Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

npm install is installing old version #1492

Open
robross0606 opened this issue Dec 16, 2024 · 3 comments
Open

npm install is installing old version #1492

robross0606 opened this issue Dec 16, 2024 · 3 comments

Comments

@robross0606
Copy link

Using npm install -g @cyclonedx/cdxgen is installing version 9.11.6 of cdxgen instead of newer versions like 10 or 11.

> npm install -g @cyclonedx/cdxgen
npm warn deprecated @npmcli/move-file@1.1.2: This functionality has been moved to @npmcli/fs
npm warn deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm warn deprecated read-package-json@7.0.1: This package is no longer supported. Please use @npmcli/package-json instead.
npm warn deprecated npmlog@7.0.1: This package is no longer supported.
npm warn deprecated npmlog@6.0.2: This package is no longer supported.
npm warn deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm warn deprecated are-we-there-yet@4.0.2: This package is no longer supported.
npm warn deprecated are-we-there-yet@3.0.1: This package is no longer supported.
npm warn deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm warn deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm warn deprecated boolean@3.2.0: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm warn deprecated gauge@5.0.2: This package is no longer supported.
npm warn deprecated gauge@4.0.4: This package is no longer supported.

> cdxgen --version
9.11.6

> npm view @cyclonedx/cdxgen versions
  '8.0.0',   '8.0.1',   '8.0.2',   '8.0.3',   '8.0.4',   '8.0.5',   '8.0.6',
  '8.1.0',   '8.1.1',   '8.1.2',   '8.1.3',   '8.1.4',   '8.1.5',   '8.1.6',
  '8.1.7',   '8.1.8',   '8.1.9',   '8.2.0',   '8.2.1',   '8.2.2',   '8.2.3',
  '8.2.4',   '8.3.0',   '8.3.1',   '8.3.2',   '8.3.3',   '8.4.0',   '8.4.1',
  '8.4.2',   '8.4.3',   '8.4.6',   '8.4.7',   '8.4.8',   '8.4.9',   '8.4.10',
  '8.4.11',  '8.4.12',  '8.4.13',  '8.5.0',   '8.5.1',   '8.5.2',   '8.5.3',
  '8.6.0',   '8.6.1',   '8.6.2',   '8.6.3',   '9.0.0',   '9.0.1',   '9.1.0',
  '9.1.1',   '9.2.0',   '9.2.1',   '9.2.2',   '9.3.0',   '9.3.1',   '9.3.2',
  '9.4.0',   '9.5.0',   '9.6.0',   '9.6.1',   '9.7.0',   '9.7.1',   '9.7.3',
  '9.7.5',   '9.8.0',   '9.8.1',   '9.8.2',   '9.8.3',   '9.8.4',   '9.8.5',
  '9.8.6',   '9.8.7',   '9.8.8',   '9.8.9',   '9.8.10',  '9.9.0',   '9.9.1',
  '9.9.2',   '9.9.3',   '9.9.4',   '9.9.5',   '9.9.6',   '9.9.7',   '9.9.8',
  '9.9.9',   '9.10.0',  '9.10.1',  '9.10.2',  '9.11.0',  '9.11.1',  '9.11.2',
  '9.11.3',  '9.11.4',  '9.11.5',  '9.11.6',  '10.0.0',  '10.0.1',  '10.0.2',
  '10.0.3',  '10.0.4',  '10.0.5',  '10.0.6',  '10.1.0',  '10.1.1',  '10.1.2',
  '10.1.3',  '10.2.1',  '10.2.2',  '10.2.3',  '10.2.4',  '10.2.5',  '10.2.6',
  '10.3.0',  '10.3.1',  '10.3.2',  '10.3.3',  '10.3.4',  '10.3.5',  '10.4.0',
  '10.4.1',  '10.4.2',  '10.4.3',  '10.5.0',  '10.5.1',  '10.5.2',  '10.6.1',
  '10.6.2',  '10.7.0',  '10.7.1',  '10.8.0',  '10.8.1',  '10.8.2',  '10.8.3',
  '10.8.4',  '10.8.5',  '10.8.6',  '10.8.7',  '10.8.8',  '10.8.9',  '10.9.0',
  '10.9.1',  '10.9.2',  '10.9.3',  '10.9.4',  '10.9.5',  '10.9.6',  '10.9.7',
  '10.9.8',  '10.9.9',  '10.9.10', '10.9.11', '10.10.0', '10.10.1', '10.10.2',
  '10.10.3', '10.10.4', '10.10.5', '10.10.6', '10.10.7', '10.11.0', '11.0.0',
  '11.0.1',  '11.0.2',  '11.0.3',  '11.0.4',  '11.0.5',  '11.0.6',  '11.0.7'

Clearly npm sees the newer versions are available, but does not consider them to be the newest available version.

@robross0606
Copy link
Author

robross0606 commented Dec 16, 2024

Using npm install -g @cyclonedx/cdxgen@11 installs the latest version:

> npm install -g @cyclonedx/cdxgen@11
> cdxgen --version
11.0.7

@prabhu
Copy link
Collaborator

prabhu commented Dec 16, 2024

I am unable to reproduce this locally. It always installs 11.0.7 for me.

@rajivshah3
Copy link

I was seeing the same behavior and realized I was on Node 18 and NPM 10.8.2. Did updating NPM to 11.0.0 (requires Node 20 or later) fix the issue for you after re-running npm install -g @cyclonedx/cdxgen?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants