堆栈内存溢出
  简体   繁体   English

防止频繁构建 package-lock.json

[英]Prevent building package-lock.json frequently

 原文  2022-10-10 07:40:00       javascript/ node.js/ npm

问题描述

I have a package.json file where I have dependencies fixed to a particular version:我有一个package.json文件,其中我将依赖项固定为特定版本:

包.json

I had run npm install few days back and it generated the package-lock.json file.几天前我运行npm install ,它生成了package-lock.json文件。 In the package-lock.json file, I can see that the exact version of eslint , ie v8.23.1 , is installed but the sub-dependencies have a caret sign meaning it'll install the latest major/minor versions, eg @eslint/eslintrc= "^1.3.2" :package-lock.json文件中,我可以看到安装了eslint的确切版本,即v8.23.1 ,但是子依赖项有一个脱字符号,这意味着它将安装最新的主要/次要版本,例如@eslint/eslintrc= "^1.3.2" :

包锁.json

eslintrc_dep

After pushing my code, when the Jenkins build runs, it fails saying:推送我的代码后,当 Jenkins 构建运行时,它无法显示:

詹金斯错误

This is because a new version of @eslint/eslintrc is available and my package-lock.json has mapping of v1.3.2 .这是因为新版本的@eslint/eslintrc可用并且我的package-lock.json v1.3.2 v1.3.2 的映射。 I have two options in mind:我有两个选择:

  1. Update package-lock.json every time a sub-dependency gets upgraded but I'll have to do it quite frequently.每次升级子依赖项时更新package-lock.json ,但我必须经常这样做。

  2. Lock dependencies using overrides field in package.json but this will also have to be updated frequently.使用package.json中的overrides字段锁定依赖项,但这也必须经常更新。

I want to freeze the dependencies (which I already did as seen in package.json ) and also the sub-dependecies, until I decide to update them manually.我想冻结依赖项(我已经在package.json中看到)以及子依赖项,直到我决定手动更新它们。

What should be done in this case?在这种情况下应该怎么办?

My Node version is v16.15.0 and NPM version is v8.5.5.我的节点版本是 v16.15.0,NPM 版本是 v8.5.5。

1 个解决方案

解决方案1
 0  2022-10-10 10:09:34

The issue was with the node version.问题出在节点版本上。 Earlier env.NODE_VERSION = '16 --lts' was being used.之前env.NODE_VERSION = '16 --lts' After setting it to v16.15.0, it worked fine.将其设置为 v16.15.0 后,它工作正常。 Thanks, @jonrsharpe:)谢谢,@jonrsharpe:)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用package-lock.json的工作流程 - Workflow with package-lock.json 通过 package-lock.json 减轻差异噪音 - Mitigate the diff noice by package-lock.json Package-lock.json - 需要 vs 依赖 - Package-lock.json - requires vs dependencies 以编程方式生成 package-lock.json - generate package-lock.json programmatically 忽略package-lock.json中的某些软件包 - Ignoring certain packages in package-lock.json 从package-lock.json获取库 - Get Libraries from package-lock.json 修复 package-lock.json 中的易受攻击的依赖项 - Fix a vulnerable dependency in package-lock.json 更新:package.json 和 package-lock.json 不同步 - Renovate: package.json and package-lock.json not in sync 同时弹出package-lock.json和packge.lock吗? - Bumping package-lock.json and packge.lock at the same time? 从 package-lock.json 文件重新安装包 - Reinstall package from package-lock.json file
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM