Need for both package.json, package-lock.json files in an angular application

Issue

Im new in angular. When I got sample angular app installed using angular-cli, I saw package.json and package-lock.json files defined. Among these files, package-lock.json files has exact dependencies defined and package.json has other major facts like author, description, keywords etc. I found this related link as useful.

My doubt is why data detailed in package-lock.json be also included in package.json file so that there is no need of two separate package json files. Two files with similar data to an extend can be confusing especially for a beginner, right?

Solution

Additional read up:

Everything You Wanted To Know About package-lock.json But Were Too Afraid To Ask

https://github.com/npm/npm/pull/17508

Package-lock is a large list of each dependency listed in your package.json, the specific version that should be installed, the location of the module (URI), a hash that verifies the integrity of the module, the list of packages it requires, and a list of dependencies.

Because the package-lock specifies a version, location and integrity hash for every module and each of its dependencies, the install it creates will be the same, every single time. It won’t matter what device you are on, or when in the future you install, it should give you the same result every time, which is very useful.

Answered By – Pushkar Adhikari

Answer Checked By – Jay B. (AngularFixing Admin)

Leave a Reply

Your email address will not be published.