Open jruales opened 2 years ago
Here you can see some of the diff:
I am seeing this as well, and it's generating a lot of churn in the file.
Specifically, fresh installs (empty node_modules) of the configured project ends up with a lock file that lists the dependencies in a seemingly randomized order.
In a non-fresh install (populated node_modules), installing a new dependency with npm install
results in re-sorting the dependencies correctly, and does not run the preinstall: npx npm-force-resolutions
at all. If you then run npx npm-force-resolutions
after, it "fixes" the sorting discrepancy (i.e. changing the order back to whatever force-resolutions is using).
It would be really awesome if this were addressed. I think the performance hit for either sorting or leaving the original sort order would be acceptable given how many teams are using this.
Happening to us as well. Removing this dependency for our preinstall prevents this dep re-order in npm install
I'm using npm version 8.1.2, which uses
"lockfileVersion": 2
for the package-lock.json. I notice that when runningnpx npm-force-resolutions
, the dictionary underroot -> "packages" -> ""
in the package-lock.json now has keys in a random order instead of the alphabetical order it used to have. It would be better if the items are in the same, alphabetical order so that it's easier to compare diffs. In fact, when I look at the diff view, the entire file looks like it changed, since many things moved around.