_ _ _____ _ | | ___ ___| | _| ___(_)_ __ | | / _ \ / __| |/ / |_ | \ \/ / | |__| (_) | (__| <| _| | |> < |_____\___/ \___|_|\_\_| |_/_/\_\
lockfix – is a git based CLI tool, which helps to revert sha1
integrity changes of npm lock file
🧬 Table of Contents
❓ Why? 🔝
NPM has known issue of constantly changing integrity
property of its lock file. Integrity may change due to plenty of reasons. Some of them are:
-
npm install
done on machine with different OS from one where lock file generated - some package version updated
- another version of
npm
used
Intention of this tool is to prevent such changes and make integrity
property secure and reliable.
✨ Features 🔝
- Reverts changes from
sha512
tosha1
. Keeps untouched changes fromsha1
tosha512
.sha512
algorithm is more secure. - Works well with both
package-lock.json
andnpm-shrinkwrap.json
- Possibility to revert any changes done by this tool
💾 Install 🔝
Install per project with NPM
npm install --save-dev lockfix
or to install globally
npm install -g lockfix
🔨 Usage 🔝
package.json
Add to "scripts": {
"postshrinkwrap": "lockfix",
},
Manually from terminal
lockfix
or (without install)
npx lockfix
Options
Usage: lockfix [options]
Options:
-V, --version output the version number
-c, --commit make backup commit with revert instruction before applying changes
-f, --force bypass Git root directory check
-q, --quiet suppress output
-h, --help display help for command
📄 License 🔝
This software licensed under the MIT