jruales
commented
2 years ago Here you can see some of the diff:
Open jruales opened 2 years ago
jruales
commented
2 years ago Here you can see some of the diff:
mwallace72
commented
2 years ago I am seeing this as well, and it's generating a lot of churn in the file.
Specifically, fresh installs (empty node_modules) of the configured project ends up with a lock file that lists the dependencies in a seemingly randomized order.
In a non-fresh install (populated node_modules), installing a new dependency with npm install results in re-sorting the dependencies correctly, and does not run the preinstall: npx npm-force-resolutions at all. If you then run npx npm-force-resolutions after, it "fixes" the sorting discrepancy (i.e. changing the order back to whatever force-resolutions is using).
magtutu
commented
2 years ago It would be really awesome if this were addressed. I think the performance hit for either sorting or leaving the original sort order would be acceptable given how many teams are using this.
joshuaeilers
commented
2 years ago Happening to us as well. Removing this dependency for our preinstall prevents this dep re-order in npm install
I'm using npm version 8.1.2, which uses
"lockfileVersion": 2for the package-lock.json. I notice that when runningnpx npm-force-resolutions, the dictionary underroot -> "packages" -> ""in the package-lock.json now has keys in a random order instead of the alphabetical order it used to have. It would be better if the items are in the same, alphabetical order so that it's easier to compare diffs. In fact, when I look at the diff view, the entire file looks like it changed, since many things moved around.