Difference between direct / npm 5 lockfiles and exact package versions?

Question

Difference between direct / npm 5 lockfiles and exact package versions?

My simple question is: why can't I use the exact versions in my package.json? How is this different from a lock file?

+6

npm yarnpkg

user2061057 May 31 '17 at 6:05

source share

1 answer

pzuraq · Accepted Answer · 2017-05-31T15:41:09+0000

The main difference is that lockfiles also blocks nested dependencies - all the dependencies of your dependencies, etc. Managing and tracking all of these changes can be incredibly difficult, and the number of packages used can increase exponentially.

, , - , foo ~1.0.0 ~2.0.0 . , API foo @v1 API foo @v2, , .

, : " semver? ?" semver , , . foo, foo bar, bar , , , foo . foo bar , foo , , (-, Java-land).

, , . - , , , , , , PR , , PR , . , .

, !

Difference between direct / npm 5 lockfiles and exact package versions?

More articles: