[npm] What should we do about lockfiles?
See original GitHub issueRight now it doesn’t seem that there’s any package-lock.json
files in any of the packages. But the lerna exec npm install
will create a lockfile in each package.
Npm claims that we should commit these. Is there any reason we haven’t?
Could we either add them or add them to the .gitignore?
Issue Analytics
- State:
- Created 6 years ago
- Comments:6 (5 by maintainers)
Top Results From Across the Web
package-locks - npm Docs
These files are called package locks, or lockfiles. Whenever you run npm install , npm generates or updates your package lock, which will...
Read more >What is package lock json? Lockfiles for yarn & npm ... - Snyk
In this article we will discuss both npm's package lock file package-lock.json as well as Yarn's yarn.lock. Package lock files serve as a ......
Read more >When Not to Use Lock Files with Node.js - Twilio
A lock file describes the entire dependency tree as it is resolved when created including nested dependencies with specific versions. In npm ......
Read more >npm WARN old lockfile The package-lock.json file was ...
For example, npx npm@6 ci would run npm ci with npm version 6 even if you have version 7 installed. Share.
Read more >What is a lockfile and why you should commit it [9 of 26]
Lockfiles in Node.js are very important yet often misunderstood. Learn what is package-lock.json, how it work and why it's needed.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@ljharb makes sense thank you!
@hshoff Only apps should have lockfiles. Libs/packages should add
package-lock=false
to.npmrc
, and gitignorepackage-lock.json
,npm-shrinkwrap.json
, andyarn.lock
, full stop.