选择 CLI 版本:



npm-shrinkwrap.jsonnpm shrinkwrap 创建的文件。它与 package-lock.json 相同,但有一个主要警告:与 package-lock.json 不同,发布包时可能会包含 npm-shrinkwrap.json

npm-shrinkwrap.json is a file created by npm shrinkwrap. It is identical to package-lock.json, with one major caveat: Unlike package-lock.json, npm-shrinkwrap.json may be included when publishing a package.

npm-shrinkwrap.json 的推荐用例是通过注册表上的发布过程部署的应用:例如,用于全局安装或 devDependencies 的守护进程和命令行工具。强烈建议库作者发布此文件,因为这会阻止终端用户控制传递依赖更新。

The recommended use-case for npm-shrinkwrap.json is applications deployed through the publishing process on the registry: for example, daemons and command-line tools intended as global installs or devDependencies. It's strongly discouraged for library authors to publish this file, since that would prevent end users from having control over transitive dependency updates.

如果 package-lock.jsonnpm-shrinkwrap.json 都存在于包根目录中,则 npm-shrinkwrap.json 将优先于 package-lock.json 文件。

If both package-lock.json and npm-shrinkwrap.json are present in a package root, npm-shrinkwrap.json will be preferred over the package-lock.json file.

有关 npm-shrinkwrap.json 文件格式的完整详细信息和说明,请参阅 package-lock.json 的手册页。

For full details and description of the npm-shrinkwrap.json file format, refer to the manual page for package-lock.json.


See also

npm 中文网 - 粤ICP备13048890号