Auto add self dependency to npm

[tienchai-ample]

Type: Bug

When I open a package.json file (for npm), it seems that these 2 things happen:

1. a self dependency is added into the package.json file
2. package-lock.json is generated.

This is as-if npm install . was called every time I open a package.json file, on the package.json directory.

Extension version: 0.9.5 VS Code version: Code 1.92.0 (b1c0a14de1414fcdaa400695b4db1c0799bc3124, 2024-07-31T23:26:45.634Z) OS version: Windows_NT x64 10.0.22631 Modes:

System Info

|Item|Value| |---|---| |CPUs|13th Gen Intel(R) Core(TM) i7-1360P (16 x 2611)| |GPU Status|2d_canvas: enabled
canvas_oop_rasterization: enabled_on
direct_rendering_display_compositor: disabled_off_ok
gpu_compositing: enabled
multiple_raster_threads: enabled_on
opengl: enabled_on
rasterization: enabled
raw_draw: disabled_off_ok
skia_graphite: disabled_off
video_decode: enabled
video_encode: enabled
vulkan: disabled_off
webgl: enabled
webgl2: enabled
webgpu: enabled
webnn: disabled_off| |Load (avg)|undefined| |Memory (System)|31.68GB (18.59GB free)| |Process Argv|--crash-reporter-id 1fede22c-cab8-45ed-8080-59ceef7a5290| |Screen Reader|no| |VM|0%|

A/B Experiments

``` vsliv368:30146709 vspor879:30202332 vspor708:30202333 vspor363:30204092 vscorecescf:30445987 vscod805:30301674 binariesv615:30325510 vsaa593cf:30376535 py29gd2263:31024239 c4g48928:30535728 azure-dev_surveyone:30548225 a9j8j154:30646983 962ge761:30959799 pythongtdpath:30769146 welcomedialogc:30910334 pythonnoceb:30805159 asynctok:30898717 pythonregdiag2:30936856 pythonmypyd1:30879173 h48ei257:31000450 pythontbext0:30879054 accentitlementst:30995554 dsvsc016:30899300 dsvsc017:30899301 dsvsc018:30899302 cppperfnew:31000557 dsvsc020:30976470 pythonait:31006305 dsvsc021:30996838 da93g388:31013173 pythoncenvpt:31062603 a69g1124:31058053 dvdeprecation:31068756 dwnewjupytercf:31046870 impr_priority:31102340 refactort:31108082 ccplt:31103426 pythonrstrctxt:31103193 wkspc-onlycs-c:31106320 wkspc-ranged-c:31107834 ```

[Joniras]

I had to enable/disable every extension by hand to find out it is this extension preventing me basically to build my library. More details from me: Everytime i alter/open a package.json and delete the line

    "@libraryname/ngx-table": "file:",

it gets added again and prevents me to build. I alos get the same behaviour in another project where "webapp": "file:" is added (webapp is the name of the folder the project is in).

[pmeske]

I can confirm this Issue with Version v0.9.5

[scoorpion1008]

It seems like you’re encountering an issue where opening a package.json file in Visual Studio Code triggers behavior similar to running npm install ., resulting in a self-dependency being added and a package-lock.json file being generated. This is not the expected behavior when simply opening a file. a few steps you can take to troubleshoot and potentially resolve the issue:

Check for Extension Conflicts: Sometimes, extensions can cause unexpected behavior. Check if you have any extensions related to npm or package management that might be causing this issue1. Update VS Code and Extensions: Ensure that your VS Code and all extensions are up to date. An outdated extension or VS Code version might have known bugs that have been fixed in later releases. Review Extension Settings: Look into the settings of your installed extensions to see if there’s an option that might be causing this behavior. Some extensions have features that automatically run npm commands upon certain triggers. Disable Extensions: Try disabling all extensions and then re-enable them one by one to identify if a specific extension is causing the problem. Check VS Code Settings: Review your VS Code settings (both user and workspace settings) for any configurations related to npm or scripts that might be running on file open. Consult VS Code Documentation: The VS Code documentation and community forums can be a valuable resource for troubleshooting issues. You might find others who have experienced similar problems and shared solutions2. Report the Issue: If none of the above steps help, consider reporting the issue to the VS Code GitHub repository with detailed information about your setup and the steps to reproduce the bug. Remember to back up your package.json and package-lock.json files before making changes or updates, just in case you need to revert to a previous state. Hopefully, these steps will help you resolve the issue and prevent the unwanted behavior from occurring.

[gian1200]

Is that a bot comment?

---

Regarding the issue, it happens on last version only (0.9.5).

In my case, it happens even when package.json is closed (when git reverting the change or opening VSCode).

As a workaround one can force 0.9.4 or disable the dependency and rollback the changes (I did the 2nd one) until a new version with a fix is released.

[scoorpion1008]

Iam Mexican....lol was just trying to be helpful by providing precise/concise alternatives for troubleshooting the possible issues and regarding the package. Json it’s good to hear that you’ve identified the issue as being specific to version 0.9.5 of the extension and that you’ve found a workaround forcing 0.9.4 disabling the dependency and rolling back the changes a temporary solution until the extension’s maintainers releases a new version with a fix. i would hit them up with the issue or use code pilot in vscode for a robust suggestion

[yostane]

I also have the above described issue with this additional effect:

• Auto-format of package.json on file open
• Auto-add of self dependency in package-lock.json
• AFAIK No logs anywhere in the output windows. So I had to check extensions one by one to find the culprit

By switching to 0.9.4 the issue disappeared, but I get a warning notification Command failed: npm i --package-lock-only --prefix ...