Description
Do you want to request a feature or report a bug?
Bug
What is the current behavior?
I have tested this behavior using the following versions of yarn:
- 1.5.1
- 1.6.0
- 1.9.2
I receive the following output when trying to install my dependency tagged as 0.0.1
> yarn add git+ssh://git@github.com/vinnymac/myprivaterepo.git#0.0.1
yarn add v1.9.2
[1/4] 🔍 Resolving packages...
error Can't add "myprivaterepo": invalid package version undefined.
info Visit https://yarnpkg.com/en/docs/cli/add for documentation about this command.
If I try to use other tags, such as one with characters in them or non-semver compliant tags I get a slightly different message.
> yarn add git+ssh://git@github.com/vinnymac/myprivaterepo.git#v2018.07.16
yarn add v1.9.2
[1/4] 🔍 Resolving packages...
error Can't add "myprivaterepo": invalid package version "2018.07.16".
info Visit https://yarnpkg.com/en/docs/cli/add for documentation about this command.
Trying to regenerate my yarn.lock
file results in the same message above.
If I attempt to see if yarn can list my dependency using version 1.9.2
I see this
yarn list | grep myprivaterepo
├─ myprivaterepo@2018.7.16
The lockfile shows my dependency as it was generated by 1.3.2
as the following
"myprivaterepo@git+ssh://git@github.com/vinnymac/myprivaterepo.git#v2018.07.16":
version "2018.7.16"
resolved "git+ssh://git@github.com/vinnymac/myprivaterepo.git#60f0759d54cc7ddf9d4c5d55a8de3bbb71cff9e7"
dependencies:
chalk "^2.4.1"
cors "^2.8.4"
express "^4.16.3"
http-proxy-middleware "^0.18.0"
inquirer "^5.2.0"
node-sass-utils "^1.1.2"
request "^2.87.0"
semver "^5.5.0"
underscore.string "^3.3.4"
url-regex "^4.1.1"
If the current behavior is a bug, please provide the steps to reproduce.
This is a private repository, otherwise I would share it with you. If you have access to private repositories you can try to create tags identical to the ones above, and see if it works the same for you. Maybe even adding the dependencies I do will help. If you have recommendations for what I can do to more easily create a reproduction, I am open to trying anything.
What is the expected behavior?
I have tested that the expected behavior functions properly using the following versions of yarn:
- 0.24.6
- 1.1.0
- 1.2.1
- 1.3.2
On these versions of yarn, it finds the package version and installs the dependencies as I would expect. The dependency is added to my yarn.lock
file and I currently am using 1.3.2
until I find another version that suites my needs.
Please mention your node.js, yarn and operating system version.
System Details
NodeJS - v8.11.1 (I've tested v7 and v6 as well)
Yarn - v1.9.2
macOS - 10.13.6
I have been able to reproduce this on more than one machine, I attempted 5 different machines, all were running 10.13 variants.
If this is a duplicate issue, I apologize as I tried to search through and see if anyone had anything similar posted, but could not find one.
Activity
rally25rs commentedon Aug 1, 2018
I think the "version" it is complaining about is from
package.json
. Does your repo contain apackage.json
that has theversion
field?vinnymac commentedon Aug 1, 2018
@rally25rs looks like that is indeed what it is referring to.
For tag
0.0.1
my version is missing from the package.json, so that explains theundefined
.For tag
v2018.07.16
my version in package.json isWhy does it say that
2018.07.16
is an invalid package version?Do the tags and version need to be identical for yarn to function properly?
I can attempt that and see what happens.
EDIT:
So it looks like they don't need to be identical, but they have to be semver? I tried
and it installed version
myprivaterepo@0.8.0
where the package.json version was0.8.0
using v1.9.2 of yarn.rally25rs commentedon Aug 1, 2018
Ah, so it looks like official semver doesn't consider
07
to be valid.According to npm's semver package:
This is what is leading to the message
vinnymac commentedon Aug 1, 2018
I think the following improvements could be made to yarn in that case.
0.0.1
it could have instead saidcould not find field 'version' in package.json
, which is much clearer in my opinion.As a side note this appears to be related to npm/node-semver#232
lieutenantken commentedon Jun 8, 2020
@vinnymac You are a god or at least a lower deity for discovering that package.json requirement for version! THANK YOU
ltfschoen commentedon Jun 29, 2020
I'm using yarn v1.22.4.
I tried to modify a dependency of my repo here https://github.com/DataHighway-DHX/faucet/blob/master/package.json#L21 to be a branch of another Github repo by changing it to
"@truffle/hdwallet-provider": "git://github.com/ltfschoen/truffle.git#14.0.6", and alternative I also tried running
yarn add git://github.com/ltfschoen/truffle.git#14.0.6. I tried replacing
#14.0.6with
#v14.0.6and
masterand
develop` (branches), but all return output:But if I then run instead
yarn add git://github.com/ltfschoen/truffle.git#refs/tags/@truffle/hdwallet-provider@1.0.36
, it fails with the same error.Note that @truffle/hdwallet-provider is a package within the https://github.com/ltfschoen/truffle repository (i.e. https://github.com/ltfschoen/truffle/blob/develop/packages/hdwallet-provider/package.json)
augnustin commentedon Mar 23, 2021
Fixed this issue by adding
#master
at the end of the git URL.yaizudamashii commentedon Jul 26, 2021
I see this issue with valid semver
"google-caja-bower": "https://github.com/acburdine/google-caja-bower#ghost",
and the project's
package.json
's version is"6011.0.0"
rally25rs commentedon Jul 26, 2021
@yaizudamashii I do not get an error when using that github reference as a dependency.
rally25rs commentedon Jul 26, 2021
Closing this issue as the original cause was found to be a missing
version
inpackage.json
, or aversion
whose value is not valid according to thesemver
library.felicio commentedon Feb 17, 2023
@ltfschoen please, were you able to resolve your use case? In my case,
yarn@1.22.19
throws for a package which repository is a forked monorepo. Usingnpm@8.19.2
works fine.