Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow to set a custom npm version with npm_version option #213

Open
robertsLando opened this issue Nov 18, 2020 · 33 comments
Open

Allow to set a custom npm version with npm_version option #213

robertsLando opened this issue Nov 18, 2020 · 33 comments
Labels
feature request New feature or request to improve the current logic

Comments

@robertsLando
Copy link

Is there a way to setup the action to use npm 7?

What about npm_version: 7 like actually it's done for node_version?

@maxim-lobanov
Copy link
Contributor

Hello!
npm is integrated to Node.JS.
NPM 7.x is integrated to Node.JS 15.x. If you specify Node.JS 15.x, NPM 7 will be selected. See details on https://nodejs.org/en/download/releases/

If you need npm 7 for previous versions of Node.JS, please consider upgrading it in runtime via npm install -g npm@latest

@robertsLando
Copy link
Author

@maxim-lobanov Would it be possible to make it configurable like I suggested by using an option? It would allow to easily use matrix too

josephfrazier added a commit to josephfrazier/xregexp that referenced this issue Dec 8, 2020
@smorimoto
Copy link

Is it not enough to add npm_version to the matrix and manipulate the workflow? I don't think it's a good idea to add more input than necessary.

@mendrik
Copy link

mendrik commented Dec 28, 2020

npm publish doesn't work with node 15.x in github actions:

npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`

when I downgrade to node 12 it works again

@dmitry-shibanov
Copy link
Contributor

Hello @mendrik , the issue with publishing is caused by updating npm to 7th version in node 15. The first minor and patch version of npm 7th had the issue with _auth. It was fixed in next versions. You can use npm with node 12th or upgrade npm to the latest one npm install -g npm@latest

@Fryuni
Copy link

Fryuni commented Jan 15, 2021

It seems setting node-version: 15 now gets a release with the proper fix. It is working without having to update npm

@vinayakkulkarni
Copy link

Just like we have an option to use node versions, we should also have an option to choose npm versions

@fcastilloec
Copy link

Using npm install -g npm@latest with Github Actions gives errors regarding write-access permissions. Installing locally npm i npm@latest will change the repository and mess up any actions that depend on a clean git repo. Any ideas on how to fix this? How can I use npm@7 with node@14? Using node@15 is not an option, sorry...

@smorimoto
Copy link

What about doing with sudo?

@fcastilloec
Copy link

fcastilloec commented Mar 10, 2021

@smorimoto I don't know why I didn't think about it! So, running sudo i -g npm@latest after setup-node action does nothing...
Here's part of the log (can't provide a link to the full log because it's a private repo):

2021-03-10T18:20:25.6852244Z ##[group]Run sudo npm i -g npm@latest
2021-03-10T18:20:25.6852862Z sudo npm i -g npm@latest
2021-03-10T18:20:25.6906055Z shell: /usr/bin/bash -e {0}
2021-03-10T18:20:25.6906509Z env:
2021-03-10T18:20:25.6906931Z   node-version: 14
2021-03-10T18:20:25.6907390Z ##[endgroup]
2021-03-10T18:20:37.6677894Z /usr/local/bin/npm -> /usr/local/lib/node_modules/npm/bin/npm-cli.js
2021-03-10T18:20:37.6683622Z /usr/local/bin/npx -> /usr/local/lib/node_modules/npm/bin/npx-cli.js
2021-03-10T18:20:37.7550998Z + npm@7.6.2
2021-03-10T18:20:37.7552906Z added 59 packages from 24 contributors, removed 241 packages and updated 194 packages in 10.209s
2021-03-10T18:20:37.7743170Z ##[group]Run echo npm version "$(npm --version)"
2021-03-10T18:20:37.7743827Z echo npm version "$(npm --version)"
2021-03-10T18:20:37.7744307Z echo node version "$(node --version)"
2021-03-10T18:20:37.7790961Z shell: /usr/bin/bash -e {0}
2021-03-10T18:20:37.7791313Z env:
2021-03-10T18:20:37.7791661Z   node-version: 14
2021-03-10T18:20:37.7792014Z ##[endgroup]
2021-03-10T18:20:38.3912711Z npm version 6.14.11
2021-03-10T18:20:38.3966163Z node version v14.16.0

You can see that after updating npm to version 7, GitHub Actions still uses version 6. Any ideas what to do?

