npm 包管理器简介

¥An introduction to the npm package manager

npm 简介

¥Introduction to npm

npm 是 Node.js 的标准包管理器。

¥npm is the standard package manager for Node.js.

据报道,2022 年 9 月,npm 注册表中列出了超过 210 万个软件包,使其成为地球上最大的单一语言代码存储库,你可以肯定,几乎所有内容都有一个软件包!

¥In September 2022 over 2.1 million packages were reported being listed in the npm registry, making it the biggest single language code repository on Earth, and you can be sure there is a package for (almost!) everything.

它最初是一种下载和管理 Node.js 包依赖的方法,但后来也成为前端 JavaScript 中使用的工具。

¥It started as a way to download and manage dependencies of Node.js packages, but it has since become a tool used also in frontend JavaScript.

Yarnpnpm 是 npm cli 的替代品。你也可以查看它们。

¥Yarn and pnpm are alternatives to npm cli. You can check them out as well.

¥Packages

npm 安装、更新和管理项目依赖的下载。依赖是预先构建的代码片段,例如库和包,你的 Node.js 应用需要它们才能运行。

¥npm installs, updates and manages downloads of dependencies of your project. Dependencies are pre-built pieces of code, such as libraries and packages, that your Node.js application needs to work.

安装所有依赖

¥Installing all dependencies

如果项目有一个 package.json 文件,通过运行

¥If a project has a package.json file, by running

npm install
Shell复制到剪贴板

它将在 node_modules 文件夹中安装项目所需的所有内容,如果尚不存在,则创建它。

¥it will install everything the project needs, in the node_modules folder, creating it if it's not existing already.

安装单个包

¥Installing a single package

你也可以通过运行来安装特定的包

¥You can also install a specific package by running

npm install <package-name>
Shell复制到剪贴板

此外,从 npm 5 开始,此命令将 <package-name> 添加到 package.json 文件依赖。在版本 5 之前,你需要添加标志 --save

¥Furthermore, since npm 5, this command adds <package-name> to the package.json file dependencies. Before version 5, you needed to add the flag --save.

通常你会看到更多标志添加到此命令:

¥Often you'll see more flags added to this command:

  • --save-dev 安装并将条目添加到 package.json 文件 devDependencies

    ¥--save-dev installs and adds the entry to the package.json file devDependencies

  • --no-save 安装但不将条目添加到 package.json 文件依赖

    ¥--no-save installs but does not add the entry to the package.json file dependencies

  • --save-optional 安装并将条目添加到 package.json 文件 optionalDependencies

    ¥--save-optional installs and adds the entry to the package.json file optionalDependencies

  • --no-optional 将阻止安装可选依赖

    ¥--no-optional will prevent optional dependencies from being installed

也可以使用标志的简写:

¥Shorthands of the flags can also be used:

  • -S:--save

  • -D:--save-dev

  • -O:--save-optional

devDependencies 和 dependency 之间的区别在于前者包含开发工具,如测试库,而后者在生产中与应用打包在一起。

¥The difference between devDependencies and dependencies is that the former contains development tools, like a testing library, while the latter is bundled with the app in production.

至于 optionalDependencies,区别在于依赖的构建失败不会导致安装失败。但是处理依赖的缺失是你的程序的责任。阅读有关 可选依赖 的更多信息。

¥As for the optionalDependencies the difference is that build failure of the dependency will not cause installation to fail. But it is your program's responsibility to handle the lack of the dependency. Read more about optional dependencies.

更新软件包

¥Updating packages

通过运行,更新也变得简单

¥Updating is also made easy, by running

npm update
Shell复制到剪贴板

npm 将检查所有软件包是否有满足版本控制约束的较新版本。

¥npm will check all packages for a newer version that satisfies your versioning constraints.

你也可以指定要更新的单个包:

¥You can specify a single package to update as well:

npm update <package-name>
Shell复制到剪贴板

版本控制

¥Versioning

除了普通下载之外,npm 还管理版本控制,因此你可以指定软件包的任何特定版本,或者要求高于或低于你需要的版本。

¥In addition to plain downloads, npm also manages versioning, so you can specify any specific version of a package, or require a version higher or lower than what you need.

很多时候你会发现一个库只与另一个库的主要版本兼容。

¥Many times you'll find that a library is only compatible with a major release of another library.

或者最新版本的库中仍未修复的错误导致了问题。

¥Or a bug in the latest release of a lib, still unfixed, is causing an issue.

指定库的显式版本还有助于让每个人都使用相同的软件包版本,以便整个团队运行相同的版本,直到 package.json 文件更新。

¥Specifying an explicit version of a library also helps to keep everyone on the same exact version of a package, so that the whole team runs the same version until the package.json file is updated.

在所有这些情况下,版本控制都有很大帮助,而 npm 遵循语义版本控制 (semver) 标准。

¥In all those cases, versioning helps a lot, and npm follows the semantic versioning (semver) standard.

你可以通过运行来安装软件包的特定版本

¥You can install a specific version of a package, by running

npm install <package-name>@<version>
Shell复制到剪贴板

运行任务

¥Running Tasks

package.json 文件支持一种格式,用于指定可以使用以下方式运行的命令行任务

¥The package.json file supports a format for specifying command line tasks that can be run by using

npm run <task-name>
Shell复制到剪贴板

例如:

¥For example:

{
  "scripts": {
    "start-dev": "node lib/server-development",
    "start": "node lib/server-production"
  }
}
JSON复制到剪贴板

使用此功能运行 Webpack 非常常见:

¥It's very common to use this feature to run Webpack:

{
  "scripts": {
    "watch": "webpack --watch --progress --colors --config webpack.conf.js",
    "dev": "webpack --progress --colors --config webpack.conf.js",
    "prod": "NODE_ENV=production webpack -p --config webpack.conf.js"
  }
}
JSON复制到剪贴板

因此,你无需输入那些容易忘记或输入错误的长命令,你可以运行

¥So instead of typing those long commands, which are easy to forget or mistype, you can run

$ npm run watch
$ npm run dev
$ npm run prod
Shell Session复制到剪贴板
上一个V8 JavaScript 引擎下一步ECMAScript 2015 (ES6) 及更高版本
目录
  1. npm 简介
  3. 安装所有依赖
  4. 安装单个包
  5. 更新软件包
  6. 版本控制
  7. 运行任务