npm install --package-lock-only command to generate a
package-lock.json file without running
--package-lock-only option only updates the
instead of checking your
node_modules folder and downloading dependencies.
Open your terminal in your project's root directory (where your
file is) and issue the following command.
npm install --package-lock-only
argument is set, a
package-lock.json file is generated if it doesn't already
If the file exists, it is updated.
Note that the command doesn't check your
node_modules folder and doesn't
package-lock.jsonfile describes the tree of your node modules, so subsequent installs are able to generate identical trees.
If you need to generate a
package.json file, issue the
npm init -y command.
npm init -y
The command will generate a new
package.json file if it doesn't already exist.
If the file exists, its contents are printed to the terminal.
You can also run the
npm install command to
automatically generate a new
package-lock.json file is automatically generated for all operations that
node_modules directory or your
The npm update command can
also be used to generate or update
If you aren't able to generate a
package-lock.json file, you might have
package-lock configuration in your
You can force generate a
package-lock.json file by setting the
--package-lock argument when issuing
npm install --package-lock
The command will force generate a
package-lock.json file even if the
configuration key is set to
package-lock key is set to
false, then the
is ignored when installing modules.
You can view your current value of the
package-lock key by issuing the
npm config get package-lock
If you want to disable the
package-lock key, set it to
false by issuing the
# disable generating/updating package-lock.json file npm config set package-lock false
Conversely, if you want to enable the
package-lock key, set it to
# enable generating/updating package-lock.json file npm config set package-lock true
You might also have the view your global setting of the
package-lock key by
npm config --global get package-lock
If you need to update the value of the global
package-lock key, use either of
the following commands.
# disable generating/updating package-lock.json file npm config --global set package-lock false # enable generating/updating package-lock.json file npm config --global set package-lock true
You can also manually check the values in your NPM configuration files.
You can view where your user NPM config file is located by issuing the following command.
npm config get userconfig
And you can view where your global NPM config file is located by issuing the following command.
npm config get globalconfig
Note that your
package-lock.json file should be committed to your remote
If you have the file in your
.gitignore file, make sure to remove it.
package-lock.json file is used to:
node_modulesdirectory without having to commit
You might have seen that some repositories use a
The files are very similar and have the same format, however,
npm-shrinkwrap.json is published to the NPM registry and
package-lock.json file is ignored if it is found in any other location
than the root directory.
npm-shrinkwrap.json file is most commonly used when deploying a CLI tool
or when producing production packages.
If you need to generate an
npm-shrinkwrap.json file, issue the following
If your project has both
npm-shrinkwrap.json takes precedence and
package-lock.json is ignored.
You can learn more about the related topics by checking out the following tutorials: