Yarn: Question: how to guide users of `npm install` to `yarn install` in development projects
Do you want to request a feature or report a bug?
Feature-ish, probably docs change
What is the current behavior?
running npm install ignores the yarn lock
If the current behavior is a bug, please provide the steps to reproduce.
What is the expected behavior?
running npm install should complain and ask the user to run yarn install
Please mention your node.js, yarn and operating system version.
nodejs 7.0.0
graingert
All 15 comments
A prepublish script could echo something to the console, but not prevent the installation from happening. prepublish won't be run on a local npm install from npm@5, though.
alexanderwallin
on 8 Nov 2016
@alexanderwallin can I get a preinstall script that won't run under yarn?
graingert
on 8 Nov 2016
We aren't planning on adding any features that disallow packages to be installed with npm. We'd be forking the ecosystem and that's not something we want to consider at this time.
sebmck
on 8 Nov 2016
@kittens I don't mean packages on npm, only for local dev.
graingert
on 8 Nov 2016
@graingert Maybe something like this would be useful to add as a dev dependency?
alexanderwallin
on 8 Nov 2016
I'd rather something with no deps...
graingert
on 8 Nov 2016
@alexanderwallin that looks like it will still run if installed as a 3rd party package
graingert
on 8 Nov 2016
Yeah, you'll see it when you first add it to the project. But since you're the one introducing it that doesn't really matter.
alexanderwallin
on 8 Nov 2016
@kittens how do you use yarn inside teams? I'm trying to come up with a workflow for our team and I don't see how that could work if I can't make sure that every dependency is modified through yarn and I can avoid making changes on package.json via npm or via manual modification. Any thoughts?
rafayepes
on 20 Feb 2017
I think you can run yarn install on CI then check if yarn.lock changed
graingert
on 20 Feb 2017
@alexanderwallin @graingert:
I've just released a module that includes a CLI to do this (useful for preinstall scripts): https://github.com/AndersDJohnson/use-yarn
Stay tuned, as I may have more ideas coming, especially around CI.
AndersDJohnson
on 6 May 2017
@alexanderwallin @graingert:
I've also just released a helper for Danger to check for missing yarn.lock changes on CI:
https://github.com/AndersDJohnson/danger-yarn-lock
AndersDJohnson
on 8 May 2017
Am I missing something? Now we have two lock files that can get out of sync with each other (it is not clear to me how to git merge the various lock files either, or what behavior we can expect when one of the lock files is behind the other). npm install takes too long to run and sometimes there is corruption between them. Yarn is cool, but with node installed, there's always A version of NPM present, we still need it for publishing and script running. It seems to me like a damn mess - but maybe I'm just not understanding.
If our team could reliably disable npm install and npm install package (because it's easy to forget and impact everyone) in favor of yarn then the workflow would be more clear.
BTW, this only works for npm install but not npm install package:
"preinstall": "node -e \"if (process.env.npm_execpath.indexOf('yarn') === -1) { console.log('\u001b[31mPlease use yarn for installing\u001b[0m'); process.exit(1); }\""
... and the error message is ugly with the full stack dump.
JasonKleban
on 9 Jan 2018
Fyi yarn automatically handles merge conflicts
On 9 Jan 2018 16:18, "JasonKleban" notifications@github.com wrote:
Am I missing something? Now we have two lock files that can get out of
sync with each other (it is not clear to me how to git merge the various
lock files either, or what behavior we can expect when one of the lock
files is behind the other). npm install takes too long to run and sometimes
there is corruption between them https://github.com/npm/npm/issues/17105.
Yarn is cool, but with node installed, there's always A version of NPM
present, we still need it for publishing and script running. It seems to me
like a damn mess - but maybe I'm just not understanding.If our team could reliably disable npm install and npm install package
(because it's easy to forget and impact everyone) in favor of yarn then
the workflow would be more clear.BTW, this only works for npm install but not npm install package:
"preinstall": "node -e \"if (process.env.npm_execpath.indexOf('yarn') === -1) { console.log('\u001b[31mPlease use yarn for installing\u001b[0m'); process.exit(1); }\""... and the error message is ugly with the full stack dump.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/yarnpkg/yarn/issues/1732#issuecomment-356333405, or mute
the thread
https://github.com/notifications/unsubscribe-auth/AAZQTLuPHNJWYLbu-jfhk_i3aioRGCatks5tI5FqgaJpZM4KsY75
.
graingert
on 9 Jan 2018
FYI, in ubuntu, preinstall script does not stop from using npm if you use npm install somepackage.
I end up using sudo mv /usr/local/bin/npm /usr/local/bin/unsafe_npm :)
nghenglim
on 8 Jul 2018
Related issues
torifat
·
3Comments
sebmck
·
3Comments
ocolot
·
3Comments
danez
·
3Comments
FLGMwt
·
3Comments
Most helpful comment
Am I missing something? Now we have two lock files that can get out of sync with each other (it is not clear to me how to git merge the various lock files either, or what behavior we can expect when one of the lock files is behind the other). npm install takes too long to run and sometimes there is corruption between them. Yarn is cool, but with node installed, there's always A version of NPM present, we still need it for publishing and script running. It seems to me like a damn mess - but maybe I'm just not understanding.
If our team could reliably disable
npm installandnpm install package(because it's easy to forget and impact everyone) in favor ofyarnthen the workflow would be more clear.BTW, this only works for
npm installbut notnpm install package:... and the error message is ugly with the full stack dump.