有没有办法从 package-lock.json 中提取 package.json?
[英]Is there a way to extract package.json from package-lock.json?
问题描述
I'm working on a project in which the package.json file is missing.
我正在处理一个缺少 package.json 文件的项目。 The developer has pushed the package-lock.json file without the package.json file.开发者推送了 package-lock.json 文件,没有推送 package.json 文件。
How can I create a clean package.json from the package-lock.json file in case it is at all possible?如果可能的话,如何从 package-lock.json 文件创建一个干净的 package.json?
3 个解决方案
解决方案1
5 已采纳 2019-01-13 10:55:02
It's not possible to generate full package.json from package-lock.json because the latter doesn't contain all necessary data.从package-lock.json生成完整的package.json是package-lock.json因为后者不包含所有必要的数据。 It contains only a list of dependencies with specific versions without original semvers.它仅包含具有特定版本的依赖项列表,没有原始 semvers。 Production and development dependencies are mixed up along with nested dependencies.生产和开发依赖与嵌套依赖混合在一起。
Fresh package.json could be generated, then augmented with these dependencies with something like:可以生成新的package.json ,然后添加这些依赖项,例如:
const fs = require('fs');
const packageLock = require('./package-lock.json');
const package = require('./package.json');
package.dependencies = Object.entries(packageLock.dependencies)
.reduce((deps, [dep, { version }]) => Object.assign(deps, { [dep]: version }), {});
fs.writeFileSync('./package-new.json', JSON.stringify(package, null, 2));
Nested dependencies could be filtered out by checking requires key, but this can affect project's own dependencies.可以通过检查requires键来过滤掉嵌套的依赖项,但这会影响项目自身的依赖项。
解决方案2
2 2019-03-22 16:27:35
Simply run npm init and it will pull all of the current dependencies from package-lock.json if you already have node_modules/ generated.只需运行npm init ,如果您已经生成了node_modules/ package-lock.json从package-lock.json提取所有当前依赖项。 If not, run npm ci to generate the node modules from the package-lock.json and then run npm init to generate the package.json file.如果没有,运行npm ci从package-lock.json生成节点模块,然后运行npm init生成package.json文件。
解决方案3
1 2022-03-18 04:13:14
Slightly improved version of accepted answer script.已接受的答案脚本的略微改进版本。 Will pull locked versions out of the package-lock.将从包锁中拉出锁定的版本。
const fs = require('fs');
const packageLock = require('./package-lock.json');
const package = require('./package.json');
package.dependencies = Object.keys(package.dependencies)
.reduce((deps, dep) => Object.assign(deps, { [dep]: packageLock.dependencies[dep].version }), {});
package.devDependencies = Object.keys(package.devDependencies)
.reduce((deps, dep) => Object.assign(deps, { [dep]: packageLock.dependencies[dep].version }), {});
fs.writeFileSync('./package-new.json', JSON.stringify(package, null, 2));
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.