Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why do I get vastly different `package-lock.json` files when I run `npm install` on different systems

With the same git repository, if I delete node_modules and package-lock.json, my expectation is that running npm install should generate the same package-lock.json file each time (give or take a few modules that might get updated by the publisher in the interim.

What I'm finding is that I get vastly different files depending on whether I do this on an OSX machine versus a Linux machine.

Is this to be expected? If so, what value does committing the package-lock.json file hold, since it will be invalid on one of these systems. If not, what might be going on here?

like image 501
Dancrumb Avatar asked Jul 26 '17 18:07

Dancrumb


People also ask

Why does package lock json changes after npm install?

The reason package-lock. json may change automatically when you run npm install is because NPM is updating the package-lock. json file to accurately reflect all the dependencies it has downloaded since it may have gotten more up-to-date versions of some of them. Once NPM updates the package-lock.

Does npm install change package lock?

npm install will generate a new package-lock. json if it does not exist or it will update the dependency tree if it does not match the packages specified in the package. json . npm ci will install packages based on package-lock.

Does npm install generate package lock json?

npm install is not deterministic, but it generates a package-lock. json.

Why is package lock json updated?

The goal of package-lock. json file is to keep track of the exact version of every package that is installed so that a product is 100% reproducible in the same way even if packages are updated by their maintainers. This solves a very specific problem that package.


1 Answers

Some dependencies are uninstallable on some platforms. You may have some of them that can be installed on OSX machine but not on Linux. That's why every time you execute npm i, the package-lock.json is updated

For example, as some other users pointed out there is a package fsevents package which has strict requirement of os

You can find some open issues on github:

https://github.com/npm/npm/issues/17722

https://github.com/npm/npm/issues/18202

like image 119
LuisPinto Avatar answered Oct 19 '22 10:10

LuisPinto