使用npm-shrinkwrap.json进行npm-update

时间:2021-05-30 07:27:13

What does running:

运行什么:

npm update

do if a npm-shrinkwrap.json file exists? Does it

如果存在npm-shrinkwrap.json文件?可以

  1. Update the dependencies to match the shrinkwrap.json file
  2. 更新依赖项以匹配shrinkwrap.json文件

  3. Update the dependencies to obey package.json (thereby disregarding the shrinkwrap.json file)
  4. 更新依赖项以服从package.json(从而忽略shrinkwrap.json文件)

  5. Not do anything
  6. 什么都不做

Thanks in advance

提前致谢

1 个解决方案

#1


5  

When you run

当你跑步

npm update

It will update the dependencies to obey package.json and will not care what is stored in npm-shrinkwrap.json even when node_modules folder is empty which means update command will install using package.json while install command will use npm-shrinkwrap.json.

它将更新依赖关系以服从package.json并且不关心npm-shrinkwrap.json中存储的内容,即使node_modules文件夹为空也意味着更新命令将使用package.json安装,而install命令将使用npm-shrinkwrap.json。

It does not make any sense to obey the shrinkwrap file[ in most cases.]

服从收缩包裹文件没有任何意义[在大多数情况下]。

Reason

  • It is supposed to be a snapshot of package at some stable point and this thing makes it perfect for production code.

    它应该是一个稳定点的包的快照,这使得它非常适合生产代码。

  • There are no ^,~,latest etc. in shrinkwrap file.

    在shrinkwrap文件中没有^,〜,latest等。

  • And we also know that shrinkwrap file is not supposed to be tampered manually using editor
  • 我们也知道,收缩包装文件不应该使用编辑器手动篡改

  • So all we can do is go back to some previous state of dependencies using this command and this thing can be achieved using npm install
  • 所以我们所能做的就是使用这个命令回到以前的依赖状态,这个东西可以用npm install来实现

However when you run

但是当你跑步时

npm install 

It follows shrinkwrap file.

它遵循shrinkwrap文件。

But when you run

但是当你跑步的时候

npm install newPkg --save

It will change both package.json and npm-shrinkwrap.json file as well

它也会改变package.json和npm-shrinkwrap.json文件

But when you run

但是当你跑步的时候

npm update pkg --save

It will change only npm-shrinkwrap.json file and as I wrote before it will use package.json file to update according to semver

它只会改变npm-shrinkwrap.json文件,而且正如我之前所写,它将使用package.json文件根据semver进行更新

#1


5  

When you run

当你跑步

npm update

It will update the dependencies to obey package.json and will not care what is stored in npm-shrinkwrap.json even when node_modules folder is empty which means update command will install using package.json while install command will use npm-shrinkwrap.json.

它将更新依赖关系以服从package.json并且不关心npm-shrinkwrap.json中存储的内容,即使node_modules文件夹为空也意味着更新命令将使用package.json安装,而install命令将使用npm-shrinkwrap.json。

It does not make any sense to obey the shrinkwrap file[ in most cases.]

服从收缩包裹文件没有任何意义[在大多数情况下]。

Reason

  • It is supposed to be a snapshot of package at some stable point and this thing makes it perfect for production code.

    它应该是一个稳定点的包的快照,这使得它非常适合生产代码。

  • There are no ^,~,latest etc. in shrinkwrap file.

    在shrinkwrap文件中没有^,〜,latest等。

  • And we also know that shrinkwrap file is not supposed to be tampered manually using editor
  • 我们也知道,收缩包装文件不应该使用编辑器手动篡改

  • So all we can do is go back to some previous state of dependencies using this command and this thing can be achieved using npm install
  • 所以我们所能做的就是使用这个命令回到以前的依赖状态,这个东西可以用npm install来实现

However when you run

但是当你跑步时

npm install 

It follows shrinkwrap file.

它遵循shrinkwrap文件。

But when you run

但是当你跑步的时候

npm install newPkg --save

It will change both package.json and npm-shrinkwrap.json file as well

它也会改变package.json和npm-shrinkwrap.json文件

But when you run

但是当你跑步的时候

npm update pkg --save

It will change only npm-shrinkwrap.json file and as I wrote before it will use package.json file to update according to semver

它只会改变npm-shrinkwrap.json文件,而且正如我之前所写,它将使用package.json文件根据semver进行更新