npm 包管理器_纱包管理器：npm的改进

npm 包管理器

From bower to npm, package management for the web has come a long way.

从Bower到npm ，Web的软件包管理已经走了很长一段路。

I remember when I first started learning web development — you went online, looked for a package, download a zipped version, extract, and link on the web page. Heck, if we wanted a faster website, we would go to a CDN like jsDelivr and pick a globally cached version.

我记得当我第一次开始学习Web开发时-您上网，寻找软件包，下载压缩版本，解压缩并在网页上链接。 哎呀，如果我们想要一个更快的网站，我们将转到jsDelivr这样的CDN并选择一个全局缓存的版本。

From there, tools like bower emerged. Since most packages are open-source, and since GitHub is the most popular place to host version controlled open-sourced files, bower served as a management tool to download the files, easily upgrade, etc.

从那里，出现了凉亭之类的工具。 由于大多数软件包都是开源的，并且GitHub是托管版本控制的开源文件的最受欢迎的地方，因此Bower充当了下载文件，轻松升级等的管理工具。

Bower had its shortcomings, but in the javascript world, a problem doesn't last too long. There are things like polyfills, hacks, etc. A better management solution to bower called npm rose from the shadows. Being that npm is the default package manager for Node.js, it quickly rose to fame as it was and is a better package management tool than bower (IMHO).

Bower有其缺点，但是在javascript世界中，问题不会持续太久。 有诸如polyfills，hacks之类的东西。一种名为npm的凉亭更好的管理解决方案从阴影中崛起。 由于npm是Node.js的默认软件包管理器，因此它很快就一举成名，并且比bower（IMHO）更好。

npm问题 ( Problems with npm )

npm is good, but it also has its shortcomings. Here is a list of some of them:

npm很好，但是也有缺点。 这是其中一些的列表：

• Nested dependencies: npm version 2 nests dependencies which lead to duplicates, and as a user of windows, file paths may get long which causes problems with windows when trying to delete them. To fix this problem, use npm version 3.
  嵌套的依赖项 ：npm版本2嵌套了导致重复项的依赖项，作为Windows用户，文件路径可能会变长，这会在尝试删除Windows时导致Windows问题。 要解决此问题，请使用npm版本3。
• Queued install: when npm gets dependencies from its repository, it installs each dependency one after the other which might end up using a lot of time.
  排队安装 ：当npm从其存储库获取依赖项时，它将一个接一个地安装每个依赖项，这可能会花费大量时间。
• Single registry: If a package is not on NpmJS, forget about it.
  单一注册表 ：如果某个软件包不在NpmJS上 ，请忽略它。
• No offline installation.
  没有离线安装 。

纱线介绍 ( Introducing Yarn )

Tech giants like facebook and google decided to team up and make a better package management tool, they called it Yarn.

像Facebook和Google这样的技术巨头决定组建一个更好的程序包管理工具，他们称之为Yarn。

This tool will take packages from NpmJS or Bower registries, it also runs dependency installs parallel to each other.

该工具将从NpmJS或Bower注册表中获取软件包，并且还可以并行运行依赖项安装。

If you've installed a package before, yarn creates a cached copy which facilitates offline package installs.

如果您以前安装过软件包，则yarn会创建一个缓存的副本，以方便脱机安装软件包 。

Out of the box, yarn offers flat dependency structure as compared to npm's nested structure.

开箱即用，纱线报价相比，新公共管理的嵌套结构扁平依存结构。

A single request failing won't cause an install to fail. Requests are retried upon failure.

单个请求失败不会导致安装失败。 失败时重试请求。

Overall, yarn offers a better workflow than npm.

总体而言，纱线比npm提供更好的工作流程。

安装纱 ( Installing Yarn )

At the time of this writing, I am confident of two ways to install yarn on your machine. The first method would be to use npm (lol, it's like "using internet explorer to install Chrome or Firefox").

在撰写本文时，我对在机器上安装纱线的两种方法充满信心。 第一种方法是使用npm（大声笑，就像“使用Internet Explorer安装Chrome或Firefox”）。

npm install-g yarn

This installs yarn globally and makes it available from the terminal. The other method would be to go to the official download page and get the installer for your operating system and run it.

这将在全球范围内安装纱线，并使其可从终端使用。 另一种方法是转到官方下载页面并获取操作系统的安装程序并运行它。

NOTE: both methods require you to have Node.js preinstalled on your machine.

注意 ：这两种方法都要求您在计算机上预先安装Node.js。

纱线的工作原理 ( How Yarn Works )

Yarn doesn't intend to replace npm, more like improving on it. It uses the same package.json file, and saves dependencies to the node_modules/ folder. To test yarn, I used the same package.json file from a project I'm working on. It looks like this.

