package.json vs. package-lock.json

Photo by Caspar Camille Rubin on Unsplash

What is package.json

package.json is a file holds various metadata relevant to the project. It is usually located at the root directory of a Node.js project.

What is package-lock.json

package-lock.json is automatically generated for any operations where npm modifies either the node_modules tree, or package.json.

Do we need both ?

We will definitely need package.json , but we may have a project withoutpackage-lock.json.