Why do all my npm projects have package-lock.json file but only on one computer?

Question

When I use npm on one of my home workstations, it always adds a package-lock.json file. It also creates this file when I pull down massive work repositories, and it is griefing me and my team because it pollutes pull requests by adding this 155kb file.

My workstation at work is setup almost identical, so I'm curious why this one PC creates this file.

Is there a global config setting or something I can toggle to turn this file creation off?

I'd prefer that over adding it to .gitignore in all projects.

I don't see any info helpful to my situation here:

https://docs.npmjs.com/files/package-lock.json

https://docs.npmjs.com/files/package-locks

This post is also useful to describe what package-lock.json is providing:

Do I need both package-lock.json and package.json?

Use a older version of npm. They made some stupid changes. – Darkrum Aug 26 '17 at 23:40 — Darkrum, Aug 26 '17 at 23:40

score 1 · Accepted Answer · answered Aug 26 '17 at 22:03

To tell npm not to create a package-lock.jsonlock file for your current project, create a file called .npmrc at the root of the project and add package-lock=false to it.

If you want completely disable package-lock.json creation on your machine, simply set the config globally.

npm config set package-lock false

Why do all my npm projects have package-lock.json file but only on one computer?

1 Answers1