orange-tailor-85423
10/29/2018, 8:25 PMwhite-balloon-205
package-lock.json
to ensure others pick up the exact same versions. This is generally a good idea for any shared codebase.orange-tailor-85423
10/29/2018, 8:31 PMorange-tailor-85423
10/29/2018, 8:31 PMorange-tailor-85423
10/29/2018, 8:33 PMorange-tailor-85423
10/29/2018, 8:33 PMcreamy-potato-29402
10/29/2018, 8:52 PMcreamy-potato-29402
10/29/2018, 8:53 PMpackage-lock.json
creamy-potato-29402
10/29/2018, 8:54 PMnpm install
it will try to find versions of the dependencies that satisfy the constraints specified in package.json
creamy-potato-29402
10/29/2018, 8:55 PMnpm install
to choose the same versions of these dependencies, even on different machiines, and even if a new version has been released, package-lock.json
is important to have because it does what it says and locks the packages to specific versions. Make sense?quaint-queen-37896
10/29/2018, 9:59 PMquaint-queen-37896
10/29/2018, 10:00 PMnpm ci
to actually pull the same package-lock bitsquaint-queen-37896
10/29/2018, 10:01 PMIf dependencies in the package lock do not match those in package.json, npm ci will exit with an error, instead of updating the package lock.
quaint-queen-37896
10/29/2018, 10:02 PMnpm install --save
uses the "latest patch" syntax, it's highly likely that two installs can pull down different versions.