Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

yarn install installs wrong version #4721

Open
jwalton opened this issue Oct 16, 2017 · 3 comments
Open

yarn install installs wrong version #4721

jwalton opened this issue Oct 16, 2017 · 3 comments

Comments

@jwalton
Copy link

jwalton commented Oct 16, 2017

Do you want to request a feature or report a bug?
Bug

What is the current behavior?

Grab package.json from here

$ rm -rf node_modules/ yarn.lock
$ yarn install
$ cat package.json | grep coffee-script
    "coffee-script": "~1.7.1",
$ ./node_modules/.bin/coffee -v
CoffeeScript version 2.0.0-beta8

If the current behavior is a bug, please provide the steps to reproduce.

See above.

What is the expected behavior?

Expecting coffee-script 1.7.1, get 2.0.0-beta8.

Please mention your node.js, yarn and operating system version.

  • node: v6.10.0
  • yarn: 1.2.1
  • Mac OS/X 10.11.6 (El Capitan)
@edmorley
Copy link
Contributor

edmorley commented Oct 20, 2017
edited
Loading

I can reproduce with yarn 1.21, node 8.6.0, Windows 10.

Reduced STR:

  1. Create the following package.json:
{
  "dependencies": {
    "coffee-script": "~1.7.1"
  },
  "devDependencies": {
    "karma-coverage": "0.2.6"
  }
}
  1. rm -rf yarn.lock node_modules
  2. yarn install
  3. ./node_modules/.bin/coffee -v
  4. Inspect the symlink (or on Windows, wrapper) target of ./node_modules/.bin/coffee

Expected:

  • Step 4 outputs "CoffeeScript version 1.7.1"
  • At step 5, the .bin link points at coffee-script/bin/coffee

Actual:

  • Step 4 outputs "CoffeeScript version 2.0.0-beta8"
  • At step 5, the .bin link points at coffee-script-redux/bin/coffee

The coffee-script-redux package is pulled in implicitly via karma-coverage@0.2.6 > ibrik@~1.1.1 > coffee-script-redux@=2.0.0-beta8.

So it looks like the .bin link hoisting (from #3310) is overwriting explicitly specified top-level packages' bin links with those from implicit dependencies, and that perhaps this is a case that #3877 didn't fix?

@duhseekoh
Copy link

This is still an issue on yarn 1.16.0.

@ericwooley
Copy link

Still an issue on 1.22.17

➜ yarn --version     
1.22.17

➜ yarn why jest-cli     
yarn why v1.22.17
[1/4] Why do we have the module "jest-cli"...?
[2/4] Initialising dependency graph...
[3/4] Finding dependency...
[4/4] Calculating file sizes...
=> Found "jest-cli@27.3.1"
info Has been hoisted to "jest-cli"
info Reasons this module exists
   - Specified in "devDependencies"
   - Hoisted from "jest#jest-cli"
info Disk size without dependencies: "7.89MB"
info Disk size with unique dependencies: "32.82MB"
info Disk size with transitive dependencies: "158.34MB"
info Number of shared dependencies: 254
=> Found "jest-expo#jest-cli@26.6.3"
info Reasons this module exists
   - "jest-expo#jest" depends on it
   - Hoisted from "jest-expo#jest#jest-cli"
info Disk size without dependencies: "160KB"
info Disk size with unique dependencies: "25.15MB"
info Disk size with transitive dependencies: "150.67MB"
info Number of shared dependencies: 255
Done in 2.37s.

./node_modules/.bin/jest --version
26.6.3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@edmorley @duhseekoh @jwalton @ericwooley