npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

npm-check-installed-git-tags

v1.0.2

Published

Verify that version tagged git packages are actually installed correctly.

Downloads

290

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

jwbrandonjwbrandon

Keywords

Readme

npm-check-installed-git-tags

Verify the package.json version of git dependencies matches what gets installed.

Automated Usage

Add npm-check-installed-git-tags as a script:

If the current package will be installed with npm:

  1. use the following prepare script
  2. add this package to devDependencies
"script": {
  "prepare": "npm-check-installed-git-tags"
},
"devDependencies":{
  "npm-check-installed-git-tags": "<version>"
}

If the current this package will be installed using git

  1. add the following postinstall script
  2. add this package to dependencies
"script": {
  "postinstall": "npm-check-installed-git-tags"
},
"dependencies":{
  "npm-check-installed-git-tags": "<version>"
}

We use postinstall and dependencies for git versioned packages because npm lifecycle scripts do special things on prepare for git packages. For more information see the NOTE on the prepare lifecycle script here: https://docs.npmjs.com/cli/v8/using-npm/scripts

This will make your installation fail if you use git dependencies and the tag specified in package.json for the version, is not actually what is installed. This is useful for ci runs so that things fail when package versions are updated.

Manual Usage

After running npm install you can run npm-check-installed-git-tags to see if packages that are installed are incorrect. If they are you will be prompted to run npm-check-installed-git-tags-and-fix to fix the issues in a minimal way (see #2 in the Why is this needed section).

Disable

Remove the prepare/postinstall script or set DO_NOT_RUN_NPM_CHECK_INSTALLED_GIT_TAGS=1 as an environment variable

Why is this needed

The incorrect version can be installed when the git tag is updated in package.json as npm does not update package-lock.json for git dependencies in that case. This can be fixed by doing one of two things:

  1. minimally by doing npm install <git-repo#tag>
  2. removing package-lock.json and doingnpm install to generate it again.

See: https://github.com/npm/cli/issues/3973 for information on why npm isn't going to fix this.