Simple email application for Android. Original source code: https://framagit.org/dystopia-project/simple-email
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

142 lines
5.5 KiB

  1. package-lock.json(5) -- A manifestation of the manifest
  2. =====================================================
  3. ## DESCRIPTION
  4. `package-lock.json` is automatically generated for any operations where npm
  5. modifies either the `node_modules` tree, or `package.json`. It describes the
  6. exact tree that was generated, such that subsequent installs are able to
  7. generate identical trees, regardless of intermediate dependency updates.
  8. This file is intended to be committed into source repositories, and serves
  9. various purposes:
  10. * Describe a single representation of a dependency tree such that teammates, deployments, and continuous integration are guaranteed to install exactly the same dependencies.
  11. * Provide a facility for users to "time-travel" to previous states of `node_modules` without having to commit the directory itself.
  12. * To facilitate greater visibility of tree changes through readable source control diffs.
  13. * And optimize the installation process by allowing npm to skip repeated metadata resolutions for previously-installed packages.
  14. One key detail about `package-lock.json` is that it cannot be published, and it
  15. will be ignored if found in any place other than the toplevel package. It shares
  16. a format with npm-shrinkwrap.json(5), which is essentially the same file, but
  17. allows publication. This is not recommended unless deploying a CLI tool or
  18. otherwise using the publication process for producing production packages.
  19. If both `package-lock.json` and `npm-shrinkwrap.json` are present in the root of
  20. a package, `package-lock.json` will be completely ignored.
  21. ## FILE FORMAT
  22. ### name
  23. The name of the package this is a package-lock for. This must match what's in
  24. `package.json`.
  25. ### version
  26. The version of the package this is a package-lock for. This must match what's in
  27. `package.json`.
  28. ### lockfileVersion
  29. An integer version, starting at `1` with the version number of this document
  30. whose semantics were used when generating this `package-lock.json`.
  31. ### packageIntegrity
  32. This is a [subresource
  33. integrity](https://w3c.github.io/webappsec/specs/subresourceintegrity/) value
  34. created from the `package.json`. No preprocessing of the `package.json` should
  35. be done. Subresource integrity strings can be produced by modules like
  36. [`ssri`](https://www.npmjs.com/package/ssri).
  37. ### preserveSymlinks
  38. Indicates that the install was done with the environment variable
  39. `NODE_PRESERVE_SYMLINKS` enabled. The installer should insist that the value of
  40. this property match that environment variable.
  41. ### dependencies
  42. A mapping of package name to dependency object. Dependency objects have the
  43. following properties:
  44. #### version
  45. This is a specifier that uniquely identifies this package and should be
  46. usable in fetching a new copy of it.
  47. * bundled dependencies: Regardless of source, this is a version number that is purely for informational purposes.
  48. * registry sources: This is a version number. (eg, `1.2.3`)
  49. * git sources: This is a git specifier with resolved committish. (eg, `git+https://example.com/foo/bar#115311855adb0789a0466714ed48a1499ffea97e`)
  50. * http tarball sources: This is the URL of the tarball. (eg, `https://example.com/example-1.3.0.tgz`)
  51. * local tarball sources: This is the file URL of the tarball. (eg `file:///opt/storage/example-1.3.0.tgz`)
  52. * local link sources: This is the file URL of the link. (eg `file:libs/our-module`)
  53. #### integrity
  54. This is a [Standard Subresource
  55. Integrity](https://w3c.github.io/webappsec/specs/subresourceintegrity/) for this
  56. resource.
  57. * For bundled dependencies this is not included, regardless of source.
  58. * For registry sources, this is the `integrity` that the registry provided, or if one wasn't provided the SHA1 in `shasum`.
  59. * For git sources this is the specific commit hash we cloned from.
  60. * For remote tarball sources this is an integrity based on a SHA512 of
  61. the file.
  62. * For local tarball sources: This is an integrity field based on the SHA512 of the file.
  63. #### resolved
  64. * For bundled dependencies this is not included, regardless of source.
  65. * For registry sources this is path of the tarball relative to the registry
  66. URL. If the tarball URL isn't on the same server as the registry URL then
  67. this is a complete URL.
  68. #### bundled
  69. If true, this is the bundled dependency and will be installed by the parent
  70. module. When installing, this module will be extracted from the parent
  71. module during the extract phase, not installed as a separate dependency.
  72. #### dev
  73. If true then this dependency is either a development dependency ONLY of the
  74. top level module or a transitive dependency of one. This is false for
  75. dependencies that are both a development dependency of the top level and a
  76. transitive dependency of a non-development dependency of the top level.
  77. #### optional
  78. If true then this dependency is either an optional dependency ONLY of the
  79. top level module or a transitive dependency of one. This is false for
  80. dependencies that are both an optional dependency of the top level and a
  81. transitive dependency of a non-optional dependency of the top level.
  82. All optional dependencies should be included even if they're uninstallable
  83. on the current platform.
  84. #### requires
  85. This is a mapping of module name to version. This is a list of everything
  86. this module requires, regardless of where it will be installed. The version
  87. should match via normal matching rules a dependency either in our
  88. `dependencies` or in a level higher than us.
  89. #### dependencies
  90. The dependencies of this dependency, exactly as at the top level.
  91. ## SEE ALSO
  92. * npm-shrinkwrap(1)
  93. * npm-shrinkwrap.json(5)
  94. * npm-package-locks(5)
  95. * package.json(5)
  96. * npm-install(1)