Skip to content

Instantly share code, notes, and snippets.

@szemate

szemate/package-lock-conflicts.md

Last active February 2, 2026 16:45
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save szemate/6fb69c8e3d8cce3efa9a6c922b337d98 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save szemate/6fb69c8e3d8cce3efa9a6c922b337d98 to your computer and use it in GitHub Desktop.
Download ZIP
How to resolve package-lock.json conflicts
Raw
package-lock-conflicts.md

How to resolve package-lock.json conflicts

Important

The following guide has been created for coding bootcamp participants who are new to Git and NPM and not comfortable with CLI tools. Not intended for professional developers.

It is not possible to resolve conflicts of package-lock.json in GitHub's merge tool and you need to do a manual merge.

  1. Update the master branch with the latest changes: 
    git checkout master
git pull
  2. Merge your feature branch into master: 
    git merge mybranch
    You will see something like the following message: 
    Auto-merging package-lock.json
CONFLICT (content): Merge conflict in package-lock.json
Auto-merging package.json
CONFLICT (content): Merge conflict in package.json
Automatic merge failed; fix conflicts and then commit the result.
  3. Open your editor (e.g. VSCode) and:
    • Carefully resolve conflicts in package.json (if there is any)
    • Ignore the conflicts in package-lock.json
  4. Install packages, which will re-generate package-lock.json: 
    npm install
  5. "Test drive" your application to make sure the conflicts in package.json have been resolved correctly.
  6. If the application is able to start up (i.e. there are no missing dependencies), add all changes and finish the merge: 
    git add --update
git commit
    ⚠️ Make sure not to commit the *.orig files!
  7. If everything looks fine, push to GitHub: 
    git push
@AsbDaryaee
Copy link

AsbDaryaee commented Jun 13, 2024

Thanks @szemate
It resolved my issue. :)

@mindplay-dk
Copy link

mindplay-dk commented Feb 2, 2026

I'm not a git expert, and I always have to look this up, but...

Ignore the conflicts in package-lock.json
Install packages, which will re-generate package-lock.json
npm install

this isn't really good advice...

You can do "accept all current" or "accept all inbound changes" in vscode

and this isn't either...

merely scrapping your package-lock.json will cause unrelated dependency updates - a merge or rebase is the wrong time to do that.

what you want to do during a merge or rebase conflict, after merging/resolving package.json, is:

git checkout --ours package-lock.json

this restores your lock file to a "known good" previous, valid state.

then run npm install which lets NPM correctly and minimally update the package-lock.json file with any added/updated information.

then stage/commit and continue as usual.

the whole point of package-lock.json is to not get unexpected/surprising updates at the wrong time. 😅

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment