Create a package-lock.json file from pnpm-lock.yaml #3367
Replies: 6 comments 28 replies
-
I am searching for the same answer i guess the most easy way is to do simply the migration to npm workspaces then do a npm install and drop pnpm the only compatible file is the package.json you can shim your dev environment like the one from pnpm with npm overrides. That gives you the needed flexebility i am still exploring the patterns so i have no full workflow for that but it is in progress. |
Beta Was this translation helpful? Give feedback.
-
If you need this feature, you need to ask for it in the npm CLI repository. Why would we spend our time on a feature that helps people switch away from pnpm to another package manager? It doesn't make sense. |
Beta Was this translation helpful? Give feedback.
-
It looks like this already may be possible, unless I'm misunderstanding the exact use case: Generate a package-lock.json file without installing dependencies in node_modules: I was only using pnpm for demo projects to save disk space because I needed a package-lock.json on the CI servers, but it looks like I can just generate it via npm while keeping the node_modules symlinked to a central store. I think this means I can now use pnpm for work projects too. |
Beta Was this translation helpful? Give feedback.
-
Sorry to necro this discussion but I wanted to add another POV. This feature would be very useful for my team not because we want to switch away from pnpm or because we want to do some unsupported deploy wizardry. On the contrary, this would be very useful because we don't want to switch away from pnpm, but some of our other tools don't support pnpm. Specifically the issue we're having is with dependency scanning tools like snyk, semgrep, etc. These tools need to read a npm/yarn lock file in order to scan dependencies, but do not support pnpm, thus forcing us to choose between pnpm or dependency scanning (or using a clunky workaround, which is what we're currently investigating) |
Beta Was this translation helpful? Give feedback.
-
|
Beta Was this translation helpful? Give feedback.
-
Just now I found https://github.com/oss-review-toolkit/ort appears to support PNPM |
Beta Was this translation helpful? Give feedback.
-
It's clear how to do this the other way around with pnpm import (https://pnpm.io/cli/import)
But if I wanted to migrate from pnpm to npm, how do I use the pnpm-lock.yaml to create a package-lock.json file?
Similar question: #3356
Thanks
Beta Was this translation helpful? Give feedback.
All reactions