DEV Community

Posted on • Updated on

Node.js : Locking modules to specific versions

By default, npm installs the latest available version of modules according to each dependencies' semantic version. This can be problematic if a module author doesn't adhere to semver and introduces breaking changes in a module update, for example.

To lock down each dependencies' version (and the versions of their dependencies, etc) to the specific version installed locally in the node_modules folder, use

npm shrinkwrap
Enter fullscreen mode Exit fullscreen mode

This will then create a npm-shrinkwrap.json alongside your package.json which lists the specific versions of dependencies

Buy Me A Coffee

With all that being said, I highly recommend you keep learning!

Thank you for reading this article. Please feel free to connect with me on LinkedIn and Twitter.

Top comments (4)

jamesthomson profile image
James Thomson

Hi Rajesh, how is this different/better than specifying the version when you install? e.g. npm install packagename@1.0.0

rajeshkumaryadavdotcom profile image

You can use this as an alternative by defining packagename@version but the way I explained you need not have to run npm install for every package manually.

kak_kotyavo profile image

if something is broken, you can fix it through

rajeshkumaryadavdotcom profile image

That's a good one :)