Im new in angular. When I got sample angular app installed using angular-cli, I saw package.json and package-lock.json files defined. Among these files, package-lock.json files has exact dependencies defined and package.json has other major facts like author, description, keywords etc. I found this related link as useful.
My doubt is why data detailed in package-lock.json be also included in package.json file so that there is no need of two separate package json files. Two files with similar data to an extend can be confusing especially for a beginner, right?
Additional read up:
Package-lock is a large list of each dependency listed in your package.json, the specific version that should be installed, the location of the module (URI), a hash that verifies the integrity of the module, the list of packages it requires, and a list of dependencies.
Because the package-lock specifies a version, location and integrity hash for every module and each of its dependencies, the install it creates will be the same, every single time. It won’t matter what device you are on, or when in the future you install, it should give you the same result every time, which is very useful.
Answered By – Pushkar Adhikari
Answer Checked By – Jay B. (AngularFixing Admin)