The role of Package-lock.json in NPM: npm install using

Source: Internet
Author: User

Simple comprehension: The format of XYZ

Corresponds to: Major version number. minor version number. Revision number, the increment rule for the version number is as follows:

Major version number: When you make incompatible API modifications,

Minor version number: When you do a backwards-compatible functionality added,

Revision number: When you make a backward-compatible problem fix.

Suppose we create a new project that will use Express. After running NPM Init, at the time of writing this project, the latest Express version is 4.15.4. (NPM will install the latest version by default)

So in Package.json, "express": "^ 4.15.4" is added as a dependency. Assuming tomorrow, express maintainers will issue a bug fix, so the latest version becomes 4.15.5. Then, if someone wants to contribute to my project, they will clone it and then run NPM install, because 4.15.5 is a later version of the major version, which is installed for them. We all have express dependencies, but we have two different versions. In theory, they should be compatible, but maybe this bug will affect the functionality we're using, and our app will produce different results when compared to 4.15.5 using the Express version 4.15.4.

And Package-lock.json's role is to ensure that the relationship between our application dependencies is consistent and compatible.

When a Package-lock.json file is not present, this file is automatically generated when using NPM install. When this file is present, installing with NPM install installs the specified version of the plugin in Package-lock.json, and installs much faster than when there are no Package-lock.json files. Because the Package-lock.json file already exists The plugin version, the entire node_modules structure and so on information.

When a Package-lock.json file is present, the version of the corresponding plugin in Package-lock.json is installed each time NPM install installs. This same copy of the Package-lock.json file, everyone installs the same version of the plugin.

If a plugin version changes. You do not want to delete the Package-lock.json file and regenerate it. The method is: npm install [email protected], and reinstall the plugin, and specify the version of the plugin, so that Package.json and Package-lock.json will be automatically updated. Of course, you can also modify the Package-lock.json file directly, so that when NPM installs, the modified version is also installed. However, if you only modify the Package.json, do not modify the PACKAGE-LOCK.JSON,NPM install or will be installed Package-lock.json plug-in version.

The role of Package-lock.json in NPM: npm install using

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.