[英]Override npm package dependency
I read this: How do I override nested NPM dependency versions?我读到: 如何覆盖嵌套的 NPM 依赖版本?
Unfortunately, it does not solve my problem.不幸的是,它不能解决我的问题。
I am trying to change a package from using a specific dependency to use another version of that dependency.我正在尝试将包从使用特定依赖项更改为使用该依赖项的另一个版本。
Is it built into a package what version of a dependency it should use, or is it possible to change it?它是否内置在包中,它应该使用哪个版本的依赖项,或者是否可以更改它?
In my case specifically, I am trying to change css-loader
's default dependency on cssnano@3.10.0
( latest ) to instead be dependent on cssnano@4.0.0-rc.2
( next ).具体来说,我正在尝试将
css-loader
对cssnano@3.10.0
(最新)的默认依赖更改为依赖于cssnano@4.0.0-rc.2
(下一个)。
From the second answer in the above link, user trickpatty notes that:从上面链接的第二个答案中,用户trickpatty指出:
this will be removed anytime you run npm i instead of editing your package-lock.json and adding the child dependency to "dependencies" there, add the child dependency to your package.json "dependencies" section
这将在您运行 npm i 时被删除,而不是编辑您的 package-lock.json 并将子依赖项添加到那里的“依赖项”,将子依赖项添加到您的 package.json “依赖项”部分
Including cssnano@4.0.0-rc.2
in package.json's devDependencies does nothing to css-loader
.在 package.json 的 devDependencies 中包含
cssnano@4.0.0-rc.2
对css-loader
没有任何作用。 It still uses the other (default) version of cssnano
.它仍然使用
cssnano
的其他(默认)版本。
There are several alternatives:有几种选择:
package.json
:package.json
来实现它:"resolutions": {
"package-a": "2.0.0"
}
If you can use latest Node LTS and NPM 8: https://docs.npmjs.com/cli/v8/configuring-npm/package-json#overrides如果您可以使用最新的 Node LTS 和 NPM 8: https ://docs.npmjs.com/cli/v8/configuring-npm/package-json#overrides
Otherwise, you can use some tool like https://github.com/mislavlukach/flatten-dependencies that runs on postinstall script to fix your problem of different nested dependencies versions.否则,您可以使用在安装后脚本上运行的诸如https://github.com/mislavlukach/flatten-dependencies之类的工具来解决不同嵌套依赖项版本的问题。 You will need to install that version as dependency in your project.
您需要将该版本作为依赖项安装在您的项目中。
EDIT: Found another alternative: https://www.npmjs.com/package/npm-force-resolutions编辑:找到另一种选择: https ://www.npmjs.com/package/npm-force-resolutions
NPM 8 introduced "overrides" which allows you to override specific transitive dependencies of your direct dependency. NPM 8 引入了“覆盖”,它允许你覆盖直接依赖的特定传递依赖。 For your usecase, you would declare something like below in your package.json.
对于您的用例,您可以在 package.json 中声明如下内容。
{
"overrides": {
"css-loader": {
"cssnano": "4.0.0-rc.2"
}
}
}
More details @ https://docs.npmjs.com/cli/v8/configuring-npm/package-json#overrides更多细节@ https://docs.npmjs.com/cli/v8/configuring-npm/package-json#overrides
The following in your package.json
can help you here.您的
package.json
中的以下内容可以在这里为您提供帮助。 How it works is that it overrides all the versions of cssnano
that css-loader
requests with the version you've specified instead.它的工作原理是它用您指定的版本覆盖
css-loader
请求的所有cssnano
版本。
"overrides": {
"css-loader": {
"cssnano": "1.2.3"
}
}
In package.json you can add resolutions
and give the path of dependency which was used.在package.json中,您可以添加
resolutions
并给出使用的依赖路径。 This is example from my project:这是我项目中的示例:
{
"resolutions": {
"helmet/helmet-csp": "2.9.1",
"jest/**/handlebars": "4.5.3"
}
}
This thread is a bit old and maybe already resolved, but maybe there is someone with the same question.这个线程有点老了,可能已经解决了,但也许有人有同样的问题。
In my opinion, you should not change the dependency versions of your dependencies.在我看来,您不应该更改依赖项的依赖版本。 Each project is developed, tested, and published considering their declared dependency versions.
每个项目的开发、测试和发布都考虑了它们声明的依赖版本。 You could break or change the behavior of a package changing its dependencies externally.
您可以破坏或更改包的行为,从外部更改其依赖项。
Instead, think in making a fork of the project (css-loader), change the dependency version, test by yourself, and do use your fork.相反,考虑创建项目的分支(css-loader),更改依赖版本,自己测试,并使用你的分支。 You can also open a pull request to the project maintainer (if you think the change will benefit the community) or publish your version (respecting the licensing policy).
您还可以向项目维护者提出拉取请求(如果您认为更改将使社区受益)或发布您的版本(尊重许可政策)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.