In my nodejs project I had to modify 4 of the node modules and upload them to our private corporate registry so the project will download the modified versions during builds. I did this by changing the
resolved field in
package-lock.json for each dependency from our virtual npm registry which forwards downloads to the public npm registry to our private registry.
This is working for 3 out of the 4 modules, however 1 module,
phantomjs-prebuilt, will not download the one I uploaded. When I view its package.json after installing, its
_resolved field shows the correct private registry I entered in
package-lock.json, but the module doesn't have my modifications.
If I create a test project with a
package.json that has
phantomjs-prebuilt as its only dependency and modify the lock file to download from the private registry it will download the correct modified version I uploaded. I'm assuming there must be some transitive dependency overriding it, but I thought I would be able to see that from the lock file and override it.
phantomjs-prebuilt only appears once in my lock file and that's where I'm making the change to the