npm如何安装只保存对package.json的依赖？

Question

I'm adding dependencies to a package.json that will be used as part of a provisioning process for a virtual machine. As such, I don't actually need to install the modules locally since the provisioner will do that for me inside the VM. So is there any way to do the following:

npm install --save <module>

So that it only creates a dependency for the latest version of the module in package.json without actually downloading the module or creating a node_modules folder?

The --dry-run option is close, as it doesn't create a node_modules folder but it also doesn't write to package.json either.

For now, I'm manually doing the following each time I need to update packages before re-provisioning the VM:

rm -rf node_modules

Other reasons for this might include being able to easily build a package.json file in low-bandwidth situations such as tethering, where you know you'll need the module eventually but don't want to spare the bandwidth.

Answer 1

Was searching for the solution. Haven't found, then made a script which adds dependencies (latest or specified versions) to the package.json file skipping the installation process.

https://www.npmjs.com/package/add-dependencies

Installation

If not using with npx (see below):

$ npm install add-dependencies [-g]

Usage

Run:

$ add-dependencies [package_file] <dependencies> [target] [--no-overwrite]

or with npx :

$ npx add-dependencies [package_file] <dependencies> [target] [--no-overwrite]

where dependencies is the list of dependencies divided by space, and target is one of the following:

• --dev / --save-dev / -D for devDependencies
• --peer / --save-peer / -P for peerDependencies
• --optional / --save-optional / -O for optionalDependencies

If no target argument passed, dependencies are written to dependencies .

If no package_file argument passed, the script searches for a package.json file within the current working directory.

Use --no-overwrite flag to prevent already existing packages in package.json from being overwritten.

Example:

$ add-dependencies /home/user/project/package.json moment@2.0.0 react@16.8 redux eslint --dev

or with npx :

$ npx add-dependencies /home/user/project/package.json moment@2.0.0 react@16.8 redux eslint --dev

---

Hope this could help someone else.

Answer 2

There is no way to do that with npm that I'm aware of.

There are two npm packages for doing this; I've never used either of them, but they might be worth a try:

• https://www.npmjs.com/package/npm-add
• https://www.npmjs.com/package/adddep

Hope this helps!

Answer 3

Interestingly combining --package-lock-only with --no-package-lock seems to do this

npm install --package-lock-only --no-package-lock PACKAGE

This does not create or update the package-lock.json file. Only adds an entry to the package.json

UPDATE

This was actually a bug and is now fixed in npm 6.9.0

https://github.com/npm/cli/pull/146

https://npm.community/t/release-npm-6-9-0/5911

Answer 4

As of Npm > 8 the correct answer is

npm pkg set devDependencies.rollup="*" devDependencies.typescript="4.5"

Explaination npm pkg set can change your current package.json

see: https://docs.npmjs.com/cli/v7/commands/npm-pkg

Answer 5

I made a very simple way to do this.

Add this to the scripts section of your package.json :

  "scripts": {
    "no-dl": "npm install --package-lock-only --no-package-lock"
  }

Then use it like this:

npm run no-dl <package-name>

I've called it no-dl — pick your own name as needed.

Answer 6

npm install --save packagename然后npm uninstall packagename （没有 --save 标志）完成了这个，虽然创建了一个空的 node_modules 文件夹