Questions tagged [npm-shrinkwrap]

npm shrinkwrap" is a command on npm CLI which is used as a deployment mechanism for locking down dependency versions for publication.

Filter by
Sorted by
Tagged with
0votes
2answers
2kviews

Is there way to lower the lockfileVersion of npm-shrinkwrap to lockfileVersion@1, it automatically makes lockfileversion@2?

[ERROR] - An error occurred during execution of command [app-deploy] - [Use NPM to install dependencies]. Stop running the command. Error: Command /bin/sh -c npm --production install failed with error ...
user avatar
  • 31
1vote
0answers
49views

How to extract the closest node.js version used from existing package-lock.json?

My package-lock.json and package.json do not specify the node.js version used to generate the package-lock.json in my repo. I can iterate over node versions using nvm to see which one yeilds minimal ...
user avatar
  • 2,274
2votes
0answers
355views

Problems with npm not respecting npm-shrinkwrap

I've recently been given responsibility of an old Nodejs app that's on node 8.9.4. The app has a npm-shrinkwrap.json file with specific versions defined for its direct and indirect dependencies. ...
user avatar
7votes
2answers
5kviews

react : NPM install fails

I tried installing a package in my react app using npm, and for some reason It fails: it shows the following error: npm ERR! Object for dependency "@babel/generator" is empty. npm ERR! ...
user avatar
1vote
0answers
85views

install npm package from bitbucket without npm-shrinkwrap.json

The question: In NodeJS how can I ignore the shrinkwrap of a dependency "Package B" on an "npm install" in the higher order "Project A", when "Package B" comes from a private repo. The background: ...
user avatar
1vote
1answer
251views

npm errror while installing package in new machine

I Want to install package from ShrinkWrap.json file , I am trying to install package in new machine but command npm install is throwing error npm WARN tar ENOENT: no such file or directory, open '/...
user avatar
  • 902
1vote
0answers
287views

npm install errors out on all packes if npm-shrinkwrap.json is present

node v10.15.0 npm v6.4.1 I inherited a project that has an npm-shrinkwrap.json next to the package.json. When I run npm install I get errors like the following for the files in every single ...
user avatar
  • 159
0votes
1answer
1kviews

npm-shrinkwrap.json: Could not install from "node_modules/react-navigation/react-native-tab-view@github:react-navigation/react-native-tab-view

I tried to run an npm install this morning on a React Native 0.53.3 project with "react-navigation": "1.5.11", and I got this error: npm ERR! code ENOLOCAL npm ERR! Could not install from "...
user avatar
  • 11.3k
6votes
0answers
97views

npm-shrinkwrap.json appends ?dl=https://registry.npmjs.org/... to all "resolved" properties

When I am using the command npm install all resolved properties of npm-shrinkwrap.json append ?dl=https://registry.npmjs.org/<package-name>. Example ..., "@types/hammerjs": { "version": "2.0....
user avatar
34votes
1answer
977views

NPM lockfiles/shrinkwrap get random "dl" parameter tacked on to the "resolved" URL

Our company uses an Artifactory repository for storing internally-published packages and as a proxy for the NPM registry. Sometimes the resolved field in lockfiles/shrinkwrap files is as expected, ...
user avatar
  • 75k
0votes
2answers
780views

Why package-lock.json is created if npm already have the npm-shrinkwrap.json for locking purpose?

npm-shrinkwrap.json: Lock down the node_modules tree as well as dependencies and nested dependencies to prevent the package code breaking on other machines. package-lock.json: Lock down the ...
user avatar
2votes
0answers
288views

create or derive package-lock.json file from npm-shrinkwrap.json

Previously we had old version of npm and I used npm-shrinkwrap.json file to lock down the dependencies. Now we upgarded to npm 6 and I want to use package-lock.json instead of old npm-shrinkwrap.json ...
user avatar
7votes
1answer
6kviews

Understanding NPM shrinkwrap

Recently discovered npm-audit and on the first run it flagged a lot of vulnerabilities, mostly around packages and their dependencies. Wanting to get these vulnerabilities resolved I have discovered ...
user avatar
  • 14.5k
1vote
0answers
41views

How to upgrade package.json and npm-shrinkwrap.json to the latest node v8.11.1

I have a CLI git repository that contains list of modules of package.json and npm-shrinkwrap.json files.Currently this works fine with node v6.11.1,I want to upgrade it to support to the latest node ...
user avatar
6votes
1answer
1kviews

Updating an indirect dependency in shrinkwrapped project

Is there a good way with npm (I'm on npm@5) to do a version bump for a nested dependency in a shrinkwrapped/lockfiled project? Doing an npm install package@latest --save will update the shrinkwrap ...
user avatar
  • 75k
0votes
1answer
39views

Where do libraries come from that are in npm-shrinkwrap but don't correspond to package.json

I have an npm-shrinkwrap file with express in it as a main dependency. However, I don't have express as a dependency in my package.json file. I don't see it used in my project anywhere. I don't ...
user avatar
  • 1,574
1vote
1answer
988views

Add git hook to watch for files' changes

I am trying to create a git hook that evaluate the package.json for changes and auto-runs the shrinkwrapper and commits the changed file to a repository. I have tried a lot, but could not get a ...
user avatar
  • 221
0votes
1answer
323views

How to solve dependency conflict between js-data-angular and js-data-http

I'm currently working on a project, the project has 2 npm packages installed: js-data-http and js-data-angular. The problem is js-data-http requires js-data@>=3.0.0 and js-data-angular requires ...
user avatar
  • 225
0votes
1answer
525views

How is the shrinkwrap file generated?

