词典
构建脚本
¥Build Scripts
指的是软件包安装后立即执行的任务;通常是清单中 scripts 字段中配置的 postinstall 脚本。
¥Refers to tasks executed right after the packages got installed; typically the postinstall scripts configured in the scripts field from the manifest.
构建脚本应留给原生依赖,纯 JavaScript 包几乎没有理由使用它们。它们在用户的项目上有 重大副作用,因此请仔细权衡是否真的需要它们。
¥Build scripts should be left to native dependencies, there is virtually no reason for pure JavaScript packages to use them. They have significant side effects on your user's projects, so weight carefully whether you really need them.
另请参阅:生命周期脚本
¥See also: Lifecycle Scripts
依赖
¥Dependency
依赖(在清单的 dependencies 字段中列出)描述了两个包之间的关系。
¥A dependency (listed in the dependencies field of the manifest) describes a relationship between two packages.
当包 A 具有依赖 B 时,Yarn 保证如果安装成功,A 将能够访问 B。请注意,这是我们对常规依赖做出的唯一承诺:特别是,不能保证包 B 与应用其他部分使用的版本相同。
¥When a package A has a dependency B, Yarn guarantees that A will be able to access B if the install is successful. Note that this is the only promise we make regarding regular dependencies: in particular, there is no guarantee that package B will be the same version than the one used in other parts of the application.
¥See also: Development Dependency, Peer Dependency
描述符
¥Descriptor
描述符是包名称(例如 lodash)和包 range(例如 ^1.0.0)的组合。描述符用于标识一组包,而不是一个唯一的包。
¥A descriptor is a combination of a package name (for example lodash) and a package range (for example ^1.0.0). Descriptors are used to identify a set of packages rather than one unique package.
开发依赖
¥Development Dependency
依赖(在清单的 devDependencies 字段中列出)描述了两个包之间的关系。
¥A dependency (listed in the devDependencies field of the manifest) describes a relationship between two packages.
开发依赖非常类似于常规依赖,只是它们只对本地包重要。从远程注册表(如 npm)获取的包将无法访问其开发依赖,但从本地源(如 workspaces 或 portal: 协议)安装的包可以访问。
¥Development dependencies are very much like regular dependencies except that they only matter for local packages. Packages fetched from remote registries such as npm will not be able to access their development dependencies, but packages installed from local sources (such as workspaces or the portal: protocol) will.
¥See also: Dependency, Peer Dependency
获取器
¥Fetcher
获取器是负责从 reference 中提取完整包数据的组件。例如,npm 获取器将从 npm 注册表下载软件包 tarball。
¥Fetchers are the components tasked with extracting the full package data from a reference. For example, the npm fetcher would download the package tarballs from the npm registry.
另请参阅:架构, Fetcher 接口
¥See also: Architecture, Fetcher interface
提升
¥Hoisting
提升是转换依赖树以通过删除尽可能多的节点来优化它的行为。没有单一的方法来决定如何转换树,不同的包管理器会做出不同的权衡(有些针对包流行度、包大小、最高版本等进行优化)。因此,无法保证最终的提升布局 - 除了包将始终能够访问它们在 manifests 中列出的依赖。
¥Hoisting is the act of transforming the dependency tree to optimize it by removing as many nodes as possible. There isn't a single way to decide how to transform the tree, and different package managers make different tradeoffs (some optimize for package popularity, package size, highest versions, ...). For this reason, no guarantee can be made regarding the final hoisting layout - except that packages will always be able to access the dependencies they listed in their manifests.
由于提升与文件系统和 Node 解析密切相关,因此它的设计本身就很容易出错并意外访问包,而没有将它们正确定义为依赖 - 因此在提升过程中没有被考虑在内,使得它们的存在变得不可预测。由于这个原因和其他原因,从 Yarn 2 开始,提升被搁置,转而支持 Plug'n'Play 解析。
¥Because the hoisting is heavily connected to the filesystem and the Node resolution, its very design makes it easy to make an error and accidentally access packages without them being properly defined as dependencies - and thus without being accounted for during the hoisting process, making their very existence unpredictable. For this reason and others, hoisting got sidelined starting from Yarn 2 in favour of the Plug'n'Play resolution.
