Functionality Questionable - Didn't work as intended

[crh3675]

I wanted to use lockdown for a large NodeJS project. I followed the docs, had a lockdown.json generated. I committed code and had a another developer checkout the source. Ran npm install and lo and behold, over 20 dependencies were unmet and I had to manually install every single one.

Perhaps I am missing the purpose of lockdown as this actually caused a lot of work that I thought would have been more automatic. I actually had to npm install package@vX.XX for every unmet dependency which put all packages into the main node_modules folder

[seanmonstar]

mind pasting the lockdown.json and package.json?

[crh3675]

Sorry, had to jump to another solution using npm shrinkwrap. If I revisit, I will be more diligent about giving those details for further troubleshooting.

[ryuran]

Same here.

I have in lockdown.json

  "vinyl-fs": {
    "2.2.1": "dc867d2d6033a0c5a6a10e4ce434f5b4114bb079"
  }

And I install grunt-contrib-imagemin but this plugin install vinyl-fs@2.3.0 as dependency and this one doesn't work.

Why lockdown do not block this version ?