generatePackageJson is missing packages

[jneal-afs]

Current Behavior

Some dependencies are missing from the generated package.json file.

Expected Behavior

All dependencies used by the project should be included in the generated package.json file.

Github Repo

No response

Steps to Reproduce

1. Use generatePackageJson: true in 15.3.2+

Nx Report

Node : 16.18.0
   OS   : darwin arm64
   npm  : 8.19.2
   
   nx : 15.4.2
   @nrwl/angular : 15.4.2
   @nrwl/cypress : 15.4.2
   @nrwl/detox : Not Found
   @nrwl/devkit : 15.4.2
   @nrwl/esbuild : 15.4.2
   @nrwl/eslint-plugin-nx : 15.4.2
   @nrwl/expo : Not Found
   @nrwl/express : 15.4.2
   @nrwl/jest : 15.4.2
   @nrwl/js : 15.4.2
   @nrwl/linter : 15.4.2
   @nrwl/nest : 15.4.2
   @nrwl/next : Not Found
   @nrwl/node : 15.4.2
   @nrwl/nx-cloud : 15.0.2
   @nrwl/nx-plugin : Not Found
   @nrwl/react : Not Found
   @nrwl/react-native : Not Found
   @nrwl/rollup : Not Found
   @nrwl/schematics : Not Found
   @nrwl/storybook : Not Found
   @nrwl/web : Not Found
   @nrwl/webpack : 15.4.2
   @nrwl/workspace : 15.4.2
   @nrwl/vite : Not Found
   typescript : 4.8.4
   ---------------------------------------
   Local workspace plugins:
   ---------------------------------------
   Community plugins:
   	 @compodoc/compodoc: 1.1.19
   	 @trumbitta/nx-plugin-unused-deps: 1.12.1

Failure Logs

Error: Cannot find module '@nestjs/common'

Additional Information

We recently upgraded to Nx 15.4.2 and started having issues with all of our API projects suddenly missing dependencies. I began slowly rolling back one minor version a time until suddenly it started working at 15.3.0. I then stepped forward patch versions and saw it immediately broke at 15.3.2. Comparing the diff between 15.3.2 and 15.3.0 showed that there were some changes to the generatePackageJson option that we use.

In 15.3.2, Nx began also generating a pruned lockfile in addition to the package.json file. I'm guessing somewhere in these changes something functionally changed with the implementation for the package.json file. In our case, some were very obviously actual dependencies that should be included in the package.json. For example, a NestJS-based API that explicitly imports @nestjs/core and @nestjs/common but for some reason these packages were missing. Here's a screenshot that shows a lot of the errors and the packages that we saw now missing:

For now we've rolled everything back to 15.3.0 to keep things operating normally. I did try the next beta version to see if maybe a fix had already been planned, but unfortunately it still didn't work as expected. I haven't tried reproducing this in a brand new project. Also the build executor we use is @nrwl/webpack:webpack incase that has any implication.

[sebastiandg7]

Seems like this is only happening with freshly created @nrwl/nest apps on my side. If an extra dependency is added to the project, say lodash, building the project again results in a correctly generated package.json with lodash and @nest/** dependencies.

With @nrwl/node apps, the generated package.json includes the expected dependencies.

[JoA-MoS]

I believe generatePackageJson flag is failing to generate the dependencies correctly when using npm workspaces and the dependency is only in the workspace package.json not in the root package.json. I also found deleting package-lock.json and all node_module folders changed the behavior slightly but was still missing dependencies not installed at the root.

[JoA-MoS]

@meeroslav - Is generatePackageJson supposed to work with npm/yarn/pnpm workspaces?

[meeroslav]

@jneal-afs is there a chance you can create a minimal repo that reproduces this error?

@JoA-MoS the generatePackageJson should work with workspaces, but there might be some issues.

We are currently refactoring that logic due to several issues so it'll most likely be fixed there.

[nosaku]

I upgraded to 15.4.4 and suddenly for Nest JS apps, package.json is missing all dependencies. It is just empty. Any ideas to resolve this? Or should I rollback to older version?

"version": "0.0.1",
"dependencies": {},
"main": "main.js"

[meeroslav]

@nosaku, can you provide more information? Perhaps a minimal repo where this can be seen?

[nosaku]

@meeroslav Hmm can't provide the repo but I tried to run "migrate" one more time and now I see dependencies generated but not all... my NestJS apps depends on other shared libraries in the monorepo and one they use like okta libraries etc. All these dependencies are missing. I only see below ones being used in the main application.

{
"name": "hidden",
"version": "0.0.1",
"dependencies": {
"@nestjs/common": "9.0.0",
"@nestjs/core": "9.0.0",
"@nestjs/platform-express": "9.0.0",
"@nestjs/swagger": "6.0.0",
"@nestjs/typeorm": "9.0.0"
},
"main": "main.js"
}

When I run I get errors like...

Error: Cannot find module '@okta/jwt-verifier'

[nosaku]

I added this line in main.ts for testing and still it didn't generate the dependency in package.json

import * as OktaJwtVerifier from '@okta/jwt-verifier';

[nosaku]

I downgraded to 15.3.0 to resolve the issue, but waiting for latest upgrade. Please let know if any progress... thank you in advance.

[zscott]

I am running into this issue. I see that it's closed, but have not been able to determine if it's been released and if so, which version? Thanks.

[nosaku]

Never heard back if this issue is resolved or not. Can someone please check and let know in which version it is resolved please? Sent from Yahoo Mail on Android On Tue, Feb 28, 2023 at 3:43 AM, Zach ***@***.***> wrote: I am running into this issue. I see that it's closed, but have not been able to determine if it's been released and if so, which version? Thanks. — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: ***@***.***>

[meeroslav]

@nosaku can you try 15.8.0 and let me know if you still have an issue?

[nosaku]

Thank you Miroslav. I see package.json now with dependencies being generated. But it is also generating package-lock.json which is causing my paketo builds to fail. It run npm ci and it fails. Can we stop putting package lock json? Or is there any option to stop it being generated? Sent from Yahoo Mail on Android On Wed, Mar 1, 2023 at 6:42 PM, Miroslav ***@***.***> wrote: @nosaku can you try 15.8.0 and let me know if you still have an issue? — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: ***@***.***>

[meeroslav]

Only if you set generateLockfile will the lock file pruning and creation happen.

That being said, there is another PR to handle gracefully potential breaks in this process: #15158

[nosaku]

I did not set generateLockFile. Is the default true? Sent from Yahoo Mail on Android On Tue, Mar 7, 2023 at 8:22 PM, Miroslav ***@***.***> wrote: Only if you set generateLockfile will the lock file pruning and creation happen. That being said, there is another PR to handle gracefully potential breaks in this process: #15158 — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: ***@***.***>

[nosaku]

@meeroslav I have set the generateLockfile to false in options, but still it is generating the package-lock.json file.

[meeroslav]

What version of Nx are you on? This should be fixed in the latest versions.

[nosaku]

15.8.1 Sent from Yahoo Mail on Android On Fri, Mar 10, 2023 at 6:03 PM, Miroslav ***@***.***> wrote: What version of Nx are you on? This should be fixed in the latest versions. — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: ***@***.***>

[github-actions]

This issue has been closed for more than 30 days. If this issue is still occuring, please open a new issue with more recent context.