[BUG] npm install includes transitive devDependencies for file: dependencies when install-links=false #6405
Description
Is there an existing issue for this?
- I have searched the existing issues
This issue exists in the latest npm version
- I am using the latest npm
Current Behavior
npm install includes transitive devDependencies for file: dependencies when install-links=false.
If install-links=true it does not include the transitive devDependencies.
This behavior started with npm 7, npm 6 and earlier did not include transitive devDependencies for file: dependencies.
Expected Behavior
npm install should not include transitive devDependencies for file: dependencies, regardless of what value install-links has.
Steps To Reproduce
package.json should look like this:
{
"name": "a",
"version": "0.0.1",
"dependencies": {
"b": "file:b"
}
}
b/package.json should look like this:
{
"name": "b",
"version": "0.0.1",
"dependencies": {
"clsx": "*"
},
"devDependencies": {
"typescript": "*"
}
}
The resulting package-lock.json files will look like this:
npm 9 (install-links=false):
$ npm -v && npm install --package-lock-only --silent && cat package-lock.json
9.6.5
{
"name": "a",
"version": "0.0.1",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "a",
"version": "0.0.1",
"dependencies": {
"b": "file:b"
}
},
"b": {
"version": "0.0.1",
"dependencies": {
"clsx": "*"
},
"devDependencies": {
"typescript": "*"
}
},
"node_modules/b": {
"resolved": "b",
"link": true
},
"node_modules/clsx": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/clsx/-/clsx-1.2.1.tgz",
"integrity": "sha512-EcR6r5a8bj6pu3ycsa/E/cKVGuTgZJZdsyUYHOksG/UHIiKfjxzRxYJpyVBwYaQeOvghal9fcc4PidlgzugAQg==",
"engines": {
"node": ">=6"
}
},
"node_modules/typescript": {
"version": "5.0.4",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz",
"integrity": "sha512-cW9T5W9xY37cc+jfEnaUvX91foxtHkza3Nw3wkoF4sSlKn0MONdkdEndig/qPBWXNkmplh3NzayQzCiHM4/hqw==",
"dev": true,
"bin": {
"tsc": "bin/tsc",
"tsserver": "bin/tsserver"
},
"engines": {
"node": ">=12.20"
}
}
}
}
npm 9 (install-links=true):
$ npm -v && npm install --package-lock-only --silent --install-links=true && cat package-lock.json
9.6.5
{
"name": "a",
"version": "0.0.1",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "a",
"version": "0.0.1",
"dependencies": {
"b": "file:b"
}
},
"node_modules/b": {
"version": "0.0.1",
"resolved": "file:b",
"dependencies": {
"clsx": "*"
}
},
"node_modules/clsx": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/clsx/-/clsx-1.2.1.tgz",
"integrity": "sha512-EcR6r5a8bj6pu3ycsa/E/cKVGuTgZJZdsyUYHOksG/UHIiKfjxzRxYJpyVBwYaQeOvghal9fcc4PidlgzugAQg==",
"engines": {
"node": ">=6"
}
}
}
}
npm 8:
$ npm -v && npm install --package-lock-only --silent && cat package-lock.json
8.19.4
{
"name": "a",
"version": "0.0.1",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "a",
"version": "0.0.1",
"dependencies": {
"b": "file:b"
}
},
"b": {
"version": "0.0.1",
"dependencies": {
"clsx": "*"
},
"devDependencies": {
"typescript": "*"
}
},
"node_modules/b": {
"resolved": "b",
"link": true
},
"node_modules/clsx": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/clsx/-/clsx-1.2.1.tgz",
"integrity": "sha512-EcR6r5a8bj6pu3ycsa/E/cKVGuTgZJZdsyUYHOksG/UHIiKfjxzRxYJpyVBwYaQeOvghal9fcc4PidlgzugAQg==",
