The author selected the Open Internet/Free Speech Fund to receive a donation as part of the Write for DOnations program.
作者选择了“ 开放互联网/言论自由基金会”作为“ Write for DOnations”计划的一部分来接受捐赠。
介绍 (Introduction)
Because of such features as its speedy Input/Output (I/O) performance and its well-known JavaScript syntax, Node.js has quickly become a popular runtime environment for back-end web development. But as interest grows, larger applications are built, and managing the complexity of the codebase and its dependencies becomes more difficult. Node.js organizes this complexity using modules, which are any single JavaScript files containing functions or objects that can be used by other programs or modules. A collection of one or more modules is commonly referred to as a package, and these packages are themselves organized by package managers.
由于其快速的输入/输出(I / O)性能和众所周知JavaScript语法等功能, Node.jsSwift成为后端Web开发的流行运行时环境。 但是随着兴趣的增长,将构建更大的应用程序,并且管理代码库及其依赖关系的复杂性变得更加困难。 Node.js使用模块来组织这种复杂性, 模块是包含可被其他程序或模块使用的函数或对象的任何单个JavaScript文件。 一个或多个模块的集合通常称为程序包 ,这些程序包本身由程序包管理器组织。
The Node.js Package Manager (npm) is the default and most popular package manager in the Node.js ecosystem, and is primarily used to install and manage external modules in a Node.js project. It is also commonly used to install a wide range of CLI tools and run project scripts. npm tracks the modules installed in a project with the package.json
file, which resides in a project’s directory and contains:
Node.js程序包管理器(npm)是Node.js生态系统中默认的,最受欢迎的程序包管理器,主要用于安装和管理Node.js项目中的外部模块。 它还通常用于安装各种CLI工具和运行项目脚本。 npm使用package.json
文件跟踪项目中安装的模块,该文件位于项目目录中,并且包含:
- All the modules needed for a project and their installed versions 项目所需的所有模块及其安装版本
- All the metadata for a project, such as the author, the license, etc. 项目的所有元数据,例如作者,许可证等。
- Scripts that can be run to automate tasks within the project 可以运行脚本来自动执行项目中的任务
As you create more complex Node.js projects, managing your metadata and dependencies with the package.json
file will provide you with more predictable builds, since all external dependencies are kept the same. The file will keep track of this information automatically; while you may change the file directly to update your project’s metadata, you will seldom need to interact with it directly to manage modules.
当您创建更复杂的Node.js项目时,使用package.json
文件管理元数据和依赖项将为您提供更可预测的构建,因为所有外部依赖项均保持不变。 该文件将自动跟踪此信息; 尽管您可以直接更改文件以更新项目的元数据,但几乎不需要直接与文件进行交互来管理模块。
In this tutorial, you will manage packages with npm. The first step will be to create and understand the package.json
file. You will then use it to keep track of all the modules you install in your project. Finally, you will list your package dependencies, update your packages, uninstall your packages, and perform an audit to find security flaws in your packages.
在本教程中,您将使用npm管理软件包。 第一步将是创建和理解package.json
文件。 然后,您将使用它来跟踪项目中安装的所有模块。 最后,您将列出您的程序包依赖性,更新程序包,卸载程序包并执行审核以发现程序包中的安全漏洞。
先决条件 (Prerequisites)
To complete this tutorial, you will need:
要完成本教程,您将需要:
Node.js installed on your development machine. This tutorial uses version 10.17.0. To install this on macOS or Ubuntu 18.04, follow the steps in How to Install Node.js and Create a Local Development Environment on macOS or the Installing Using a PPA section of How To Install Node.js on Ubuntu 18.04. By having Node.js installed you will also have npm installed; this tutorial uses version 6.11.3.
