Npm 版本控制 - 这种边缘情况如何工作? [英] Npm versioning - how does this edge case work?

问题描述

我试图弄清楚 npm 版本控制是如何工作的，因为我被两个无效的包卡住了​​.参考 我的其他问题.我需要的模块，串行端口，使这些包无效，可读流"和字符串解码器".Serialport 已下载此版本:

Im trying to figure out how npm versioning works because im getting stuck on two invalid packages. Ref my other question. The module i need, serialport, get these packages invalid, "readable-stream" and "string_decoder". Serialport have downloaded this version:

readable-stream@1.0.27-1

Serialports 依赖是

Serialports dependency is

"readable-stream": "~1.0.2"

可读流可用版本有:

....
'1.0.26',
'1.0.27-1',
'1.0.31',
....

这就解释了为什么选择 1.0.27-1.由于波浪号和 ~1.0.2，这意味着这三个数字必须存在于每个版本中.参考 Jakob Mattsson 的简单文章

Which explains why 1.0.27-1 is picked. Because of the tilde and ~1.0.2, meaning that these three numbers have to exist in each version. Ref Jakob Mattsson´s simple article

可读流下载

string_decoder@0.10.25-1

可读流再次取决于

"string_decoder": "~0.10.x"

和 string_decoders 可用版本是

And string_decoders available versions are

....
'0.10.24',
'0.10.25-1',
'0.10.25',
'0.10.31',
'0.11.10-1'
....

那个版本怎么下载的?再次参考 这篇文章，波浪号意味着它必须有 0.10版本号，x 是存在的任何东西?

How come that version is downloaded? Ref the article again, tilde means that it has to has 0.10 in the version number, and x is whatever exists?

为什么不选择 string_decoder@0.10.31?

Why is not string_decoder@0.10.31 chosen?

我相信我在问题中的问题与预发布有关这个额外的破折号被称为.我试图收集事实，看看是否可以更新依赖项.

I believe my problem in question is related to prereleases that this extra dash is called. Im trying to gather facts to maybe seem if dependencies can get updated.

推荐答案

我在 github 上收到了一个回答，问题答案，我想我会与其他可能想知道的人分享:

I recieved an answere on github, issue answer, thought i would share it with the rest who might wonder:

semver 范围检查是在语义上完成的，而不是词法上的，所以 1.0.31 应该与 npm@2 匹配:

semver range checking is done semantically, not lexically, so 1.0.31 should match with npm@2:

% semver -r '~1.0.2' 1.0.26 1.0.27-1 1.0.31 1.0.26 1.0.31 我怀疑您看到的行为是由于包 tarball 中包含了 bundledDependency.

% semver -r '~1.0.2' 1.0.26 1.0.27-1 1.0.31 1.0.26 1.0.31 I suspect that the behavior you're seeing is due to a bundledDependency included in the package tarball.

请参阅Node 应用程序因预发布而无法运行更详细的答案也是为什么会发生这种情况.

See Node app fails to run because of prerelease for a more detailed answer too why this happens.

这篇关于Npm 版本控制 - 这种边缘情况如何工作?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！