链接器
¥Linker
链接器是使用依赖树和包数据存储的组件,并生成特定于其目标环境的磁盘工件。例如,Plug'n'Play 链接器生成单个 .pnp.cjs 文件。
¥Linkers are the components that consume both a dependency tree and a store of package data, and generate in return disk artifacts specific to the environment they target. For example, the Plug'n'Play linker generates a single .pnp.cjs file.
¥See also: Architecture, Installer interface, Linker interface
本地缓存
¥Local Cache
本地缓存或离线镜像是一种保护你的项目免受软件包注册表关闭影响的方法。
¥The local cache, or offline mirror, is a way to protect your project against the package registry going down.
启用本地缓存后,Yarn 会生成你在 .yarn/cache 文件夹中安装的所有包的副本,然后你可以将其添加到你的存储库中。后续安装将重用此文件夹中的包,而不是重新下载。
¥When the local cache is enabled, Yarn generates a copy of all packages you install in the .yarn/cache folder that you can then add to your repository. Subsequent installs will then reuse packages from this folder rather than downloading them anew.
虽然并不总是实用(它会导致存储库大小增加,尽管我们有办法显著缓解它),但它展示出各种有趣的属性:
¥While not always practical (it causes the repository size to grow, although we have ways to mitigate it significantly), it presents various interesting properties:
-
它不需要额外的基础设施,例如 Verdaccio 代理
¥It doesn't require additional infrastructure, such as a Verdaccio proxy
-
它不需要额外的配置,例如注册表身份验证
¥It doesn't require additional configuration, such as registry authentication
-
安装获取步骤尽可能快,完全没有数据传输
¥The install fetch step is as fast as it can be, with no data transfer at all
-
如果你还使用 PnP 链接器,它可以让你达到 zero-installs
¥It lets you reach zero-installs if you also use the PnP linker
要启用本地缓存,请将 enableGlobalCache 设置为 false,运行安装,然后将新工件添加到你的存储库(你可能需要相应地 更新你的 gitignore)。
¥To enable the local cache, set enableGlobalCache to false, run an install, and add the new artifacts to your repository (you might want to update your gitignore accordingly).
定位器
¥Locator
定位器是包名称(例如 lodash)和包 reference(例如 1.2.3)的组合。定位器用于标识单个唯一包(有趣的是,所有有效的定位器也是有效的 descriptors)。
¥A locator is a combination of a package name (for example lodash) and a package reference (for example 1.2.3). Locators are used to identify a single unique package (interestingly, all valid locators also are valid descriptors).
清单
¥Manifest
清单是定义与包关联的元数据的文件(其名称、版本、依赖……)。在 JavaScript 生态系统中,它是 package.json 文件。
¥The manifest is the file defining the metadata associated to a package (its name, version, dependencies...). In the JavaScript ecosystem, it's the package.json file.
Monorepo
monorepo 是包含多个包的存储库。Babel、Jest 甚至 Yarn 本身 都是此类存储库的示例 - 它们每个都包含十几个相互依赖的小包。
¥A monorepo is a repository that contains multiple packages. Babel, Jest, and even Yarn itself are examples of such repositories - they each contain dozen of small packages that depend on one another.
Yarn 通过 "workspaces" 为 monorepos 提供原生支持。通过运行单个安装,可以轻松安装多个本地包的依赖,并将它们全部连接在一起,这样就不必在项目的其他部分重用它们的更改之前发布它们。
¥Yarn provides native support for monorepos via "workspaces". It makes it easy to install the dependencies of multiple local packages by running a single install, and to connect them all together so that they don't have to be published before their changes can be reused by other parts of your project.
¥See also: Workspaces (feature), Workspace (lexicon).
