Node.js : Locking modules to specific versions

Rajesh Kumar Yadav - May 12 '21 - - Dev Community

By default, npm installs the latest available version of modules according to each dependencies' semantic version. This can be problematic if a module author doesn't adhere to semver and introduces breaking changes in a module update, for example.

To lock down each dependencies' version (and the versions of their dependencies, etc) to the specific version installed locally in the node_modules folder, use

npm shrinkwrap
Enter fullscreen mode Exit fullscreen mode

This will then create a npm-shrinkwrap.json alongside your package.json which lists the specific versions of dependencies

Buy Me A Coffee

With all that being said, I highly recommend you keep learning!

Thank you for reading this article. Please feel free to connect with me on LinkedIn and Twitter.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .