cli
cli copied to clipboard
npm
[BUG] BundleDependency behaviour changed
Is there an existing issue for this?
- [X] I have searched the existing issues
This issue exists in the latest npm version
- [X] I am using the latest npm
Current Behavior
The behaviour of npm pack has changed between v8 and v9.
For the given package.json:
{
"name": "npm_reproducer",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"keywords": [],
"author": "",
"license": "ISC",
"dependencies": {
"@nestjs/typeorm": "10.0.2"
},
"bundleDependencies": ["typeorm"]
}
When packaging with npm v9 i got:
npm notice
npm notice 📦 [email protected]
npm notice === Tarball Contents ===
npm notice 9.6MB npm_reproducer-1.0.0.tgz
npm notice 325B package.json
npm notice === Tarball Details ===
npm notice name: npm_reproducer
npm notice version: 1.0.0
npm notice filename: npm_reproducer-1.0.0.tgz
npm notice package size: 9.5 MB
npm notice unpacked size: 9.6 MB
npm notice shasum: a4f59d57e7f4b0a20b077f161d1a86fb8ee5faff
npm notice integrity: sha512-2KpDThzFhyZug[...]C5PQ7srizpW2g==
npm notice total files: 2
npm notice
npm_reproducer-1.0.0.tgz
when packaging with v8 i got:
npm notice
npm notice 📦 [email protected]
npm notice === Tarball Contents ===
npm notice 4.7MB npm_reproducer-1.0.0.tgz
npm notice 325B package.json
npm notice === Bundled Dependencies ===
npm notice @pkgjs/parseargs
npm notice dayjs
npm notice any-promise
npm notice require-directory
npm notice isexe
npm notice cli-highlight
npm notice @sqltools/formatter
npm notice ansi-regex
npm notice ansi-styles
npm notice app-root-path
npm notice base64-js
npm notice brace-expansion
npm notice buffer
npm notice chalk
npm notice cliui
npm notice color-convert
npm notice color-name
npm notice cross-spawn
npm notice debug
npm notice dotenv
npm notice escalade
npm notice foreground-child
npm notice glob
npm notice has-flag
npm notice highlight.js
npm notice ieee754
npm notice inherits
npm notice is-fullwidth-code-point
npm notice lru-cache
npm notice minimatch
npm notice minipass
npm notice mkdirp
npm notice mz
npm notice object-assign
npm notice parse5-htmlparser2-tree-adapter
npm notice parse5
npm notice path-key
npm notice reflect-metadata
npm notice safe-buffer
npm notice sha.js
npm notice shebang-command
npm notice shebang-regex
npm notice string-width-cjs
npm notice string-width
npm notice strip-ansi-cjs
npm notice strip-ansi
npm notice supports-color
npm notice thenify-all
npm notice thenify
npm notice which
npm notice wrap-ansi-cjs
npm notice wrap-ansi
npm notice y18n
npm notice yargs
npm notice uuid
npm notice @isaacs/cliui
npm notice yargs-parser
npm notice tslib
npm notice typeorm
npm notice signal-exit
npm notice eastasianwidth
npm notice balanced-match
npm notice emoji-regex
npm notice get-caller-file
npm notice jackspeak
npm notice ms
npm notice path-scurry
npm notice === Tarball Details ===
npm notice name: npm_reproducer
npm notice version: 1.0.0
npm notice filename: npm_reproducer-1.0.0.tgz
npm notice package size: 9.6 MB
npm notice unpacked size: 33.6 MB
npm notice shasum: 8180e3434f0c76fa008a412ee38839e384d22a23
npm notice integrity: sha512-8BvJoO20+6uTK[...]VUpwbShzzxW5w==
npm notice bundled deps: 67
npm notice bundled files: 0
npm notice own files: 4968
npm notice total files: 4968
npm notice
npm_reproducer-1.0.0.tgz
This is a huge difference and not expected from the changelog of v9
Expected Behavior
With the given package.json calling npm install and npm pack should give the same result or at least a Breaking change notice of the changed behaviour.
Steps To Reproduce
With the given package.json call npm install and npm pack once with v8 and once with v9 of npm
Environment
- npm: 8.19.2 / 9.8.1
- Node.js: 18.12.1 / 18.18.2
- OS Name: Ubuntu 20.04
- System Model Name: Lenove ThinkPad
- npm config: default
