我有一个package.json,黄瓜列为devDependency.黄瓜依赖于黄瓜-html.出于某种原因,当我在我的项目上运行npm-shrinkwrap时,cuc-html包含在npm-shrinkwrap.json中.有没有办法防止这种情况发生? 的package.j
的package.json
"dependencies": {
"bcrypt": "*",
"bluebird": "2.2.1",
"body-parser": "~1.12.0",
"compression": "*",
"cookie-parser": "~1.3.4",
"debug": "~2.1.1",
"etag": "*",
"express": "~4.12.2",
"interpolate": "*",
"jade": "~1.9.2",
"jwt-simple": "*",
"lockdown": "0.0.6",
"lodash": "*",
"moment": "*",
"morgan": "~1.5.1",
"nano": "*",
"node-rest-client": "*",
"node-uuid": "*",
"nodemailer": "*",
"passport": "*",
"passport-jwt": "thedewpoint/passport-jwt",
"passport-local": "*",
"q": "*",
"serve-favicon": "~2.2.0",
"validator": "*"
},
"devDependencies": {
"add-stream": "^1.0.0",
"gulp": "^3.9.0",
"gulp-angular-templatecache": "^1.7.0",
"gulp-concat": "^2.6.0",
"gulp-if": "^1.2.5",
"gulp-image-optimization": "^0.1.3",
"gulp-minify-css": "^1.2.0",
"gulp-minify-html": "^1.0.4",
"gulp-uglify": "^1.2.0",
"gulp-useref": "^1.3.0",
"cucumber": "^0.5.2"
}
NPM-shrinkwrap.json
"cucumber-html": {
"version": "0.2.3",
"from": "cucumber-html@0.2.3",
"resolved": "https://registry.npmjs.org/cucumber-html/-/cucumber-html-0.2.3.tgz"
},
谢谢
我不确定我理解为什么每个人都认为这是一个问题.这是npm-shrinkwrap背后的重点.它在文档中说它以递归方式锁定每个依赖项.因此,它锁定传递依赖的事实是预期的行为.要回答原始问题,文档并不表示这是可能的,除非通过将依赖项安装到源代码控制中来自行完成所有操作.