JSPM

@fizker/fix-lockfile

1.1.2
    • ESM via JSPM
    • ES Module Entrypoint
    • Export Map
    • Keywords
    • License
    • Repository URL
    • TypeScript Types
    • README
    • Created
    • Published
    • Downloads 3
    • Score
      100M100P100Q46980F
    • License WTFPL

    A tool for fixing some of the worst of the npm shrinkwrap noise

    Package Exports

    • @fizker/fix-lockfile

    This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@fizker/fix-lockfile) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

    Readme

    fix-lockfile

    A small utility for reverting integrity-only changes in the NPM lockfiles. It does this by analyzing the lockfile and discard changes to any package that is only an integrity change.

    Note: This tool requires that your project uses git, since it uses git to find the unmodified lockfile.

    Usage

    The expected usage is to execute this after generating a lockfile. The steps are the following:

    First, add the NPM hook to package.json:

    ...
"scripts": {
    ...
    "postshrinkwrap": "fix-lockfile package-lock.json",
},
...

    Note: If your project uses npm-shrinkwrap.json instead of package-lock.json, update the reference in the script.

    Then install the package:

    npm install --save-dev @fizker/fix-lockfile

    That's all there is to it. Any time NPM rebuilds the lockfile, including installing the fix-lockfile dependency, the script will be executed and the lockfile will be cleaned of integrity-only changes.