Disable the package-lock.json file

With NPM 5, npm has started to create a “package-lock.json” file.
It ensures that some dependency tree is identical on every developers environment. Official Documentation.

Now, that may be important on some projects. In my personal projects I do not really care. And in the professional projects I did not have any issues how things were done before.

Actually with the new way of doing things, you must first remove the package-lock.json file and then run “npm update” to install newer versions of stuff. Then again, this can cause problems as when some other person also creates the package-lock file, or a merge conflict occurs etc. In the end totally defeating the purpose of the file.

Disabling the Package Lock File for a Project

  1. Create a file called .npmrc
  2. Open the file and add the line package-lock=false

Global Disable

If you currently want to disable the behavior on all projects run

npm config set package-lock false

In the future the feature may be more easy to use. For now I at least will stick to the old way of how to do things.

Posted by happyneal