[BUG] npm ls breaks when private repo dependency uses semver: for version matching

NozzerFX commented 3 years ago

Current Behavior:

When package.json contains a private git repository as a dependency with #semver version matching npm ls does not resolve any paths for production or development options. The following error occurs when not using the --silent flag.

verbose stack TypeError: Cannot read property '0' of undefined 4 verbose stack at npa (C:\Program Files\nodejs\node_modules\npm\node_modules\npm-package-arg\npa.js:34:25) 4 verbose stack at doesChildVersionMatch (C:\Program Files\nodejs\node_modules\npm\lib\install\deps.js:61:22) 4 verbose stack at versionMatch (C:\Program Files\nodejs\node_modules\npm\lib\install\deps.js:758:12) 4 verbose stack at Array.filter () 4 verbose stack at exports.findRequirement (C:\Program Files\nodejs\node_modules\npm\lib\install\deps.js:768:23) 4 verbose stack at findChild (C:\Program Files\nodejs\node_modules\npm\lib\install\deps.js:122:17) 4 verbose stack at computeMetadata (C:\Program Files\nodejs\node_modules\npm\lib\install\deps.js:132:9) 4 verbose stack at C:\Program Files\nodejs\node_modules\npm\lib\ls.js:43:23 4 verbose stack at C:\Program Files\nodejs\node_modules\npm\lib\install\read-shrinkwrap.js:48:14 4 verbose stack at C:\Program Files\nodejs\node_modules\npm\node_modules\iferr\iferr.js:3:64 4 verbose stack at C:\Program Files\nodejs\node_modules\npm\lib\install\read-shrinkwrap.js:33:16 4 verbose stack at tryCatcher (C:\Program Files\nodejs\node_modules\npm\node_modules\bluebird\js\release\util.js:16:23) 4 verbose stack at Promise._settlePromiseFromHandler (C:\Program Files\nodejs\node_modules\npm\node_modules\bluebird\js\release\promise.js:517:31) 4 verbose stack at Promise._settlePromise (C:\Program Files\nodejs\node_modules\npm\node_modules\bluebird\js\release\promise.js:574:18) 4 verbose stack at Promise._settlePromise0 (C:\Program Files\nodejs\node_modules\npm\node_modules\bluebird\js\release\promise.js:619:10) 4 verbose stack at Promise._settlePromises (C:\Program Files\nodejs\node_modules\npm\node_modules\bluebird\js\release\promise.js:699:18) 5 verbose cwd C:\Local Development\Web Projects\MyProject 6 verbose Windows_NT 10.0.19041 7 verbose argv "C:\Program Files\nodejs\node.exe" "C:\Program Files\nodejs\node_modules\npm\bin\npm-cli.js" "ls" "--production=true" "--parseable=true" "--long=false" "--all" 8 verbose node v12.16.1 9 verbose npm v6.13.4 10 error Cannot read property '0' of undefined 11 verbose exit [ 1, true ]

Expected Behavior:

Expect npm ls to output paths when the #semver syntax is not in use.

Steps To Reproduce:

In package.json add a private repository to your dependencies. For example:

"dependencies": { "some-private-library": "git+ssh://git@gitplace.org:example/some-private-library.git#semver:^1.0.0" }

Ensure you have some additional dependencies and devDependencies and then run the following: npm ls --production=true --parseable=true --long=false --silent --all OR npm ls --development=true --parseable=true --long=false --silent --all

You will not get any output from this command unless you remove semver: from the private git repo reference.

Environment:

OS: Windows 10.0.19041.0
Node: 12.16.1
npm: 6.13.4

ljharb commented 3 years ago

What happens with npm 7?

NozzerFX commented 3 years ago

@ljharb - The result is better with npm 7.

When running for production and development I get expected results but I do still get an error for production

verbose stack Error: invalid: some-private-library@1.0.1 C:\Local Development\Web Projects\MyProject\node_modules\some-private-library 23 verbose stack at ls (C:\Users\richa\AppData\Roaming\npm\node_modules\npm\lib\ls.js:491:7) 24 verbose cwd C:\Local Development\Web Projects\MyProject 25 verbose Windows_NT 10.0.19041 26 verbose argv "C:\Program Files\nodejs\node.exe" "C:\Users\richa\AppData\Roaming\npm\node_modules\npm\bin\npm-cli.js" "ls" "--production=true" "--parseable=true" "--long=false" "--all" 27 verbose node v12.16.1 28 verbose npm v7.0.15 29 error code ELSPROBLEMS 30 error invalid: some-private-library@1.0.1 C:\Local Development\Web Projects\MyProject\node_modules\some-private-library 31 verbose exit 1

darcyclarke commented 3 years ago

npm v6 is no longer in active development; We will continue to push security releases to v6 at our team's discretion as-per our Support Policy.

If your bug is preproducible on v7, please re-file this issue using our new issue template.

If your issue was a feature request, please consider opening a new RRFC or RFC. If your issue was a question or other idea that was not CLI-specific, consider opening a discussion on our feedback repo

Closing: This is an automated message.

ljharb commented 3 years ago

Reopening; the latest stack trace is npm 7.

wraithgar commented 3 years ago

The git tag parsing underwent a significant rewrite since this issue was opened. Is this still an issue in npm@7?

Napas commented 3 years ago

I'm still getting this issue with npm 7.19.1

npm / cli