Questions tagged [npm-shrinkwrap]
npm shrinkwrap" is a command on npm CLI which is used as a deployment mechanism for locking down dependency versions for publication.
57
questions
0votes
2answers
2kviews
Is there way to lower the lockfileVersion of npm-shrinkwrap to lockfileVersion@1, it automatically makes lockfileversion@2?
[ERROR] - An error occurred during execution of command [app-deploy] - [Use NPM to install dependencies]. Stop running the command. Error: Command /bin/sh -c npm --production install failed with error ...
amazon-web-services
1vote
0answers
49views
How to extract the closest node.js version used from existing package-lock.json?
My package-lock.json and package.json do not specify the node.js version used to generate the package-lock.json in my repo.
I can iterate over node versions using nvm to see which one yeilds minimal ...
- 2,274
2votes
0answers
355views
Problems with npm not respecting npm-shrinkwrap
I've recently been given responsibility of an old Nodejs app that's on node 8.9.4. The app has a npm-shrinkwrap.json file with specific versions defined for its direct and indirect dependencies.
...
- 21
7votes
2answers
5kviews
react : NPM install fails
I tried installing a package in my react app using npm, and for some reason It fails:
it shows the following error:
npm ERR! Object for dependency "@babel/generator" is empty.
npm ERR! ...
- 163
1vote
0answers
85views
install npm package from bitbucket without npm-shrinkwrap.json
The question:
In NodeJS how can I ignore the shrinkwrap of a dependency "Package B" on an "npm install" in the higher order "Project A", when "Package B" comes from a private repo.
The background:
...
- 11
1vote
1answer
251views
npm errror while installing package in new machine
I Want to install package from ShrinkWrap.json file , I am trying to install package in new machine but command npm install is throwing
error npm WARN tar ENOENT: no such file or directory, open '/...
- 902
1vote
0answers
287views
npm install errors out on all packes if npm-shrinkwrap.json is present
node v10.15.0
npm v6.4.1
I inherited a project that has an npm-shrinkwrap.json next to the package.json.
When I run npm install I get errors like the following for the files in every single ...
- 159
0votes
1answer
1kviews
npm-shrinkwrap.json: Could not install from "node_modules/react-navigation/react-native-tab-view@github:react-navigation/react-native-tab-view
I tried to run an npm install this morning on a React Native 0.53.3 project with "react-navigation": "1.5.11", and I got this error:
npm ERR! code ENOLOCAL
npm ERR! Could not install from "...
- 11.3k
6votes
0answers
97views
npm-shrinkwrap.json appends ?dl=https://registry.npmjs.org/... to all "resolved" properties
When I am using the command npm install all resolved properties of npm-shrinkwrap.json append ?dl=https://registry.npmjs.org/<package-name>.
Example
...,
"@types/hammerjs": {
"version": "2.0....
- 551
34votes
1answer
977views
NPM lockfiles/shrinkwrap get random "dl" parameter tacked on to the "resolved" URL
Our company uses an Artifactory repository for storing internally-published packages and as a proxy for the NPM registry. Sometimes the resolved field in lockfiles/shrinkwrap files is as expected, ...
- 75k
0votes
2answers
780views
Why package-lock.json is created if npm already have the npm-shrinkwrap.json for locking purpose?
npm-shrinkwrap.json: Lock down the node_modules tree as well as dependencies and nested dependencies to prevent the package code breaking on other machines.
package-lock.json: Lock down the ...
user10220492
2votes
0answers
288views
create or derive package-lock.json file from npm-shrinkwrap.json
Previously we had old version of npm and I used npm-shrinkwrap.json file to lock down the dependencies. Now we upgarded to npm 6 and I want to use package-lock.json instead of old npm-shrinkwrap.json ...
- 4,004
7votes
1answer
6kviews
Understanding NPM shrinkwrap
Recently discovered npm-audit and on the first run it flagged a lot of vulnerabilities, mostly around packages and their dependencies.
Wanting to get these vulnerabilities resolved I have discovered ...
