对我们的某个依赖项的依赖项进行了一些更新我们的构建,并且找出问题的原因是有点棘手......
我们终于发现@vue/component-compiler-utils需要"prettier": "^1.11.1"并且 - 正如vue webpack template missing parser中所讨论的那样Prettier@1.13.0导致我们遇到的问题,然后回滚到Prettier@1.12.0
我们如何确保package-lock.json“锁定”版本的依赖关系并且不会随着时间或重新安装而更新?
这是我们package.json的示例,其中生成了错误的锁定文件:
{
...
"dependencies": {
"html-loader": "0.5.1",
"vue": "2.5.16",
"vue-class-component": "6.2.0",
"vue-property-decorator": "6.1.0",
"vue-router": "3.0.1",
"vuex": "3.0.1",
"vuex-class": "0.3.0",
...
},
"devDependencies": {
"@types/jest": "22.0.1",
"@vue/cli-plugin-babel": "3.0.0-beta.11",
"@vue/cli-plugin-eslint": "3.0.0-beta.11",
"@vue/cli-plugin-typescript": "3.0.0-beta.11",
"@vue/cli-plugin-unit-jest": "3.0.0-beta.7",
"@vue/cli-service": "3.0.0-beta.11",
"@vue/eslint-config-airbnb": "3.0.0-beta.11",
"@vue/eslint-config-typescript": "3.0.0-beta.11",
...
}
}
答案 0 :(得分:1)
使用npm shrinkwrap修复此问题,它会将package-lock.json转换为npm-shrinkwrap.json,这会对安装的每个特定版本进行哈希并锁定。
有关详细信息,请参阅What is the difference between npm-shrinkwrap.json and package-lock.json?
答案 1 :(得分:1)
我不完全确定npm shrinkwrap是否修复了npm v6 +中的问题。
以下是为vue-loader生成的npm-shrinkwrap.json文件的片段。
似乎即使是收缩包装也没有锁定所需的版本。
"vue-loader": {
"version": "14.0.3",
"resolved": "https://registry.npmjs.org/vue-loader/-/vue-loader-14.0.3.tgz",
"integrity": "sha512-5kFK/df1jgVoFcTB9p19rrYcyuYduoZzUSf6chMVsIRmVL9AKPYCa9JGLAZsU1XXGbGO9MSkwbum91u2dx7YcQ==",
"dev": true,
"requires": {
"consolidate": "^0.14.0",
"hash-sum": "^1.0.2",
"loader-utils": "^1.1.0",
"lru-cache": "^4.1.1",
"postcss": "^6.0.8",
"postcss-load-config": "^1.1.0",
"postcss-selector-parser": "^2.0.0",
"prettier": "^1.7.0",
"resolve": "^1.4.0",
"source-map": "^0.6.1",
"vue-hot-reload-api": "^2.2.0",
"vue-style-loader": "^4.0.1",
"vue-template-es2015-compiler": "^1.6.0"
}