问题
When you run npm install --save somepackage, it usually adds something like this into package.json:
"dependencies": {
"somepackage": "^2.1.0"
}
Because the version is prepended with a caret(^), this means that if you later run npm install, it might install version 2.3.0 instead. This can be undesirable for fairly obvious reasons. npm shrinkwrap is useful, but doesn't really solve the problem.
So, I have several questions:
- When installing a package, is it possible to specify that you want it to be set to a specific version in package.json (no caret before the version number)?
- When publishing a package to npm, is there any way to prevent the default of including the caret before the version when other developers install your package?
回答1:
To specify by default a exact version, you can change your npm config with save-exact:
npm config set save-exact true
You can also specify the prepend version with a tilde with save-prefix
And, no you can't force user to update to a minor or a patch version, NPM uses semver and it's the recommend way of publishing packages.
回答2:
You can change the default behaviour by using the --save-exact option.
// npm
npm install --save --save-exact react
// yarn
yarn add --exact react
I created a blog post about this if anyone is looking for this in the future.
https://www.dalejefferson.com/blog/how-to-save-exact-npm-package-versions/
回答3:
Run:
npm install --save --save-exact my-module@my-specific-version
Adding an answer to make this advice easier to see.
来源:https://stackoverflow.com/questions/30656189/make-npm-install-save-add-a-strict-version-to-package-json