- Iindawo zokusebenza (
Indawo zokusebenza ), ikuvumela ukuba udibanise ukuxhomekeka kwiipakethe ezininzi kwiphakheji enye ukuzifaka kwinqanaba elinye. - Ukufakwa ngokuzenzekelayo
ukuxhomekeka koontanga (isetyenziswa kwiiplagi ukumisela iipakethe ezisisiseko ukuba iphakheji yangoku yenzelwe ukusebenza nayo, nokuba ayisetyenziswanga ngqo kuyo). Ukuxhomekeka koontanga kucacisiwe kwifayile ye-package.json kwicandelo elithi "peerDependencies". Ngaphambili, ukuxhomekeka okunjalo kwakufakwe ngesandla ngabaphuhlisi, kodwa i-NPM 7.0 isebenzisa i-algorithm yokuqinisekisa ukuba ukuxhomekeka koontanga okuchazwe ngokuchanekileyo kufumaneka kwinqanaba elifanayo okanye ngaphezulu kwephakheji exhomekeke kumthi we-node_modules. - Inguqulelo yesibini yefomati yokutshixa (i-package-lock v2) kunye nenkxaso yefayile yokutshixa i-yarn.lock. Ifomathi entsha ivumela ukwakhiwa okuphindaphindayo kwaye ibandakanya yonke into efunekayo ukwakha ngokupheleleyo umthi wephakheji. I-NPM inokuphinda isebenzise iifayile ze-yarn.lock njengomthombo wemetadata yephakheji kunye nolwazi lokutshixa.
- Ukulungiswa okubalulekileyo kwamacandelo angaphakathi kuye kwenziwa, okujoliswe ekwahluleni ukusebenza ukwenza lula ukugcinwa kunye nokwandisa ukuthembeka. Umzekelo, ikhowudi yokuhlola kunye nokulawula umthi we-node_modules uhanjiswe kwimodyuli eyahlukileyo
IArborist . - Sitshintshele ekusebenziseni iphakheji.impahla ethunyelwa ngaphandle, eyenza kube nzima ukudibanisa iimodyuli zangaphakathi nge-require () ifowuni.
- Iphakheji ibhalwe ngokutsha ngokupheleleyo
npx , esebenzisa ngoku "npm exec" umyalelo wokuqhuba ukuphunyezwa kwiipakethe. - Isiphumo somyalelo we-"npm audit" sitshintshwe kakhulu, xa imveliso ikwifomathi efundekayo yabantu naxa imowudi "--json" ikhethiwe.
umthombo: opennet.ru