Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

`package-lock.json` keeps being altered.

See original GitHub issue

Every single pull request made by others contains a commit that shows the package-lock.json being altered. However, the user and creator of the pull-request hasn’t done anything or made any changes. I think it automatically updates things such as the version every time someone forks and clones, and adds changes.

EDIT: An easy solution would be to create a file named .gitignore, and add the following content to it:


Thank you.

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Reactions:1
  • Comments:14 (13 by maintainers)

github_iconTop GitHub Comments

Zain-Muizcommented, Sep 21, 2021

Heyy @CodingSpecies , I digged into this issue and looks like this is intended by npm. Whenever you run a npm install the package-lock.json file will get updated to have the newest version of dependencies. We have one possible solutions for this

  1. I’ve found that there will be a new version of npm 5.7.1 with the new command npm ci, that will install from package-lock.json only ( Stack overflow ) [ This will fail the install if there are mismatch of versions in package and package-lock rather than update]

Any other possible solutions that you can add ?

eddiejaoudecommented, Oct 25, 2021

Thanks all for he collaboration everyone 👍 yes the docs where not clear, but have now been improved

I will close this issue for now, if we need to re-open or create a new one in the future we can 🤓

Read more comments on GitHub >

github_iconTop Results From Across the Web

Solving the annoying package-lock.json integrity discrepancy
The issue is that when working in a team, with multiple different machines, and potentially different setups such as different Node and NPM ......
Read more >
Why does "npm install" rewrite package-lock.json?
For example, the lock file had typescript specified to be at version 2.1.6. Then, after the npm install command, the version was changed...
Read more >
package-lock.json - npm Docs
package -lock.json is automatically generated for any operations where npm modifies either the node_modules tree, or package.json . It describes the exact tree ......
Read more >
But what the hell is package-lock.json?
So if your package.json is somehow changed or updated and the version in package.json does not match with the version in package-lock.json ......
Read more >
Be aware of the package-lock.json and npm install
To fix the issue I went back in the history of the branch and found the latest package-lock.json file committed. After that I...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found