Skip to content

Support npm 7 #128

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
vweevers merged 6 commits into from
Oct 23, 2020
Merged

Support npm 7 #128

vweevers merged 6 commits into from
Oct 23, 2020
+246 −64

Conversation

@vweevers
Copy link
Member

@vweevers vweevers commented Oct 17, 2020
edited
Loading

Closes #108.

@vweevers
Change rc-test to npm integration test
9cec98b
@vweevers
Test npm conditions that skip downloads
4ab06c6
@vweevers
Read env.npm_package_from for npm 7
c24e6f5
@vweevers
Remove use of env.npm_config_argv for npm 7
80556b5 
Instead use npm_config_* which works as far back as npm > 0.1.7.
It translates command line flags to environment variables, where:

--foo becomes npm_config_foo='true'
--no-foo becomes npm_config_foo=''
--foo=false becomes npm_config_foo=''
vweevers
vweevers commented Oct 17, 2020
View reviewed changes
vweevers
vweevers commented Oct 17, 2020
View reviewed changes
vweevers
vweevers commented Oct 17, 2020
View reviewed changes
@vweevers

This comment has been minimized.

Sign in to view
vweevers
vweevers commented Oct 17, 2020
View reviewed changes
vweevers
vweevers commented Oct 17, 2020
View reviewed changes
@vweevers
Copy link
Member Author

vweevers commented Oct 18, 2020

Wrote npm-script-context to help debug the various cases. Oddities in npm 7:

  1. When installing a github dependency (e.g. github:foo/bar), its install scripts run twice: after the repository is cloned to npm's global cache (cacache) and after copying from cache to local node_modules. In either case, there's no .git directory that we could detect.
  2. When installing a transitive dependency, the output of its install script is swallowed regardless of --loglevel
  3. env.npm_package_from is never defined, I tried various scenarios. I do however see npm_package_resolved=git+ssh://[email protected]/foo/bar.git#abc (but not in the cache case of 1)

@vweevers
Use env.npm_package_resolved for npm 7
e77a237
@vweevers
Breaking: don't skip downloads in standalone mode
ddb8f69 
I.e. when running `npm install` in the working directory of a
project that uses prebuild-install, you must now run a more
explicit `npm install --build-from-source`.

This is necessary to support npm 7, where we do not have enough
information to automatically determine it and would erroneously
skip downloads on normal installs.
@vweevers vweevers changed the title Prepare for npm 7 Support npm 7 Oct 18, 2020
@vweevers vweevers added the semver-major Changes that break backward compatibility label Oct 18, 2020
@vweevers vweevers marked this pull request as ready for review October 18, 2020 14:21
@lovell
Copy link
Member

lovell commented Oct 20, 2020

Thank you for tackling this Vincent.

https://github.com/npm/cli/blob/latest/CHANGELOG.md#all-lifecycle-scripts suggests we should expect npm_package_resolved (there's no mention of npm_package_from), which I think on its own is enough to recreate the existing _from based logic. If it's not being made available in some cases then that could be a bug.

@vweevers
Copy link
Member Author

vweevers commented Oct 20, 2020

which I think on its own is enough to recreate the existing _from based logic.

Aye, that's what I ended up doing in this PR. With npm_package_resolved we can detect a git repository (npm i user/foo or npm i git+file://...) but we cannot detect a standalone install (cd foo && npm i). I removed that behavior (see last commit).

@lovell
Copy link
Member

lovell commented Oct 20, 2020

The lack of standalone install might be a bit annoying for local development e.g. can no longer just run npm i to force compilation, but I agree that the default behaviour should be to download rather than compile.

A possible workaround for local development might be to patch-bump the package.json version in a commit straight after running npm publish to ensure prebuilt binaries aren't found (although this would prevent the use of prebuild-ci).

@vweevers
Copy link
Member Author

vweevers commented Oct 23, 2020

@lovell is that a blocker for you, and why is npm i --build-from-source not sufficient?

@lovell
Copy link
Member

lovell commented Oct 23, 2020

@vweevers No blocker, it's only a small change to my development workflow. The benefits to end users far outweigh this, which is where our focus should lie.

lovell
lovell reviewed Oct 23, 2020
View reviewed changes
@vweevers
Copy link
Member Author

vweevers commented Oct 23, 2020

Not squashing this, because the individual commit descriptions (especially ddb8f69) are useful.

@vweevers vweevers merged commit f9ed67e into master Oct 23, 2020
@vweevers vweevers deleted the npm7 branch October 23, 2020 10:28
@vweevers
Copy link
Member Author

vweevers commented Oct 23, 2020

I forgot @ralphtheninja released a new version in the mean time, I should have rebased, commits are now out of order. Sorry.

@vweevers
Copy link
Member Author

vweevers commented Oct 23, 2020

I think in this case a rebase and force push to master is acceptable. Otherwise people will be confused why commits with breaking changes are listed before 5.3.6 (although we have a changelog now but not all folks read that).

Do you agree @lovell @ralphtheninja?

@vweevers
Copy link
Member Author

vweevers commented Oct 23, 2020

Done

jorrit added a commit to jorrit/next.js that referenced this pull request Dec 23, 2020
@jorrit
Update sharp optional dependency to support NPM 7
20080ec 
See lovell/sharp#2419 and prebuild/prebuild-install#128
@jorrit jorrit mentioned this pull request Dec 23, 2020
Merged
jorrit added a commit to jorrit/next.js that referenced this pull request Dec 24, 2020
@jorrit
Update sharp optional dependency to support NPM 7
f7df47d 
See lovell/sharp#2419 and prebuild/prebuild-install#128
jorrit added a commit to jorrit/next.js that referenced this pull request Dec 29, 2020
@jorrit
Update sharp optional dependency to support NPM 7
1b2e8cb 
See lovell/sharp#2419 and prebuild/prebuild-install#128
kodiakhq bot pushed a commit to vercel/next.js that referenced this pull request Dec 29, 2020
@jorrit
Update sharp optional dependency to support NPM 7 (#20432)
a9c7c9a 
Sharp 0.26.3 updates prebuild-install to ^6.0.0 which fixes an incompatibility with NPM 7.

See lovell/sharp#2419 and prebuild/prebuild-install#128
@hdwatts hdwatts mentioned this pull request Jan 1, 2021
Open
@vweevers vweevers mentioned this pull request Feb 8, 2022
Closed
celicoo pushed a commit to openuiai/next.js that referenced this pull request Jan 3, 2026
@jorrit
Update sharp optional dependency to support NPM 7 (#20432)
8f180b0 
Sharp 0.26.3 updates prebuild-install to ^6.0.0 which fixes an incompatibility with NPM 7.

See lovell/sharp#2419 and prebuild/prebuild-install#128
celicoo added a commit to openuiai/next.js that referenced this pull request Jan 4, 2026
@celicoo
Update sharp optional dependency to support NPM 7 (#20432)
4ca0642 
Sharp 0.26.3 updates prebuild-install to ^6.0.0 which fixes an incompatibility with NPM 7.

See lovell/sharp#2419 and prebuild/prebuild-install#128
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lovell lovell lovell approved these changes

@ralphtheninja ralphtheninja Awaiting requested review from ralphtheninja

@mathiask88 mathiask88 Awaiting requested review from mathiask88

Assignees

No one assigned

Labels

semver-major Changes that break backward compatibility

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Prepare for npm change to _ fields

3 participants

@vweevers @lovell