Workflow with package-lock.json

Question

Workflow with package-lock.json

So, I have an npm project at my work that we are working on. It has dependencies on lodash and jquery.

I do >npm install, and he dumps my depots. Then I will tie it.

This creates "package-lock.json" on my system.

Now another developer is adding a new “moment” dependency.

He does >npm install -S moment.

This adds it to his package.json package, and it checks it out. We do not check package-lock.json.

Now I do " git pull" and get a new package.json package.

Now I do >npm install, BUT, because I have my own package-lock.json, it does not set a “moment” for me. So now I have to:

>rm package-lock.json
>npm install

And now I have a "moment." It looks like this package-lock.json doesn’t really help my workflow. Can I get an explanation of how this should work for developers on a day to day basis if we are all developing on a common npm module?

+4

javascript workflow npm

Eric Moore Jul 11 '17 at 16:13

source share

1 answer

TMG · Answer 1 · 2018-02-06T22:17:17+0000

First, according to npm documentation :

This file is intended to be committed to the source repositories.

so you have to reschedule your initial one package-lock.jsonafter you are done npm install.

Another developer is extracting your changes, including the lock file.

npm -S moment, package.json, package-lock.json. .

npm install. moment . , moment, - .

, , package-lock.json. , . . npm repo, .

, : package.json package-lock.json , npm install -S npm remove -S. , npm.

Workflow with package-lock.json

More articles: