npm WARN old lockfile The package-lock.json file was created with an old version of npm
I've a dockerfile as below, but during RUN npm ci
step, there is a warning,
npm WARN old lockfile The package-lock.json file was created with an old version of npm
which I can not able to figure out..
I tried with npm install rather npm ci and added the --package-lock
flag, but I am still getting this warning. It’s a kind of warning. Do I have to ignore it or what should I do to solve this?
Step 12/26 : RUN npm ci --production --package-lock && npm ci --production --package-lock --prefix ./ui-runner
---> Running in 3473c209b98c
npm WARN old lockfile
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile
npm WARN old lockfile This is a one-time fix-up, please be patient...
npm WARN old lockfile
Here is my Dockerfile.
FROM node:14.17.1-alpine3.13 AS builder
WORKDIR /usr/src/app
COPY package.json package-lock.json* ./
COPY ui-runner/package*.json ./ui-runner/
COPY .npmrc .npmrc
COPY ui-runner/.npmrc ./ui-runner/.npmrc
RUN npm -g install [email protected]
RUN npm ci --production --package-lock && \
npm ci --production --package-lock --prefix ./ui-runner
RUN rm -f .npmrc && \
rm -f ui-runner/.npmrc
FROM node:14.17.1-alpine3.13
WORKDIR /usr/src/app
RUN apk update && apk add --no-cache curl bash
RUN addgroup -g 1001 test && \
adduser -S -u 1001 -G test test
RUN chown -R test /usr/src/app && \
chmod 755 /usr/src/app
COPY --from=builder /usr/src/app /usr/src/app
COPY . .
RUN npm run build:docker
USER test
EXPOSE 3000 9183
CMD [ "npm", "run", "start:ui-runner" ]
Solution 1:
There are several ways to deal with this:
-
Ignore it. It's just a warning and does not affect the installation of modules.
-
Run
npm ci
to make sure yournode_modules
reflects the lock file, then removepackage-lock.json
, and then runnpm install
(with the newer version ofnpm
) to regenerate apackage-lock.json
. Because everything innode_modules
will meet all the requirements, the only change fromnpm install
will be a newly-generatedpackage-lock.json
file. Commit the updated version ofpackage-lock.json
to the repo/Docker image or whatever. -
Downgrade
npm
to an older version in production. Consider runningnpm
version 6 as that is what ships with the current (as of this writing) Long Term Support (LTS) version of Node.js. In the case being asked about in this question, I imagine you can just leave out theRUN npm -g install [email protected]
from the Dockerfile and instead use the version ofnpm
that is installed with the Docker image (which in this case will almost certainly benpm@6
since that is what ships with Node.js 14.x). -
If you already have a version of
npm
installed but want to run one command with an older version ofnpm
but otherwise keep the newer version, you can usenpx
(which ships withnpm
) to do that. For example,npx npm@6 ci
would runnpm ci
withnpm
version 6 even if you have version 7 installed.
Solution 2:
I had a similar problem but upgrading npm npm i -g npm
on my machine before building the image solved it for me. You may still get the warn message but the image build process won't be halted.
Solution 3:
I am having the same problem as well after upgrading my npm version. It seems like a bug from npm 7.19.1, and I'd suggest to downgrade to an older version.
You can check below for all the npm versions
https://www.npmjs.com/package/npm?activeTab=versions
Install the desired version with this command in the console, and substitute "V" with your desired version:
npm install -g npm@"V"
Solution 4:
An easy solution to this is to use NVM to manage your node versions. Especially on Linux this saves a lot of trouble with file permissions, developing in different environments, etc. NPM recommends this in their documentation here.
This error for me was solved by switching Node.js versions with nvm,
nvm install 14
nvm use 14
It is always an easy thing to try and switch to a slightly older or newer Node.js version if you are running into weird Node.js or npm issues.
Solution 5:
TL;DR
As Trott suggested it is totally fine to ignore the warning. To fix the warning/problem keep reading.
The problem/warning is with the line:
RUN npm -g install [email protected]
Removing this line should fix the problem/warning.
Explanation
The package-lock generated which is part of your source repository ideally is generated with npm version < npm@7
which ships with Node.js <= [email protected]
. My guess comes from your first line of Dockerfile.
FROM node:14.17.1-alpine3.13 AS builder
For example Node.js LTS v14.17.1
ships with [email protected]
. See the full release list here.
npm@5
, npm@6
generate package-lock@v1
, which is now a legacy release as per this link. And npm@7
which is the latest release generates package-lock@v2
. When you do: npm -g install [email protected]
. It overrides your existing package-lock@v1
with package-lock@v2
giving out the warning in the process.`
npm WARN old lockfile The package-lock.json file was created with an old version of npm`
The updated Dockerfile should look like this:
FROM node:14.17.1-alpine3.13 AS builder
WORKDIR /usr/src/app
COPY package.json package-lock.json* ./
COPY ui-runner/package*.json ./ui-runner/
COPY .npmrc .npmrc
COPY ui-runner/.npmrc ./ui-runner/.npmrc
RUN npm ci --production --package-lock && \
npm ci --production --package-lock --prefix ./ui-runner
RUN rm -f .npmrc && \
rm -f ui-runner/.npmrc
FROM node:14.17.1-alpine3.13
WORKDIR /usr/src/app
RUN apk update && apk add --no-cache curl bash
RUN addgroup -g 1001 test && \
adduser -S -u 1001 -G test test
RUN chown -R test /usr/src/app && \
chmod 755 /usr/src/app
COPY --from=builder /usr/src/app /usr/src/app
COPY . .
RUN npm run build:docker
USER test
EXPOSE 3000 9183
CMD [ "npm", "run", "start:ui-runner" ]