Why is my package-lock.json getting updated from specific versions to GENERIC semantic versions?
After running npm install...
Here's the diff:
Here's an actual code snippet:
BEFORE
"@babel/highlight": {
"version": "7.0.0-beta.54",
"resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.0.0-beta.54.tgz",
"integrity": "sha1-FV1Qc1gym45waJcAF8P9dKmwhYQ=",
"requires": {
"chalk": "2.4.1",
"esutils": "2.0.2",
"js-tokens": "3.0.2"
},
"dependencies": {
"ansi-styles": {
"version": "3.2.1",
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
"integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
"requires": {
"color-convert": "1.9.0"
}
},
AFTER
"@babel/highlight": {
"version": "7.0.0-beta.54",
"resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.0.0-beta.54.tgz",
"integrity": "sha1-FV1Qc1gym45waJcAF8P9dKmwhYQ=",
"requires": {
"chalk": "^2.0.0",
"esutils": "^2.0.2",
"js-tokens": "^3.0.0"
},
"dependencies": {
"ansi-styles": {
"version": "3.2.1",
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
"integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
"requires": {
"color-convert": "^1.9.0"
}
},
Isn't the whole point of this file to describe an exact snapshot of your current dependency tree?
My npm version is 6.4.1
A very detailed explanation was posted on this thread (asking much the same question). Thank you, Rhys Arkins!
https://github.com/npm/npm/issues/20434#issuecomment-402988364