我有一堆较旧的软件包(维护Angularjs(1.0)堆栈),安装时收到有关软件包过时版本的警告:
npm WARN deprecated bower@1.3.12: ...psst! Your project can stop working at any moment because its dependencies can change. Prevent this by migrating to Yarn: https://bower.io/
blog/2017/how-to-migrate-away-from-bower/
npm WARN deprecated babel-preset-es2015@6.24.1: Thanks for using Babel: we recommend using babel-preset-env now: please read babeljs.io/env to update!
npm WARN deprecated graceful-fs@3.0.11: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated minimatch@1.0.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated graceful-fs@2.0.3: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated tough-cookie@0.12.1: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130
npm WARN deprecated node-uuid@1.4.8: Use uuid module instead
npm WARN deprecated npmconf@2.1.2: this package has been reintegrated into npm and is now out of date with respect to npm
我如何找出哪个包裹将它们引入?
npm outdated什么也不返回。
npm prune不修剪任何东西。
package.json
{
"devDependencies": {
"babel-preset-env": "^1.6.1",
"browser-sync-webpack-plugin": "^2.2.2",
"copy-webpack-plugin": "^4.5.1",
"html-webpack-plugin": "^3.1.0",
"css-loader": "^0.28.11",
"file-loader": "^1.1.11",
"pug-html-loader": "^1.1.5",
"pug-loader": "^2.3.0",
"graceful-fs": "^4.1.11",
"minimatch": "^3.0.4",
"node-sass": "^4.8.3",
"sass-loader": "^6.0.7",
"style-loader": "^0.20.3",
"uglifyjs-webpack-plugin": "^1.2.4",
"webpack": "^4.3.0",
"webpack-cli": "^2.0.13",
"webpack-merge": "^4.1.2"
},
"dependencies": {
"@uirouter/angularjs": "latest",
"ajv": "^6.3.0",
"angular": "^1.6.9",
"angular-translate": "^2.17.0",
"babel-core": "^6.26.0",
"babel-loader": "^7.1.4",
"babel-plugin-transform-runtime": "^6.23.0",
"babel-register": "^6.26.0",
"brfs": "^1.5.0",
"browser-sync": "^2.23.6",
"debowerify": "^1.4.1",
"isparta": "^4.0.0",
"jshint": "^2.9.5",
"jshint-stylish": "^2.2.0",
"postcss-loader": "^2.1.3",
"pretty-hrtime": "^1.0.2",
"pug": "^2.0.3",
"tiny-lr": "^1.1.1"
}
}
ral*_*nja 12
你可以的npm ls。它将为您提供树状结构,显示依赖关系如何组合在一起。下面的例子:
lms@nuc ~/src/ralphtheninja/slump (master)
$ npm ls
slump@2.0.3 /home/lms/src/ralphtheninja/slump
??? bs58@4.0.1
? ??? base-x@3.0.4
? ??? safe-buffer@5.1.1 deduped
??? core-util-is@1.0.2
??? faucet@0.0.1
? ??? defined@0.0.0
? ??? duplexer@0.1.1
? ??? minimist@0.0.5
? ??? sprintf@0.1.5
? ??? tap-parser@0.4.3
? ? ??? inherits@2.0.3 deduped
? ? ??? readable-stream@1.1.14
? ? ??? core-util-is@1.0.2 deduped
? ? ??? inherits@2.0.3 deduped
? ? ??? isarray@0.0.1
? ? ??? string_decoder@0.10.31
? ??? tape@2.3.3
? ? ??? deep-equal@0.1.2
? ? ??? defined@0.0.0 deduped
? ? ??? inherits@2.0.3 deduped
? ? ??? jsonify@0.0.0
? ? ??? resumer@0.0.0 deduped
? ? ??? through@2.3.8 deduped
? ??? through2@0.2.3
? ??? readable-stream@1.1.14 deduped
? ??? xtend@2.1.2
? ??? object-keys@0.4.0
??? rc@1.2.6
? ??? deep-extend@0.4.2
? ??? ini@1.3.5
? ??? minimist@1.2.0
? ??? strip-json-comments@2.0.1
??? safe-buffer@5.1.1
如果您想知道特定的软件包,可以执行npm ls <package>,它将显示该子树。
您也可以这样做npm ls --json以json格式输出。如果您要以编程方式进行分析,则很有用。