70

This is the issue that I am facing when running the command npm ci to install dependencies in my GitHub Action file.

I am working on an expo managed app and using GitHub Actions as a CI for triggering builds whenever I push my code to developmemt branch.

Here's my build script:

name: EAS PIPELINE
on:
  push:
    branches:
      - development
  workflow_dispatch:

jobs:
  build:
    name: Install and build
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        with:
          persist-credentials: false

      - name: Setup Node.js
        uses: actions/setup-node@v1
        with:
          node-version: 14.x

      - name: Setup Expo
        uses: expo/expo-github-action@v6
        with:
          expo-version: 4.x
          token: ${{ secrets.EXPO_TOKEN }}
          expo-cache: true

      - name: Install dependencies
        run: npm ci

      - name: Build on EAS
        run: EAS_BUILD_AUTOCOMMIT=${{1}} npx eas-cli build --platform all --non-interactive

Here's the issue that I am facing Install dependencies step.

Run npm ci
  npm ci
  shell: /usr/bin/bash -e {0}
  env:
    EXPO_TOKEN: ***
npm ERR! cipm can only install packages with an existing package-lock.json or npm-shrinkwrap.json with lockfileVersion >= 1. Run an install with npm@5 or later to generate it, then try again.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/runner/.npm/_logs/2021-10-28T15_16_06_934Z-debug.log
Error: Process completed with exit code 1.
sakshya73
  • 5,570
  • 5
  • 22
  • 41

17 Answers17

40

After a lot of research, I was able to figure out that this happens when you are not using npm install for installing dependencies. In my case, I was only using yarn for the dependencies so I was only having yarn.lock file and no package-lock.json file.

  • One way to resolve this was using npm install to install the dependencies, then you'll have a package-lock.json file and CI won't throw any error.

  • And the other way if you only want to use yarn, then you need to update that step in your eas-pipeline.yml file for installing the dependencies.

*****************************************************************************************

      - name: Install dependencies
        run: |
          if [ -e yarn.lock ]; then
          yarn install --frozen-lockfile
          elif [ -e package-lock.json ]; then
          npm ci
          else
          npm i
          fi

***************************************************************************************

As I wasn't able to find any solution on StackOverflow and it is our first go-to place to look for any issue. So, I decided to write this answer here.

Here's the original answer: https://github.com/facebook/docusaurus/issues/2846#issuecomment-691706184

josue.0
  • 775
  • 1
  • 10
  • 23
sakshya73
  • 5,570
  • 5
  • 22
  • 41
  • 5
    Unless you want to write some generic install script that works in multiple scenarios, you probably want to stick with either `yarn` or `npm` but not mix the two. If you use `npm install` locally, use `yarn install --frozen-lockfile` in CI. – rethab Nov 16 '21 at 07:36
36

I had a similar error:

`npm ci` can only install packages when your package.json and package-lock.json or npm-shrinkwrap.json are in sync. Please update your lock file with `npm install` before continuing.

with a bunch of missing dependency names following this error.

I would run npm ci locally and it would run successfully. However, it would give me the error above when npm ci is run in the CI pipeline and in my case it was because of the version difference of the Node.js installed in the environment that Jenkins pipeline is running in.

My local Node version was 16.x and in Jenkins container it was 12.x.

Upgrading it fixed.

Dave Mackey
  • 4,306
  • 21
  • 78
  • 136
dugong
  • 3,690
  • 4
  • 11
  • 27
  • 2
    We had the same thing happen. I'm theorizing a new version of `npm` is being a little stricter on how it checks compatibility. We're using `overrides`, and some of our developers didn't have a version of npm that respects the `overrides` in package.json. – StriplingWarrior Apr 13 '22 at 22:08
  • 1
    Had the same thing too. Something between npm version 8 and 8.5 seemed to be breaking the build in the same way as you in GitHub Actions. In my case specifying `node-version: '17.9.0'` which uses npm 8.5.5 to the workflow fixed it. Thank you for the heads up. – user115014 Jun 16 '22 at 15:31
  • 1
    The same thing happened here, I had 16.3.2, and CI was 16 :shrug: – ncubica Aug 08 '22 at 05:24
  • Downgrading my node js version to 16.0.0 worked for me – Rex Omiv Sep 22 '22 at 01:44
  • Similar story for me. I had node 16.14..0 and npm 8.3.1 in my development environment, where I ran `npm install`. The CI box had node 16.17.1 and npm 8.15.0 installed. So something has changed in npm between 8.3 and 8.15. I upgraded my development environment to be the same version as the CI environment and it built successfully. – John Jeffery Oct 09 '22 at 00:47
  • I experienced a similar issue as well. My local setup was using npm version ~7.18.1 while the CI pipeline uses an higher version. Forcing the CI pipeline to use npm 7.18.1 fixed the problem. – sdkcodes Jan 25 '23 at 19:17
24

This same thing happened to me, and I couldn't figure it out for the longest time. It turns out that I had legacy-peer-deps=true set globally, and I had no idea.

This caused my npm install command to alter the package-lock.json in a way that broke the build on our CI server. I reset package-lock.json with the version from master, removed that npm config, and reinstalled. Everything worked fine after that.

