Our team just updated to npm@5. The <code>package-lock.json</code> was unified between Windows and Mac (certain dependencies are optional so they don't get installed on Windows, but they do on Mac) so that no matter the machine, we'd generate the same node_modules structure. That went fine, then each of the team members went through the following steps: <ol> <li><code>rm -rf node_modules</code></li> <li><code>git pull</code></li> <li><code>npm install</code></li> </ol> This actually went perfectly for all team members except for one, who had a modified <code>package-lock.json</code> after the <code>npm install</code>. The one modified line was that it removed <code>"requires": true</code>. So I saw: <pre class="prettyprint"><code>{ ... "version": "0.0.1", "lockfileVersion": 1, "requires": true, "dependencies": { ... } </code></pre> But he saw: <pre class="prettyprint"><code>{ ... "version": "0.0.1", "lockfileVersion": 1, "dependencies": { ... } </code></pre> Does anybody know why <code>requires: true</code> might be removed from the <code>package-lock.json</code> file on some machines but not others? Also, a little explanation of what this property does wouldn't hurt. :) Thanks in advance!

As I suspected in my comments, the <code>requires</code> field has been added since <code>5.1.0</code>. You can see the related pull request here https://github.com/npm/npm/pull/17508 (changelog visible here https://github.com/npm/npm/releases/tag/v5.1.0) To quote what it says: <blockquote> This has a handful of fixes: <ol> <li>It introduces a new package-lock.json field, called requires, which tracks which modules a given module requires. </li> <li>.....</li> </ol> </blockquote> To avoid these kind of conflict, I advise you (and myself as well) to ensure all your team mate are using the same <code>npm</code> version. UPDATE After upgrading <code>npm</code> to version <code>5.1.0</code>, I was having trouble with missing dependencies (working on an Angular 4 application). If anyone is experiencing the same issue, here is what I did to solve it: <pre class="prettyprint"><code>rm -rf node_modules npm prune npm install </code></pre> Hope it helps.

What does "requires: true" do in package-lock.json

Our team just updated to npm@5. The package-lock.json was unified between Windows and Mac (certain dependencies are optional so they don't get installed on Windows, but they do on Mac) so that no matter the machine, we'd generate the same node_modules structure. That went fine, then each of the team members went through the following steps:

rm -rf node_modules
git pull
npm install

This actually went perfectly for all team members except for one, who had a modified package-lock.json after the npm install. The one modified line was that it removed "requires": true.

So I saw:

{
  ...
  "version": "0.0.1",
  "lockfileVersion": 1,
  "requires": true,
  "dependencies": {
  ...
}

But he saw:

{
  ...
  "version": "0.0.1",
  "lockfileVersion": 1,
  "dependencies": {
  ...
}

Does anybody know why requires: true might be removed from the package-lock.json file on some machines but not others? Also, a little explanation of what this property does wouldn't hurt. :)

Thanks in advance!

What is optional true in package-lock json?

After a package is removed from dependencies, its dependencies are marked "optional": true in package-lock. json . It is usually safe to remove such packages either by hand or by $ rm -rf package-lock. json node_modules/ $ npm install. However, this is not 100% safe, as some packages will be updated to newer versions.

What is true package json?

package. json is present in the root directory of any Node application/module and is used to define the properties of a package. It can also be used to update dependencies of a Node application.

What does Dev true mean in package-lock?

So answering your first question, "dev": true in package-lock. json means this dependency won't be installed by npm install / npm ci when running in production mode.

Is package-lock json required?

If you're collaborating on a shared project with multiple developers, and you want to ensures that installations remain identical for all developers and environments, you need to use package-lock. json . package-lock. json is automatically generated for any operations where npm modifies either package.

As I suspected in my comments, the requires field has been added since 5.1.0. You can see the related pull request here https://github.com/npm/npm/pull/17508 (changelog visible here https://github.com/npm/npm/releases/tag/v5.1.0)

To quote what it says:

This has a handful of fixes:

It introduces a new package-lock.json field, called requires, which tracks which modules a given module requires.

.....

To avoid these kind of conflict, I advise you (and myself as well) to ensure all your team mate are using the same npm version.

UPDATE

After upgrading npm to version 5.1.0, I was having trouble with missing dependencies (working on an Angular 4 application). If anyone is experiencing the same issue, here is what I did to solve it:

rm -rf node_modules
npm prune
npm install

Hope it helps.

What does "requires: true" do in package-lock.json

Tags:

node.js

npm

npm-install

package-lock.json

atdrago

People also ask

1 Answers

lkartono

Recent Activity

Donate For Us

What does "requires: true" do in package-lock.json

Tags:

node.js

npm

npm-install

package-lock.json

atdrago

People also ask

1 Answers

lkartono

Related questions

Recent Activity

Donate For Us