mirror of
https://github.com/nodejs/node.git
synced 2025-05-16 05:43:02 +00:00
4a3ccd8938
PR-URL: https://github.com/nodejs/node/pull/32368 Refs: https://github.com/nodejs/node/issues/32296 Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
35 lines
1.3 KiB
Markdown
35 lines
1.3 KiB
Markdown
---
|
|
section: configuring-npm
|
|
title: shrinkwrap.json
|
|
description: A publishable lockfile
|
|
---
|
|
|
|
# npm-shrinkwrap.json(5)
|
|
|
|
## A publishable lockfile
|
|
|
|
### Description
|
|
|
|
`npm-shrinkwrap.json` is a file created by [`npm shrinkwrap`](/cli-commands/shrinkwrap). It is identical to
|
|
`package-lock.json`, with one major caveat: Unlike `package-lock.json`,
|
|
`npm-shrinkwrap.json` may be included when publishing a package.
|
|
|
|
The recommended use-case for `npm-shrinkwrap.json` is applications deployed
|
|
through the publishing process on the registry: for example, daemons and
|
|
command-line tools intended as global installs or `devDependencies`. It's
|
|
strongly discouraged for library authors to publish this file, since that would
|
|
prevent end users from having control over transitive dependency updates.
|
|
|
|
Additionally, if both `package-lock.json` and `npm-shrinkwrap.json` are present
|
|
in a package root, `package-lock.json` will be ignored in favor of this file.
|
|
|
|
For full details and description of the `npm-shrinkwrap.json` file format, refer
|
|
to the manual page for [package-lock.json](/configuring-npm/package-lock-json).
|
|
|
|
### See also
|
|
|
|
* [npm shrinkwrap](/cli-commands/shrinkwrap)
|
|
* [package-lock.json](/configuring-npm/package-lock-json)
|
|
* [package.json](/configuring-npm/package-json)
|
|
* [npm install](/cli-commands/install)
|