- 14.5k
1vote
0answers
41views
How to upgrade package.json and npm-shrinkwrap.json to the latest node v8.11.1
I have a CLI git repository that contains list of modules of package.json and npm-shrinkwrap.json files.Currently this works fine with node v6.11.1,I want to upgrade it to support to the latest node ...
6votes
1answer
1kviews
Updating an indirect dependency in shrinkwrapped project
Is there a good way with npm (I'm on npm@5) to do a version bump for a nested dependency in a shrinkwrapped/lockfiled project?
Doing an npm install package@latest --save will update the shrinkwrap ...
- 75k
0votes
1answer
39views
Where do libraries come from that are in npm-shrinkwrap but don't correspond to package.json
I have an npm-shrinkwrap file with express in it as a main dependency.
However,
I don't have express as a dependency in my package.json file.
I don't see it used in my project anywhere.
I don't ...
- 1,574
1vote
1answer
988views
Add git hook to watch for files' changes
I am trying to create a git hook that evaluate the package.json for changes and auto-runs the shrinkwrapper and commits the changed file to a repository. I have tried a lot, but could not get a ...
- 221
0votes
1answer
323views
How to solve dependency conflict between js-data-angular and js-data-http
I'm currently working on a project, the project has 2 npm packages installed:
js-data-http and js-data-angular.
The problem is js-data-http requires js-data@>=3.0.0 and js-data-angular requires ...
- 225
0votes
1answer
525views
How is the shrinkwrap file generated?
When locking down node modules using shrinkwrap, how is the npm-shrinkwrap.json file generated? Does it recursively check node_modules folder and get it's info there?
I'm asking because I did a npm ...
- 5,844
189votes
4answers
70kviews
What is the difference between npm-shrinkwrap.json and package-lock.json?
With the release of npm@5, it will now write a package-lock.json unless a npm-shrinkwrap.json already exists.
I installed npm@5 globally via:
npm install npm@5 -g
And now, if a npm-shrinkwrap.json ...
- 48.9k
2votes
1answer
616views
How do I omit a package from being included in my yarn.lock file?
So in my package.json I have a bunch of npm libs, and one private repo being pulled in from a git ssh url which needs to always be the latest build. The yarn.lock adds the git sha and yarn upgrade etc ...
- 75.3k
4votes
1answer
10kviews
reduce size of node_modules for production
I created node_modules for uploading addon to online site from localhost with help of ngrok and using npm install in CommandPrompt. But the created node_modules folder size was 78mb. In that case i ...
- 111
1vote
1answer
342views
Why does npm shrinkwrap replace a version designation with a url for the from field?
I changed the name of a package I was working on and so I reran npm shrinkwrap. I didn't change any of the fields for the other dependencies.
I noticed something odd where npm shrinkwrap changed the ...
- 6,247
0votes
1answer
785views
npm shrinkwrap complaining of missing dependencies
I have been building releases in my CI environment by checking out from source control, running npm install on a clean directory, followed by npm dedupe && npm shrinkwrap. This has been ...
- 1,453
1vote
1answer
142views
Foreach undefined for data that comes from query
My query works fine, if I do not use shrinkwrap or yarn on my aws ubuntu 14.04 machine.
However, the same query works fine with shrinkwrap/yarn on local machine, but somehow they don't work on aws ...
user7510478
0votes
1answer
20views
can npm-shrinkwrap be installed while project is already started
I am currently half way through my node.js project and now, I want to install npm-shrinkwrap for dependency management. SO is it ok, if I do it now, or I should not do it right now.
user7510478
4votes
0answers
155views
Should a JS package have a shrinkwrap?
I understand that using npm shrinkwrap helps to lock down dependencies to help guarantee a replicable build for an application.
My question is, what if you're building a module instead of an ...
- 4,886
0votes
0answers
531views
npm shrinkwrap (undesirably) falling back onto package.json
I'm using npm-shrinkwrap to lock down my project dependencies.
However I'm running into one issue. It seems as though if you remove a dependency from the npm-shrinkwrap.json then node backs on to the ...
- 1,400
2votes
1answer
2kviews
Force dependency to use specific sub dependency version
I am building my website code with webpack and npm modules and sutmbled upon the following problem:
My code uses jQuery 3.1.1 and adds some plugins to it.
