[英]npm: When to use `--force` and `--legacy-peer-deps`
I'm new to npm and am trying to understand how recreating the node_modules
directory for deployment works.我是 npm 的新手,我试图了解如何重新创建node_modules
目录以进行部署。
We're using npm ci
instead of npm install
to ensure a clean slate during deployment.我们使用npm ci
而不是npm install
,以确保在部署期间保持干净。 However, when we run it without any flags, we get the following error:但是,当我们在没有任何标志的情况下运行它时,我们会收到以下错误:
Fix the upstream dependency conflict, or retry this command with --force, or --legacy-peer-deps to accept an incorrect (and potentially broken) dependency resolution.修复上游依赖冲突,或使用 --force 或 --legacy-peer-deps 重试此命令以接受不正确(并且可能损坏)的依赖解析。
The documentation for npm install
for --force
is as follows (there are no flags on npm ci
's page ): npm install
for --force
的 文档如下( npm ci
的页面上没有标志):
The -f or --force argument will force npm to fetch remote resources even if a local copy exists on disk. -f 或 --force 参数将强制 npm 获取远程资源,即使磁盘上存在本地副本。
Meanwhile, the documentation for --legacy-peer-deps
says:同时, --legacy-peer-deps
的文档说:
--legacy-peer-deps: ignore all peerDependencies when installing, in the style of npm version 4 through version 6. --legacy-peer-deps:安装时忽略所有peerDependencies,采用npm版本4到版本6的样式。
It seems that both flags will let npm ci
generate the node_modules
directory without any issues, but I am still unclear about the differences between the two.似乎这两个标志都会让npm ci
生成node_modules
目录没有任何问题,但我仍然不清楚两者之间的区别。
From what I understand, --force
sounds like it will be on a last-dependency-downloaded-wins basis and will overwrite any previously downloaded dependencies.据我了解,-- --force
听起来像是在最后一个依赖下载的基础上,并将覆盖任何以前下载的依赖项。 Meanwhile, --legacy-peer-deps
sounds like it will always skip peer dependencies (whatever those are) during installation even if there are no issues.同时, --legacy-peer-deps
听起来它在安装过程中总是会跳过对等依赖项(无论是什么),即使没有问题。
What are the differences between the two flags, and when should we use them?这两个标志有什么区别,我们应该什么时候使用它们?
In the new version of npm (v7), by default, npm install
will fail when it encounters conflicting peerDependencies .在新版本的 npm (v7) 中,默认情况下,npm 在遇到peerDependencies冲突时npm install
会失败。 It was not like that before.以前不是这样的。
Take a look here for more info about peer dependencies in npm v7. 在此处查看有关 npm v7 中对等依赖项的更多信息。
The differences between the two are below -两者的区别如下——
--legacy-peer-deps
: ignore all peerDependencies when installing, in the style of npm version 4 through version 6. --legacy-peer-deps
:安装时忽略所有peerDependencies ,采用 npm 版本 4 到版本 6 的样式。
--strict-peer-deps
: fail and abort the install process for any conflicting peerDependencies when encountered. --strict-peer-deps
:遇到任何冲突的peerDependencies时失败并中止安装过程。 By default, npm will only crash for peerDependencies conflicts caused by the direct dependencies of the root project.默认情况下,npm 只会因为根项目的直接依赖导致的peerDependencies冲突而崩溃。
--force
: will force npm to fetch remote resources even if a local copy exists on disk. --force
:即使磁盘上存在本地副本,也会强制 npm 获取远程资源。
In the article of https://github.blog/2021-02-02-npm-7-is-now-generally-available/在https的文章中://github.blog/2021-02-02-npm-7-is-now-generally-available/
You have the option to retry with
--force
to bypass the conflict or--legacy-peer-deps
command to ignore peer dependencies entirely (this behavior is similar to versions 4-6).您可以选择使用--force
重试以绕过冲突或--legacy-peer-deps
命令完全忽略对等依赖项(此行为类似于版本 4-6)。
I agree this sentence is not really clear, but "ignore peer dependencies entirely" does not sound good.我同意这句话不是很清楚,但是“完全忽略对等依赖项”听起来不太好。 Let's use a real example:让我们用一个真实的例子:
Here is a peer dependency error I met when I npm install
:这是我在npm install
时遇到的对等依赖错误:
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: mobile@undefined
npm ERR! Found: react@17.0.1
npm ERR! node_modules/react
npm ERR! react@"17.0.1" from the root project
npm ERR! peer react@">=16.0.0" from @testing-library/react-native@7.2.0
npm ERR! node_modules/@testing-library/react-native
npm ERR! dev @testing-library/react-native@"7.2.0" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer react@"16.13.1" from react-native@0.63.2
npm ERR! node_modules/react-native
npm ERR! react-native@"https://github.com/expo/react-native/archive/sdk-39.0.4.tar.gz" from the root project
npm ERR! peer react-native@">=0.59" from @testing-library/react-native@7.2.0
npm ERR! node_modules/@testing-library/react-native
npm ERR! dev @testing-library/react-native@"7.2.0" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See /Users/me/.npm/eresolve-report.txt for a full report.
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/me/.npm/_logs/2021-03-13T00_10_33_813Z-debug.log
npm ERR! code 1
npm ERR! path /Users/me/my-app
npm ERR! command failed
npm ERR! command sh -c sh ./bin/setup.sh
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/me/.npm/_logs/2021-03-13T00_10_33_860Z-debug.log
Below is the package-lock.json difference between --legacy-peer-deps
and --force
.下面是package-lock.json --legacy-peer-deps
和--force
之间的区别。
npm install --legacy-peer-deps
, it adds this in my package-lock.json :如果我运行npm install --legacy-peer-deps
,它会将其添加到我的package-lock.json 中:"node_modules/@unimodules/react-native-adapter": {
"version": "5.7.0",
"resolved": "https://registry.npmjs.org/@unimodules/react-native-adapter/-/react-native-adapter-5.7.0.tgz",
"integrity": "sha512-L557/+sc8ZKJVgo1734HF1QNCxrt/fpqdmdNgySJT+kErux/AJNfPq3flsK0fyJduVmniTutYIMyW48cFoPKDA==",
"dependencies": {
"invariant": "^2.2.4",
"lodash": "^4.5.0"
},
"peerDependencies": {
"react-native": "*",
"react-native-web": "~0.13.7"
}
},
...
"@unimodules/react-native-adapter": {
"version": "5.7.0",
"resolved": "https://registry.npmjs.org/@unimodules/react-native-adapter/-/react-native-adapter-5.7.0.tgz",
"integrity": "sha512-L557/+sc8ZKJVgo1734HF1QNCxrt/fpqdmdNgySJT+kErux/AJNfPq3flsK0fyJduVmniTutYIMyW48cFoPKDA==",
"requires": {
"invariant": "^2.2.4",
"lodash": "^4.5.0"
}
},
npm install --force
, instead, it adds如果我使用npm install --force
,它会添加"node_modules/expo/node_modules/@unimodules/react-native-adapter": {
"version": "5.7.0",
"resolved": "https://registry.npmjs.org/@unimodules/react-native-adapter/-/react-native-adapter-5.7.0.tgz",
