为什么“npm install git repo url"会重写package-lock.json? [英] Why does “npm install git repo url” rewrite package-lock.json?
问题描述
我正在公共 GitHub 中运行 npm install
repo 并且它在 package-lock.json
文件中锁定了 4.17.0
的 express,这是 package-lock 的正确行为.json
文件.
I am running the npm install
in a public GitHub repo and it has locked the express at 4.17.0
in package-lock.json
file which is the correct behavior of package-lock.json
file.
但是,当我在一个空文件夹中执行 npm install git+https://github.com/nabeel-nazir confiz/package.lock.master.git
然后一个 package-lock.json使用新版本的 express 创建的文件锁定在 4.17.1
.我知道源 package.json 但为什么源 package-lock.json 这次被忽略了?
However, when I execute npm install git+https://github.com/nabeel-nazir confiz/package.lock.master.git
in an empty folder then a package-lock.json file created with the new version of express locked at 4.17.1
. I know there is a caret ^
sign in the source package.json but why the source package-lock.json is ignored this time?
我的问题是,当我在服务器上执行 npm install git+https://github.com/nabeel-nazir confiz/package.lock.master.git
时,它应该创建一个 <代码>package-lock.json 文件与 express 锁定在 4.17.0
而不是 4.17.1
因为源 package-lock.json 文件在repo 有在 4.17.0 锁定快递.
My problem here is that when I execute npm install git+https://github.com/nabeel-nazir confiz/package.lock.master.git
on the server it should create a package-lock.json
file with express locked at 4.17.0
not with the 4.17.1
because the source package-lock.json file on the repo has locked the express on 4.17.0.
有什么办法可以做到这一点,即 npm install git+https://github.com/nabeel-nazir confiz/package.lock.master.git
会考虑源 package-lock.json 文件,不应忽略它?
Is there any way I can achieve this i.e npm install git+https://github.com/nabeel-nazir confiz/package.lock.master.git
will consider the source package-lock.json file and should not ignore it?
我正在使用以下版本:
npm 版本:5.4.1
节点版本:8.9.3
npm config 获取注册表打印:https://registry.npmjs.org/
操作系统:Ubuntu 18.04
旁注:我也尝试过 npm install git+https://github.com/nabeel-nazir confiz/package.lock.master.git
以及以下内容,但问题是相同的,即它在 <代码>4.17.1
Side note:
I have tried npm install git+https://github.com/nabeel-nazir confiz/package.lock.master.git
with followings as well but the issue was same i.e. it locked the express at 4.17.1
npm 版本:6.14.4
节点版本:13.12.0
npm config 获取注册表打印:https://registry.npmjs.org/
操作系统:Ubuntu 18.04
如果需要提供有关此问题的更多信息,请发表评论.
Please comment If there is a need to provide more information on this question.
谢谢.
推荐答案
去掉胡萝卜 ^ 符号.然后它将保持锁定在 4.17.0.
Remove the carrot ^ sign. Then it'll stay locked at 4.17.0.
这篇关于为什么“npm install git repo url"会重写package-lock.json?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!