When locking down node modules using shrinkwrap, how is the npm-shrinkwrap.json file generated? Does it recursively check node_modules folder and get it's info there? I'm asking because I did a npm ...
user avatar
  • 5,844
189votes
4answers
70kviews

What is the difference between npm-shrinkwrap.json and package-lock.json?

With the release of npm@5, it will now write a package-lock.json unless a npm-shrinkwrap.json already exists. I installed npm@5 globally via: npm install npm@5 -g And now, if a npm-shrinkwrap.json ...
user avatar
  • 48.9k
2votes
1answer
616views

How do I omit a package from being included in my yarn.lock file?

So in my package.json I have a bunch of npm libs, and one private repo being pulled in from a git ssh url which needs to always be the latest build. The yarn.lock adds the git sha and yarn upgrade etc ...
user avatar
  • 75.3k
4votes
1answer
10kviews

reduce size of node_modules for production

I created node_modules for uploading addon to online site from localhost with help of ngrok and using npm install in CommandPrompt. But the created node_modules folder size was 78mb. In that case i ...
user avatar
1vote
1answer
342views

Why does npm shrinkwrap replace a version designation with a url for the from field?

I changed the name of a package I was working on and so I reran npm shrinkwrap. I didn't change any of the fields for the other dependencies. I noticed something odd where npm shrinkwrap changed the ...
user avatar
  • 6,247
0votes
1answer
785views

npm shrinkwrap complaining of missing dependencies

I have been building releases in my CI environment by checking out from source control, running npm install on a clean directory, followed by npm dedupe && npm shrinkwrap. This has been ...
user avatar
  • 1,453
1vote
1answer
142views

Foreach undefined for data that comes from query

My query works fine, if I do not use shrinkwrap or yarn on my aws ubuntu 14.04 machine. However, the same query works fine with shrinkwrap/yarn on local machine, but somehow they don't work on aws ...
user avatar
0votes
1answer
20views

can npm-shrinkwrap be installed while project is already started

I am currently half way through my node.js project and now, I want to install npm-shrinkwrap for dependency management. SO is it ok, if I do it now, or I should not do it right now.
user avatar
4votes
0answers
155views

Should a JS package have a shrinkwrap?

I understand that using npm shrinkwrap helps to lock down dependencies to help guarantee a replicable build for an application. My question is, what if you're building a module instead of an ...
user avatar
  • 4,886
0votes
0answers
531views

npm shrinkwrap (undesirably) falling back onto package.json

I'm using npm-shrinkwrap to lock down my project dependencies. However I'm running into one issue. It seems as though if you remove a dependency from the npm-shrinkwrap.json then node backs on to the ...
user avatar
  • 1,400
2votes
1answer
2kviews

Force dependency to use specific sub dependency version

I am building my website code with webpack and npm modules and sutmbled upon the following problem: My code uses jQuery 3.1.1 and adds some plugins to it. I am also using a dependency that has a sub-...
user avatar
  • 1,667
1vote
1answer
92views

Why does npm-shrinkwrap flip-flops between names and URLs every time?

Using: node v4.6.2, npm 2.15.5, nvm 0.29.0, Homebrew 1.1.1-64-g17bad9a, macOS 10.12.1 Steps: I update package.json, delete all my modules: rm -fr node_modules, reinstall everything: nvm exec npm ...
user avatar
  • 324
4votes
0answers
639views

Upgrading npm project version to a release candidate - UNMET PEER DEPENDENCY

So, I need to upgrade my npm dependency on "react" to 15.4.0-rc.4 I have tried both updating the value in my package.json to "^15.4.0-rc.4" and removing the dependency then running npm install react@...
user avatar
5votes
1answer
2kviews

How to delete all nested keys with JQ

I would like to delete all the resloved from a npm shrinwrap json file. this is causing a problem when running npm install on other machine. "cssstyle": { "version": "0.2.37", "from": "...
user avatar
  • 8,204
1vote
2answers
668views

How check consistency npm-shrinkwrap.json and package.json

Sometimes my team members forgot to update npm-shrinkwrap.json after update package.json. I know this package from uber, but it can not be used with npm v3. So now it is not solution. Do have I ...
user avatar
  • 4,647
96votes
3answers
46kviews

How do I override nested dependencies with `yarn`?

