package-locks | npm Docs
To prevent this potential issue, npm uses package-lock.json or, if present, npm-shrinkwrap.json. These files are called package locks, or lockfiles. Whenever you run npm install, npm generates or updates your package lock, which will look something like this: { "name": "A", "version": "0.1.0", ...metadata fields... "dependencies": { "B": {