Npm postinstall and lerna bootstrap

[kirill-konshin]

We're using Lerna @ 3.4.0 (also tried on 3.9.1) and we have the following in package.json:

{
    "postinstall": "npm run bootstrap",
    "bootstrap": "lerna bootstrap --no-ci --hoist --loglevel warn --concurrency 4",
}

It used to work fine until yesterday.

We did not change dependencies, we even haven't committed anything to the codebase, but starting Jan 8 6:01 AM UTC we get infinite loops on bootstrap, even in old branches.

It seems that it could be related to something like #1103 (comment) but I can't figure out what has changed.

We use strict versions everywhere and on other project same setup works fine (but it has different set of underlying deps).

It begins to work properly if we rename postinstall to something else and run it manually.

Another solution is to do npm install --ignore-scripts and then do npm run postinstall.

[joetidee]

I have recently had postinstall errors when deploying to AWS Elastic Beanstalk:

  tidee-life@ postinstall /tmp/deployment/application
  lerna bootstrap
  
  lerna notice cli v3.1.1
  lerna info Bootstrapping 7 packages
  lerna info Installing external dependencies
  lerna ERR! npm install exited 1 in 'tidee-life-server'
  lerna ERR! npm install stderr:
  npm ERR! code E404
  npm ERR! 404 Not Found: tidee-life-config@1.0.0

Not sure why this is happening as all my package versions are 1.0.0 in each package.json file, which matched the dependencies definitions (which do not use the caret either ^).

[evocateur]

@kirill-konshin If you move the postinstall to prepare does the issue persist?

@joetidee That's not a postinstall error, that's a misconfigured sibling dependency. Does it succeed if you pass --force-local to your lerna bootstrap call?

[kirill-konshin]

Prepare trick DID NOT WORK.

Team has investigated, looks like the root cause is usage of non-strict lerna dependencies:

Actual issue is probably caused by this commit 944e36f#diff-f132f0ed53f33747644da180a09d15baR170

Considering that we did not change the lerna version this is a major bug to me.

Also team has figured that the following works:

-    "postinstall": "npm run bootstrap",
-    "bootstrap": "lerna bootstrap --no-ci --hoist --loglevel warn --concurrency 4",
+    "postinstall": "lerna bootstrap --no-ci --hoist --loglevel warn --concurrency 4 ",

E.g. place lerna bootstrap directly to postinstall script instead of into bootstrap script called from postinstall.

[evocateur]

If you didn't change the version of lerna, then why exactly weren't you also using a lockfile? Seems pretty odd to expect an install to stay stable over time without a lockfile.

And yes, it appears my trick of checking the npm_lifecycle_event env var for a specific match isn't sufficient when the script is a nested execution. Sorry about the hassle.

[evocateur]

v3.10.2 should resolve this.

[kirill-konshin]

We were not using lockfile because it turned out to be completely useless as we have 30+ developers working on same codebase and most of the times devs resolve conflicts inside lockfile by erasing it :) otherwise over time it was polluted with weirdness. But that's a side question...

More important one is why breaking changes sneaked in minor version update.

v3.10.2 fix confirmed.

[evocateur]

More important one is why breaking changes sneaked in minor version update.

Humans make mistakes?

[lock]

This thread has been automatically locked because there has not been any recent activity after it was closed. Please open a new issue for related bugs.