Hello expert, today when I try to sync my code on droplet from git, I was not able to do so and it turns out that package-lock.json file at droplet has been updated and then I checked difference with my checked-in version and I saw a lot of library like the following: node_modules/@aws-crypto /ie11-detection node_modules/@aws-crypto /ie11-detection/node_modules/tslib node_modules/@aws-crypto /sha256-browser" etc. Any idea what’s going on? I haven’t found anything from internet. Thanks for your insights in advance.

Hi there, The mentioned libraries are part of the AWS Encryption SDK for JavaScript, which is typically used for client-side encryption and decryption of data. Did you by any chance run npm update on your Droplet directly? This would indeed update your package-lock.json file. What I could suggest here is: Back up your current package-lock.json file on your Droplet, just in case you need it later. mv package-lock.json package-lock.json.bak Replace the package-lock.json on the droplet with the one from your Git repository. You can either copy it from your local machine to the droplet using scp or download it directly from your Git repository using wget or curl, depending on your setup. Run npm ci to install the exact versions of the dependencies specified in your package-lock.json file. This command will delete the existing node_modules directory and recreate it with the correct dependencies. Let me know how it goes! Best, Bobby

Question

Why my node.js application's package-lock.json is auto updated with a lot of aws related SDK?

Posted on April 14, 2023
DigitalOcean Droplets JavaScript Node.js
Asked by peterlee34567

Hello expert, today when I try to sync my code on droplet from git, I was not able to do so and it turns out that package-lock.json file at droplet has been updated and then I checked difference with my checked-in version and I saw a lot of library like the following:

node_modules/@aws-crypto/ie11-detection
node_modules/@aws-crypto/ie11-detection/node_modules/tslib
node_modules/@aws-crypto/sha256-browser"
etc.

Any idea what’s going on? I haven’t found anything from internet. Thanks for your insights in advance.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev

Site Moderator

• April 16, 2023

Hi there,

The mentioned libraries are part of the AWS Encryption SDK for JavaScript, which is typically used for client-side encryption and decryption of data.

Did you by any chance run npm update on your Droplet directly? This would indeed update your package-lock.json file.

What I could suggest here is:

Back up your current package-lock.json file on your Droplet, just in case you need it later.

mv package-lock.json package-lock.json.bak

Replace the package-lock.json on the droplet with the one from your Git repository. You can either copy it from your local machine to the droplet using scp or download it directly from your Git repository using wget or curl, depending on your setup.
Run npm ci to install the exact versions of the dependencies specified in your package-lock.json file. This command will delete the existing node_modules directory and recreate it with the correct dependencies.

Let me know how it goes!

Best,

Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Question

Why my node.js application's package-lock.json is auto updated with a lot of aws related SDK?

Try DigitalOcean for free

Popular Topics

Get our biweekly newsletter

Hollie's Hub for Good

Become a contributor

Featured on Community

DigitalOcean Products

Welcome to the developer cloud

Get started for free