If my package has these dependencies { "name": "my-package", "dependencies": { "foobar":"~1.0.3", "baz":"2.0.9" } And the foobar package has these dependencies { "name": "foobar", "dependencies"...
user avatar
  • 34.7k
2votes
1answer
271views

npm shrinkwrap vs install passing the --save-exact flag

What's the different between using npm shrinkwrap or always installing dependencies passing the -E or --save-exact|-E flag? ie.: $ npm i redux -SE -SE being the shorthand to --save --save-exact I ...
user avatar
  • 5,652
1vote
0answers
506views

How to make sure npm install uses data from npm-shrinkwrap.json

In my javascript project I want to freeze the dependencies. For this I'm using npm-shrinkwrap https://docs.npmjs.com/cli/shrinkwrap I do the things that are written in the doc, and it works, but I ...
user avatar
  • 10.1k
1vote
0answers
173views

NPM shrinkwrap use local module as dependency

I am currently using cropper and have jquery@latest in my package.json. However, cropper requires jquery as its own dependency which ends up with two versions of jquery being installed and used. I ...
user avatar
  • 9,749
0votes
1answer
193views

npm shrinkwrap contains paths to localhost

After running npm shrinkwrap I find that we have many references to localhost: egrep localhost npm-shrinkwrap.json "resolved": "http://localhost:4873/constants-browserify/-/constants-browserify-...
user avatar
  • 4,080
7votes
1answer
4kviews

fsevents (pulled in by chokidar) in npm shrinkwrap causes build to fail on Windows

OSX only fsevents is listed in the npm shrinkwrap because it's pulled in by chokidar. Our production is Linux based and it didn't cause any trouble there, obviously OSX developers are fine too, but it ...
user avatar
  • 8,852
0votes
1answer
200views

Shipping node.js project with custom dependencies

I fixed a couple of issues in nested dependencies of my node.js project (dependencies are managed by npm). These fixes are pending pull requests and thus aren't published. What's the best way to use ...
user avatar
  • 2,981
3votes
1answer
498views

How to shrinkwrap symlink node module created with 'npm link'?

I work on two repositories at once. One depends on the other (listed in package.json dependencies). So I am using npm link ..\theOne in other to work on both modules at once. As a result I can test ...
user avatar
3votes
3answers
2kviews

Transparently install npm packages offline, from a custom filesystem directory

Editor's note: The question's original title was "Use npm install to install node modules stored on a local directory", which made the desire to transparently redefine the installation source less ...
user avatar
  • 199
0votes
1answer
25views

How to check which dependecy introduce which in npm?

package.json lists all direct dependencies of the app. While npm-shrinkwrap.json lists all dependencies in a quite flat format (seems it puts child's dependencies as root's dependencies whenever ...
user avatar
4votes
1answer
3kviews

Using a shared npm node_modules/ for multiple workspaces on the same server

Our Jenkins/CI server runs hundreds of builds a day for our node/js project, and I would like to be able to run each build in a completely clean workspace. However, the npm install step can take >10 ...
user avatar
  • 1,520
4votes
1answer
3kviews

How can I switch between a linked npm dependency (in development) and an installed dependency (in staging/prod)?

I have a custom npm module that I am working on, and it has a GitHub repo. I'm also working on a project that uses the custom module. When working on the larger project, it is nice to use npm link so ...
user avatar
  • 1,383
0votes
1answer
197views

Meteor NPM : Couldn't run `npm shrinkwrap`

I've looked high and low for how to fix this, couldn't figure it out. Running a React - Meteor app, meteorhacks:npm and browserify. Error: While building package npm-container: error: couldn't run `...
user avatar
7votes
3answers
3kviews

When to use shrinkwrap, npm-lockdown, or npm-seal

I'm coming from a background much more familiar with composer. I'm getting gulp (etc) going for the build processes and learning node and how to use npm as I go. It's very odd (again, coming from a ...
user avatar
  • 9,987
3votes
0answers
96views

ECONNRESET Errors when using npm-shrinkwrap via ProGet

We are seeing ECONNRESET issues when using a shrinkwrapped package installed through our internal ProGet server. When configuring npm registry to be the regular npm registry and shrinkwrapping a ...
user avatar
  • 1,510
5votes
1answer
2kviews

npm update packages recursively

I have a project like this I want to update all private_mod version (root and nested levels) to 1.3.2. Is there a npm way to do so? Note: Each dependecy (dep-1, dep-2, dep-3) have their own package....
user avatar
  • 735
4votes
2answers
3kviews

Why does `npm install` use the shrinkwrap's 'resolved' property

I am considering setting up a local npm mirror such as "npm_lazy" on my computer. But it seems like npm install and npm shrinkwrap don't work well with local mirrors. Let me explain. When there is ...
user avatar
  • 10.6k

15 30 50 per page