"engines": {
"node": ">=6"
}
},
"node_modules/typescript": {
"version": "5.0.4",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz",
"integrity": "sha512-cW9T5W9xY37cc+jfEnaUvX91foxtHkza3Nw3wkoF4sSlKn0MONdkdEndig/qPBWXNkmplh3NzayQzCiHM4/hqw==",
"dev": true,
"bin": {
"tsc": "bin/tsc",
"tsserver": "bin/tsserver"
},
"engines": {
"node": ">=12.20"
}
}
},
"dependencies": {
"b": {
"version": "file:b",
"requires": {
"clsx": "*",
"typescript": "*"
}
},
"clsx": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/clsx/-/clsx-1.2.1.tgz",
"integrity": "sha512-EcR6r5a8bj6pu3ycsa/E/cKVGuTgZJZdsyUYHOksG/UHIiKfjxzRxYJpyVBwYaQeOvghal9fcc4PidlgzugAQg=="
},
"typescript": {
"version": "5.0.4",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz",
"integrity": "sha512-cW9T5W9xY37cc+jfEnaUvX91foxtHkza3Nw3wkoF4sSlKn0MONdkdEndig/qPBWXNkmplh3NzayQzCiHM4/hqw==",
"dev": true
}
}
}
npm 7:
$ npm -v && npm install --package-lock-only --silent && cat package-lock.json
7.24.2
{
"name": "a",
"version": "0.0.1",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "a",
"version": "0.0.1",
"dependencies": {
"b": "file:b"
}
},
"b": {
"version": "0.0.1",
"dependencies": {
"clsx": "*"
},
"devDependencies": {
"typescript": "*"
}
},
"node_modules/b": {
"resolved": "b",
"link": true
},
"node_modules/clsx": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/clsx/-/clsx-1.2.1.tgz",
"integrity": "sha512-EcR6r5a8bj6pu3ycsa/E/cKVGuTgZJZdsyUYHOksG/UHIiKfjxzRxYJpyVBwYaQeOvghal9fcc4PidlgzugAQg==",
"engines": {
"node": ">=6"
}
},
"node_modules/typescript": {
"version": "5.0.4",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz",
"integrity": "sha512-cW9T5W9xY37cc+jfEnaUvX91foxtHkza3Nw3wkoF4sSlKn0MONdkdEndig/qPBWXNkmplh3NzayQzCiHM4/hqw==",
"dev": true,
"bin": {
"tsc": "bin/tsc",
"tsserver": "bin/tsserver"
},
"engines": {
"node": ">=12.20"
}
}
},
"dependencies": {
"b": {
"version": "file:b",
"requires": {
"clsx": "*",
"typescript": "*"
}
},
"clsx": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/clsx/-/clsx-1.2.1.tgz",
"integrity": "sha512-EcR6r5a8bj6pu3ycsa/E/cKVGuTgZJZdsyUYHOksG/UHIiKfjxzRxYJpyVBwYaQeOvghal9fcc4PidlgzugAQg=="
},
"typescript": {
"version": "5.0.4",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz",
"integrity": "sha512-cW9T5W9xY37cc+jfEnaUvX91foxtHkza3Nw3wkoF4sSlKn0MONdkdEndig/qPBWXNkmplh3NzayQzCiHM4/hqw==",
"dev": true
}
}
}
npm 6:
$ npm -v && npm install --package-lock-only --silent && cat package-lock.json
6.14.18
added 2 packages and audited 2 packages in 0.442s
found 0 vulnerabilities
{
"name": "a",
"version": "0.0.1",
"lockfileVersion": 1,
"requires": true,
"dependencies": {
"b": {
"version": "file:b",
"requires": {
"clsx": "*"
}
},
"clsx": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/clsx/-/clsx-1.2.1.tgz",
"integrity": "sha512-EcR6r5a8bj6pu3ycsa/E/cKVGuTgZJZdsyUYHOksG/UHIiKfjxzRxYJpyVBwYaQeOvghal9fcc4PidlgzugAQg=="
}
}
}
Environment
- npm: 9.6.5
- Node.js: 18.16.0
- OS Name: macOS 13.3.1
- System Model Name: Macbook Air
- npm config:
; node bin location = /Users/foobar/.nvm/versions/node/v18.16.0/bin/node
; node version = v18.16.0
; npm local prefix = /Users/foobar/src/npm-link-test
; npm version = 9.6.5
; cwd = /Users/foobar/src/npm-link-test
; HOME = /Users/foobar
; Run `npm config ls -l` to show all defaults.