16

With the same git repository, if I delete node_modules and package-lock.json, my expectation is that running npm install should generate the same package-lock.json file each time (give or take a few modules that might get updated by the publisher in the interim.

What I'm finding is that I get vastly different files depending on whether I do this on an OSX machine versus a Linux machine.

Is this to be expected? If so, what value does committing the package-lock.json file hold, since it will be invalid on one of these systems. If not, what might be going on here?

Dancrumb
  • 26,597
  • 10
  • 74
  • 130
  • 1
    There are OS-specific `optionalDependencies` in a lot of packages. One common one I've seen is `fsevents`, for example. Can definitely be a pain in the ass. See https://github.com/npm/npm/issues/17722 – ceejayoz Jul 26 '17 at 19:01
  • 2
    Yeah... that seems relevant... but then doesn't this mean that committing the file is totally inappropriate if you're developing on multiple platforms? The tree on an OSX system should not be applied to a Linux system... – Dancrumb Jul 26 '17 at 19:03
  • 3
    Yes. I've had better results with Yarn. – ceejayoz Jul 26 '17 at 19:04
  • 1
    what NPM version you using? – Ayush Gupta Jan 02 '18 at 19:39

1 Answers1

9

Some dependencies are uninstallable on some platforms. You may have some of them that can be installed on OSX machine but not on Linux. That's why every time you execute npm i, the package-lock.json is updated

For example, as some other users pointed out there is a package fsevents package which has strict requirement of os

You can find some open issues on github:

https://github.com/npm/npm/issues/17722

https://github.com/npm/npm/issues/18202

LuisPinto
  • 1,667
  • 1
  • 17
  • 36
  • The links in this answer as of today are archived. A new similar open issue at the moment: https://github.com/npm/cli/issues/558 (and strangely there's some denial of the issue there on Feb 14). – Marcus Apr 22 '20 at 22:04