?
R
BashTLDR: Lock down the versions of installed packages and their descendant packages! (Bypasses NPM automated package version manager ~^ for downstream minor upgrades). TLDR: `npm install`, will install packages from npm-shrinkwrap.json not from package.json Using NPM is great because it automatically manages for us package versioning and dependency crisis easily. But problems may arise with dependencies of dependencies (NPM kinda looses control on that and with purpose so that package authors can maintain and upgrade their package.jsons). Basically by using NPM Shrink Wrap it generates the source tree of every dependency and their dependencies.
1# Install normal dependencies
2npm install
3
4# Generate Shrink Wrap Source Tree
5npm shrinkwrap
6
7# Update the npm-shrinkwrap.json and leave only versions that you want to be overriden
8
9# Re-install
10rm -rf node_modules
11npm installCreated on 11/6/2017