ENOLOCK occurs when npm commands cannot find a package-lock.json or npm-shrinkwrap.json file. Generate the lockfile by running npm install and commit it to version control.
The ENOLOCK error occurs when npm commands (like `npm ci`, `npm audit fix`, or `npm install`) cannot find a package-lock.json or npm-shrinkwrap.json file in your project. This lockfile is essential for reproducing exact dependency versions across installations. Without it, npm cannot proceed with operations that require a locked dependency tree. The error is particularly common in CI/CD environments where the lockfile must be checked into version control.
Ensure you are in the directory containing your package.json file:
pwd
ls -la | grep package.jsonIf package.json is not present, navigate to the correct project directory.
Create a fresh lockfile by running npm install:
npm installIf you want to regenerate the lockfile without downloading all dependencies:
npm install --package-lock-onlyThis is faster and only updates the lockfile based on package.json versions.
The package-lock.json file must be committed to git so it's available in CI/CD:
git add package-lock.json
git commit -m "Add package-lock.json"
git pushVerify it's tracked:
git ls-files | grep package-lock.jsonIf it's not showing, check that package-lock.json is not in your .gitignore file.
Verify that package-lock creation is not disabled in your npm config:
npm config get package-lock
npm config get shrinkwrapBoth should return true. If either returns false, enable them:
npm config set package-lock true
npm config set shrinkwrap trueAlso check your .npmrc file for package-lock=false lines.
In your CI configuration, use npm ci instead of npm install. Example GitHub Actions workflow:
- name: Install dependencies
run: npm ciIf you get ENOLOCK in CI, verify the lockfile was committed:
git log --all --full-history -- package-lock.jsonEnsure Node.js and npm versions match between local and CI:
node --version
npm --versionSpecify Node version in CI configs:
steps:
- uses: actions/setup-node@v3
with:
node-version: '18'If package-lock.json was created with a different npm major version, regenerate it locally and recommit.
The ENOLOCK error exposes a critical aspect of npm's dependency management. When npm install runs, it generates package-lock.json to lock exact versions of all transitive dependencies. The npm ci command is more strict than npm install—it will fail rather than update the lockfile, making it ideal for CI/CD. If you're using different package managers (Yarn, pnpm), they require different lockfiles (yarn.lock, pnpm-lock.yaml) and won't work with package-lock.json.
npm ERR! code E401 npm ERR! 401 Unauthorized - Token has expired
Token has expired - npm authentication failure
npm ERR! code EAI_NODATA npm ERR! errno EAI_NODATA npm ERR! getaddrinfo EAI_NODATA registry.npmjs.org
How to fix "npm ERR! code EAI_NODATA - getaddrinfo EAI_NODATA"
npm ERR! code EMPTYPACKAGE npm ERR! Package contains no files
How to fix 'npm ERR! code EMPTYPACKAGE' - Package contains no files
npm ERR! code EWORKSPACEMISSING npm ERR! Workspace does not exist: packages/missing
How to fix "npm ERR! code EWORKSPACEMISSING - Workspace does not exist" error
npm ERR! code EADDRNOTAVAIL npm ERR! errno EADDRNOTAVAIL npm ERR! Address not available
How to fix "npm ERR! code EADDRNOTAVAIL - Address not available" error