1、npm install
1.1 Command usage
npm install [<package-spec> ...]
别名: add, i, in, ins, inst, insta, instal, isnt, isnta, isntal, isntall
This command installs a package and any packages it depends on. If the package has a package-lock file, or an npm-shrinkwrap file, or a yarn.lock file, the dependency installation will be driven by it, following the following order of precedence:
npm-shrinkwrap.json
package-lock.json
yarn.lock
包(package)
yes:
- (a) A folder containing a program described by a package.json file
- (b) A gzipped tarball containing (a)
- (c) resolves to the url of (b)
- (d) Published on the registry
<name>@<version>
with (c) - (e) points to (d)
<name>@<tag>
- (f) With the "latest" tag that satisfies (e)
<name>
- (g) solves to (a)
<git remote url>
Even if you never publish your package, you can still get many of the benefits of using npm if you just want to write a node program (a), and maybe you also want to be able to easily install it into a tarball after packaging (b).
-
npm install
:Install dependencies to a local
node_modules
folder.In global mode (i.e., with
-g
or--global
appended to the command), it installs the current package context (i.e., the current working directory) as a global package.By default,
npm install
all modules listed as dependencies in package.json will be installed.With
--production
the flag (or whenNODE_ENV
the environment variable is setproduction
to ), npm will not installdevDependencies
modules listed in . To install all modules listed in and when theNODE_ENV
environment variable is set to , you can use .production
dependencies
devDependencies
--production=false
--production
Note: The flags have no special meaning when adding dependencies to your project .
npm install <folder>
:
If <folder>
located in the root of the project, its dependencies will be installed and may be hoisted to the top level like other types of dependencies node_modules
. npm will not install package dependencies in the directory if <folder>
located outside the root of the project , but it will create symbolic links to them.<folder>
<folder>
Note: If you want to install the contents of a directory (such as a package) from the registry rather than creating a link, you need to use
--install-links
the option.
Example:
Dependencies are installed on top of it. If installed in the currently specified directory, add the corresponding parameters as follows:
The corresponding package is installed directly, not a link is created.
npm install <tarball file>
:
Install packages located on the file system. Note: If you just want to link a dev directory to your npm root directory, you can use npm link npm link npm link to do this more easily.
Compression package requirements:
-
The file name must use
.tar
,.tar.gz
or.tgz
as an extension. -
The package contents should be located in a subfolder within the tarball (usually called a tarball
package/
). npm strips off a directory layer when installing a package (tar x --strip-components=1
the equivalent of running). -
The package must contain files with
name
andversion
attributespackage.json
.Example:
npm install qs-6.11.2.tgz
npm install <tarball url>
:
Get the tarball url and install it. To distinguish this option from other options, the parameter must start with "http://" or "https://"
Example:
npm install [<@scope>/]<name>
:
Install <name>@<tag>
, where <tag>
is the "tag" configuration. (The configured default is latest
.)
In most cases this will install latest
the version of the module marked on the npm registry.
Example:
npm install qs
By default, npm install
any specified package is saved to dependencies
. Additionally, you can use some additional flags to control where and how they are saved:
-
-P, --save-prod
: The package will appear in yourdependencies
. This is the default unless-D
or is present-O
. -
-D, --save-dev
: The package will appear in yourdevDependencies
. -
-O, --save-optional
: The package will appear in youroptionalDependencies
. -
--no-save
: Prevent saving todependencies
.When saving dependencies to package.json using any of the above options, there are two additional optional flags:
-
-E, --save-exact
: Saved dependencies will be configured with the exact version instead of using npm's default semver range operator. -
-B, --save-bundle
: The saved dependencies will also be added to yourbundleDependencies
list.Also, if you have
npm-shrinkwrap.json
orpackage-lock.json
, then it will also be updated.<scope>
is optional. The package will be downloaded from the registry associated with the specified scope. If no registry is associated with the given scope, the default registry is assumed.Note: If you don't include the @ symbol in the scope name, npm will interpret it as a GitHub repository, see below. The range name must also be followed by a slash.
example:
-
npm install sax npm install githubname/reponame npm install @myorg/privatepackage npm install node-tap --save-dev npm install dtrace-provider --save-optional npm install readable-stream --save-exact npm install ansi-regex --save-bundle
npm install <alias>@npm:<name>
:Install the package under a custom alias. Allows side-by-side multiple versions of packages with the same name, easier importing of other packages with long names, and the use of git forks or forked npm packages as replacements. Aliases only apply to your project and will not rename packages in transitive dependencies.
-
example:
npm install my-react@npm:react npm install jquery2@npm:jquery@2 npm install jquery3@npm:jquery@3 npm install npa@npm:npm-package-arg
npm install [<@scope>/]<name>@<tag>
:Installs the version of the package referenced by the specified label. If the tag does not exist in the package's registry data, this operation will fail.
Example:
npm install sax@latest npm install @myorg/mypackage@latest
npm install [<@scope>/]<name>@<version>
:Install the specified version of the package. This will fail if the version has not yet been published to the registry.
Example:
npm install [email protected] npm install @myorg/[email protected]
npm install [<@scope>/]<name>@<version range>
:Installs a package version that matches the specified version range. This will follow the same rules for resolving dependencies described in package.json.
Note that most version ranges must be placed in quotes in order for your shell to treat them as a single argument.
Example:
npm install sax@">=0.1.0 <0.2.0" npm install @myorg/privatepackage@"16 - 17"
npm install <git remote url>
:Install the package from a hosted git provider and
git
clone it using . For a full git remote URL, only that URL will be tried.<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>[#<commit-ish> | #semver:<semver>]
<protocol>
Is one ofgit
,git+ssh
,git+http
,git+https
orgit+file
.If provided
#<commit-ish>
, it will be used to clone exactly that commit. If commit-ish is of the form#semver:<semver>
,<semver>
which can be any valid semver scope or exact version, npm will look in the remote repository for any tags or references matching that scope, just like it does for registry dependencies. If neither is specified#<commit-ish>
,#semver:<semver>
the default branch of the repository is used.If the repository uses submodules, these will also be cloned.
If the package being installed contains
prepare
a script, itsdependencies
sum is installed anddevDependencies
the preparation script is run before the package is packaged and installed.The following git environment variables are recognized by npm and added to the environment when running git:
-
GIT_ASKPASS
-
GIT_EXEC_PATH
-
GIT_PROXY_COMMAND
-
GIT_SSH
-
GIT_SSH_COMMAND
-
GIT_SSL_CAINFO
-
GIT_SSL_NO_VERIFY
example:
npm install git+ssh://[email protected]:npm/cli.git#v1.0.27
npm install git+ssh://[email protected]:npm/cli#pull/273
npm install git+ssh://[email protected]:npm/cli#semver:^5.0
npm install git+https://[email protected]/npm/cli.git
npm install git://github.com/npm/cli.git#v1.0.27
GIT_SSH_COMMAND='ssh -i ~/.ssh/custom_ident' npm install git+ssh://[email protected]:npm/cli.git
-
npm install <githubname>/<githubrepo>[#<commit-ish>]
: -
npm install github:<githubname>/<githubrepo>[#<commit-ish>]
:By trying to
git
clone it using ,https://github.com/githubname/githubrepo
install the package.If provided
#<commit-ish>
, it will be used to clone exactly that commit. If commit-ish is of the form#semver:<semver>
,<semver>
which can be any valid semver scope or exact version, npm will look in the remote repository for any tags or references matching that scope, just like it does for registry dependencies. If neither is specified#<commit-ish>
,#semver:<semver>
the default branch is used.prepare
As with regular git dependencies, if the package has scripts before the installation is complete , thedependencies
anddevDependencies
.example:
npm install mygithubuser/myproject npm install github:mygithubuser/myproject
npm install gist:[<githubname>/]<gistID>[#<commit-ish>|#semver:<semver>]
:By trying to
git
clone it using ,https://gist.github.com/gistID
install the package. The GitHub username associated with the gist is optional and will not be savedpackage.json
.prepare
As with regular git dependencies, if the package has scripts before the installation is complete , thedependencies
anddevDependencies
.Example:
npm install gist:101a11beef
-
npm install bitbucket:<bitbucketname>/<bitbucketrepo>[#<commit-ish>]
:By trying to
git
clone it using ,https://bitbucket.org/bitbucketname/bitbucketrepo
install the package.If provided
#<commit-ish>
, it will be used to clone exactly that commit. If commit-ish is of the form#semver:<semver>
,<semver>
which can be any valid semver scope or exact version, npm will look in the remote repository for any tags or references matching that scope, just like it does for registry dependencies. If neither specified#<commit-ish>
nor specified#semver:<semver>
, it is usedmaster
.prepare
As with regular git dependencies, if the package has scripts before the installation is complete , thedependencies
anddevDependencies
.Example:
npm install bitbucket:mybitbucketuser/myproject
-
npm install gitlab:<gitlabname>/<gitlabrepo>[#<commit-ish>]
:By trying to
git
clone it using ,https://gitlab.com/gitlabname/gitlabrepo
install the package.If provided
#<commit-ish>
, it will be used to clone exactly that commit. If commit-ish is of the form#semver:<semver>
,<semver>
which can be any valid semver scope or exact version, npm will look in the remote repository for any tags or references matching that scope, just like it does for registry dependencies. If neither specified#<commit-ish>
nor specified#semver:<semver>
, it is usedmaster
.prepare
As with regular git dependencies, if the package has scripts before the installation is complete , thedependencies
anddevDependencies
.Example:
npm install gitlab:mygitlabuser/myproject npm install gitlab:myusr/myproj#semver:^5.0
You can combine multiple parameters, even multiple types of parameters. For example:
npm install sax@">=0.1.0 <0.2.0" bench supervisor
--tag
The parameters will apply to all specified installation targets. If a tag with the given name exists, the tag's version takes precedence over newer versions.--dry-run
The parameters will report in the usual way what the installation would have done without actually installing anything.--package-lock-only
Parameters are only updatedpackage-lock.json
, rather than checkingnode_modules
and downloading dependencies.-f
or--force
parameter will force npm to fetch the remote resource even if a local copy exists on disk.npm install sax --force