What Is package-lock.json?
A tutorial explaining the difference between package-lock.json and package.json, and how package-lock.json can help avoid installing modules from the same package.json that result in two different installs.
You may have noticed it before; you install a package using npm and suddenly a new file called package-lock.json appears in your project directory. Don’t delete that package-lock file, run
npm install and regenerate it! package-lock.json, a file generated by npm since v5 was released in 2017, does what its name suggests: helps lock package dependencies down, as well as their sub-dependencies. A fairly new addition to npm, it’s something you should be using in your own projects today.
In this tutorial we'll:
- Learn about package-lock.json files
- Review why package-lock was added to npm
- Outline the reasons why lockfiles should be used by your application
Sign in with your Osio Labs account
to gain instant access to our entire library.