Block global npm packages
The answer turns out to be negative. I opened this question but it closed. It's hard to imagine that I'm the only person in this use case.
source to share
There may be a way to do this through the CLI npm
, but I cannot find it. Doesn't seem to exist npm shrinkwrap
for global packages.
I thought it was possible using npm link
(which creates a symbolic link from local package to global folder), but running npm install -g somepackage@foo
after npm link
overwrites the previously installed global package.
One (very hacky) way to make npm crash when trying to overwrite your globally installed package is to remove write permissions for the folder (for the user account that runs npm
), with something like chmod -w /usr/local/lib/node_modules/<some package>
.
Once you do that, npm
this global package cannot install / update because it does not have write access. I cannot say that I recommend going down this road.
source to share