I am also using a dependency that has a sub-...
- 1,667
1vote
1answer
92views
Why does npm-shrinkwrap flip-flops between names and URLs every time?
Using:
node v4.6.2, npm 2.15.5, nvm 0.29.0, Homebrew 1.1.1-64-g17bad9a, macOS 10.12.1
Steps:
I update package.json,
delete all my modules: rm -fr node_modules,
reinstall everything: nvm exec npm ...
- 324
4votes
0answers
639views
Upgrading npm project version to a release candidate - UNMET PEER DEPENDENCY
So, I need to upgrade my npm dependency on "react" to 15.4.0-rc.4
I have tried both updating the value in my package.json to "^15.4.0-rc.4" and removing the dependency then running npm install react@...
- 3,704
5votes
1answer
2kviews
How to delete all nested keys with JQ
I would like to delete all the resloved from a npm shrinwrap json file. this is causing a problem when running npm install on other machine.
"cssstyle": {
"version": "0.2.37",
"from": "...
- 8,204
1vote
2answers
668views
How check consistency npm-shrinkwrap.json and package.json
Sometimes my team members forgot to update npm-shrinkwrap.json after update package.json. I know this package from uber, but it can not be used with npm v3. So now it is not solution.
Do have I ...
- 4,647
96votes
3answers
46kviews
How do I override nested dependencies with `yarn`?
If my package has these dependencies
{ "name": "my-package",
"dependencies": { "foobar":"~1.0.3", "baz":"2.0.9" }
And the foobar package has these dependencies
{ "name": "foobar",
"dependencies"...
- 34.7k
2votes
1answer
271views
npm shrinkwrap vs install passing the --save-exact flag
What's the different between using npm shrinkwrap or always installing dependencies passing the -E or --save-exact|-E flag?
ie.: $ npm i redux -SE -SE being the shorthand to --save --save-exact
I ...
- 5,652
1vote
0answers
506views
How to make sure npm install uses data from npm-shrinkwrap.json
In my javascript project I want to freeze the dependencies. For this I'm using npm-shrinkwrap https://docs.npmjs.com/cli/shrinkwrap
I do the things that are written in the doc, and it works, but I ...
- 10.1k
1vote
0answers
173views
NPM shrinkwrap use local module as dependency
I am currently using cropper and have jquery@latest in my package.json. However, cropper requires jquery as its own dependency which ends up with two versions of jquery being installed and used. I ...
- 9,749
0votes
1answer
193views
npm shrinkwrap contains paths to localhost
After running npm shrinkwrap I find that we have many references to localhost:
egrep localhost npm-shrinkwrap.json
"resolved": "http://localhost:4873/constants-browserify/-/constants-browserify-...
- 4,080
7votes
1answer
4kviews
fsevents (pulled in by chokidar) in npm shrinkwrap causes build to fail on Windows
OSX only fsevents is listed in the npm shrinkwrap because it's pulled in by chokidar. Our production is Linux based and it didn't cause any trouble there, obviously OSX developers are fine too, but it ...
- 8,852
0votes
1answer
200views
Shipping node.js project with custom dependencies
I fixed a couple of issues in nested dependencies of my node.js project (dependencies are managed by npm). These fixes are pending pull requests and thus aren't published. What's the best way to use ...
- 2,981
3votes
1answer
498views
How to shrinkwrap symlink node module created with 'npm link'?
I work on two repositories at once. One depends on the other (listed in package.json dependencies).
So I am using npm link ..\theOne in other to work on both modules at once. As a result I can test ...
- 10.4k
3votes
3answers
2kviews
Transparently install npm packages offline, from a custom filesystem directory
Editor's note: The question's original title was "Use npm install to install node modules stored on a local directory", which made the desire to transparently redefine the installation source less ...
- 199
0votes
1answer
25views
How to check which dependecy introduce which in npm?
package.json lists all direct dependencies of the app. While npm-shrinkwrap.json lists all dependencies in a quite flat format (seems it puts child's dependencies as root's dependencies whenever ...
- 3,707
4votes
1answer
3kviews
Using a shared npm node_modules/ for multiple workspaces on the same server
Our Jenkins/CI server runs hundreds of builds a day for our node/js project, and I would like to be able to run each build in a completely clean workspace. However, the npm install step can take >10 ...
- 1,520
4votes
1answer
3kviews
How can I switch between a linked npm dependency (in development) and an installed dependency (in staging/prod)?
I have a custom npm module that I am working on, and it has a GitHub repo. I'm also working on a project that uses the custom module. When working on the larger project, it is nice to use npm link so ...
- 1,383
0votes
1answer
197views
Meteor NPM : Couldn't run `npm shrinkwrap`
I've looked high and low for how to fix this, couldn't figure it out.
Running a React - Meteor app, meteorhacks:npm and browserify.
Error:
While building package npm-container:
error: couldn't run `...
- 911
7votes
3answers
3kviews
When to use shrinkwrap, npm-lockdown, or npm-seal
I'm coming from a background much more familiar with composer. I'm getting gulp (etc) going for the build processes and learning node and how to use npm as I go.
It's very odd (again, coming from a ...
- 9,987
3votes
0answers
96views
ECONNRESET Errors when using npm-shrinkwrap via ProGet
We are seeing ECONNRESET issues when using a shrinkwrapped package installed through our internal ProGet server. When configuring npm registry to be the regular npm registry and shrinkwrapping a ...
- 1,510
5votes
1answer
2kviews
npm update packages recursively
I have a project like this
I want to update all private_mod version (root and nested levels) to 1.3.2. Is there a npm way to do so?
Note: Each dependecy (dep-1, dep-2, dep-3) have their own package....
- 735
4votes
2answers
3kviews
Why does `npm install` use the shrinkwrap's 'resolved' property
I am considering setting up a local npm mirror such as "npm_lazy" on my computer.
But it seems like npm install and npm shrinkwrap don't work well with local mirrors.
Let me explain. When there is ...
- 10.6k
Related Tags
npm × 46
node.js × 34
npm-install × 11
javascript × 5
reactjs × 5
git × 3
dependencies × 3
node-modules × 3
json × 2
meteor × 2
artifactory × 2
yarnpkg × 2
package.json × 2
githooks × 2
shrinkwrap × 2
lockfile × 2
react-native × 1
nginx × 1
recursion × 1
webpack × 1
amazon-ec2 × 1
proxy × 1
nested × 1
more related tags
Hot Network Questions
- Prevent WordPress from automatically installing a new theme each year
- How could a tobacco/nicotine prohibition be efficient?
- Does Heisenberg picture only work for time-dependent Schrödinger equation not Klein-Gordon equation?
- How to store a custom string inside the BIOS
- Selecting features in one layer based on mutual field with another layer in QGIS
- Case splitting with quotient types in Cubical Agda
- Does this valve control input for my water heater?
- A particular solution for Wave equation in 1+1D
- Is a 1:1 gear ratio the same regardless of the specific gear sizes?
- Can an Inquisitive Rogue use the Tactical Assessment maneuver for Insightful Fighting?
- Why would you use a flash pointing straight up, or over your head?
- Why does this query fail when I run it from a SQL Server job?
- Is there a way I can install php 7.2.31 on ubuntu 20.04?
- Why do Masters + PhD, when you can just do a PhD and then do a PostDoc?
- Why didn't the Klein-Gordon equation suggest antimatter like the Dirac equation did?
- Is there a tool that could allow the users of our scientific computer to book it exclusively?
- Is it ok to bring cookies for the entire office to my interview?
- What work has been done on computationally intensive proofs?
- Why was this speech by Bilbo added to the Hobbit movie?
- Is it OK to have type aliases for primitive types in Typescript?
- Is it legal for a business to refuse service to a former customer in retribution for them leaving negative online reviews of the business?
- Can a paladin stack Divine Smite, Thunderous Smite, and Wrathful Smite?
- Exam results for 9-year-old do not reflect his real skills
- Attach the Arduino ISR function to the class member