Questions tagged [package-lock.json]
224 questions
0
votes
0 answers
How to generate package-lock.json only for production dependencies
I want to generate package-lock.json only for production dependencies so that checkmarx only evaluate production dependencies
user2579720
- 53
- 2
- 7
0
votes
0 answers
Trivy unable to take into account the semver version override in package.json
Trivy scanner is unable to take the updated version(7.5.2) and still throws error in the build(showing installed version as 7.5.1).
(alpine 3.17.4)
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
Node.js (node-pkg)
Total: 1 (UNKNOWN:…
Arjun M
- 1
0
votes
0 answers
What's the location of package-lock file in React Native Android project?
Where is the package-lock file located in the project in android studio or in which file?
because i am getting error. The reason for the error is related to the package file name.
*I guess when I enter the project file, I should first see the…
sdtepe
- 1
- 3
0
votes
0 answers
Generating package-lock.json gives npm ERR! Cannot convert undefined or null to object
The package-lock.json of an existing project has been deleted for whatever reason.
Trying to recreate it gives the following error
$ npm i --package-lock-only
npm ERR! Cannot convert undefined or null to object
npm ERR! A complete log of this run…
ontherocks
- 1,747
- 5
- 26
- 43
0
votes
0 answers
Stop peer dependencies using minor version (^) from updating in project
I have a project in which the client's policy in the CI pipelines ignore package-lock.json file and always install everything from scratch.
The issue with this is that sometimes, everything works locally but then it fails in the pipelines, as the…
Unapedra
- 2,043
- 4
- 25
- 42
0
votes
0 answers
An unhandled exception occurred: request to http://registry.npmjs.org/@angular%2fcli failed, reason: socket hang up
{
"name": "ez-new-architecture",
"version": "0.0.0",
"scripts": {
"ng": "ng",
"start": "ng serve",
"build": "ng build",
"test": "ng test",
"lint": "ng lint",
"e2e": "ng e2e"
},
"private": true,
"dependencies":…
Krishnaraj P
- 23
- 5
0
votes
0 answers
Problem with Angular Universal dependency
I'm building this project with Angular and when "ng adding" Angular Universal, this dependency error occurs:
$ ng add @nestjs/ng-universal …
ferran
- 100
- 2
- 8
0
votes
0 answers
How to resolve dependency issue for java-invoke-local sub package jackson-databind in package-lock.json
Java-invoke-local version 0.0.6 has jackson-databind version 2.10.1
Please suggest how to resolve this dependency issue in package-lock.json file
Searched for new version of java-invoke-local this was the latest. Tried npm audit fix, this didn't…
Beginner
- 1
- 3
0
votes
0 answers
In package.json, proxy not affecting Fetch Request
Proxy not working in my fetch request. It is sending request to PORT 3000 instead of 5000(server is running on 5000)
In similar questions on stackoverflow, answers are suggesting to clear the cache by deleting node_modules and package-lock.json…
Ankit
- 13
- 3
0
votes
0 answers
npm version package-lock.json caching issue in GitHub Actions
My trigger in the GitHub Actions workflow is when we have a new tag, then deploy the tag to the desired environment.
So, running npm version prerelease will trigger the workflow.
The problem is when I try to use cache I see that the version in…
yuksi
- 97
- 9
0
votes
1 answer
What are the risks of an out of sync package-lock.json? Can it be fixed?
At work we're using a very old template (generated around April 2021, so node v14.19) which has an out of sync package-lock.json. This means that if you do:
rm package-lock.json && npm install
The install will fail due to conflicting…
Mascarpone
- 2,516
- 4
- 25
- 46
0
votes
0 answers
Are Package-Lock Vulnerabilities an Issue When Using No Packages?
Apologies if this is really simple, I really don't understand the fundamentals involved here.
I recently got a string of emails from GitHub letting me know that there were security vulnerabilities in my package-lock.json files, but since I do not…
0
votes
0 answers
How to resolve the tree dependencies problem for run knex.js migrations scripts
Problem
I am trying to run the knex.js migration script knex migrate:latest --env development, but I am getting an error message. I have also tried using the --esm flag, but that results in another error message.
Proof
Here are photos of the error…
Arsen Arakelyan
- 1
- 2
0
votes
0 answers
Difference between package.lock.json version - "[5.0.1, )" vs "5.0.1"
My package.lock.json is getting updated from
"dependencies": {
"Microsoft.Data.SqlClient": "[5.0.1, )",
"TSQL.Parser": "[2.6.0, )"
}
to
"dependencies": {
"Microsoft.Data.SqlClient": "5.0.1",
"TSQL.Parser":…
tRuEsAtM
- 3,517
- 6
- 43
- 83
0
votes
2 answers
Is there something like package.json and package-lock.json that can be used for any programming language?
In JavaScript, package.json and package-lock.json can be used to specify desired versions and locked versions. In Python, there is a similar solution in Poetry.
Is there any similar tool that is built to be used with any language, and that I can use…
user1283776
- 19,640
- 49
- 136
- 276