The package-lock.json file: to be or not to be?

S

Sergey delphinpro2019-10-16 16:37:44

npm

Sergey delphinpro, 2019-10-16 16:37:44

The purpose of this file is very clear - to fix the versions of packages used so that an exact copy of node_modules can be deployed.
And I, as expected, save this file in a turnip, along with the source code.
But this is not the first time I step on a rake.
Opened an old project today. It is not very old, three months have passed since the last edit, and I ruled on my wheelbarrow. I clone, that means, the code from the turnip, I run npm install, everything starts up, downloads, builds, rebuilds sass, as a result, everything goes in normal mode, without errors.
I start the dev server npm start, I get an error and a crash from the task (alas, I don’t remember which one). Just in case, I erase node_modules, repeat everything and again the error.
OK. I delete node_modules, delete package-lock.json, install it, run it - everything works.
Does anyone know the reason for this behaviour?
Do you keep the lock file in the turnip yourself?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

I

Ivan Bogachev, 2019-10-16
@sfi0zy

Does anyone know the reason for this behaviour?

I encountered the same problem and got the impression (possibly erroneous) that npm silently caches the lock files themselves and then, if it sees the presence of such a file in the old location, it uses its cached version to install dependencies, and already during the scripts run " discovers" that the versions of everything don't match and crashes with weird errors that don't google at all. Such errors did not occur on a virgin-fresh laptop and appeared on it after some time. And then I hard-cleaned the entire npm cache with my hands and everything worked fine again. Maybe it's a coincidence, but it's very suspicious...