英文:
Docker and NPM install
问题
Sure, here's the translation:
出于好奇,package.json中的^版本依赖项是否会导致Docker重新运行npm install层?
假设有一个Docker文件如下:
FROM `SOME_BASE`
COPY package.json /app/
RUN npm i --legacy-peer-deps --force
在依赖项版本中使用^或任何semver前缀版本是否会导致这种情况发生?
英文:
Out of curiosity. Can the ^version for dependencies in the package.json cause the npm install layer to be re-run by Docker.
Given a docker file like
FROM `SOME_BASE`
COPY package.json /app/
RUN npm i --legacy-peer-deps --force
Could having the dependencies versions with ^ or any semver prefix versioning cause this?
答案1
得分: 2
Docker 不了解它 COPY 到镜像中的文件的内容。它仅保存其内容的哈希值。
使用您展示的 Dockerfile,如果运行 docker build 两次,只有在基础镜像已更改或package.json 的内容已更改时,npm i 命令才会重新运行。如果两者都没有更改,则将重用先前构建的缓存应用程序依赖项。在这里使用的 semver 约束形式无关紧要。
通常最好也将 package-lock.json 文件复制到镜像中。无论您在 package.json 中列出了什么,锁定文件都会包含使用的确切包版本。这使得类似这样的问题更清晰:锁定文件必须列出相同的确切包版本,才能使用缓存的 node_modules。
英文:
Docker doesn't know anything about the contents of the files it COPYs into images. It saves a hash of their contents but that's it.
With the Dockerfile you've shown, if you run docker build twice, the npm i command will be re-run if the base image has changed or the contents of package.json have changed. If neither thing has changed, then it will reuse the cached application dependencies from the previous build. The form of semver constraint you use doesn't matter here.
It's usually a good practice to also copy the package-lock.json file into the image. Regardless of what you have listed in package.json, the lock file will include the exact package versions that are used. This makes questions like this a little clearer: the lock file has to list the same exact package versions for the cached node_modules to be used.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论