12

Is there any kind-teacher can answer my question above?

FYI I'm using WebStorm and making with node.js I installed npm module like nconf and package-lock.json has made. I expected package.json would've been made.

Thank you.

jinuman
  • 195
  • 1
  • 8
  • 6
    Possible duplicate of ["package-lock.json" role](https://stackoverflow.com/questions/44297803/package-lock-json-role) – alexmac Aug 23 '17 at 13:49

2 Answers2

8

Describe the dependency tree in a given moment, so with this description all the dependencies can be created again exactly the same way it was, this ensures the expected behavior from the dependencies.

In the npm documentation you can read:

package-lock.json is automatically generated for any operations where npm modifies either the node_modules tree, or package.json. It describes the exact tree that was generated, such that subsequent installs are able to generate identical trees, regardless of intermediate dependency updates.

This file is intended to be committed into source repositories, and serves various purposes:

Describe a single representation of a dependency tree such that teammates, deployments, and continuous integration are guaranteed to install exactly the same dependencies.

Provide a facility for users to "time-travel" to previous states of node_modules without having to commit the directory itself.

To facilitate greater visibility of tree changes through readable source control diffs.

And optimize the installation process by allowing npm to skip repeated metadata resolutions for previously-installed packages.

Community
  • 1
  • 1
Óscar Andreu
  • 1,630
  • 13
  • 32
2

Package-lock.json file contains the dependencies listed in your package.json file and the specific version of the dependency that should be installed

Navin prasad
  • 558
  • 1
  • 8
  • 18