Current behaviour: Everytime I run npm install this file, package-lock.json gets created and gets added to the git changes.
Should this be ignored by git?
HirdayGupta
All 7 comments
package-lock.json is a new concept introduced in NPM 5.0.0, released very recently. If this is anything like Rails' Gemfile.lock, then it needs to be source-controlled, but we'd need some time to study it first.
wkurniawan07
on 17 Jun 2017
Noticed this too after updating npm on my system. I like the latest version; npm install completes much more quickly now :)
whipermr5
on 17 Jun 2017
Ahh, understood @wkurniawan07. So for now, I shouldn't be committing the changes to package-lock.json along with PRs, correct?
HirdayGupta
on 17 Jun 2017
It seems apt to add package-lock.json to VCS. @whipermr5 any thoughts?
wkurniawan07
on 18 Jun 2017
Just read through https://docs.npmjs.com/files/package-lock.json. Sounds good!
whipermr5
on 19 Jun 2017
To the one working on this issue: this also calls for making Node.js v8 the minimum requirement. Strictly speaking it's NPM v5, but since it comes under Node.js v8, we might as well make that one the minimum requirement, and Node.js v8 will be entering LTS phase soon anyway.
wkurniawan07
on 26 Jun 2017
Done quite a while back
wkurniawan07
on 1 Aug 2020
Related issues
whipermr5
路
4Comments
whipermr5
路
3Comments
keoren3
路
3Comments
sujeet14108
路
4Comments
JosephineKwa
路
4Comments
Most helpful comment
Noticed this too after updating
npmon my system. I like the latest version;npm installcompletes much more quickly now :)