I have experienced a lot of pain with npm modules over the past year or so. I would largely attribute my pain to three main things:
Today, I was listening to JavaScript Jabber episode 127 and they mentioned a feature of npm of which I was not aware, but is a total game changer. The npm command shrinkwrap will create a file called npm-shrinkwrap.json
which will ‘lock-in’ every version of every one of your npm dependencies as well as your dependencies’ dependencies and so on down the chain. When you have an npm-shrinkwrap.json
file in addition to your package.json
file an npm install
will use the dependencies listed in npm-shrinkwrap.json
instead of re-resolving the whole dependency tree again based on your package.json
file as well as the package.json
file for all of your dependencies and their dependencies.
This is a great feature, I wish I would have known about it a year ago. This will definitely help resolve a lot of issues for me personally.