$ npm shrinkwrap $ npm install
Each time that we execute
it looks for compatible versions and installs them.
If an update is available for the given semver expression
it will look for the newer version and install it.
Usually newer minor or patch versions are compatible with the existing ones, but new bugs or even breaking changes can make our code break.
We can try to fix versions to be installed.
For example: instead of writing
we can write
it will install the exact version 1.0.5, but,
usually the installed libraries have dependencies
in other libraries, they use compatible version nomenclatures
and we cannot change it.
For example, tsify requires
This is the reason why we need to use npm-shrinkwrap in our projects.
It will create a file named
that we can push to our git and it contains all explicit dependencies.
How it works?
Setup your project
Make sure that you have a clean node_modules:
$ rm -fr node_modules/ $ npm install
Check that you application or service is working well.
$ npm shrinkwrap
npm-shrinkwrap.json file to your repository.
$ git add npm-shrinkwrap.json $ git commit $ git push
Create a clone of the branch that you want to install:
# Your commands here $ git clone https://github.com/drpicox/david-rodenas.com --branch master --single-branch $ cd david-rodenas.com
Execute npm install:
$ npm install
Now you can build or run your application service knowing that you have the exact same version of all dependencies.
Adding new dependencies
Install your dependency with –save or –save-dev and npm-shrinkwrap.json will be updated.
$ npm install --save lodash $ git add package.json npm-shrinkwrap.json $ git commit $ git push
It is also recommended to use the offline install for production environments, see npm-offline.