npm
--install-strategy=nested still hoists workspace packages
Is there an existing issue for this?
- [X] I have searched the existing issues
This issue exists in the latest npm version
- [X] I am using the latest npm
Current Behavior
Currently, running npm install at the root of a monorepo using npm workspaces with the '--install-strategy=nested' flag almost does what I would expect it to do - it puts all the dependencies in separate node_modules folders for each package, but it still puts the symlinks to the local monorepo packages at the root.
Expected Behavior
I would expect the symlinks to the monorepo packages to be inserted into the nested node_modules folders rather than the root (and only for the packages that depend on them).
I also noticed that the --omit=dev flag seems to not work in this use case - note in the linked repro repo running 'npm install --install-strategy=nested --omit=dev' still results in eslint being added to workspace2's node_modules folder, even though it's only a devDependency. (I can make a separate issue for this if that would be better?)
Note for context: My use case here is a monorepo with multiple node apps in it, each of which needs to be separately bundled into a docker image with only it's dependencies, I don't want to unnecessarily include the dependencies of other packages in the monorepo. The '--install-strategy=nested' flag seems like what I need for my use case, but the current behaviour doesn't quite work.
Steps To Reproduce
- make sure you have npm 9.7.1
- clone this repo: https://github.com/pcone/npmissuerepro
- run 'npm install --install-strategy=nested --omit=dev' at the root
- note that a node_modules folder is still created at the root
- note that the nested node_modules folder for workspace1 does not contain a symlink to workspace2, despite it being a dependency
- note that eslint is still installed, despite being a dev dependency
Environment
- npm: 9.7.1
- Node.js: 16.16.0
- OS Name: Windows 10 22H2
- npm config:
; "user" config from C:\Users\<redacted>\.npmrc
<redacted internal repo>:_password = (protected)
<redacted internal repo>:email = "[email protected]"
<redacted internal repo>:username = <redacted>
; node bin location = C:\Program Files\nodejs\node.exe
; node version = v16.16.0
; npm local prefix = C:\S
; npm version = 9.7.1
; cwd = C:\S\npmrepro
; HOME = C:\Users\<redacted>
; Run `npm config ls -l` to show all defaults.
I have experienced the same issue.
@pcone to get around the --omit=dev issue you need npm >= 9.7.2.
Another repo for reproducing: https://github.com/morganney/npm-workspaces
If you run npm install --install-strategy=nested --omit=dev --workspace=foo there will be transitive dependencies for foo's dependencies inside of the root node_modules folder.
I have created a workaround for this shortcoming by running npm run build:foo which effectively moves deps around from the associated node_modules directories.
I have also experienced this. I have also seen shared dependencies still being hoisted. node-fetch seems to be affected. We have a several dependencies that depend on it and no matter what npm install --install-strategy=nested installs it in the root, not the sub packages. npm install --install-strategy=linked seems to work better, but it is not optimal.
It would be great to see a fix for this.
I have the same issue. npm 9.8.1 node 18.18.2
I removed node_modules
- node_modules/
- packages/PACAKGE/node_modules/
and ran install command with install-strategy=nestedoption in package root, It doesn't help.
Same issue here, npm 10.5.2 on node v20.11.1. I can't used linked either because it breaks the angular compiler.
--install-strategy=nested does not work in [email protected] - I suggest this option to be taken out from the docs or at least mark it as such as it's misleading