包
¥Package
包是依赖树的节点。简而言之,包是源代码的打包包,通常以根目录中的 package.json 为特性。包可以定义 dependencies,这是需要提供的其他包才能正常工作。
¥Packages are nodes of the dependency tree. Simply put, a package is a bundle of source code usually characterized by a package.json at its root. Packages can define dependencies, which are other packages that need to be made available for it to work properly.
对等依赖
¥Peer Dependency
依赖(在清单的 peerDependencies 字段中列出)描述了两个包之间的关系。
¥A dependency (listed in the peerDependencies field of the manifest) describes a relationship between two packages.
与常规依赖相反,对 B 具有对等依赖的包 A 并不能保证 A 能够访问 B - 这取决于依赖于 A 的包是否手动提供与 A 的请求兼容的 B 版本。这个缺点也有好的一面:A 将访问的 B 的包实例保证与 A 的祖级使用的包实例完全相同。当 B 使用 instanceof 检查或单例时,这�很重要。
¥Contrary to regular dependencies, a package A with a peer dependency on B doesn't guarantee that A will be able to access B - it's up to the package that depends on A to manually provide a version of B compatible with request from A. This drawback has a good side too: the package instance of B that A will access is guaranteed to be the exact same one as the one used by the ancestor of A. This matters a lot when B uses instanceof checks or singletons.
¥See also: Development Dependency, Singleton Package
对等依赖包
¥Peer-Dependent Package
对等依赖包是列出对等依赖的包。
¥A peer-dependent package is a package that lists peer dependencies.
另请参阅:虚拟包
¥See also: Virtual Packages
插件
¥Plugin
插件是 Yarn 2+ 中引入的一个新概念。通过使用插件,Yarn 可以得到扩展并变得更加强大 - 无论是通过添加新的 resolvers、fetchers 还是 linkers。
¥Plugins are a new concept introduced in Yarn 2+. Through the use of plugins, Yarn can be extended and made even more powerful - whether it's through the addition of new resolvers, fetchers, or linkers.
¥See also: Plugins, Plugin interface
Plug'n'Play
Plug'n'Play 是一种替代安装策略,它不是生成典型的 node_modules 目录,而是生成一个文件,然后将其注入 Node 以让它知道在哪里找到已安装的包。从 v2 开始,Plug'n'Play 成为 Javascript 项目的默认安装策略。
¥Plug'n'Play is an alternative installation strategy that, instead of generating the typical node_modules directories, generate one single file that is then injected into Node to let it know where to find the installed packages. Starting from the v2, Plug'n'Play becomes the default installation strategy for Javascript projects.
另请参阅:Plug'n'Play
¥See also: Plug'n'Play
PnP
查看 Plug'n'Play
¥See Plug'n'Play
门户
¥Portal
门户是使用 portal: 协议的依赖,指向位于磁盘上的包。
¥A portal is a dependency that uses the portal: protocol, pointing to a package located on the disk.
与 link: 协议(可以指向任何位置但不能具有依赖)相反,Yarn 将以这样的方式设置其依赖图,即不仅依赖包能够访问通过门户引用的文件,而且门户本身也能够访问其自己的依赖。甚至同级依赖!
¥Contrary to the link: protocol (which can point to any location but cannot have dependencies), Yarn will setup its dependency map in such a way that not only will the dependent package be able to access the file referenced through the portal, but the portal itself will also be able to access its own dependencies. Even peer dependencies!
项目
¥Project
术语“项目”用于涵盖属于同一依赖树的所有 worktrees。
¥The term project is used to encompass all the worktrees that belong to the same dependency tree.
另请参阅:工作区
¥See also: Workspaces
范围
¥Range
范围是一个字符串,当与包名称结合使用时,可用于选择单个包的多个版本。范围通常遵循 semver,但可以使用任何受支持的 Yarn 协议。
¥A range is a string that, when combined with a package name, can be used to select multiple versions of a single package. Ranges typically follow semver, but can use any of the supported Yarn protocols.
另请参阅:协议
¥See also: Protocols
参考
¥Reference
引用是一个字符串,当与包名结合使用时,可用于选择单个包的一个版本。引用通常遵循 semver,但可以使用任何受支持的 Yarn 协议。
¥A reference is a string that, when combined with a package name, can be used to select one single version of a single package. References typically follow semver, but can use any of the supported Yarn protocols.
另请参阅:协议
¥See also: Protocols
解析器
¥Resolver
解析器是负责将 descriptors 转换为 locators 并从包 locators 中提取包 manifests 的组件。例如,npm 解析器将检查 npm 注册表上有哪些版本可用,并返回满足 semver 要求的所有候选版本,然后查询 npm 注册表以获取与所选解析相关的完整元数据。
¥Resolvers are the components tasked from converting descriptors into locators, and extracting the package manifests from the package locators. For example, the npm resolver would check what versions are available on the npm registry and return all the candidates that satisfy the semver requirements, then would query the npm registry to fetch the full metadata associated with the selected resolution.
¥See also: Architecture, Resolver interface
范围
¥Scope
范围是从 npm 注册表继承的链接术语;它们用于描述一组都属于同一实体的包。例如,与 v2 相关的所有 Yarn 包都属于 npm 注册表上的 berry 范围。范围传统上以 @ 符号为前缀。
¥Scopes are a term linked inherited from the npm registry; they are used to describe a set of packages that all belong to the same entity. For example, all the Yarn packages related to the v2 belong to the berry scope on the npm registry. Scopes are traditionally prefixed with the @ symbol.
单例包
¥Singleton Package
单例包是在依赖树中实例化一次的包。
¥A singleton package is a package which is instantiated a single time across the dependency tree.
虽然单例包不是一等公民,但可以使用 对等依赖 轻松创建它们,方法是使用它们的一个属性:由于对等依赖所依赖的包保证与其直接祖级使用的包完全相同,因此在整个依赖分支中使用对等依赖直到最近的工作区将确保始终创建该包的单个实例 - 使其成为事实上的单例包。
¥While singleton packages aren't a first-class citizen, they can be easily created using peer dependencies by using one of their properties: since packages depended upon by peer dependencies are guaranteed to be the exact same instance as the one used by their direct ancestor, using peer dependencies across the entire dependency branch all the way up to the nearest workspace will ensure that a single instance of the package is ever created - making it a de-facto singleton package.
另请参阅:对等依赖
¥See also: Peer Dependency
传递依赖
¥Transitive Dependency
传递依赖是你所依赖的包的依赖。
¥A transitive dependency is a dependency of a package you depend on.
想象一下 react 的情况。你的应用依赖于它(你自己在清单中列出了它),因此它是直接依赖。但 react 也依赖于 prop-types!这使得 prop-types 成为传递依赖,因为你不会直接声明它。
¥Imagine the case of react. Your application depends on it (you listed it yourself in your manifest), so it's a direct dependency. But react also depends on prop-types! That makes prop-types a transitive dependency, in that you don't directly declare it.
未插入的包
¥Unplugged Package
使用 Yarn PnP,大多数包都保存在其 zip 存档中,而不是解压到磁盘上。然后,存档在运行时挂载到文件系统上,并透明地访问。挂载是只读的,因此如果有人试图写入档案,档案不会被破坏。
¥With Yarn PnP, most packages are kept within their zip archives rather than being unpacked on the disk. The archives are then mounted on the filesystem at runtime, and transparently accessed. The mounts are read-only so that the archives don't get corrupted if something tries to write into them.
但是,在某些情况下,保持包的只读性可能很困难(例如,当包列出安装后脚本时 - 构建步骤通常需要生成构建工件,这使得只读文件夹不切实际)。对于这些情况,Yarn 可以解压特定的包并将它们保存到各自的文件夹中。此类包称为 "unplugged"。
¥In some cases, however, keeping the package read-only may be difficult (such as when a package lists postinstall scripts - the build steps will often need to generate build artifacts, making read-only folders impractical). For those situations, Yarn can unpack specific packages and keep them into their own individual folders. Such packages are referred to as "unplugged".
