[英]Upgrading React library version: is it advisable to push only package.json or to push package.json and package-lock.json both?
在升级React库版本时,建议只推送package.json还是同时推送package.json和package-lock.json?
You should push both, no matter what you are upgrading. 无论您要升级什么,都应同时推动两者。 It is always recommended to push both
package.json
and package-lock.json
into your source control. 始终建议将
package.json
和package-lock.json
都推送到您的源代码管理中。 According to the npm docs on package-lock.json : (Bolding added by me) 根据package-lock.json上的npm文档 :( 我 加粗 了)
package-lock.json
is automatically generated for any operations where npm modifies either thenode_modules
tree, orpackage.json
.对于npm修改
node_modules
树或package.json
任何操作,都会自动生成package-lock.json
。 It describes the exact tree that was generated, such that subsequent installs are able to generate identical trees, regardless of intermediate dependency updates.它描述了生成的确切树,因此无论中间依赖项更新如何,后续安装都可以生成相同的树。
This file is intended to be committed into source repositories , and serves various purposes:
该文件旨在提交到源存储库中 ,并具有多种用途:
Describe a single representation of a dependency tree such that teammates, deployments, and continuous integration are guaranteed to install exactly the same dependencies.
描述依赖关系树的单个表示,这样可以确保队友,部署和持续集成安装完全相同的依赖关系。
Provide a facility for users to "time-travel" to previous states of node_modules without having to commit the directory itself.
为用户提供一种工具,使其可以“时间旅行”到node_modules的先前状态,而不必提交目录本身。
To facilitate greater visibility of tree changes through readable source control diffs.
为了通过可读的源代码控制差异更好地了解树的变化。
And optimize the installation process by allowing npm to skip repeated metadata resolutions for previously-installed packages.
并允许npm跳过先前安装的软件包的重复元数据解析,从而优化安装过程。
You can also see this answer for more information and discussion. 您也可以查看此答案以获取更多信息和讨论。
两者都是,因为所有packege.json模块版本都类似于package-lock.json
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.