xlsx-cli dependency on xlsx archive breaks package-lock.json #2830
Labels
No Label
DBF
Dates
Defined Names
Features
Formula
HTML
Images
Infrastructure
Integration
International
ODS
Operations
Performance
PivotTables
Pro
Protection
Read Bug
SSF
SYLK
Style
Write Bug
good first issue
No Milestone
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: sheetjs/sheetjs#2830
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
The way xlsx-cli defines its depdency on xlsx (by referring to an archive whose contents changes) breaks npm installs that have package-lock.jsons.
515d1c6f2e/packages/xlsx-cli/package.json (L27)
This is how a section in package-lock looks like created by "npm install xlsx-cli":
And this is the error I see in recent nightly integration runs trying to run npm install:
Supposedly xlsx-latest.tgz was updated recently.
npm inc froze the publishing accounts, so for all intents and purposes
xlsx-cli
is stuck.There are a few ways to work around the problem:
A) if you are installing in a project, use a
package.json
override:This override forces npm to use the pinned version tarball (with the same shasum as the latest tarball from a few days ago)
B) make a standalone binary (https://docs.sheetjs.com/docs/demos/cli#nodejs)
C) integrate the script directly (https://git.sheetjs.com/sheetjs/sheetjs/src/branch/master/packages/xlsx-cli source tree)