NodeJS NPM:如何找到子包的父包?

brjng4g3  于 2023-03-22  发布在  Node.js
关注(0)|答案(3)|浏览(116)

我有一堆旧的包(维护Angularjs(1.0)堆栈),当我安装时,我收到关于过时版本的包的警告:

npm WARN deprecated bower@1.3.12: ...psst! Your project can stop working at any moment because its dependencies can change. Prevent this by migrating to Yarn: https://bower.io/
blog/2017/how-to-migrate-away-from-bower/
npm WARN deprecated babel-preset-es2015@6.24.1: 🙌  Thanks for using Babel: we recommend using babel-preset-env now: please read babeljs.io/env to update! 
npm WARN deprecated graceful-fs@3.0.11: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated minimatch@1.0.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated graceful-fs@2.0.3: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated tough-cookie@0.12.1: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130
npm WARN deprecated node-uuid@1.4.8: Use uuid module instead
npm WARN deprecated npmconf@2.1.2: this package has been reintegrated into npm and is now out of date with respect to npm

我怎么知道是哪个包裹把这些东西拉进来的?
npm outdated不返回任何内容。npm prune不删除任何内容。

包.json

{                                                           
  "devDependencies": {                                                          
    "babel-preset-env": "^1.6.1",                                                          
    "browser-sync-webpack-plugin": "^2.2.2",                                                          
    "copy-webpack-plugin": "^4.5.1",                                                          
    "html-webpack-plugin": "^3.1.0",                                                          
    "css-loader": "^0.28.11",                                                          
    "file-loader": "^1.1.11",                                                          
    "pug-html-loader": "^1.1.5",                                                          
    "pug-loader": "^2.3.0",                                                          
    "graceful-fs": "^4.1.11",                                                          
    "minimatch": "^3.0.4",                                                          
    "node-sass": "^4.8.3",                                                          
    "sass-loader": "^6.0.7",                                                          
    "style-loader": "^0.20.3",                                                          
    "uglifyjs-webpack-plugin": "^1.2.4",                                                          
    "webpack": "^4.3.0",                                                          
    "webpack-cli": "^2.0.13",                                                          
    "webpack-merge": "^4.1.2"                                                          
  },                                                    
  "dependencies": {                                                          
    "@uirouter/angularjs": "latest",
    "ajv": "^6.3.0",                                                         
    "angular": "^1.6.9",                                                          
    "angular-translate": "^2.17.0",                                                          
    "babel-core": "^6.26.0",                                                          
    "babel-loader": "^7.1.4",                                                          
    "babel-plugin-transform-runtime": "^6.23.0",                                                          
    "babel-register": "^6.26.0",                                                          
    "brfs": "^1.5.0",                                                          
    "browser-sync": "^2.23.6",                                                          
    "debowerify": "^1.4.1",                                                          
    "isparta": "^4.0.0",                                                          
    "jshint": "^2.9.5",                                                          
    "jshint-stylish": "^2.2.0",                                                          
    "postcss-loader": "^2.1.3",                                                          
    "pretty-hrtime": "^1.0.2",                                                          
    "pug": "^2.0.3",                                                          
    "tiny-lr": "^1.1.1"                                                          
  }                                                         
}
ffx8fchx

ffx8fchx1#

你可以做npm ls --all。它会给予你一个树结构,显示依赖关系是如何组合在一起的。下面的例子:

lms@nuc ~/src/ralphtheninja/slump (master)
$ npm ls --all                            
slump@2.0.3 /home/lms/src/ralphtheninja/slump
├─┬ bs58@4.0.1                 
│ └─┬ base-x@3.0.4                   
│   └── safe-buffer@5.1.1 deduped       
├── core-util-is@1.0.2             
├─┬ faucet@0.0.1              
│ ├── defined@0.0.0                  
│ ├── duplexer@0.1.1                    
│ ├── minimist@0.0.5                      
│ ├── sprintf@0.1.5                      
│ ├─┬ tap-parser@0.4.3
│ │ ├── inherits@2.0.3 deduped
│ │ └─┬ readable-stream@1.1.14
│ │   ├── core-util-is@1.0.2 deduped
│ │   ├── inherits@2.0.3 deduped
│ │   ├── isarray@0.0.1
│ │   └── string_decoder@0.10.31
│ ├─┬ tape@2.3.3
│ │ ├── deep-equal@0.1.2
│ │ ├── defined@0.0.0 deduped
│ │ ├── inherits@2.0.3 deduped
│ │ ├── jsonify@0.0.0
│ │ ├── resumer@0.0.0 deduped
│ │ └── through@2.3.8 deduped
│ └─┬ through2@0.2.3
│   ├── readable-stream@1.1.14 deduped
│   └─┬ xtend@2.1.2
│     └── object-keys@0.4.0
├─┬ rc@1.2.6
│ ├── deep-extend@0.4.2
│ ├── ini@1.3.5
│ ├── minimist@1.2.0
│ └── strip-json-comments@2.0.1
├── safe-buffer@5.1.1

如果你想知道一个特定的包,你可以执行npm ls <package>,这将显示子树。
你也可以执行npm ls --json来获取json格式的输出。如果你想以编程方式分析它,这很有用。
编辑:原始帖子建议使用npm ls,但较新版本的npm ls仅显示平面列表。

oewdyzsn

oewdyzsn2#

我建议您使用npm-check-updates升级依赖项。
您可以使用以下命令进行安装:npm install -g npm-check-updates
然后通过运行ncu给你一个过期包的报告,或者ncu -u更新package.json
关于ncuhere的更多信息。
否则,package-lock.json可以给予有关依赖项的依赖项的信息。或者,npm ls可以提供报告。

sqxo8psd

sqxo8psd3#

可以使用命令npm ls contextify PACKAGE_NAME
例如,我试图跟踪一个包的父包。包名为app-builder-bin

npm ls contextify app-builder-bin

我得到了波纹管输出:

+-- electron-builder@21.0.15
| `-- builder-util@21.0.15
|   `-- app-builder-bin@3.3.0
`-- electron-builder-squirrel-windows@22.14.13
  `-- builder-util@22.14.13
    `-- app-builder-bin@3.7.1

相关问题