Skip to content

Instantly share code, notes, and snippets.

@DanielHeath

DanielHeath/NPM and shrinkwrapping.md

Created December 13, 2016 05:01
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save DanielHeath/bb56e1cdd59d29eba6433b78d492c855 to your computer and use it in GitHub Desktop.
Save DanielHeath/bb56e1cdd59d29eba6433b78d492c855 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
NPM and shrinkwrapping.md

How does npm >4.0 work with shrinkwrapping?

What happens when I run npm i without a shrinkwrap file

For each dependency specified in package.json, npm attempts to find a compatible version, and installs it (and all dependencies, transitively) to node_modules

What happens when I run npm i with a shrinkwrap file

The exact versions of the libraries specified in the shrinkwrap file are installed, regardless of whether they match package.json or have their dependencies met.

What happens when I run npm shrinkwrap?

The exact versions of the currently installed libraries in node_modules are written to npm-shrinkwrap.json. The reason they are there (eg is this a devDependency) are also recorded, so you can later npm i --production to skip the devDependencies.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment