Skip to content
This repository was archived by the owner on Nov 16, 2022. It is now read-only.
This repository was archived by the owner on Nov 16, 2022. It is now read-only.

[BUG] reports different result than npm ls #6

Open
Open
[BUG] reports different result than npm ls#6
@akrawchyk

Description

@akrawchyk
akrawchyk
opened on Oct 25, 2019

What / Why

npm ls and lock-verify report different things with an invalid package-lock.json.

When

When I remove a top-level subdependency entry from the dependencies key in my package-lock.json without removing the dependency from package.json like:

diff --git a/package-lock.json b/package-lock.json
index bdd5d63d4..c26a822dd 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -4,15 +4,6 @@
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
-    "@akryum/winattr": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/@akryum/winattr/-/winattr-3.0.0.tgz",
-      "integrity": "sha512-t4WmWoGV9gyzypwG3y3JlcK2t8fKLtvzBA7xEoFTj9SMPvOuLsf13uh4ikK0RRaaa9RPPWLgFUdOyIRaQvCpwQ==",
-      "dev": true,
-      "requires": {
-        "fswin": "^2.17.1227"
-      }
-    },
     "@apollographql/apollo-tools": {
       "version": "0.4.0",
       "resolved": "https://registry.npmjs.org/@apollographql/apollo-tools/-/apollo-tools-0.4.0.tgz",

And then I run npm ls I see:

npm ERR! extraneous: fswin@2.17.1227 /Users/akrawchyk/Developer/optics/node_modules/fswin
npm ERR! missing: @akryum/winattr@^3.0.0, required by @vue/cli-ui@3.12.1

But when I run the example script in the README I see:

{ status: true, warnings: [], errors: [] }

Where

  • npm cli

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions