Reputation: 7902
npm install with --no-package-lock flag - is existing package-lock.json used?
From the npm 5 doc:
The --no-package-lock argument will prevent npm from creating a package-lock.json file.
Does an npm install with --no-package-lock follows the package-lock.json (if already exists) deterministic install / nested locked versions ? Or does it completly ignore it ?
Upvotes: 18
Views: 11432
Answers (2)
Reputation: 9189
For deterministic install you must have an package-lock.json and use npm ci. See https://docs.npmjs.com/cli/v7/commands/npm-ci
This command is similar to npm install, except it's meant to be used in automated environments such as test platforms, continuous integration, and deployment -- or any situation where you want to make sure you're doing a clean install of your dependencies.
Upvotes: 0
Reputation: 7902
Answer from the @npm_support:
Using
--no-package-lockskips the package-lock. It is neither read nor written as if the package-lock feature did not exist.
So the package-lock.json file isn't used at all when the --no-package-lock is on.
Upvotes: 24
Related Questions
- Why does "npm install" rewrite package-lock.json?
- Do I need both package-lock.json and package.json?
- npm install not creating a new package-lock.json
- confusion about npm install and npm update
- package-lock.json is rewritten after npm install
- npm install doesn't apply what is in package-lock.json?
- npm pack and missing package-lock.json
- Why does `npm install` generate different `package-lock.json` files for the same `package.json` file?
- package-lock.json not created with npm install
- Why does not “npm install” rewrite package-lock.json? And also not generate new one if not exist?