Open otto-liljalaakso-nt opened 2 years ago
Can you try this in the latest npm? I could not replicate this with v8.5.4
.
$ npm audit fix --workspaces --include-workspace-root --force
...
added 269 packages, removed 533 packages, changed 418 packages, and audited 2178 packages in 24s
...
~/D/n/s/npm-audit-call-stack-exceeded (main|✚3) $ git diff --stat
package-lock.json | 23394 +++++++++++++++++++++++++++++++++++++++++++++++++++++++------------------------------------------------------------
package.json | 169 +-
packages/package-i/package.json | 2 +-
3 files changed, 11233 insertions(+), 12332 deletions(-)
Tested. The reproducer repository does not reproduce the issue anymore. This does not depend on npm version, the issue is gone for both 8.3.0 and 8.5.4. However, the issue persists in our private repository.
The reproducer was created from the private repository by removing as much as possible,
then removing everything except dependency definitions
and renaming everything as package-a
and so on.
Assuming that "Maximum call stack size exceeded" happens because there is too much to do,
it may be that the reproducer is really sensitive to changes in package versions in the npm repository.
I could try to make a new reproducer, where I skip the "remove as much as possible part".
Such reproducer should be more robust.
I will send a link when I have something ready.
I have updated the reproducer repository to a larger example that still suffers from this bug. Please take a look.
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
We have a large private repository that was previously using
yarn
, but we moved tonpm
recently. We would like to usenpm audit
to fix outdated dependencies, so we tried to run the following command:This did not work, after printing many duplicate lines about doing SemVer major changes to certain dependencies, the following error was printed.
Expected Behavior
Audit completes normally, potentially modifying
package.json
andpackage-lock.json
.Steps To Reproduce
Environment
@xsitemanage:registry = "https://npm.pkg.github.com/" //npm.pkg.github.com/:_authToken = (protected)
; node bin location = /home/otto/.volta/tools/image/node/14.15.4/bin/node ; cwd = /home/otto/src/external/otto-urpelainen-nt/npm-call-stack-exceeded ; HOME = /home/otto ; Run
npm config ls -l
to show all defaults.