Currently, all node modules in package.json are using * as the version number, my application is quite stable with those node modules, so I want to fix their version numbers in package.json, so that I can run npm install in other places to install node modules with expected versions.
Is there a way to do it quickly instead of changing them one by one manually?
Such as some console commands, npm fixversion module_a module_b ...?
You're looking for
npm shrinkwrap See the documentation here for more information.
It will generate an npm-shrinkwrap.json with the current versions, and it takes precedence over package.json, so you can delete that file and npm update if you wish.
UPDATE
Here is a little script that writes out the package.json with the versions from the npm-shrinkwrap.json to a new file, package-lockdown.json:
var fs = require('fs'); var p = JSON.parse( fs.readFileSync( 'package.json') ); var v = JSON.parse( fs.readFileSync( 'npm-shrinkwrap.json') ); updateDependencies( p.dependencies, v.dependencies ); updateDependencies( p.devDependencies, v.dependencies ); fs.writeFileSync( 'package-lockdown.json', JSON.stringify( p, null, 2 ) ); function updateDependencies( list, v ) { for ( var d in list ) list[d] = v[d].version; } The above script updates devDependencies aswell, so be sure to either remove that line or run npm shrinkwrap --dev before running the script.
module_a that depends on module_b, the npm-shrinkwrap.json would contain both module_a and module_b, in case I only want module_a.
module_a specifies a version range for module_b, and module_b gets a new release, then someone running npm install won't get the exact same packages.