Recently discovered npm-audit and on the first run it flagged a lot of vulnerabilities, mostly around packages and their dependencies. Wanting to get these vulnerabilities resolved I have discove...

With the release of npm@5, it will now write a package-lock.json unless a npm-shrinkwrap.json already exists. I installed npm@5 globally via: npm install npm@5 -g And now, if a npm-shrinkwrap.j...

I tried installing a package in my react app using npm, and for some reason It fails: it shows the following error: npm ERR! Object for dependency "@babel/generator" is empty. npm ERR! So...

I have a project like this I want to update all private_mod version (root and nested levels) to 1.3.2. Is there a npm way to do so? Note: Each dependecy (dep-1, dep-2, dep-3) have their own pack...

Our company uses an Artifactory repository for storing internally-published packages and as a proxy for the NPM registry. Sometimes the resolved field in lockfiles/shrinkwrap files is as expected, ...

When I am using the command npm install all resolved properties of npm-shrinkwrap.json append ?dl=https://registry.npmjs.org/<package-name>. Example ..., "@types/hammerjs": { "version": "2...

OSX only fsevents is listed in the npm shrinkwrap because it's pulled in by chokidar. Our production is Linux based and it didn't cause any trouble there, obviously OSX developers are fine too, but...

Is there a good way with npm (I'm on npm@5) to do a version bump for a nested dependency in a shrinkwrapped/lockfiled project? Doing an npm install package@latest --save will update the shrinkwra...

If my package has these dependencies { "name": "my-package", "dependencies": { "foobar":"~1.0.3", "baz":"2.0.9" } And the foobar package has these dependencies { "name": "foobar", "dependenci...

I would like to delete all the resloved from a npm shrinwrap json file. this is causing a problem when running npm install on other machine. "cssstyle": { "version": "0.2.37", "from": "cssstyle...

I'm coming from a background much more familiar with composer. I'm getting gulp (etc) going for the build processes and learning node and how to use npm as I go. It's very odd (again, coming from ...

I have a custom npm module that I am working on, and it has a GitHub repo. I'm also working on a project that uses the custom module. When working on the larger project, it is nice to use npm link ...