发表新帖
发表新帖

How to shrinkwrap devDependencies, but not install them unless necessary?

前端 未结
关注
5 1677
爱一瞬间的悲伤
爱一瞬间的悲伤 2020-12-23 14:11

I have a bunch of devDependencies needed in order to run test suite and have production dependencies locked down with npm shrinkwrap. The problem i

相关标签:
5条回答
  • 时光说笑
    2020-12-23 14:23

    This is fixed in npm 3.10.8; npm install --production shouldn't install dev deps in a shrinkwrap created by npm shrinkwrap --dev: https://github.com/npm/npm/releases/tag/v3.10.8

    0 讨论(0)
  • 佛祖请我去吃肉
    2020-12-23 14:25

    September, 2016:

    As others have mentioned as well, there were some huge efforts to enhance the shrinkwrap feature starting with npm v3.10.8.

    Thanks to this, it'll be possible to keep your devDependencies locked while installing only the production dependencies:

    npm shrinkwrap --dev
npm install --only=prod

    2013 answer:

    As stated in the NPM docs:

    Since npm shrinkwrap is intended to lock down your dependencies for production use, devDependencies will not be included unless you explicitly set the --dev flag when you run npm shrinkwrap. If installed devDependencies are excluded, then npm will print a warning. If you want them to be installed with your module by default, please consider adding them to dependencies instead.

    Basically, or you lock down all deps, or only the production deps.

    Not even running npm install --dev or npm install --force can transcend the shrinkwrap functionality.

    0 讨论(0)
  • 予麋鹿
    2020-12-23 14:34

    As to npm 5 (I've tried on 5.5.1 and 5.6.0), --production (--only=prod) flag is problematic.

    When package-lock.json exists in the folder, 

    npm shrinkwrap --production

    simply changes the file name to npm-shrinkwrap.json.

    How I managed to solve this issue is to run:

    npm prune --production

    and then run:

    npm shrinkwrap --production
    0 讨论(0)
  • 终归单人心
    2020-12-23 14:37

    EDIT 2016/09/13

    I've tested out npm v3.10.8, and this functionality now works as expected. We've shrinkwrapped our devDependencies and can install only prod dependencies when we deploy.

    I think it's worth mentioning that this feature should start working as expected very soon. According to this github issue, tons of people were running into the same problem, and according to this pull request, it will be in the next release (scheduled for 2016-09-08).

    With the pull request merged in, all you would have to do is:

    npm i --only=prod
    0 讨论(0)
  • 小鲜肉
    2020-12-23 14:44

    It looks like this feature was recently added in v3.3 of the npm client per the changelog

    You'll now be able to run npm install --only=prod to achieve the effect you wish.

    0 讨论(0)
 看不清?
提交回复
热议问题