diff options
Diffstat (limited to 'deps/npm/html/doc/files/package-lock.json.html')
-rw-r--r-- | deps/npm/html/doc/files/package-lock.json.html | 127 |
1 files changed, 127 insertions, 0 deletions
diff --git a/deps/npm/html/doc/files/package-lock.json.html b/deps/npm/html/doc/files/package-lock.json.html new file mode 100644 index 0000000000..57423161bd --- /dev/null +++ b/deps/npm/html/doc/files/package-lock.json.html @@ -0,0 +1,127 @@ +<!doctype html> +<html> + <title>package-lock.json</title> + <meta charset="utf-8"> + <link rel="stylesheet" type="text/css" href="../../static/style.css"> + <link rel="canonical" href="https://www.npmjs.org/doc/files/package-lock.json.html"> + <script async=true src="../../static/toc.js"></script> + + <body> + <div id="wrapper"> + +<h1><a href="../files/package-lock.json.html">package-lock.json</a></h1> <p>A manifestation of the manifest</p> +<h2 id="description">DESCRIPTION</h2> +<p><code>package-lock.json</code> is automatically generated for any operations where npm +modifies either the <code>node_modules</code> tree, or <code>package.json</code>. It describes the +exact tree that was generated, such that subsequent installs are able to +generate identical trees, regardless of intermediate dependency updates.</p> +<p>This file is intended to be committed into source repositories, and serves +various purposes:</p> +<ul> +<li><p>Describe a single representation of a dependency tree such that teammates, deployments, and continuous integration are guaranteed to install exactly the same dependencies.</p> +</li> +<li><p>Provide a facility for users to "time-travel" to previous states of <code>node_modules</code> without having to commit the directory itself.</p> +</li> +<li><p>To facilitate greater visibility of tree changes through readable source control diffs.</p> +</li> +<li><p>And optimize the installation process by allowing npm to skip repeated metadata resolutions for previously-installed packages.</p> +</li> +</ul> +<p>One key detail about <code>package-lock.json</code> is that it cannot be published, and it +will be ignored if found in any place other than the toplevel package. It shares +a format with <a href="../files/npm-shrinkwrap.json.html">npm-shrinkwrap.json(5)</a>, which is essentially the same file, but +allows publication. This is not recommended unless deploying a CLI tool or +otherwise using the publication process for producing production packages.</p> +<p>If both <code>package-lock.json</code> and <code>npm-shrinkwrap.json</code> are present in the root of +a package, <code>package-lock.json</code> will be completely ignored.</p> +<h2 id="file-format">FILE FORMAT</h2> +<h3 id="name">name</h3> +<p>The name of the package this is a package-lock for. This must match what's in +<code>package.json</code>.</p> +<h3 id="version">version</h3> +<p>The version of the package this is a package-lock for. This must match what's in +<code>package.json</code>.</p> +<h3 id="lockfileversion">lockfileVersion</h3> +<p>An integer version, starting at <code>1</code> with the version number of this document +whose semantics were used when generating this <code>package-lock.json</code>.</p> +<h3 id="packageintegrity">packageIntegrity</h3> +<p>This is a <a href="https://w3c.github.io/webappsec/specs/subresourceintegrity/">subresource +integrity</a> value +created from the <code>pacakge.json</code>. No preprocessing of the <code>package.json</code> should +be done. Subresource integrity strings can be produced by modules like +<a href="https://www.npmjs.com/package/ssri"><code>ssri</code></a>.</p> +<h3 id="preservesymlinks">preserveSymlinks</h3> +<p>Indicates that the install was done with the environment variable +<code>NODE_PRESERVE_SYMLINKS</code> enabled. The installer should insist that the value of +this property match that environment variable.</p> +<h3 id="dependencies">dependencies</h3> +<p>A mapping of package name to dependency object. Dependency objects have the +following properties:</p> +<h4 id="version">version</h4> +<p>This is a specifier that uniquely identifies this package and should be +usable in fetching a new copy of it.</p> +<ul> +<li>bundled dependencies: Regardless of source, this is a version number that is purely for informational purposes.</li> +<li>registry sources: This is a version number. (eg, <code>1.2.3</code>)</li> +<li>git sources: This is a git specifier with resolved committish. (eg, <code>git+https://example.com/foo/bar#115311855adb0789a0466714ed48a1499ffea97e</code>)</li> +<li>http tarball sources: This is the URL of the tarball. (eg, <code>https://example.com/example-1.3.0.tgz</code>)</li> +<li>local tarball sources: This is the file URL of the tarball. (eg <code>file:///opt/storage/example-1.3.0.tgz</code>)</li> +<li>local link sources: This is the file URL of the link. (eg <code>file:libs/our-module</code>)</li> +</ul> +<h4 id="integrity">integrity</h4> +<p>This is a <a href="https://w3c.github.io/webappsec/specs/subresourceintegrity/">Standard Subresource +Integrity</a> for this +resource.</p> +<ul> +<li>For bundled dependencies this is not included, regardless of source.</li> +<li>For registry sources, this is the <code>integrity</code> that the registry provided, or if one wasn't provided the SHA1 in <code>shasum</code>.</li> +<li>For git sources this is the specific commit hash we cloned from.</li> +<li>For remote tarball sources this is an integrity based on a SHA512 of +the file.</li> +<li>For local tarball sources: This is an integrity field based on the SHA512 of the file.</li> +</ul> +<h4 id="resolved">resolved</h4> +<ul> +<li>For bundled dependencies this is not included, regardless of source.</li> +<li>For registry sources this is path of the tarball relative to the registry +URL. If the tarball URL isn't on the same server as the registry URL then +this is a complete URL.</li> +</ul> +<h4 id="bundled">bundled</h4> +<p>If true, this is the bundled dependency and will be installed by the parent +module. When installing, this module will be extracted from the parent +module during the extract phase, not installed as a separate dependency.</p> +<h4 id="dev">dev</h4> +<p>If true then this dependency is either a development dependency ONLY of the +top level module or a transitive dependency of one. This is false for +dependencies that are both a development dependency of the top level and a +transitive dependency of a non-development dependency of the top level.</p> +<h4 id="optional">optional</h4> +<p>If true then this dependency is either an optional dependency ONLY of the +top level module or a transitive dependency of one. This is false for +dependencies that are both an optional dependency of the top level and a +transitive dependency of a non-optional dependency of the top level.</p> +<p>All optional dependencies should be included even if they're uninstallable +on the current platform.</p> +<h4 id="dependencies">dependencies</h4> +<p>The dependencies of this dependency, exactly as at the top level.</p> +<h2 id="see-also">SEE ALSO</h2> +<ul> +<li><a href="../cli/npm-shrinkwrap.html">npm-shrinkwrap(1)</a></li> +<li><a href="../files/package-lock.json.html">package-lock.json(5)</a></li> +<li><a href="../files/package.json.html">package.json(5)</a></li> +<li><a href="../cli/npm-install.html">npm-install(1)</a></li> +</ul> + +</div> + +<table border=0 cellspacing=0 cellpadding=0 id=npmlogo> +<tr><td style="width:180px;height:10px;background:rgb(237,127,127)" colspan=18> </td></tr> +<tr><td rowspan=4 style="width:10px;height:10px;background:rgb(237,127,127)"> </td><td style="width:40px;height:10px;background:#fff" colspan=4> </td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=4> </td><td style="width:40px;height:10px;background:#fff" colspan=4> </td><td rowspan=4 style="width:10px;height:10px;background:rgb(237,127,127)"> </td><td colspan=6 style="width:60px;height:10px;background:#fff"> </td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=4> </td></tr> +<tr><td colspan=2 style="width:20px;height:30px;background:#fff" rowspan=3> </td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=3> </td><td style="width:10px;height:10px;background:#fff" rowspan=3> </td><td style="width:20px;height:10px;background:#fff" rowspan=4 colspan=2> </td><td style="width:10px;height:20px;background:rgb(237,127,127)" rowspan=2> </td><td style="width:10px;height:10px;background:#fff" rowspan=3> </td><td style="width:20px;height:10px;background:#fff" rowspan=3 colspan=2> </td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=3> </td><td style="width:10px;height:10px;background:#fff" rowspan=3> </td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=3> </td></tr> +<tr><td style="width:10px;height:10px;background:#fff" rowspan=2> </td></tr> +<tr><td style="width:10px;height:10px;background:#fff"> </td></tr> +<tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6> </td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)"> </td></tr> +<tr><td colspan=5 style="width:50px;height:10px;background:#fff"> </td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4> </td><td style="width:90px;height:10px;background:#fff" colspan=9> </td></tr> +</table> +<p id="footer">package-lock.json — npm@5.0.0</p> |