大家都知道package-lock.json设计意图就是让依赖的模块的版本树有个精确的表示和控制,不过NPM 6.0之后,这里面的书写方式发生了改变,这一点官方文档也没详细说明,特此解释一下:
比如之前:
"babel-core": {
"version": "6.22.1",
"resolved": "https://registry.npmjs.org/babel-core/-/babel-core-6.22.1.tgz",
"integrity": "sha1-nF/WWLoXctKNch9tJdlo/HriFkg=",
"requires": {
"babel-code-frame": "6.26.0",
现在:
"babel-code-frame": {
"version": "6.26.0",
"resolved": "https://registry.npmjs.org/babel-code-frame/-/babel-code-frame-6.26.0.tgz",
"integrity": "sha1-Y/1D99weO7fONZR9uP42mj9Yx0s=",
"requires": {
"chalk": "^1.1.3",
"esutils": "^2.0.2",
"js-tokens": "^3.0.2"
}
},
"babel-core": {
"version": "6.22.1",
"resolved": "https://registry.npmjs.org/babel-core/-/babel-core-6.22.1.tgz",
"integrity": "sha1-nF/WWLoXctKNch9tJdlo/HriFkg=",
"requires": {
"babel-code-frame": "^6.22.0"
对比"babel-code-frame"的版本号就会发现,其实就是维持了"babel-core"在package.json中的写法,然而又在头部准确的表示现在用的这个版本是"6.26.0"
这个不是说package-lock.json 设计意图发生了改变,其实有两点原因:
- 原来的依赖关系你依然可以看的清清楚楚的,而且也明确了当前的版本
- 加快了pack-lock.json生成/更新的速度,原来有多少个引用就会要更改多少个地方,比如10个模块引用了"babel-code-frame",只要是"babel-code-frame"的版本一发生改变那么就会有10个地方要改;现在只需要更改一个地方,加快了效率。
NPM 团队之解答:https://github.com/npm/npm/issues/20434#issuecomment-402988364
