This ENOLOCK error occurs when npm ci detects mismatched package.json and package-lock.json files. Regenerate the lockfile by running npm install and commit it to version control.
The npm ENOLOCK error occurs when running `npm ci` and the package.json and package-lock.json (or npm-shrinkwrap.json) files are not synchronized. The `npm ci` (clean install) command is designed for CI/CD pipelines and requires an exact match between the declared dependencies in package.json and the locked versions in package-lock.json. Unlike `npm install`, which can create or modify lock files, `npm ci` treats lock files as immutable and will fail rather than update them, ensuring reproducible builds. This error is common in team environments or automated deployments where the files get out of sync.
Confirm you're in the root directory where package.json and package-lock.json are located:
pwd
# List files to verify both exist
ls -la | grep packageDelete the existing lock file and node_modules directory, then run npm install to create a fresh, synchronized lock file:
# Remove lock file and dependencies
rm -rf package-lock.json npm-shrinkwrap.json node_modules/
# Regenerate lock file with current npm version
npm install
# Verify npm ci now works
npm ciIf you suspect a merge conflict corrupted the lock file, validate its JSON structure:
# Validate JSON syntax
node -e "JSON.parse(require('fs').readFileSync('package-lock.json', 'utf8'))" && echo 'Valid JSON'
# If invalid, regenerate
rm package-lock.json && npm installVerify your local npm version matches what's used in CI/Docker:
# Check local versions
node --version
npm --version
# Update npm if needed
npm install -g npm@latest
# In Dockerfile, specify exact npm version
FROM node:20.10-alpine
RUN npm install -g [email protected]Commit package-lock.json after updating to lock the format version.
In some npm versions, npm ci may incorrectly report out-of-sync status. Running install twice can resolve the issue:
# First install
npm install
# Second install (forces lock file update)
npm install
# Now try npm ci
npm ciEnsure package-lock.json is committed to version control:
# In your Git workflow
git add package.json package-lock.json
git commit -m 'Update dependencies'
# In CI pipeline
script:
- npm ci
- npm run build
- npm test
# In Dockerfile
COPY package*.json ./
RUN npm ci --only=productionAlways commit both files together and use npm ci in automated environments.
The npm ci command was introduced specifically for continuous integration to guarantee reproducible builds. It reads ONLY from package-lock.json and will reject installation if dependencies differ from package.json. Known issue: Some npm versions generate lock files that subsequent npm ci invocations report as unsynchronized despite no actual changes. The workaround is running npm install twice or clearing the lock file entirely. For monorepos with workspaces, ensure all package-lock.json files at each workspace root are synchronized.
npm ERR! code E401 npm ERR! 401 Unauthorized - Token has expired
Token has expired - npm authentication failure
npm ERR! code EAI_NODATA npm ERR! errno EAI_NODATA npm ERR! getaddrinfo EAI_NODATA registry.npmjs.org
How to fix "npm ERR! code EAI_NODATA - getaddrinfo EAI_NODATA"
npm ERR! code EMPTYPACKAGE npm ERR! Package contains no files
How to fix 'npm ERR! code EMPTYPACKAGE' - Package contains no files
npm ERR! code EWORKSPACEMISSING npm ERR! Workspace does not exist: packages/missing
How to fix "npm ERR! code EWORKSPACEMISSING - Workspace does not exist" error
npm ERR! code EADDRNOTAVAIL npm ERR! errno EADDRNOTAVAIL npm ERR! Address not available
How to fix "npm ERR! code EADDRNOTAVAIL - Address not available" error