DEV Community

loading...

Node.js : Locking modules to specific versions

rajeshkumaryadavdotcom profile image RajeshKumarYadav.com Updated on ・1 min read

By default, npm installs the latest available version of modules according to each dependencies' semantic version. This can be problematic if a module author doesn't adhere to semver and introduces breaking changes in a module update, for example.

To lock down each dependencies' version (and the versions of their dependencies, etc) to the specific version installed locally in the node_modules folder, use

npm shrinkwrap
Enter fullscreen mode Exit fullscreen mode

This will then create a npm-shrinkwrap.json alongside your package.json which lists the specific versions of dependencies

Buy Me A Coffee

With all that being said, I highly recommend you keep learning!

Thank you for reading this article. Please feel free to connect with me on LinkedIn and Twitter.

Discussion (4)

Collapse
jamesthomson profile image
James Thomson

Hi Rajesh, how is this different/better than specifying the version when you install? e.g. npm install packagename@1.0.0

Collapse
rajeshkumaryadavdotcom profile image
RajeshKumarYadav.com Author

You can use this as an alternative by defining packagename@version but the way I explained you need not have to run npm install for every package manually.

Collapse
kak_kotyavo profile image
KAK KOTYAVO!

if something is broken, you can fix it through npmjs.com/package/patch-package

Collapse
rajeshkumaryadavdotcom profile image
RajeshKumarYadav.com Author

That's a good one :)

Forem Open with the Forem app