raineorshine
commented
8 years ago Hi Joel (greetings from Denver!),
I would love to help you make sense of the npm/ncu troubles that you are having! I might need a little more explanation to fully understand your problem.
I ran ncu --upgrade grunt-contrib-imagemin with grunt-contrib-imagemin@0.9.1 it then reported: grunt-contrib-imagemin ~0.9.4 → ~1.0.0 which made no sense...
To me this makes sense: You have ~0.9.1 specified in your package.json. ~ is a version range specifier that will allow minor versions and patches to be installed whenever you run npm install or npm update. So ~0.9.1 is your dependency, and 0.9.4 is the latest version that satisfies that version range. By running ncu, you are asking for the latest version outside the specified version range. Since the latest version of grunt-contrib-imagemin is 1.0.0, this is what ncu reports.
Do you need both imagemin and grunt-contrib-imagemin? My guess is that the latter includes the former. If you are using grunt you probably only need the latter.
... is this sort of normal... it seems that npm is very FRAGILE ???
Can you describe what does not seem normal? I can see the output you pasted but I'm not making the connection.
ncu --upgrade is dangerous
Similar question here. What do you see as dangerous? ncu --upgrade is only dangerous if you do not have your package.json in source control, since it does modify your package.json. ncu --upgrade actually does not touch your node_modules folder; that is left to npm itself. ncu just modifies your package.json.
JoelParke
I ran ncu --upgrade grunt-contrib-imagemin with grunt-contrib-imagemin@0.9.1 it then reported: grunt-contrib-imagemin ~0.9.4 → ~1.0.0 which made no sense... then I did npm list --depth=0 which reported: ├── assert@1.3.0 ├── aws-sdk@2.3.7 ├── base64-stream@0.1.3 ├── bcrypt@0.8.3 ├── bluebird@2.10.2 ├── body-parser@1.12.4 ├── bson@0.4.23 ├── bson-objectid@1.1.4 ├── composable-middleware@0.3.0 ├── compression@1.4.4 ├── connect-livereload@0.5.4 ├── connect-mongo@0.8.2 ├── connect-multiparty@1.2.5 ├── cookie-parser@1.3.5 ├── ejs@2.3.4 ├── errorhandler@1.3.6 ├── exectimer@1.1.0 ├── express@4.12.4 ├── express-handlebars@2.0.1 ├── express-jwt@3.3.0 ├── express-session@1.11.3 ├── extend@2.0.1 ├── gc-stats@0.0.6 ├── github@0.2.4 ├── github-api@0.10.7 ├── grunt@0.4.5 ├── grunt-angular-templates@0.5.9 ├── grunt-asset-injector@0.1.0 ├── grunt-autoprefixer@3.0.4 ├── grunt-build-control@0.1.3 (git://github.com/daftmonk/grunt-build-control.git#3d03ebbe49f8f963ef43c50af1084a15f56611fa) ├── grunt-concurrent@1.0.1 ├── grunt-contrib-clean@0.6.0 ├── grunt-contrib-concat@0.5.1 ├── grunt-contrib-copy@0.8.2 ├── grunt-contrib-cssmin@0.12.3 ├── grunt-contrib-htmlmin@0.4.0 ├── grunt-contrib-imagemin@0.9.1 extraneous ├── grunt-contrib-jshint@0.11.3 ├── grunt-contrib-sass@0.9.2 ├── grunt-contrib-uglify@0.9.2 ├── grunt-contrib-watch@0.6.1 ├── grunt-dom-munger@3.4.0 ├── grunt-env@0.4.4 ├── grunt-express-server@0.5.3 ├── grunt-google-cdn@0.4.3 ├── grunt-karma@0.10.1 ├── grunt-mocha-test@0.12.7 ├── grunt-newer@1.1.2 ├── grunt-ng-annotate@0.10.0 ├── grunt-node-inspector@0.2.0 ├── grunt-nodemon@0.4.2 ├── grunt-open@0.2.3 ├── grunt-protractor-runner@2.1.2 ├── grunt-rev@0.1.0 ├── grunt-svgmin@2.0.1 ├── grunt-usemin@3.0.0 ├── grunt-wiredep@2.0.0 ├── heapdump@0.3.7 ├── html2plaintext@1.0.1 ├── htmlparser@1.7.7 ├── htmlparser2@3.9.0 ├── ical-generator@0.2.7 ├── jit-grunt@0.9.1 ├── js-json@0.1.4 ├── jshint-stylish@1.0.2 ├── JSONStream@1.1.1 ├── jsonwebtoken@5.7.0 ├── jws@3.1.3 ├── jwt-decode@1.5.1 ├── karma@0.12.37 ├── karma-chrome-launcher@0.1.12 ├── karma-coffee-preprocessor@0.2.1 ├── karma-firefox-launcher@0.1.7 ├── karma-html2js-preprocessor@0.1.0 ├── karma-jade-preprocessor@0.0.11 ├── karma-jasmine@0.3.8 ├── karma-ng-html2js-preprocessor@0.1.2 ├── karma-ng-jade2js-preprocessor@0.2.1 ├── karma-ng-scenario@0.1.0 ├── karma-phantomjs-launcher@0.1.4 ├── karma-requirejs@0.2.6 ├── karma-script-launcher@0.1.0 ├── lodash@3.8.0 ├── method-override@2.3.5 ├── mime-types@2.1.11 ├── UNMET PEER DEPENDENCY mocha@>=1.20.0 ├── moment@2.10.6 ├── moment-timezone@0.4.1 ├── mongodb@1.4.40 ├── mongoose@4.0.8 ├── mongoskin@1.4.13 ├── monk@1.0.1 ├── morgan@1.5.3 ├── ng-file-upload@4.2.4 ├── nodemailer@1.11.0 ├── nodemailer-sendgrid-transport@0.1.0 ├── nodemailer-sendmail-transport@1.0.0 ├── open@0.0.5 ├── passport@0.2.2 ├── passport-facebook@2.1.0 ├── passport-github@0.1.5 ├── passport-github2@0.1.10 ├── passport-google-oauth@1.0.0 ├── passport-local@1.0.0 ├── passport-twitter@1.0.4 ├── q@1.4.1 ├── random-id@0.0.2 ├── rekuire@0.1.9 ├── request@2.72.0 ├── requirejs@2.1.22 ├── serve-favicon@2.2.1 ├── sessionstore@1.2.13 ├── should@6.0.3 ├── shrinkwrap@0.4.0 ├── socket.io@1.4.6 ├── socket.io-client@1.4.6 ├── socketio-jwt@4.3.4 ├── sprintf-js@1.0.3 ├── ssl-root-cas@1.1.10 ├── supertest@1.0.1 ├── time-grunt@1.2.2 ├── tmp@0.0.27 ├── tracer@0.7.4 ├── uri.js@0.1.3 ├── uuid@2.0.2 └── xmldom@0.1.22
npm ERR! peer dep missing: mocha@>=1.20.0, required by grunt-mocha-test@0.12.7 npm ERR! extraneous: grunt-contrib-imagemin@0.9.1 /home/joel/tracker/node_modules/grunt-contrib-imagemin npm ERR! peer dep missing: mocha@>=1.20.0, required by grunt-mocha-test@0.12.7
This I saw that imagemin@2.2.1 was installed so I removed node_modules/grunt-contrib-imagemin Which didn't allow me to build by project. SO I then did: npm install grunt-contrib-imagemin And my project builds and npm list --depth=0 reports what I expect except for a: ├── imagemin@2.2.1 extraneous so I remove node_modules/imagemin Now npm list --depth=0 reports what I expect except for: ├── imagemin-pngquant@4.2.2 extraneous ├── imagemin-svgo@3.0.3 extraneous ├── vinyl-fs@0.3.14 extraneous ... is this sort of normal... it seems that npm is very FRAGILE ??? and ncu --upgrade is dangerous??? Thanks, Joel Parke