skip to Main Content

I’m using pnpm for package management in my project and VS code editor. However, every time I save changes to package.json, a package-lock.json file gets automatically generated, even though I’m not using npm.

Additional Information:

bootstrap command:

pnpm create expo-app

.npmrc

node-linker=hoisted
package-lock=false

project structure:

folder structure screenshot

Question:

Why does package-lock.json keep getting generated, and how can I prevent it from being created when using pnpm?

Update:

I deleted package-lock.json and reinstalled all the packages using the terminal. However, when I opened it again in VS Code, it regenerated package-lock.json. I think some malicious VS Code extension might be causing this. Do you have any ideas on how I can debug this?

2

Answers


  1. In vs code settings look up npm. There is a dialog called NPM Auto Detect.
    Set it to off. That should work

    Login or Signup to reply.
  2. I had the same problem but with yarn. I tried it with pnpm too and it was still there. I fixed it with deactivating the Red Hat Dependency Analytics extension. I don’t know if it’s a wanted behaviour or if it’s a bug on VSCode’s/extension’s side.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search