ChatGPT解决这个技术问题 Extra ChatGPT

Is there a way to force npm to generate package-lock.json?

I deleted it by accident and have made many changes to package.json since. An npm install or npm update do not generate package-lock.json anymore. I tried clearing my npm cache and my nvm cache, but nothing seems to be working. I tried it on several versions of Node.js (6.10.3 Node.js - 3.10.10 npm is what I would like it to work on), and it doesn't work on any.

Is there a way to force npm to generate the package-lock.json file?

I think package-lock.json is specific to npm 5
package-lock.json is generating automatically by default in npm starting from v5, in the previous versions, the lock file name was npm-shrinkwrap.json and it was generated manually using npm shrinkwrap command.
@BrettMerrifield Thank you! That was my problem. I updated to node 8.6.0 and with it npm 5.3.0 and it worked.
Check your .gitignore. I accidentally had package-lock.json in the .gitignore somehow and because package-lock.json wasn't showing up in the git status it was throwing me off.

t
t0r0X

In npm 6.x and 7.x you can use

npm i --package-lock-only

According to the docs of npm v6, npm v7 or latest version:

The --package-lock-only argument will only update the package-lock.json, instead of checking node_modules and downloading dependencies.


This is the correct answer now, others are old and wont work.
Any clue how to generate a package-lock.json without devDependencies? I need this for clean production installs. npm i --package-lock-only --only=production doesn't seem to work.
I don't think it's possible to generate package-lock.json only for production dependencies. But if you run npm i --only=production it should install only production dependencies. So your build process could look like this: install all dependencies, build app, remove node_modules and install only production dependencies.
This is very helpful if you want to move an older project away from yarn.lock. Thank you.
M
Mathias Bynens

By default, package-lock.json is updated whenever you run npm install. However, this can be disabled globally by setting package-lock=false in ~/.npmrc.

When the global package-lock=false setting is active, you can still force a project’s package-lock.json file to be updated by running:

npm install --package-lock

This command is the only surefire way of forcing a package-lock.json update.


@RonNewcomb Can you share more information? What do you mean by "it doesn't work"? Which npm version are you using?
npm version 3.10.10 Node 6.10.3 The command you listed seems to be a no-op? Nothing happens. No error, no file change, nothing.
If you're using npm v3 for your project, you wouldn't have a package-lock.json. package-lock.json is only supported by npm v5+.
npm v 6.4.1 and this does not create package-lock.json
It works for me, in 6.4.1. Setting it to false also prevents it from creating one.
L
LJHarb

This is answered in the comments; package-lock.json is a feature in npm v5 and higher. npm shrinkwrap is how you create a lockfile in all versions of npm.


note, however, that package-lock.jsons are not the exact same thing as shrinkwrap files.
in npm 5+, they are, in fact, exactly the same, down to every detail, except for one thing: npm-shrinkwrap.json will be published to the registry, and package-lock.json will not.
Yep. That's a pretty important difference though, which is why I left my comment.
npm shrinkwrap generates npm-shrinkwrap.json, but how do you generate package-lock.json ?
It’s automatic in npm 5+, or you can force it in 5+ with --package-lock
C
Charmis Varghese

As several answer explained the you should run:

npm i

BUT if it does not solve...

Check the version of your npm executable. (For me it was 3.x.x which doesn't uses the package-lock.json (at all))

npm -v

It should be at least 5.x.x (which introduced the package-lock.json file.)

To update npm on Linux, follow these instructions.

For more details about package files, please read this medium story.


Z
Zach Bloomquist

If you're like me, you tried all the answers here and wondered why no package-lock.json was appearing in your Git "Changed Files". In this case, check to make sure nobody has added package-lock.json to the .gitignore in the past!

Not really a direct answer, but maybe it will help someone else who spent entirely too long on this 😅


t
trias

When working with local packages, the only way I found to reliably regenerate the package-lock.json file is to delete it, as well as in the linked modules and all corresponding node_modules folders and let it be regenerated with npm i


S
SridharKritha

If your npm version is lower than version 5 then install the higher version for getting the automatic generation of package-lock.json.

Example: Upgrade your current npm to the version 6.14.0 (example - You can choose any other latest version)

npm i -g npm@6.14.0

You could view the latest npm version list by

npm view npm versions