Welcome to the Treehouse Community

The Treehouse Community is a meeting place for developers, designers, and programmers of all backgrounds and skill levels to get support. Collaborate here on code errors or bugs that you need feedback on, or asking for an extra set of eyes on your latest project. Join thousands of Treehouse students and alumni in the community today. (Note: Only Treehouse students can comment or ask questions, but non-students are welcome to browse our conversations.)

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and a supportive community. Start your free trial today.

JavaScript npm Basics (retiring) Updating and Uninstalling Packages with npm Updating Packages with npm

package-lock.json created when updating packages

Anyone know why this file would be created each time I run npm update? Also, I noticed this file is created whenever I run "npm install [filename] --save"

Thanks for your help!

1 Answer

Hey Nicholas,

The purpose of that lock-file is to protect your dependencies from change. In that sense, it's like package.json but more robust in its documentation of your dependencies. You can still consider your package.json as your source-of-truth, however, since the contents of package.json will override the lock-file. By default, npm (v5+) will create a lock-file every time you run npm install.

Read more here: npm docs Medium article

Much appreciated! That makes sense. I'll take a look at those articles.