I've never had to use sudo before when working with nvm. I'm wondering if updating npm with sudo did it for the system installed version and not the one used by nvm? In order to update the nvm one, we might need to run the command without sudo but that gives us errors about writing permissions...

SOLUTION: After some trial and error, I figure it out. Updating npm before using this action requires sudo but updating it after using this action doesn't require sudo. As I suspected, when running the command with sudo the system version gets updated, not the one use by this action. So for anybody having the same problem as me, make sure you update npm AFTER running this action and without using sudo

@smorimoto
Copy link

I suspect that the path priority is wrong. The following command should tell you the order, but it probably shows the one installed by the action at the top.

which --all npm

If it's true, you need to change the priority, but it can be a little tricky. For example, create a new directory, create a symbolic link to npm, and add it to the path through the Actions command.

@smorimoto
Copy link

SOLUTION: After some trial and error, I figure it out. Updating npm before using this action requires sudo but updating it after using this action doesn't require sudo. As I suspected, when running the command with sudo the system version gets updated, not the one use by this action. So for anybody having the same problem as me, make sure you update npm AFTER running this action and without using sudo

Oh, it's good.

rdipardo added a commit to clean-jsdoc/clean-jsdoc that referenced this issue Mar 29, 2021
davwheat added a commit to flarum/framework that referenced this issue Apr 3, 2021
davwheat added a commit to flarum/framework that referenced this issue Apr 8, 2021
davwheat added a commit to flarum/framework that referenced this issue Apr 10, 2021
* Add option to build with webpack bundle analyzer

* Bump npm to v7 as recommended in actions/setup-node#213

* Workaround for npm/cli#558

* Add missing dep
@stereobooster
Copy link

stereobooster commented May 6, 2021

Run npm install -g npm@7.11.2
npm ERR! code E404
npm ERR! 404 Not Found - GET https://npm-proxy.fury.io/***/***/npm - bad_request
npm ERR! 404 
npm ERR! 404  'npm@7.11.2' is not in the npm registry.

Solution

    - name: npm 7
      run: npm i -g npm@7 --registry=https://registry.npmjs.org

jaydenseric added a commit to jaydenseric/audit-age that referenced this issue Jun 4, 2021
Fixes #3 .

This package now supports npm v7+. While Node.js v12 and v14 should be supported (with npm updated to v7+), this isn’t easy to test in GitHub Actions CI as actions/setup-node@v2 doesn’t allow the npm version to be configured, see: actions/setup-node#213 .
@ssbarnea
Copy link

I hope to soon see an option to pass npm-version: latest to address this and avoid having to add extra steps to our already complex pipelines. An option like this makes sense, especially as npm is included with node but can be safely upgraded without breaking node. Some recent changes to npm makes the need to upgrade it.... quite likely.

@dcousineau-godaddy
Copy link

With the most recent addition of setting up caching automatically in setup-node I'm rethinking my position of managing npm, especially since the cache should be variable to the version of npm

We've recently hit this issue. The npm i -g npm@8 run on one major branch/pr was being picked up by subsequent runs of unrelated branches expecting npm@6 due to the cache, so definitely some stateful leakage across runs. While I understand why, it was bit of a tripping hazard. We will likely roll out npm i -g npm@x across all workflows and all branches as an extra guard layer, but including npm_version at least as a cache-key bust would be a nice value add. Now to see if we have the time/resources to contribute 🤔

