mirror of
https://github.com/titanscouting/tra-analysis.git
synced 2025-09-08 15:57:21 +00:00
push all website files
This commit is contained in:
Jacob Levine
153
website/node_modules/npm/man/man5/package-lock.json.5
generated
vendored
Normal file
153
website/node_modules/npm/man/man5/package-lock.json.5
generated
vendored
Normal file
@@ -0,0 +1,153 @@
|
||||
.TH "PACKAGE\-LOCK\.JSON" "5" "December 2018" "" ""
|
||||
.SH "NAME"
|
||||
\fBpackage-lock.json\fR \- A manifestation of the manifest
|
||||
.SH DESCRIPTION
|
||||
.P
|
||||
\fBpackage\-lock\.json\fP is automatically generated for any operations where npm
|
||||
modifies either the \fBnode_modules\fP tree, or \fBpackage\.json\fP\|\. It describes the
|
||||
exact tree that was generated, such that subsequent installs are able to
|
||||
generate identical trees, regardless of intermediate dependency updates\.
|
||||
.P
|
||||
This file is intended to be committed into source repositories, and serves
|
||||
various purposes:
|
||||
.RS 0
|
||||
.IP \(bu 2
|
||||
Describe a single representation of a dependency tree such that teammates, deployments, and continuous integration are guaranteed to install exactly the same dependencies\.
|
||||
.IP \(bu 2
|
||||
Provide a facility for users to "time\-travel" to previous states of \fBnode_modules\fP without having to commit the directory itself\.
|
||||
.IP \(bu 2
|
||||
To facilitate greater visibility of tree changes through readable source control diffs\.
|
||||
.IP \(bu 2
|
||||
And optimize the installation process by allowing npm to skip repeated metadata resolutions for previously\-installed packages\.
|
||||
|
||||
.RE
|
||||
.P
|
||||
One key detail about \fBpackage\-lock\.json\fP is that it cannot be published, and it
|
||||
will be ignored if found in any place other than the toplevel package\. It shares
|
||||
a format with npm help 5 shrinkwrap\.json, which is essentially the same file, but
|
||||
allows publication\. This is not recommended unless deploying a CLI tool or
|
||||
otherwise using the publication process for producing production packages\.
|
||||
.P
|
||||
If both \fBpackage\-lock\.json\fP and \fBnpm\-shrinkwrap\.json\fP are present in the root of
|
||||
a package, \fBpackage\-lock\.json\fP will be completely ignored\.
|
||||
.SH FILE FORMAT
|
||||
.SS name
|
||||
.P
|
||||
The name of the package this is a package\-lock for\. This must match what's in
|
||||
\fBpackage\.json\fP\|\.
|
||||
.SS version
|
||||
.P
|
||||
The version of the package this is a package\-lock for\. This must match what's in
|
||||
\fBpackage\.json\fP\|\.
|
||||
.SS lockfileVersion
|
||||
.P
|
||||
An integer version, starting at \fB1\fP with the version number of this document
|
||||
whose semantics were used when generating this \fBpackage\-lock\.json\fP\|\.
|
||||
.SS packageIntegrity
|
||||
.P
|
||||
This is a subresource
|
||||
integrity \fIhttps://w3c\.github\.io/webappsec/specs/subresourceintegrity/\fR value
|
||||
created from the \fBpackage\.json\fP\|\. No preprocessing of the \fBpackage\.json\fP should
|
||||
be done\. Subresource integrity strings can be produced by modules like
|
||||
\fBssri\fP \fIhttps://www\.npmjs\.com/package/ssri\fR\|\.
|
||||
.SS preserveSymlinks
|
||||
.P
|
||||
Indicates that the install was done with the environment variable
|
||||
\fBNODE_PRESERVE_SYMLINKS\fP enabled\. The installer should insist that the value of
|
||||
this property match that environment variable\.
|
||||
.SS dependencies
|
||||
.P
|
||||
A mapping of package name to dependency object\. Dependency objects have the
|
||||
following properties:
|
||||
.SS version
|
||||
.P
|
||||
This is a specifier that uniquely identifies this package and should be
|
||||
usable in fetching a new copy of it\.
|
||||
.RS 0
|
||||
.IP \(bu 2
|
||||
bundled dependencies: Regardless of source, this is a version number that is purely for informational purposes\.
