是否应该发布package-lock.json? [英] Should package-lock.json also be published?

问题描述

npm 5引入了package-lock.json，其文档位于此处

npm 5 introduced package-lock.json, of which the documentation is here.

它指出该文件旨在包含在版本控制中，因此克隆并安装软件包的任何人都将具有相同的依赖版本.换句话说，您不应将其添加到您的.gitignore文件中.

It states that the file is intended to be included with version control, so anyone cloning your package and installing it will have the same dependency versions. In other words, you should not add it to your .gitignore file.

文件未声明的内容是文件是否打算包含在已发布的程序包中.这个问题可以改写为: 应该将package-lock.json包含在.npmignore中吗?

What it does not state is wether or not the file is intended to be included with a published package. This question could be rephrased as; should package-lock.json be included in .npmignore?

推荐答案

它无法发布.

从npm文档中:

关于package-lock.json的一个关键细节是它无法发布，如果在顶级软件包之外的任何地方找到它，它将被忽略

One key detail about package-lock.json is that it cannot be published, and it will be ignored if found in any place other than the toplevel package

请参阅docs.npmjs.com上的package-lock.json文档.

但是，您应该根据文档将package-lock.json提交到git a>.

However, you should be commiting your package-lock.json to git as per the documentation.

此文件旨在提交到源存储库中

This file is intended to be committed into source repositories

因此，npm会显示常见消息:

hence the common message presented by npm:

created a lockfile as package-lock.json. You should commit this file.

更详细的解释可以在这里找到.

这篇关于是否应该发布package-lock.json?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！