In order for npm to behave as described in the article (honoring versions from package-lock instead of just the latest that will satisfy package.json) you have to run npm ci instead of npm install FYI. docs.npmjs.com/cli/ci.html
npm ci will install from package-lock.json ONLY. So if you manually change the version from package.json it will throw an error.
npm install on the other hand will install from package-lock.json as long as package-lock.json and package.json are in sync. If in any case, package.json has changed then it will install version from package.json and will update the package-lock.json accordingly.
Thanks for reading and pointing out npm ci. Do correct me if I am wrong.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
In order for npm to behave as described in the article (honoring versions from package-lock instead of just the latest that will satisfy package.json) you have to run
npm ci
instead ofnpm install
FYI. docs.npmjs.com/cli/ci.htmlnpm ci
will install from package-lock.json ONLY. So if you manually change the version from package.json it will throw an error.npm install
on the other hand will install from package-lock.json as long as package-lock.json and package.json are in sync. If in any case, package.json has changed then it will install version from package.json and will update the package-lock.json accordingly.Thanks for reading and pointing out
npm ci
. Do correct me if I am wrong.