让“npm安装——保存”为package.json添加一个严格的版本

When you run npm install --save somepackage, it usually adds something like this into package.json:

当您运行npm安装时——保存一些包，它通常会在包中添加类似的内容。

"dependencies": {
    "somepackage": "^2.1.0"
}

Because the version is prepended with a caret(^), this means that if you later run npm install, it might install version 2.3.0 instead. This can be undesirable for fairly obvious reasons. npm shrinkwrap is useful, but doesn't really solve the problem.

因为版本有一个插入符号(^),这意味着,如果你以后运行npm安装,可以安装版本tripwire代替。这可能是不可取的，原因很明显。npm shrinkwrap很有用，但并不能真正解决问题。

So, I have several questions:

所以，我有几个问题:

When installing a package, is it possible to specify that you want it to be set to a specific version in package.json (no caret before the version number)?
在安装包时，是否可以指定要将其设置为包中的特定版本。json(在版本号之前没有插入符号)?
When publishing a package to npm, is there any way to prevent the default of including the caret before the version when other developers install your package?
当向npm发布包时，是否有什么方法可以防止在其他开发人员安装包时，在版本之前包含插入符号?

3 个解决方案

#1

To specify by default a exact version, you can change your npm config with save-exact:

要在默认情况下指定一个确切的版本，您可以使用save-确切更改您的npm配置:

npm config set save-exact true

npm配置设置为save- exactly true

You can also specify the prepend version with a tilde with save-prefix

您还可以使用带有保存前缀的斜线来指定前置版本

And, no you can't force user to update to a minor or a patch version, NPM uses semver and it's the recommend way of publishing packages.

不，你不能强迫用户更新一个小版本或补丁版本，NPM使用semver，这是发布包的推荐方式。

#2

You can change the default behaviour by using the --save-exact option.

您可以使用—save-exact选项更改默认行为。

// npm
npm install --save --save-exact react

// yarn
yarn add --exact react

I created a blog post about this if anyone is looking for this in the future.

我写了一篇关于这个的博文，如果将来有人想找的话。

https://www.dalejefferson.com/blog/how-to-save-exact-npm-package-versions/

#3

Run:

运行:

npm install --save --save-exact my-module@my-specific-version

_{Adding an answer to make this advice easier to see.}

添加一个答案，使这个建议更容易看到。

#1