Open in app

Sign in

Write

Sign in

package-lock.json

Damaris Göbel
Feb 19, 2023

package-lock.json is automatically generated where npm modifies either the node_modules tree, or the package.json.

It describes the exact tree that was generated, such that subsequent installs are able to generate identical trees, regardless of intermediate dependency updates.

The package-lock.json stores an exact, versioned dependency tree rather than using starred versioning like package.json itself

The package.json contains only your direct dependencies, not the dependencies of your dependencies (nested dependencies).

The package-lock.json locks in the versions of the full dependency tree. This guarantees the dependency tree for other other developers or releases.

You should not alter the contents of this file.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Package Lock
Damaris Göbel
Damaris Göbel

Written by Damaris Göbel

14 Followers
10 Following

I like to do crazy things with CSS & JavaScript. My brain occasionally runs out of memory so I need to write down my thoughts.

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams