Copying (and editing) from https://github.com/npm/npm/issues/16728. I’m not the original reporter, but this bug affects a project I care about so I’m moving the bug report to the current issue tracker.
What I Wanted to Do
I started with a package_lock.json which was copied from an old npm_shrinkwrap.json - it was updated when I ran
npm install with a clean node_modules directory.
Then I git committed and pushed the changed lockfile.
Then I ran
npm install again, expecting no changes
What Happened Instead
…and there were a few slight changes to the lockfile.
package.json dependencies: https://gist.github.com/thomblake/29fa300ba7a701696f4eefdb2d4ab8ae
package_lock.json after first install: https://gist.github.com/thomblake/7d5dc1f9d5f32ce22f2a9a3b6a5f2adf
package_lock.json after second install: https://gist.github.com/thomblake/fa0c351f01ec17ec3cde5e22ef6388dd
diff between lockfiles: https://gist.github.com/thomblake/65ac6f2c30e7289b520149519f1c2b49
npm config get registryprints:
- Windows, OS X/macOS, or Linux?: OS X
- Network issues:
- Geographic location where npm was run: San Leandro, CA
$ npm --versions <!-- paste output here --> $ node -p process.platform <!-- paste output here -->