Deterministic:
The same dependencies will be installed the same exact
way across every machine regardless of install order. Yarn resolves
“works on my machine” issues around versioning and non-determinism by
using lockfiles and an install algorithm that is deterministic and
reliable
题:
我不明白:当我编写npm install时,它会查看package.json并安装确切的版本,每个版本也根据自己的package.json安装其依赖项,依此类推
那么有什么不同(关于这个方面)
将会非常感谢“在没有纱线的情况下npm可能出错的情况”的情景示例
解决方法
{
“name”:“my_package”,
“版本”:“1.0.0”,
“依赖”:{
“my_dep”:“^ 1.0.0”
}
}
当你运行npm install时,它可以安装“my_dep”的版本1.0.0,1.1.0,1.2.0等,因为所有这些版本都满足package.json的要求.您最终可以在本地计算机上使用1.0.0版本,在测试环境中使用1.1.0.
纱线会自动创建一个yarn.lock文件,以确保始终安装相同版本的“my_dep”.它生成这样的东西:
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. # yarn lockfile v1 my_dep@^1.0.0: version "1.1.0" resolved "https://registry.npmjs.org/my_dep/-/my_dep-1.1.0.tgz#a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0"
Yarn将使用此文件将“my_dep”解析为1.1.0版,即使有新版本(1.2.0)可用.
All yarn.lock files should be checked into source control (e.g. git or mercurial). This allows Yarn to install the same exact dependency tree across all machines,whether it be your coworker’s laptop or a CI server.
参考文献:
https://docs.npmjs.com/getting-started/using-a-package.json
