In a team set up, usually, I have faced merge conflicts in package-lock.json and my quick fix has always been to delete the file and regenerate it with npm install. I have not seriously thought about the implication of this fix because it has not caused any perceivable problem before.
Is there a problem with deleting the file and having npm recreate it that way instead of resolving the conflicts manually?
Kenil Vasani
Yes it can have bad side effects, maybe not very often but for example you can have in package.json
"moduleX": "^1.0.0"and you used to have"moduleX": "1.0.0"inpackage-lock.json.By deleting
package-lock.jsonand runningnpm installyou could be updating to version 1.0.999 of moduleX without knowing about it and maybe they have created a bug or done a backwards breaking change (not following semantic versioning).Anyway there is already a standard solution for it.
package.jsonnpm install --package-lock-onlyhttps://docs.npmjs.com/configuring-npm/package-locks.html#resolving-lockfile-conflicts