Yarn并不打算取代npm，更像是对其进行改进。 它使用相同的package.json文件，并将依赖项保存到node_modules /文件夹中。 为了测试yarn，我使用了我正在研究的项目中的相同package.json文件。 看起来像这样。

{
  "private": true,
  "dependencies": {
    "body-parser": "~1.13.2",
    "cookie-parser": "~1.3.5",
    "debug": "~2.2.0",
    "express": "~4.13.1",
    "morgan": "~1.6.1",
    "nunjucks": "^2.5.2",
    "serve-favicon": "~2.3.0",
    "vue": "^2.0.1",
    "vue-router": "^2.0.0",
    "vue-server-renderer": "^2.0.1"
  },
  "devDependencies": {
    "babel-preset-es2015": "^6.16.0",
    "babelify": "^7.3.0",
    "browserify": "^13.1.0",
    "gulp": "^3.9.1",
    "gulp-autoprefixer": "^3.1.1",
    "gulp-cssnano": "^2.1.2",
    "gulp-if": "^2.0.1",
    "gulp-plumber": "^1.1.0",
    "gulp-rename": "^1.2.2",
    "gulp-rev": "^7.1.2",
    "gulp-sass": "^2.3.2",
    "gulp-uglify": "^2.0.0",
    "gulp-util": "^3.0.7",
    "rev-del": "^1.0.5",
    "vinyl-buffer": "^1.0.0",
    "vinyl-source-stream": "^1.1.0"
  }
}

Then I created a test working directory called Yarn and put the package.json in there. To install the packages, from the root of the working directory, run yarn or yarn install.

然后，我创建了一个名为Yarn的测试工作目录，并将package.json放入其中。 要安装软件包，请从工作目录的根目录运行yarn或yarn install 。

If you need a new package.json file and a chance to initialize a dependency tree based on yarn, you could use

如果您需要一个新的package.json文件并有机会初始化基于yarn的依赖关系树，则可以使用

yarn init

This will give you an interactive prompt similar to this.

这将为您提供类似于此的交互式提示。

添加，升级和删除依赖项 (Adding, Upgrading, and Removing Dependencies)

Adding a new dependency is easy, simply call

添加新的依赖关系很容易，只需调用

yarn add[package-name]

If you want a specific package version or tag, you can do this.

如果需要特定的软件包版本或标签，可以执行此操作。

yarn add[package]@[version-or-tag]

For dev dependencies, peer dependencies and optional dependencies you pass the --dev --peer --optional respectively.

对于开发依赖项，对等依赖项和可选依赖项，您分别传递了--dev --peer --optional 。

yarn add gulp --dev

Will save gulp under devDependencies. To upgrade or remove a package, you just replace the add command with either upgrade or remove followed by the package name.

将在devDependencies下节省devDependencies 。 要升级或删除软件包，只需将add命令替换为upgrade或remove然后加上软件包名称。

# upgrade a gulp from 3.9.1 to version 4
yarn upgrade gulp@4.0

# remove a gulp
yarn remove gulp

纱线锁定文件 (The Yarn lock file)

After every install, upgrade or removal, yarn updates a yarn.lock file which keeps track of the exact package version installed in node_modules directory.

每次安装，升级或删除后，yarn都会更新yarn.lock文件，该文件跟踪在node_modules目录中安装的确切软件包版本。

NOTE: you should add this file to version control if you want package version consistency. Otherwise, feel free to git ignore it if you are comfortable with patch version upgrades.

注意 ：如果要使软件包版本一致，则应将此文件添加到版本控制中。 否则，如果您对补丁程序版本升级感到满意，请随意忽略它。

消除依赖膨胀 (Remove dependency bloat)

We are all familiar with junk that comes with packages, from a picture of guy fieri to useless junk. Yarn can help us with that. Running yarn clean, yarn will try to remove as much junk as it can.

我们都熟悉包装随附的垃圾，从盖伊·费里（guy fieri）的图片到无用的垃圾，一应俱全 。 纱线可以帮助我们。 保持yarn clean ，纱线将尽力清除尽可能多的垃圾。

After doing this, a .yarnclean file is created. If this file is present before you run yarn install, it will clean each package before installing it. This file you definitely want to add to version control.

完成此操作后，将创建一个.yarnclean文件。 如果在运行yarn install之前存在此文件，它将在安装之前清洁每个软件包。 您肯定要将该文件添加到版本控制中。

更新纱线 (Updating yarn)

As time goes on, new versions of yarn will be released and to update to the latest version, you can run

随着时间的流逝，将发布新版本的纱线，并且要更新到最新版本，您可以运行

yarn self-update

If you want a particular version of yarn installed, you can pass the version tag as an option

如果要安装特定版本的纱线，可以将版本标签作为选项传递

yarn self-update 0.15.1

纱线的未来 ( Future of Yarn )

Having tested Yarn for a couple hours, I haven't noticed any problems yet. For the future of the project, since the project is backed by companies like Google and Facebook — it will be actively developed which can lead to yarn either becoming the defacto package manager or it being forked and used as the official npm package manager.

测试了Yarn几个小时之后，我还没有发现任何问题。 对于该项目的未来，由于该项目得到了Google和Facebook等公司的支持，因此将得到积极开发，这可能导致纱线成为事实上的卷装管理器，或者被分支并用作npm的官方包装管理器。

But nonetheless, the project looks very promising and I honestly can't wait to use it again.

但是，尽管如此，该项目看起来非常有前途，老实说，我迫不及待想要再次使用它。

PS: Windows users don't get yarn emojis when installing dependencies :(.

PS ：Windows用户在安装依赖项时不会得到yarn emoji表情:(。

链接 ( Links )

• Yarn Commands
  纱线命令

翻译自: https://scotch.io/tutorials/yarn-package-manager-an-improvement-over-npm

npm 包管理器