|
||||
.IP \(bu 2
|
||||
registry sources: This is a version number\. (eg, \fB1\.2\.3\fP)
|
||||
.IP \(bu 2
|
||||
git sources: This is a git specifier with resolved committish\. (eg, \fBgit+https://example\.com/foo/bar#115311855adb0789a0466714ed48a1499ffea97e\fP)
|
||||
.IP \(bu 2
|
||||
http tarball sources: This is the URL of the tarball\. (eg, \fBhttps://example\.com/example\-1\.3\.0\.tgz\fP)
|
||||
.IP \(bu 2
|
||||
local tarball sources: This is the file URL of the tarball\. (eg \fBfile:///opt/storage/example\-1\.3\.0\.tgz\fP)
|
||||
.IP \(bu 2
|
||||
local link sources: This is the file URL of the link\. (eg \fBfile:libs/our\-module\fP)
|
||||
|
||||
.RE
|
||||
.SS integrity
|
||||
.P
|
||||
This is a Standard Subresource
|
||||
Integrity \fIhttps://w3c\.github\.io/webappsec/specs/subresourceintegrity/\fR for this
|
||||
resource\.
|
||||
.RS 0
|
||||
.IP \(bu 2
|
||||
For bundled dependencies this is not included, regardless of source\.
|
||||
.IP \(bu 2
|
||||
For registry sources, this is the \fBintegrity\fP that the registry provided, or if one wasn't provided the SHA1 in \fBshasum\fP\|\.
|
||||
.IP \(bu 2
|
||||
For git sources this is the specific commit hash we cloned from\.
|
||||
.IP \(bu 2
|
||||
For remote tarball sources this is an integrity based on a SHA512 of
|
||||
the file\.
|
||||
.IP \(bu 2
|
||||
For local tarball sources: This is an integrity field based on the SHA512 of the file\.
|
||||
|
||||
.RE
|
||||
.SS resolved
|
||||
.RS 0
|
||||
.IP \(bu 2
|
||||
For bundled dependencies this is not included, regardless of source\.
|
||||
.IP \(bu 2
|
||||
For registry sources this is path of the tarball relative to the registry
|
||||
URL\. If the tarball URL isn't on the same server as the registry URL then
|
||||
this is a complete URL\.
|
||||
|
||||
.RE
|
||||
.SS bundled
|
||||
.P
|
||||
If true, this is the bundled dependency and will be installed by the parent
|
||||
module\. When installing, this module will be extracted from the parent
|
||||
module during the extract phase, not installed as a separate dependency\.
|
||||
.SS dev
|
||||
.P
|
||||
If true then this dependency is either a development dependency ONLY of the
|
||||
top level module or a transitive dependency of one\. This is false for
|
||||
dependencies that are both a development dependency of the top level and a
|
||||
transitive dependency of a non\-development dependency of the top level\.
|
||||
.SS optional
|
||||
.P
|
||||
If true then this dependency is either an optional dependency ONLY of the
|
||||
top level module or a transitive dependency of one\. This is false for
|
||||
dependencies that are both an optional dependency of the top level and a
|
||||
transitive dependency of a non\-optional dependency of the top level\.
|
||||
.P
|
||||
All optional dependencies should be included even if they're uninstallable
|
||||
on the current platform\.
|
||||
.SS requires
|
||||
.P
|
||||
This is a mapping of module name to version\. This is a list of everything
|
||||
this module requires, regardless of where it will be installed\. The version
|
||||
should match via normal matching rules a dependency either in our
|
||||
\fBdependencies\fP or in a level higher than us\.
|
||||
.SS dependencies
|
||||
.P
|
||||
The dependencies of this dependency, exactly as at the top level\.
|
||||
.SH SEE ALSO
|
||||
.RS 0
|
||||
.IP \(bu 2
|
||||
npm help shrinkwrap
|
||||
.IP \(bu 2
|
||||
npm help 5 shrinkwrap\.json
|
||||
.IP \(bu 2
|
||||
npm help 5 package\-locks
|
||||
.IP \(bu 2
|
||||
npm help 5 package\.json
|
||||
.IP \(bu 2
|
||||
npm help install
|
||||
|
||||
.RE
|
||||
|
||||
Reference in New Issue
Block a user