node package manager


Lock all versions in a local package.json file

lock-versions experimental

Locks all of your package.json's versions to a single version number, matching the best version currently available on npm that satisfies the current range.

Useful mostly for providing more reliable deploys when running node applications in production.

Module Usage


lock(json, done(err, locked))

Given a package.json file passed in as an object literal, query npm for the appropriate versions to use, returning the locked version of the file as an object literal when ready.

var lock = require('lock-versions')
var fs = require('fs')
var pkgFile = __dirname + '/package.json'
var pkg = JSON.parse(
  fs.readFileSync(pkgFile, 'utf8')
lock(pkg, function(err, updated) {
  if (err) throw err
  fs.writeFileSync(pkgFile, JSON.stringify(updated, null, 2))

CLI Usage

You can install this as a command-line tool by running:

npm install -g lock-versions

Which you can use like so:

Usage: lock-versions [file(s)...]
Locks all of your package.json's versions to a single version number,
matching the best version currently available on npm that satisfies the
current range.
Useful mostly for providing more reliable deploys when running node
applications in production.
lock-versions package.json
lock-versions node_modules/*/package.json
cat package.json | lock-versions > package.json


MIT. See for details.