I want to generate package-lock.json only for production dependencies so that checkmarx only evaluate production dependencies
Asked
Active
Viewed 34 times
0
-
However this doesn't resolve checkmarx issue but I got package-lock.json created without devdependencies temporarily by following below steps 1. rm ./node_module 2. npm shrinkwrap 3. mv npm-shrinkwrap.json package-lock-temp.json 4. npm i 5. mv package-lock-temp.json package-lock.json you can make this as npm script and run before commiting code. – user2579720 Jul 17 '23 at 10:31