Npm-update with npm-shrinkwrap.json

Question

Npm-update with npm-shrinkwrap.json

What works:

npm update

do if npm-shrinkwrap.json file exists? it

Update the dependencies corresponding to the shrinkwrap.json file
Update the dependencies to obey package.json (thereby ignoring the shrinkwrap.json file)
Don't do anything

Thanks in advance

+6

node.js npm

pQuestions123 Dec 08 '16 at 19:12

source share

1 answer

bugwheels94 · Accepted Answer · 2016-12-12T15:16:57+0000

At startup

 npm update

It will update dependencies to obey package.json , and does not care about what is stored in npm-shrinkwrap.json , even if the node_modules folder node_modules empty, which means the update command will be installed using package.json while the install command will use npm-shrinkwrap.json .

It makes no sense to obey the shrinkwrap file [in most cases.]

Cause

This is supposed to be a snapshot of the package at some stable point, and this thing makes it ideal for production code.
The shrinkwrap file does not have ^ , ~ , latest , etc.
And we also know that the shrinkwrap file should not be cracked manually using the editor
So all we can do is revert to the previous dependency state using this command, and this thing can be achieved with npm install

However, at startup

 npm install

It follows the shrinkwrap file.

But when you run

 npm install newPkg --save

It will also modify package.json and npm-shrinkwrap.json

But when you run

 npm update pkg --save

It will only change the npm-shrinkwrap.json and, as I wrote, before it will use the package.json file to update according to semver

Npm-update with npm-shrinkwrap.json

More articles: