What Is package-lock.json?

A tutorial explaining the difference between package-lock.json and package.json, and how package-lock.json can help avoid installing modules from the same package.json that result in two different installs.

You may have noticed it before; you install a package using npm and suddenly a new file called package-lock.json appears in your project directory. Don’t delete that package-lock file, run npm install and regenerate it! package-lock.json, a file generated by npm since v5 was released in 2017, does what its name suggests: helps lock package dependencies down, as well as their sub-dependencies. A fairly new addition to npm, it’s something you should be using in your own projects today.

In this tutorial we'll:

  • Learn about package-lock.json files
  • Review why package-lock was added to npm
  • Outline the reasons why lockfiles should be used by your application
Log in or Sign up to view the complete tutorial.

Sign in with your Osio Labs account
to gain instant access to our entire library.

Log in
Sign up
Create a package.json File

Back to Contents
How to Install NPM Packages
Data Brokering with Node.js