I have experienced a lot of pain with npm modules over the past year or so. I would largely attribute my pain to three main things:
npm-shrinkwrap.json which will ‘lock-in’ every version of every one of your npm dependencies as well as your dependencies’ dependencies and so on down the chain. When you have an
npm-shrinkwrap.json file in addition to your
package.json file an
npm install will use the dependencies listed in
npm-shrinkwrap.json instead of re-resolving the whole dependency tree again based on your
package.json file as well as the
package.json file for all of your dependencies and their dependencies.
This is a great feature, I wish I would have known about it a year ago. This will definitely help resolve a lot of issues for me personally.