# Table of Contents
- How to generate a package-lock.json file without running npm install
- Generating a new package-lock.json file by running npm install
- Using the --package-lock option to generate a package-lock.json file
- Make sure you haven't added your package-lock.json file to .gitignore
- Generating an npm-shrinkwrap.json file
# How to generate a package-lock.json file without running npm install
Use the npm install --package-lock-only
command to generate apackage-lock.json
file without running npm install
.
The --package-lock-only
option only updates the package-lock.json
fileinstead of checking your node_modules
folder and downloading dependencies.
Open your terminal in your project's root directory (where your package.json
file is) and issue the following command.
shell
Copied!
npm install --package-lock-only
When the--package-lock-onlyargument is set, a package-lock.json
file is generated if it doesn't alreadyexist.
If the file exists, it is updated.
Note that the command doesn't check your node_modules
folder and doesn'tdownload dependencies.
The package-lock.json
file describes the tree of your node modules, so subsequent installs are able to generate identical trees.
If you need to generate a package.json
file, issue the npm init -y
command.
shell
Copied!
npm init -y
The command will generate a new package.json
file if it doesn't already exist.
If the file exists, its contents are printed to the terminal.
# Generating a new package-lock.json file by running npm install
You can also run thenpm install command toautomatically generate a new package-lock.json
file.
shell
Copied!
npm install
The package-lock.json
file is automatically generated for all operations thatmodify your node_modules
directory or your package.json
file.
The npm update command canalso be used to generate or update package-lock.json
.
shell
Copied!
npm update
# Using the --package-lock option to generate a package-lock.json file
If you aren't able to generate a package-lock.json
file, you might havedisabled the package-lock
configuration in your ~/.npmrc
file.
You can force generate a package-lock.json
file by setting the--package-lock
argument when issuing npm install
.
shell
Copied!
npm install --package-lock
The command will force generate a package-lock.json
file even if thepackage-lockconfiguration key is set to false
.
When the package-lock
key is set to false
, then the package-lock.json
fileis ignored when installing modules.
You can view your current value of the package-lock
key by issuing thefollowing command.
shell
Copied!
npm config get package-lock
If you want to disable the package-lock
key, set it to false
by issuing thefollowing command.
shell
Copied!
# disable generating/updating package-lock.json filenpm config set package-lock false
Conversely, if you want to enable the package-lock
key, set it to true
.
shell
Copied!
# enable generating/updating package-lock.json filenpm config set package-lock true
You might also have the view your global setting of the package-lock
key byusing the --global
argument.
shell
Copied!
npm config --global get package-lock
If you need to update the value of the global package-lock
key, use either ofthe following commands.
shell
Copied!
# disable generating/updating package-lock.json filenpm config --global set package-lock false# enable generating/updating package-lock.json filenpm config --global set package-lock true
You can also manually check the values in your NPM configuration files.
You can view where your user NPM config file is located by issuing the followingcommand.
shell
Copied!
npm config get userconfig
And you can view where your global NPM config file is located by issuing thefollowing command.
shell
Copied!
npm config get globalconfig
# Make sure you haven't added your package-lock.json
file to .gitignore
Note that your package-lock.json
file should be committed to your remoterepository.
If you have the file in your .gitignore
file, make sure to remove it.
The package-lock.json
file is used to:
- describe your dependencies as a tree, so the same dependencies can beinstalled by multiple people, on multiple machines.
- enable you to go to previous states of your
node_modules
directory withouthaving to commitnode_modules
to git. - optimize the installation process of modules.
# Generating an npm-shrinkwrap.json
file
You might have seen that some repositories use a npm-shrinkwrap.json
fileinstead of package-lock.json
.
The files are very similar and have the same format, however,npm-shrinkwrap.json
is published to the NPM registry and package-lock.json
is not.
The package-lock.json
file is ignored if it is found in any other locationthan the root directory.
The npm-shrinkwrap.json
file is most commonly used when deploying a CLI toolor when producing production packages.
If you need to generate an npm-shrinkwrap.json
file, issue the followingcommand.
shell
Copied!
npm shrinkwrap
If your project has both package-lock.json
and npm-shrinkwrap.json
, thennpm-shrinkwrap.json
takes precedence and package-lock.json
is ignored.
# Additional Resources
You can learn more about the related topics by checking out the followingtutorials:
- Could not proxy request from localhost:3000 to http://localhost:5000
- Fix Error while fetching extensions. XHR failed in VS Code
- npm ERR! code ENOENT syscall open error [Solved]
- Cannot read properties of null (reading 'pickAlgorithm')
- npm install hangs on 'sill idealTree buildDeps' [Solved]
- React: Could not find a required file. Name: index.html
- The 'npm audit fix' command not working [Solved]
- How to add comments to your package.json file
- npm install doesn't install devDependencies issue [Solved]
- npm should be run outside of the Node.js REPL, in your normal shell
- How to set environment variables in package.json
- Get the version number from package.json in Node.js code
- NPM: View the dependency tree of a project or an NPM module
- E401 Unable to authenticate, your authentication token seems to be invalid