Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
Create a package that depends on chevrotain ^11 (not the latest v12), bundles dependencies, and overrrides lodash-es.
{
"name": "test",
"dependencies": {
"chevrotain": "^11.2.0"
},
"bundledDependencies": true,
"overrides": {
"lodash-es": "^4.18"
}
}npm install runs indefinitely, printing the same log lines repeatedly.:
$ npm install --loglevel silly
npm silly placeDep ROOT lodash-es@4.18.1 REPLACE for: @chevrotain/cst-dts-gen@11.2.0 want: 4.18
npm silly placeDep ROOT lodash-es@4.18.1 REPLACE for: @chevrotain/gast@11.2.0 want: 4.18
npm silly placeDep ROOT lodash-es@4.18.1 REPLACE for: @chevrotain/cst-dts-gen@11.2.0 want: 4.18
npm silly placeDep ROOT lodash-es@4.18.1 REPLACE for: @chevrotain/gast@11.2.0 want: 4.18
npm silly placeDep ROOT lodash-es@4.18.1 REPLACE for: @chevrotain/cst-dts-gen@11.2.0 want: 4.18
Expected Behavior
I expect npm to override chevrotain's lodash-es depednency, and produce a tarball that bundles the overridden version. The bundled version should satisfy dependency when installed, or this should create an explicit error if overriding bundled dependencies are not allowed (I know that overrides are normally not applied when the package is installed as a dependency, so it seems reasonable that you cannot override bundled dependencies)
Steps To Reproduce
- npm 11.12.1, node 24.14.1, Ubuntu
- package.json depending on chevrotain, bundledDependencies, and an lodash-es override.
- Run 'npm install`
- See infinte loop
Environment
- npm: 11.12.1
- Node.js: 24.14.1
- OS Name: Ubuntu
- System Model Name: Lenovo
- npm config:
; node bin location = ~/.local/share/mise/installs/node/24.14.1/bin/node
; node version = v24.14.1
; npm local prefix =~/github/test
; npm version = 11.12.1
; cwd = ~/github/test
; HOME = ~
; Run `npm config ls -l` to show all defaults.
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
Create a package that depends on chevrotain ^11 (not the latest v12), bundles dependencies, and overrrides lodash-es.
{ "name": "test", "dependencies": { "chevrotain": "^11.2.0" }, "bundledDependencies": true, "overrides": { "lodash-es": "^4.18" } }npm install runs indefinitely, printing the same log lines repeatedly.:
Expected Behavior
I expect npm to override chevrotain's lodash-es depednency, and produce a tarball that bundles the overridden version. The bundled version should satisfy dependency when installed, or this should create an explicit error if overriding bundled dependencies are not allowed (I know that overrides are normally not applied when the package is installed as a dependency, so it seems reasonable that you cannot override bundled dependencies)
Steps To Reproduce
Environment