"integrity": "sha512-L557/+sc8ZKJVgo1734HF1QNCxrt/fpqdmdNgySJT+kErux/AJNfPq3flsK0fyJduVmniTutYIMyW48cFoPKDA==",
"dependencies": {
"invariant": "^2.2.4",
"lodash": "^4.5.0"
},
"peerDependencies": {
"react-native": "*",
"react-native-web": "~0.13.7"
}
},
"node_modules/expo/node_modules/inline-style-prefixer": {
"version": "5.1.2",
"resolved": "https://registry.npmjs.org/inline-style-prefixer/-/inline-style-prefixer-5.1.2.tgz",
"integrity": "sha512-PYUF+94gDfhy+LsQxM0g3d6Hge4l1pAqOSOiZuHWzMvQEGsbRQ/ck2WioLqrY2ZkHyPgVUXxn+hrkF7D6QUGbA==",
"peer": true,
"dependencies": {
"css-in-js-utils": "^2.0.0"
}
},
"node_modules/expo/node_modules/react-native-web": {
"version": "0.13.18",
"resolved": "https://registry.npmjs.org/react-native-web/-/react-native-web-0.13.18.tgz",
"integrity": "sha512-WR/0ECAmwLQ2+2cL2Ur+0/swXFAtcSM0URoADJmG6D4MnY+wGc91JO8LoOTlgY0USBOY+qG/beRrjFa+RAuOiA==",
"peer": true,
"dependencies": {
"array-find-index": "^1.0.2",
"create-react-class": "^15.6.2",
"deep-assign": "^3.0.0",
"fbjs": "^1.0.0",
"hyphenate-style-name": "^1.0.3",
"inline-style-prefixer": "^5.1.0",
"normalize-css-color": "^1.0.2",
"prop-types": "^15.6.0",
"react-timer-mixin": "^0.13.4"
},
"peerDependencies": {
"react": ">=16.5.1",
"react-dom": ">=16.5.1"
}
},
...
"dependencies": {
"@unimodules/react-native-adapter": {
"version": "5.7.0",
"resolved": "https://registry.npmjs.org/@unimodules/react-native-adapter/-/react-native-adapter-5.7.0.tgz",
"integrity": "sha512-L557/+sc8ZKJVgo1734HF1QNCxrt/fpqdmdNgySJT+kErux/AJNfPq3flsK0fyJduVmniTutYIMyW48cFoPKDA==",
"requires": {
"invariant": "^2.2.4",
"lodash": "^4.5.0"
}
},
"inline-style-prefixer": {
"version": "5.1.2",
"resolved": "https://registry.npmjs.org/inline-style-prefixer/-/inline-style-prefixer-5.1.2.tgz",
"integrity": "sha512-PYUF+94gDfhy+LsQxM0g3d6Hge4l1pAqOSOiZuHWzMvQEGsbRQ/ck2WioLqrY2ZkHyPgVUXxn+hrkF7D6QUGbA==",
"peer": true,
"requires": {
"css-in-js-utils": "^2.0.0"
}
},
"react-native-web": {
"version": "0.13.18",
"resolved": "https://registry.npmjs.org/react-native-web/-/react-native-web-0.13.18.tgz",
"integrity": "sha512-WR/0ECAmwLQ2+2cL2Ur+0/swXFAtcSM0URoADJmG6D4MnY+wGc91JO8LoOTlgY0USBOY+qG/beRrjFa+RAuOiA==",
"peer": true,
"requires": {
"array-find-index": "^1.0.2",
"create-react-class": "^15.6.2",
"deep-assign": "^3.0.0",
"fbjs": "^1.0.0",
"hyphenate-style-name": "^1.0.3",
"inline-style-prefixer": "^5.1.0",
"normalize-css-color": "^1.0.2",
"prop-types": "^15.6.0",
"react-timer-mixin": "^0.13.4"
}
}
}
},
As you see, npm install --force
still pins many dependency versions which is stricter.如您所见, npm install --force
仍然固定了许多更严格的依赖版本。
When the project has version of NPM conflict and error pitches up.当项目有 NPM 版本冲突和错误提示时。
Error错误
An unhandled exception occurred: The 'buildOptimizer' option cannot be used without 'aot'.
In .npmrc file - This ignores all peerDependencies在.npmrc文件中 - 这会忽略所有 peerDependencies
legacy-peer-deps true
Command Prompt it installs dependency versions which is stricter命令提示符它安装更严格的依赖版本
npm install --force
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.