Implementation:Risingwavelabs Risingwave Dashboard Package Lock
| Property | Value |
|---|---|
| File | package-lock.json |
| Source File | dashboard/package-lock.json
|
| Language | JSON |
| Lines | 18,997 |
| Category | Dependency Lock File |
| Package Manager | npm |
Overview
The package-lock.json file is the NPM dependency lockfile for the RisingWave dashboard frontend application. It is an auto-generated file produced by npm to record the exact dependency tree resolved during installation, pinning the precise versions of all direct and transitive dependencies.
This file ensures reproducible builds of the RisingWave Next.js dashboard application across all development and CI/CD environments. Without this lockfile, different installations could resolve to different package versions, potentially introducing inconsistencies or build failures.
Code Reference
Source Location
dashboard/package-lock.json
Full URL: dashboard/package-lock.json
Signature
This is a data file (JSON) with no executable signature. It conforms to the npm lockfile v3 format.
Import
This file is not imported by application code. It is consumed by npm during npm install or npm ci to resolve the exact dependency tree.
I/O Contract
Inputs
The lockfile is generated from and must stay in sync with dashboard/package.json, which declares the direct dependencies of the dashboard application.
Outputs
When npm install or npm ci is run in the dashboard/ directory, this lockfile ensures that the exact same set of package versions is installed in node_modules/.
Key Dependencies Locked
The lockfile pins versions for the dashboard's key dependencies, including but not limited to:
- Next.js -- React framework for the dashboard application
- React and React DOM -- UI library
- Chakra UI -- Component library for the dashboard UI
- D3.js and dagre -- Graph layout and visualization libraries
- Monaco Editor -- Code editor component used in pages like Heap Profiling
- protobufjs -- Protocol Buffer support for generated gRPC types
Usage Examples
Installing dependencies with exact versions
cd dashboard
npm ci
The npm ci command is preferred in CI environments as it strictly installs from the lockfile without modifying it.
Updating the lockfile after changing package.json
cd dashboard
npm install
This regenerates package-lock.json to reflect any changes to package.json.
Related Pages
- Risingwavelabs_Risingwave_FragmentGraph_Component -- Dashboard component that depends on D3 and dagre packages locked by this file
- Risingwavelabs_Risingwave_RelationGraph_Component -- Dashboard component using the same graph libraries
- Risingwavelabs_Risingwave_Heap_Profiling_Page -- Dashboard page using Monaco Editor locked by this file