Spencer Mefford
  • 324
  • 2
  • 3
  • For what it's worth this was the issue that was the cause for me and my team. Removing or disabling the `legacy-peer-deps` setting made my local like CI. Thanks Spencer – Zander Oct 11 '22 at 08:46
  • 4
    Thanks this was my issue. I had `legacy-peer-deps=true` in my `.npmrc` file. – Andrew Winter Nov 09 '22 at 04:43
  • I wasted hours searching for the cause of my error only to find this. You're a life saver! More like a time saver! haha. Thank you! – Xander Selorm Nov 17 '22 at 13:42
  • Unfortunately I didn't find this before solving on my own. For what it's worth, the same is true for any other npm settings, they have to be identical. – liakoyras Jul 04 '23 at 10:17
16

It looks like your package.json and package-lock.json is not synced.

Try to run this npm install --package-lock-only. It will generate package-lock.json that is synced on your package.json

Drew Calupe
  • 161
  • 1
  • 2
  • Ensuring the package.json and package-lock.json are synced is the simplest solution here so, while it might not work for everyone, this is what I would try first. I deleted my package-lock.json and then did npm install and after that npm ci worked fine. – Robert Bracco Jul 28 '23 at 12:42
12

Old post, but I found this while searching for this same error. In my case I did have a package-lock.json file in my root directory. However, when opening it, I realized that there was a JSON syntax error that slipped in during a previous merge conflict. After running npm i again the file was fixed. The npm ERR! The 'npm ci' command can only install with an existing package-lock.json wasn't a super helpful error in that case.

DJ House
  • 1,307
  • 1
  • 11
  • 14
  • 1
    Agreed, just experienced this. It would be better if `npm` warned of a detected `package-lock.json` that is unparseable. – Nabil Freeman Jun 26 '23 at 13:23
7

I struggled for about 5 hours with AWS Amplify because apparently my package-lock.json and package.json were not synced up; nothing I did with my own code fixed the issue (even deleting the package-lock.json), what ended up working was changing my preBuild settings inside of the App build specification inside the Build Settings tab of the Amplify page.

My yml file ended up looking like this:

version: 1
frontend:
  phases:
    preBuild:
      commands:
        - npm install --package-lock-only
        - npm ci
    build:
      commands:
        - npm run build
  artifacts:
    baseDirectory: build
    files:
      - '**/*'
  cache:
    paths:
      - node_modules/**/*

noteably the only difference from the default is including -npm install --package-lock-only to sync up the files inside AWS. Maybe a bit obvious, but I got stuck on it for a few hours and hope I can help someone out down the line.

Nathaniel Koehler
  • 71
  • 1
  • 1
3

For the people who has this issue on AWS Amplify. You might have to run npm install and commit the package-lock.json file, then deploy again.

Milton Rincon
  • 86
  • 1
  • 6
3

After battling with this issue for about 2 days, It's finally deploying successfully to Firebase Functions after deleting package-lock.json from both the src and src/functions folders.

FiringBlanks
  • 1,998
  • 4
  • 32
  • 48
2

If you're using pnpm, you install node dependencies via this step:

      - name: Install Node.js dependencies
        run: |
          npm i -g pnpm
          pnpm i
Eric
  • 22,183
  • 20
  • 145
  • 196
2

This occurred because the package lock file was not generated with npm, despite the fact that the npm ci requires npm to install the packages. And because npm requires package-lock.json, we get this error. To fix this error for GitHub actions, this what I did:

    - run: yarn install --frozen-lockfile
    - run: yarn lint
    - run: yarn test:ci

Commit diff:

enter image description here

just-be-weird
  • 1,242
  • 9
  • 7
1

In my case, I had this error with npm ci while using Yarn. I eventually figured out the version of Node I was using wasn't supported. I did the following:

  • node -v to confirm my node version (18.0.1)
  • nvm use 16.13.0
  • Delete the node_modules directory
  • Delete yarn.lock
  • Run yarn
  • Run yard add + package names

After this, the error no longer occurred and the app deployed correctly.

Noble Polygon
  • 796
  • 11
  • 36
0

deleting deploy.json helped me, since the token is updated when overwritten

rm ~/.config/configstore/@vkontakte/vk-miniapps-deploy.json

but I have other services

milenao
  • 707
  • 1
  • 6
  • 8
0

This happens sometimes because of the version difference of the Node.js installed in the environment that the pipeline is running in. To fixe this, I ran: $ firebase init hosting:github then type Y to set up workflow when asked to. finally, add "npm i" as one of the scripts to run before deploying like this: npm i && npm ci && npm run build

CEugene
  • 1
  • 1
0

I was using npm package manager and migrated to yarn package manager removing package-lock.json file.

I had this configuration in my .circleci/config.yml file

- node/install-packages

changed to

- node/install-packages:
          pkg-manager: yarn
cristian.nieto.dev
  • 154
  • 1
  • 3
  • Not really a solution for "making npm work" – sean Aug 03 '22 at 12:44
  • you are right the solution is not to make npm work but I saw a similar error message when I migrated my project from npm to yarn that is why I thought it was important adding this comment here – cristian.nieto.dev Aug 18 '22 at 17:51
0

In my case the problem were some 'extraneous' packages, concretely local path dependencies. After removing them from package.json the problem was solved.

I got the error message while running npm install instead of npm ci.

Tobias Ernst
  • 4,214
  • 1
  • 32
  • 30
0

On package.json I change this :

"overrides": {
    "trim-newlines": "^3.0.1"
 },

to : `

"overrides": {
    "trim-newlines": "^1.0.0"
  }

`

That Work for me successfully.

Adil Akothiat
  • 69
  • 5
-1

I had a similar problem deploying to heroku. I simply deleted the existing package-lock.json file and then ran

    npm install

Merging the new lock file fixed the deploy.

fizban
  • 53
  • 6