@dmitry-shibanov dmitry-shibanov added the feature request New feature or request to improve the current logic label Dec 13, 2021
@abdulghani
Copy link

abdulghani commented Jan 22, 2022

thanks @fcastilloec
as the time writing this. using ubuntu-latest to update npm to latest, require to update without sudo and calling it after setting up node actions/setup-node@v2. the full sample script is like so

  install_dependencies:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-node@v2
        with:
          node-version: 14.x
      - name: cache node_modules
        uses: actions/cache@v2
        with:
          key: ${{ runner.os }}-${{ hashFiles('**/package-lock.json') }}
          path: |
            node_modules
      - name: install latest npm
        run: |
          npm install -g npm &&
          npm --version &&
          npm list -g --depth 0
      - name: install dependencies
        run: |
          npm ci

output

Run npm install -g npm &&
  npm install -g npm &&
  npm --version &&
  npm list -g --depth 0
  shell: /bin/bash -e {0}
/Users/runner/hostedtoolcache/node/14.18.3/x64/bin/npm -> /Users/runner/hostedtoolcache/node/14.18.3/x64/lib/node_modules/npm/bin/npm-cli.js
/Users/runner/hostedtoolcache/node/14.18.3/x64/bin/npx -> /Users/runner/hostedtoolcache/node/14.18.3/x64/lib/node_modules/npm/bin/npx-cli.js
+ npm@8.3.2
added 67 packages from 17 contributors, removed 290 packages and updated 147 packages in 11.682s
8.3.2
/Users/runner/hostedtoolcache/node/14.18.3/x64/lib
└── npm@8.3.2

ladytrekker added a commit to KlimaDAO/klimadao that referenced this issue Mar 1, 2022
See for installing the correct npm version:
actions/setup-node#213 (comment)
ladytrekker added a commit to KlimaDAO/klimadao that referenced this issue Mar 1, 2022
See for installing the correct npm version:
actions/setup-node#213 (comment)
ladytrekker added a commit to KlimaDAO/klimadao that referenced this issue Mar 1, 2022
See for installing the correct npm version:
actions/setup-node#213 (comment)
@ThisIsMissEm
Copy link

I'm also noticing that potentially our npm installs in CI are passing but in local checkouts failing due to differences in peerDep algorithms between npm 8 and prior versions which shipped with LTS versions of node. I'd definitely be in favour of a npm_version: latest | bundled which if latest does an npm install -g npm@latest or similar.

@ghost ghost mentioned this issue Jun 27, 2022
masakudamatsu added a commit to masakudamatsu/mima that referenced this issue Sep 25, 2022
The `package-lock.json` is now created with NPM 7 (`lockfileVersion@2). The `setup-node@v2` uses NPM 7 only if `node-version` is set to be `15` (source: actions/setup-node#213)
masakudamatsu added a commit to masakudamatsu/mima that referenced this issue Sep 25, 2022
The `package-lock.json` is now created with NPM 7 (`lockfileVersion@2). The `setup-node@v2` uses NPM 7 only if `node-version` is set to be `15` (source: actions/setup-node#213)
masakudamatsu added a commit to masakudamatsu/mima that referenced this issue Sep 25, 2022
The `package-lock.json` is now created with NPM 7 (`lockfileVersion@2). The `setup-node@v2` uses NPM 7 only if `node-version` is set to be `15` (source: actions/setup-node#213)
arvinxx added a commit to arvinxx/gitmoji-commit-workflow that referenced this issue Dec 24, 2022
deining pushed a commit to deining/setup-node that referenced this issue Nov 9, 2023
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.26.0 to 4.26.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.26.1/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@fregante
Copy link

fregante commented Feb 8, 2024

Can this issue be renamed to drop the mention of npm 7 specifically? Otherwise it looks outdated at a first look since we're on npm 10 now.

@robertsLando robertsLando changed the title npm_version for npm 7 support npm_version for npm custom version support Feb 8, 2024
@robertsLando robertsLando changed the title npm_version for npm custom version support Allow to set a custom npm version with npm_version option Feb 8, 2024
@robertsLando
Copy link
Author

@fregante Done

@nickserv
Copy link

nickserv commented Feb 9, 2024

Note that Node is considering removing npm and having corepack install it, which would make this unnecessary if corepack was implemented.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature request New feature or request to improve the current logic
Projects
None yet
Development

No branches or pull requests