[BUG] Running `npm ci` doesn't fail when package.json#version has changed
jrieken opened this issue · comments
Is there an existing issue for this?
- I have searched the existing issues
This issue exists in the latest npm version
- I am using the latest npm
Current Behavior
npm ci
doesn't fail when the version-property only in package.json
changes
Expected Behavior
I would expect that npm ci
errors because the version properties aren't in sync anymore.
Steps To Reproduce
- Have
package.json
andpackage-lock.json
that are properly in-sync - bump the version-property inside
package.json
- run
npm ci
Environment
- npm: 9.6.7
- Node.js: 18.17.0
- OS Name: macOS
As far as I know, it would only error out if the dependencies don't match or out of sync, otherwise it will go through just fine.
Can you please provide if you have the npm version where it throws the error when version is mismatched in package.json and package-lock.json, so that this behaviour can be traced.
https://docs.npmjs.com/cli/v9/commands/npm-ci#description
The purpose for this check in npm ci
is to see if dependencies were edited manually or by other way than commands like npm install
. The version field in package file does not affect the dependency tree therefor it does not fail.