What does npm i --package-lock-only
do exactly? The documentation is a tad shy on examples. https://docs.npmjs.com/cli/v6/configuring-npm/package-locks
I'm curious to know if I have older packages in my local node_modules
folder and no package-lock.json
file, will npm i --package-lock-only
generate a package-lock.json
according to the version in my local node_modules
folder or will it generate a package-lock.json
with newer package versions that is consistent with the semver ranges in the package.json
that's published in the npm registry.
Resolving lockfile conflicts npm will automatically resolve any conflicts for you and write a merged package lock that includes all the dependencies from both branches in a reasonable tree. If --package-lock-only is provided, it will do this without also modifying your local node_modules/ .
package-lock. json is automatically generated for any operations where npm modifies either the node_modules tree, or package. json . It describes the exact tree that was generated, such that subsequent installs are able to generate identical trees, regardless of intermediate dependency updates.
npm install is not deterministic, but it generates a package-lock. json. package-lock. json makes node_modules deterministic, by using the npm ci command.
npm ci will install packages based on package-lock. json file and if the file does not exist or does not match the packages specified in the package. json it will throw an error and fail.
It will determine versions of packages to install using package.json
, and then create a package-lock.json
file with its resolved versions if none exists, or overwrite an existing one.
Significantly, it does not actually install anything, which is what distinguishes it from regular npm install
(or the aliased npm i
).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With