Is it still necessary to fetch metadata for every package when package-lock.json exists?

(otakustay) #1

npm install will fetch metadata for every package even when package-lock.json exists and is used to keep node_modules's structure stable.
There is already the tarball URL and integrity for both direct and indirect dependencies in package-lock.json, tarballs can be cached in npm cache, however large amount of metadata HTTP request still slows down the speed of install.
It seems possible to construct the ideal tree from package-lock.json, so it is possible that in a future release we can have an option to disable metadata fetching in installs?

(system) #2

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.