在以下几种情况下,包会被拔出:
¥Packages are unplugged in a few scenarios:
-
通过将
dependenciesMeta[].unplugged字段设置为true明确¥explicitly by setting the
dependenciesMeta[].unpluggedfield totrue -
当包将其
preferUnplugged字段设置为true时明确¥explicitly when the package set its
preferUnpluggedfield totrue -
当包列出安装后脚本时隐式显示
¥implicitly when the package lists postinstall scripts
-
当包包含原生文件时隐式显示
¥implicitly when the package contains native files
虚拟包
¥Virtual Package
因为 对等依赖包 有效地定义了可能的依赖集的范围,而不是单个静态依赖集,所以对等依赖包可能有多个依赖集。发生这种情况时,需要为每个这样的集合至少实例化一次包。
¥Because peer-dependent packages effectively define an horizon of possible dependency sets rather than a single static set of dependencies, a peer-dependent package may have multiple dependency sets. When this happens, the package will need to be instantiated at least once for each such set.
由于在 Node-land 中,JS 模块是根据其路径实例化的(对于任何给定的路径,文件永远不会实例化两次),并且由于 PnP 使得包在任何给定的项目中只安装一次,因此多次实例化这些包的唯一方法是给它们多个路径,同时仍然引用相同的磁盘位置。这就是虚拟包派上用场的地方。
¥Since in Node-land the JS modules are instantiated based on their path (a file is never instantiated twice for any given path), and since PnP makes it so that packages are installed only once in any given project, the only way to instantiate those packages multiple times is to give them multiple paths while still referencing to the same on-disk location. That's where virtual packages come handy.
虚拟包是同级依赖包�的专用实例,它对此特定实例应使用的依赖集进行编码。每个虚拟包都被赋予一个唯一的文件系统路径,以确保它引用的脚本将使用其正确的依赖集进行实例化。
¥Virtual packages are specialized instances of the peer-dependent packages that encode the set of dependencies that this particular instance should use. Each virtual package is given a unique filesystem path that ensures that the scripts it references will be instantiated with their proper dependency set.
过去虚拟包是使用符号链接实现的,但最近这种情况发生了变化,现在它们是通过虚拟文件系统层实现的。这避免了创建数百个令人困惑的符号链接的需要,提高了与 Windows 的兼容性,并防止了第三方工具调用 realpath 时出现的问题。
¥In the past virtual packages were implemented using symlinks, but this recently changed and they are now implemented through a virtual filesystem layer. This circumvents the need to create hundreds of confusing symlinks, improving compatibility with Windows and preventing issues that would arise with third-party tools calling realpath.
工作区
¥Workspace
一般来说,工作区是用于处理存储在同一存储库中的多个项目的 Yarn 功能。
¥Generally speaking workspaces are a Yarn features used to work on multiple projects stored within the same repository.
在 Yarn 词汇表中,工作区是直接属于 project 的本地 packages。
¥In the context of Yarn's vocabulary, workspaces are local packages that directly belong to a project.
另请参阅:工作区
¥See also: Workspaces
工作树
¥Worktree
工作树是一个私有工作区,它将新的子工作区添加到当前 project。
¥A worktree is a private workspace that adds new child workspaces to the current project.
另请参阅:工作区
¥See also: Workspaces
Yarn
Yarn 是一个用于管理编程环境的命令行工具。它用 Javascript 编写,主要与其他 Javascript 项目一起使用,但具有使其适合在各种情况下使用的功能。
¥Yarn is a command line tool used to manage programming environments. Written in Javascript, it is mostly used along with other Javascript projects but has capabilities that make it suitable to be used in various situations.
零安装
¥Zero-Install
另请参阅:零安装
¥See also: Zero-Install