Feature request: merge shrinkwrapped version graph into package.json

[barneycarroll]

Not sure if this aligns with your vision of correct scope, but I would appreciate a function for merging the actual version graph back into package.json in order to fully lockdown dependencies.

The API would be something like shrinkwrap persist

Nice to haves (further down) the line could involve arguments specifying how locked down you want things (complete / minor / major), or an interactive variation that successively prompts the user for how to resolve individual packages' version diffs.

What do you think?

[Raynos]

That's actually what npm-shrinkwrap.json is for.

npm already supports the feature you want with an .npmrc where you set save-strict: true and use npm install --save.