在您的开发机器上安装了Node.js。 本教程使用版本10.17.0。 要将其安装在macOS或Ubuntu 18.04上,请遵循如何在macOS上安装Node.js并创建本地开发环境中的步骤,或如何在Ubuntu 18.04上安装Node.js的 使用PPA安装部分中的步骤 。 通过安装Node.js,您还将安装npm。 本教程使用版本6.11.3。
第1步-创建package.json
文件 (Step 1 — Creating a package.json
File)
We begin this tutorial by setting up the example project—a fictional Node.js locator
module that gets the user’s IP address and returns the country of origin. You will not be coding the module in this tutorial. However, the packages you manage would be relevant if you were developing it.
我们通过设置示例项目开始本教程,该项目是一个虚构的Node.js locator
模块,该模块获取用户的IP地址并返回原籍国。 您将不在本教程中编码模块。 但是,如果您正在开发软件包,则您管理的软件包将是相关的。
First, you will create a package.json
file to store useful metadata about the project and help you manage the project’s dependent Node.js modules. As the suffix suggests, this is a JSON (JavaScript Object Notation) file. JSON is a standard format used for sharing, based on JavaScript objects and consisting of data stored as key-value pairs. If you would like to learn more about JSON, read our Introduction to JSON article.
首先,您将创建一个package.json
文件,以存储有关项目的有用元数据,并帮助您管理项目的依赖Node.js模块。 如后缀所示,这是一个JSON(JavaScript对象表示法)文件。 JSON是一种用于共享的标准格式,基于JavaScript对象 ,由存储为键值对的数据组成。 如果您想了解有关JSON的更多信息,请阅读我们的JSON简介文章。
Since a package.json
file contains numerous properties, it can be cumbersome to create manually, without copy and pasting a template from somewhere else. To make things easier, npm provides the init
command. This is an interactive command that asks you a series of questions and creates a package.json
file based on your answers.
由于package.json
文件包含许多属性,因此手动创建可能很麻烦,而无需从其他地方复制和粘贴模板。 为了使事情变得容易,npm提供了init
命令。 这是一个交互式命令,它会询问您一系列问题,并根据您的答案创建一个package.json
文件。
使用init
命令 (Using the init
Command)
First, set up a project so you can practice managing modules. In your shell, create a new folder called locator
:
首先,设置一个项目,以便您可以练习管理模块。 在您的外壳中,创建一个名为locator
的新文件夹:
mkdir locator
mkdir 定位器
Then move into the new folder:
然后移至新文件夹:
cd locator
cd 定位器
Now, initialize the interactive prompt by entering:
现在,通过输入以下内容来初始化交互式提示:
- npm init npm初始化
Note: If your code will use Git for version control, create the Git repository first and then run npm init
. The command automatically understands that it is in a Git-enabled folder. If a Git remote is set, it automatically fills out the repository
, bugs
, and homepage
fields for your package.json
file. If you initialized the repo after creating the package.json
file, you will have to add this information in yourself. For more on Git version control, see our Introduction to Git: Installation, Usage, and Branches series.
注意 :如果您的代码将使用Git进行版本控制,请首先创建Git存储库,然后运行npm init
。 该命令会自动了解它在启用了Git的文件夹中。 如果设置了Git远程控制器,它将自动为package.json
文件填写repository
, bugs
和homepage
字段。 如果在创建package.json
文件之后初始化了package.json
,则必须在自己中添加此信息。 有关Git版本控制的更多信息,请参见我们的Git简介:安装,使用和分支 。
You will receive the following output:
您将收到以下输出:
Output
This utility will walk you through creating a package.json file.
It only covers the most common items, and tries to guess sensible defaults.
See `npm help json` for definitive documentation on these fields
and exactly what they do.
Use `npm install <pkg>` afterwards to install a package and
save it as a dependency in the package.json file.
Press ^C at any time to quit.
package name: (locator)
You will first be prompted for the name
of your new project. By default, the command assumes it’s the name of the folder you’re in. Default values for each property are shown in parentheses ()
. Since the default value for name
will work for this tutorial, press ENTER
to accept it.
首先将提示您输入新项目的name
。 默认情况下,该命令假定它是您所在的文件夹的名称。每个属性的默认值都显示在括号()
。 由于name
的默认值适用于本教程,因此请按ENTER
接受。
The next value to enter is version<