npm现在每次安装一个package-lock.json,它现在似乎是npm的一部分。但是,使用npm install运行时,这个简单的package.json文件将安装超过300个软件包。可能出现什么问题,为什么还有300多个?即使没有运行时的包锁文件(然后创建锁文件),仍然提供300多个包
{
"name": "Package",
"version": "0.0.1",
"dependencies": {},
"devDependencies": {
"grunt": "^1.0.2",
"grunt-contrib-clean": "^1.1.0",
"grunt-contrib-compress": "^1.4.3",
"grunt-contrib-concat": "^1.0.1",
"grunt-contrib-connect": "^1.0.2",
"grunt-contrib-copy": "^1.0.0",
"grunt-contrib-cssmin": "^2.2.1",
"grunt-contrib-uglify": "^3.3.0",
"grunt-contrib-watch": "^1.1.0",
"grunt-sass": "^2.1.0",
"grunt-usemin": "^3.1.1"
}
}
答案 0 :(得分:1)
这些软件包依赖于其他软件包,这些软件包依赖于其他软件包,而这些软件包依赖于其他软件包....包管理器解析了整个依赖图,它可以很容易地从一个无辜的初始列表中增长到数百个。
您提到的package-lock.json
文件可以帮助您了解特定依赖项的发生方式。寻找"requires"
。例如,在您的设置中,grunt-sass
需要node-sass
:
"grunt-sass": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/grunt-sass/-/grunt-sass-2.1.0.tgz",
"integrity": "sha512-XkexnQt/9rhReNd+Y7T0n/2g5FqYOQKfi2iSlpwDqvgs7EgEaGTxNhnWzHnbW5oNRvzL9AHopBG3AgRxL0d+DA==",
"dev": true,
"requires": {
"each-async": "1.1.1",
"node-sass": "4.9.0",
"object-assign": "4.1.1"
}
},
...有19个独立的依赖项:
"node-sass": {
"version": "4.9.0",
...
"requires": {
"async-foreach": "0.1.3",
"chalk": "1.1.3",
"cross-spawn": "3.0.1",
"gaze": "1.1.3",
"get-stdin": "4.0.1",
"glob": "7.0.6",
"in-publish": "2.0.0",
"lodash.assign": "4.2.0",
"lodash.clonedeep": "4.5.0",
"lodash.mergewith": "4.6.1",
"meow": "3.7.0",
"mkdirp": "0.5.1",
"nan": "2.10.0",
"node-gyp": "3.6.2",
"npmlog": "4.1.2",
"request": "2.79.0",
"sass-graph": "2.2.4",
"stdout-stream": "1.4.0",
"true-case-path": "1.0.2"
},
...
}
......只有其中一个,request
,本身又引入了另一个20:
"request": {
"version": "2.87.0",
...
"requires": {
"aws-sign2": "0.7.0",
"aws4": "1.7.0",
"caseless": "0.12.0",
"combined-stream": "1.0.6",
"extend": "3.0.1",
"forever-agent": "0.6.1",
"form-data": "2.3.2",
"har-validator": "5.0.3",
"http-signature": "1.2.0",
"is-typedarray": "1.0.0",
"isstream": "0.1.2",
"json-stringify-safe": "5.0.1",
"mime-types": "2.1.18",
"oauth-sign": "0.8.2",
"performance-now": "2.1.0",
"qs": "6.5.2",
"safe-buffer": "5.1.2",
"tough-cookie": "2.3.4",
"tunnel-agent": "0.6.0",
"uuid": "3.2.1"
}
},
你可以很快看到它如何达到300.