npm 5 & nodejs 8 introduces a file named package-lock.json, I want to know if it is need to be versioned or be ignored in git
The package-lock. json file needs to be committed to your Git repository, so it can be fetched by other people, if the project is public or you have collaborators, or if you use Git as a source for deployments. The dependencies versions will be updated in the package-lock. json file when you run npm update .
If you're collaborating on a shared project with multiple developers, and you want to ensures that installations remain identical for all developers and environments, you need to use package-lock. json . package-lock. json is automatically generated for any operations where npm modifies either package.
To recap, you should always include both package. json and package-lock. json in your source control. Thus, never put them in the .
package-lock. json defines versions used in my project. There should be no need to remove it completely and thus upgrade all dependencies to the latest version just because I upgrade Vaadin.
Short Answer : Yes It must be.
Long Answer :
As Per npmjs Documentaion :
package-lock.json
is automatically generated for any operations where npm modifies either thenode_modules
tree, orpackage.json
. It describes the exact tree that was generated, such that subsequent installs are able to generate identical trees, regardless of intermediate dependency updates.This file is intended to be committed into source repositories, and serves various purposes:
Describe a single representation of a dependency tree such that teammates, deployments, and continuous integration are guaranteed to install exactly the same dependencies.
Provide a facility for users to
time-travel
to previous states ofnpm_modules
without having to commit the directory itself.To facilitate greater visibility of tree changes through readable source control diffs.
And optimize the installation process by allowing npm to skip repeated metadata resolutions for previously-installed packages.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With