5

I was working on a react project.
I cloned it in a new machine.
As soon as I ran the command npm install, package-lock.json file was rewritten completely.

  • Is this a problem?
  • And how should I deal with it?
Devang Joshi
  • 101
  • 1
  • 8
  • 1
    Are you using the same version of NPM the lock file was created with? v2 of the lock file came in with v7 of NPM. – jonrsharpe Nov 24 '21 at 11:52
  • No I am sure both the versions are different – Devang Joshi Nov 24 '21 at 11:54
  • That's probably it, then, check for the `lockfileVersion` at the top of `package-lock.json`. Either migrate everyone to NPM 7+ or use NPM 6 when working on that package. – jonrsharpe Nov 24 '21 at 11:56
  • First google result https://stackoverflow.com/questions/45022048/why-does-npm-install-rewrite-package-lock-json – Blitz Dec 03 '21 at 09:31
  • My answer [here](https://stackoverflow.com/a/64014814/10788155) addresses one of the problems that could arise. – Ictus Aug 21 '22 at 10:25

1 Answers1

6

npm install can rewrite package-lock.json file. Probably you have dependencies with not fixed version '~x.x.x' or '^x.x.x'. If you already have package-lock.json and want install packages without update lock file, you can use npm ci. See this doc

Alex Gor
  • 533
  • 4
  • 18