Reputation: 6240
npm shrinkwrap vs install passing the --save-exact flag
What's the different between using npm shrinkwrap or always installing dependencies passing the -E or --save-exact|-E flag?
ie.: $ npm i redux -SE -SE being the shorthand to --save --save-exact
I guess shrinkwrap will also take care of locking 'dependencies of our first level dependencies' but would it be a bad practice to always use --save-exact instead? If not, when or why would we ever need use the --save-exact flag?
Edit: I'm also starting to see people suggesting to config npm to install exact versions of dependencies by default:
ie.: $ npm config set save-exact=true
Now, if we do that, do we still need to shrinkwrap our project?
Upvotes: 2
Views: 337
Answers (1)
Reputation: 53
save-exact work like just save this version for you but it wont lock dependecies of dependencies
shrinkwrap makes deep locking.
Upvotes: 1
Related Questions
- Understanding NPM shrinkwrap
- What is the difference between npm-shrinkwrap.json and package-lock.json?
- When are you not supposed to use the shrinkwrap & lock files that NPM produces?
- Project only works when I include npm-shrinkwrap.json - Any downsides to continuing this way?
- Check in node_modules vs. shrinkwrap
- npm-update with npm-shrinkwrap.json
- When to use shrinkwrap, npm-lockdown, or npm-seal
- Why does `npm install` use the shrinkwrap's 'resolved' property
- Does npm shrinkwrapping a module in npm do anything?
- Node.js shrinkwrapped package.json causes npm install to update new versions regardless