npm - 当相关包保持不变时,为什么 package.lock 文件要求部分会更改?
问题描述
这种package-lock.json
变化如何可能:
前:
...
"chokidar": {
"version": "1.7.0",
"resolved": "https://registry.npmjs.org/chokidar/-/chokidar-1.7.0.tgz",
"integrity": "sha1-eY5ol3gVHIB2tLNg5e3SjNortGg=",
"requires": {
"anymatch": "1.3.2",
"async-each": "1.0.3",
"glob-parent": "2.0.0",
"inherits": "2.0.4",
"is-binary-path": "1.0.1",
"is-glob": "2.0.1",
"path-is-absolute": "1.0.1",
"readdirp": "2.2.1"
}
},
...
后:
...
"chokidar": {
"version": "1.7.0",
"resolved": "https://registry.npmjs.org/chokidar/-/chokidar-1.7.0.tgz",
"integrity": "sha1-eY5ol3gVHIB2tLNg5e3SjNortGg=",
"requires": {
"anymatch": "^1.3.0",
"async-each": "^1.0.0",
"fsevents": "^1.0.0",
"glob-parent": "^2.0.0",
"inherits": "^2.0.1",
"is-binary-path": "^1.0.0",
"is-glob": "^2.0.0",
"path-is-absolute": "^1.0.0",
"readdirp": "^2.0.0"
}
},
...
这发生在 docker 容器内——所以平台不是问题。完整性字段匹配 - 所以WTF。所需的版本发生了变化(可能是npm audit
),但作为要求的 fsevents 是新的,而包没有更改。任何人都可以给我一个线索吗?