npm 网络管理员指南
When creating a new Node project, one of the very first things you'll do is select your dependencies
and devDependencies
for your project. When declaring Node dependency version numbers, there are many different ways to specify the version number you want. That's because Node uses semantic versioning when declaring modules.
创建新的Node项目时,要做的第一件事就是为项目选择dependencies
和devDependencies
。 声明节点依赖版本号时,有许多不同的方法来指定所需的版本号。 这是因为Node在声明模块时使用语义版本控制 。
-
4.8.5
4.8.5
-
>4.8.5
>4.8.5
-
>=4.8.5
>=4.8.5
-
~4.8.5
~4.8.5
{
"name": "awesome-sauce",
"main": "server.js",
"dependencies": {
"express": "^4.0.x" <-- what in the world is that?!
}
}
Let's look through the various ways we can declare version numbers in our Node
package.json
files.
package.json
文件中声明版本号的各种方法。
特定版本 ( A Specific Version )
v2.0.0
or
v2.0.0
或
=2.0.0
The
=2.0.0
v
and the
v
和
=
will be removed and the exact version
=
将被删除,并将使用确切的版本
2.0.0
will be used.
2.0.0
。
Version Ranges
There are a lot of ways to define a version range. Why would we need to define a version range? There are many reasons why you would want version ranges. When modules and dependencies that you use are updated, you want to make sure that they don't break your project. This is why it's good to not specifylatest
as your version. For example, when ExpressJS was updated from
version 3 to version 4, many applications would have broken. It would have been good to specify that you only wanted the latest of version 3, but not anything from version 4. Here's a handy table of the ways we can define version ranges:
Version Number | Explanation | ||||||
latest | Takes the latest version possible. Not the safest thing to use. | ||||||
* , x | Wildcards. Can be any version at all. Crazy stuff. | ||||||
4 , 4.* , 4.x , ~4 , ^4 | Any version that starts with 4. Takes the latest. | ||||||
>4.8.5 | Choose any version greater than a specific version. Could break your application. | ||||||
<4.8.5 | Choose any version lower than a specific version. | >=4.8.5 | Anything greater than or equal to a specific version. | <=4.8.5 | Anything less than or equal to. | 4.8.3 - 4.8.5 | Anything within a range of versions. The equivalent of >=4.8.3 and <=4.8.5 |
~4.8.5 | Any version "reasonably close to 4.8.5". This will call use all versions up to, but less than 4.9.0 | ||||||
~4.8 | Any version that starts with 4.8 | ||||||
^4.8.5 | Any version "compatible with 4.8.5". This will call versions up to the next major version like 5.0.0. Could break your application if there are major differences in the next major version. | ||||||
~1.2 | Any version compatible with 1.2 |
版本范围
有很多定义版本范围的方法。 为什么我们需要定义版本范围? 有许多原因导致您需要版本范围。 当您使用的模块和依赖项更新时,您要确保它们不会破坏您的项目。 这就是为什么最好不要将latest
版本指定为您的版本。 例如,当ExpressJS从
版本3更新
到版本4时 ,许多应用程序将损坏。 最好指定您只需要最新的版本3,而不需要版本4的任何内容。这是我们定义版本范围的便捷表格:
版本号 | 说明 | ||||||
latest | 尽可能采用最新版本。 不是最安全的使用方法。 | ||||||
* , x | 通配符。 可以是任何版本。 疯狂的事情。 | ||||||
4 . 4.* , 4.x , ~4 , ^4 | 以4开头的任何版本。 | ||||||
>4.8.5 | 选择大于特定版本的任何版本。 可能会中断您的应用程序。 | ||||||
<4.8.5 | 选择低于特定版本的任何版本。 | >=4.8.5 | 大于或等于特定版本的任何内容。 | <=4.8.5 | 任何小于或等于。 | 4.8.3 - 4.8.5 | 版本范围内的任何内容。 等于> = 4.8.3和<= 4.8.5 |
~4.8.5 | 任何版本“合理接近4.8.5”。 这将调用使用所有但不超过4.9.0的版本 | ||||||
~4.8 | 以4.8 开头的任何版本 | ||||||
^4.8.5 | 任何版本“与4.8.5兼容”。 这将调用高达下一个主要版本(如5.0.0)的版本。 如果下一个主要版本中有主要差异,则可能会中断您的应用程序。 | ||||||
~1.2 | 任何与1.2 兼容的版本 |
Best Practices
Personally, when calling dependencies for my project, I will use the tilde (~
). By specifying your express dependency using
~4.8.5
, you will be able to get bug fixes when new smaller versions come around, but
you won't grab versions that break your project. You are never going to be sure what updates come with the new versions and if those updates will break your application. For express, we definitely won't want to grab version 5 in the future. Even 4.9.0 could break our application so the tilde will keep us safe since it won't let our application grab that version.
TLDR; Use the tilde so you don't break your applications, but still get the latest bug fixes.
最佳实践
就个人而言,当为我的项目调用依赖项时,我将使用波浪号(~
)。 通过使用
~4.8.5
指定明确的依赖关系,当出现新的较小版本时,您将能够修复错误,但是
您不会抓到破坏项目的版本 。 您永远不会确定新版本附带哪些更新以及这些更新是否会破坏您的应用程序。 为了明确起见,我们绝对不会在将来获得版本5。 甚至4.9.0都可能破坏我们的应用程序,因此波浪号将使我们安全,因为它不会让我们的应用程序获取该版本。
TLDR;
使用波浪号,这样您就不会破坏应用程序,但仍然可以获取最新的错误修复 。
结论 ( Conclusion )
希望这可以澄清所有这些疯狂的符号和版本编号方案的含义。 语义版本控制不仅仅可以在npm模块中看到。 您可以看到它在Grunt和Bower版本中也使用过。翻译自: https://scotch.io/tutorials/node-and-npm-version-numbering-guide-and-best-practices
npm 网络管理员指南