This article brings you an introduction to the version number of the package.json library in Node.js. It has certain reference value. Friends in need can refer to it. I hope it will be helpful to you.
~The difference between ^
I have always encountered some problems recently. It works fine locally, but problems occur online, and I can't reproduce them locally. Later, after deleting the node_modules directory and reinstalling it, the problem was reproduced locally. I could look at git history and found that no one had modified the version number in package.json, so I took a closer look at the library in package.json. Version number; the difference between
~ and ^
"babel-loader": "^7.1.1", "body-parser": "~1.15.2"
npm install --save xxx, will give priority to^
instead of~
Take version number x.y.z as an example
x: Major version number, when you make incompatible API modifications
y: Minor version number, when you make backward compatible functional issues
z: Revision number, when you fix the backward compatibility problem
~x.y.z
, it will be updated to the latest version of y, for examplebody-parser
: ~1.15.2, this library will match the latest version of 1.15.z. If 1.16.0 appears, it will not be automatically upgraded^x.y.z
, but will be updated to the latest version of x. For examplebabel-loader
: ^7.1.1, this library will match the latest version of 7.y.z. If 8.1.1 appears, it will not be automatically upgraded.
Please refer to npm official Explanation given
^1.2.3 := >=1.2.3 <2.0.0
^0.2.3 := >=0.2.3 <0.3.0
^0.0. 3 := >=0.0.3 <0.0.4
In most cases, dependent packages that follow this version number rule are fine, but npm is an open source world, and not all of them are strict. Following this rule, the above problems will occur;
Why package lock is needed
There are several possible reasons as follows. In some cases, package.json There is no guarantee that the dependency versions installed after executing npm install on everyone's own computer are the same
1. If the version of the dependent package recorded in package.json is a version range, once npm i is executed, this package will Update to the latest version
2. Even if you depend on a fixed version of the package (such as A 1.1.1), the package A you depend on may depend on other package B, and A may also use semser when declaring dependencies. Naming, such as ^1.2.3, if package B releases a new version, it will also cause package B to be installed to a newer version
3. The versions of the npm program used by different people are different
If you depend on the version of the package Inconsistency will lead to inconsistent behavior between the development environment and the production environment; or lead to differences in product environments between different team members
How to resolve package version inconsistencies
1 .npm uses the package-lock.json file to solve this problem
Executing npm install will automatically generate the package.json file. As long as you perform ordinary installation, updates, etc. npm commands that may modify package.json, it will automatically Synchronously modify the package-lock.json file
npm install xxx npm rm xxx npm update xxx
2.npm also supports npm-shrinkwrap.json, which has exactly the same function as package-lock.json
Executionnpm shrinkwrap
To generate npm-shrinkwrap.json
This command will create a new or overwrite the existing npm-shrinkwrap.json file based on the package-lock.json file. Files created and updated by this command will take precedence over any other existing or future package-lock.json files.
3. Use yarn
The main advantages of using yarn are as follows
【Related recommendations:JavaScript video tutorial
The above is the detailed content of Introduction to the version number of the library in package.json in Node.js. For more information, please follow other related articles on the PHP Chinese website!