file. Does the file contain the dependencies node_modules/acorn and node_modules/markdown-it? To avoid unwanted deployments when debugging, the dry-run flag will perform validation and local build but will not proceed with deployment.

aalej avatar Dec 04 '25 17:12 aalej

Hey @cshabsin. We need more information to resolve this issue but there hasn't been an update in 7 weekdays. I'm marking the issue as stale and if there are no new updates in the next 3 days I will close it automatically.

If you have more information that will help us get to the bottom of this, just add a comment!

google-oss-bot avatar Dec 15 '25 18:12 google-oss-bot

Since there haven't been any recent updates here, I am going to close this issue.

@cshabsin if you're still experiencing this problem and want to continue the discussion just leave a comment here and we are happy to re-open this.

google-oss-bot avatar Dec 17 '25 18:12 google-oss-bot