Stack Overflow
Stack Overflow

Questions tagged [npm-shrinkwrap]

npm shrinkwrap" is a command on npm CLI which is used as a deployment mechanism for locking down dependency versions for publication.

npm shrinkwrap is a deployment mechanism used by that recursively saves the exact version of every dependency's dependencies to a npm-shrinkwrap.json file.

Reference:

60 questions
4
votes
0 answers

Should a JS package have a shrinkwrap?

I understand that using npm shrinkwrap helps to lock down dependencies to help guarantee a replicable build for an application. My question is, what if you're building a module instead of an application? Should each release of the module include a…
M Miller
  • 5,364
  • 9
  • 43
  • 65
4
votes
0 answers

Upgrading npm project version to a release candidate - UNMET PEER DEPENDENCY

So, I need to upgrade my npm dependency on "react" to 15.4.0-rc.4 I have tried both updating the value in my package.json to "^15.4.0-rc.4" and removing the dependency then running npm install react@15.4.0-rc.4 --save The issue however is I always…
mangusbrother
  • 3,988
  • 11
  • 51
  • 103
4
votes
1 answer

Using a shared npm node_modules/ for multiple workspaces on the same server

Our Jenkins/CI server runs hundreds of builds a day for our node/js project, and I would like to be able to run each build in a completely clean workspace. However, the npm install step can take >10 minutes, which is just far too slow. Instead, as…
laffoyb
  • 1,540
  • 3
  • 22
  • 35
4
votes
2 answers

Why does `npm install` use the shrinkwrap's 'resolved' property

I am considering setting up a local npm mirror such as "npm_lazy" on my computer. But it seems like npm install and npm shrinkwrap don't work well with local mirrors. Let me explain. When there is an npm-shrinkwrap.json file, the npm install…
Matthias
  • 13,607
  • 9
  • 44
  • 60
4
votes
1 answer

How to prevent transitive dev dependency from being shrinkwrapped

I have a package.json with cucumber listed as a devDependency. cucumber has a dependency on cucumber-html. For some reason when I run npm-shrinkwrap on my project, cucumber-html is included in the npm-shrinkwrap.json. Is there any way to prevent…
MorningDew
  • 503
  • 3
  • 9
3
votes
2 answers

Force dependency to use specific sub dependency version

I am building my website code with webpack and npm modules and sutmbled upon the following problem: My code uses jQuery 3.1.1 and adds some plugins to it. I am also using a dependency that has a sub-depencency on jQuery <= 2.2.4. The problem is,…
McFarlane
  • 1,777
  • 2
  • 22
  • 39
3
votes
1 answer

How to shrinkwrap symlink node module created with 'npm link'?

I work on two repositories at once. One depends on the other (listed in package.json dependencies). So I am using npm link ..\theOne in other to work on both modules at once. As a result I can test the modification on one module on the other.…
Damien Leroux
  • 11,177
  • 7
  • 43
  • 57
3
votes
3 answers

Transparently install npm packages offline, from a custom filesystem directory

Editor's note: The question's original title was "Use npm install to install node modules stored on a local directory", which made the desire to transparently redefine the installation source less obvious. Therefore, some existing answers suggest…
Jedi Wolf
  • 331
  • 3
  • 13
3
votes
0 answers

ECONNRESET Errors when using npm-shrinkwrap via ProGet

We are seeing ECONNRESET issues when using a shrinkwrapped package installed through our internal ProGet server. When configuring npm registry to be the regular npm registry and shrinkwrapping a package based on that, everything installs fine. We…
Simon
  • 1,630
  • 1
  • 17
  • 23
2
votes
4 answers

Is there way to lower the lockfileVersion of npm-shrinkwrap to lockfileVersion@1, it automatically makes lockfileversion@2?

[ERROR] - An error occurred during execution of command [app-deploy] - [Use NPM to install dependencies]. Stop running the command. Error: Command /bin/sh -c npm --production install failed with error signal: killed. Stderr:npm WARN read-shrinkwrap…
Rabin
  • 51
  • 1
  • 6
2
votes
0 answers

Problems with npm not respecting npm-shrinkwrap

I've recently been given responsibility of an old Nodejs app that's on node 8.9.4. The app has a npm-shrinkwrap.json file with specific versions defined for its direct and indirect dependencies. However, when I do a fresh npm install (using npm…
BennyBorgov
  • 21
  • 1
2
votes
1 answer

npm errror while installing package in new machine

I Want to install package from ShrinkWrap.json file , I am trying to install package in new machine but command npm install is throwing error npm WARN tar ENOENT: no such file or directory, open…
Abhishek
  • 972
  • 3
  • 12
  • 24
2
votes
0 answers

create or derive package-lock.json file from npm-shrinkwrap.json

Previously we had old version of npm and I used npm-shrinkwrap.json file to lock down the dependencies. Now we upgarded to npm 6 and I want to use package-lock.json instead of old npm-shrinkwrap.json . So how can I create a package-lock.json…
Gangadhar Jannu
  • 4,136
  • 6
  • 29
  • 49
2
votes
1 answer

How do I omit a package from being included in my yarn.lock file?

So in my package.json I have a bunch of npm libs, and one private repo being pulled in from a git ssh url which needs to always be the latest build. The yarn.lock adds the git sha and yarn upgrade etc won't grab the newest one. Basically, given…
AlienWebguy
  • 76,997
  • 17
  • 122
  • 145
2
votes
1 answer

npm shrinkwrap vs install passing the --save-exact flag

What's the different between using npm shrinkwrap or always installing dependencies passing the -E or --save-exact|-E flag? ie.: $ npm i redux -SE -SE being the shorthand to --save --save-exact I guess shrinkwrap will also take care of locking…
rafaelbiten
  • 6,074
  • 2
  • 31
  • 36
1
2
3 4