软件包管理系统（又一个短小精悍的软件包管理器-pnpm）

时间2025-05-01 16:28:08分类IT科技浏览3985

导读：一个上班摸鱼的契机，看到了pnpm这个新名词，带着我的一丝好奇和一丝疑问，就想着了解一下。...

一个上班摸鱼的契机，看到了pnpm这个新名词，带着我的一丝好奇和一丝疑问，就想着了解一下。

什么是pnpm?

pnpm是我们正常印象中的软件包管理器，类似的我们肯定用过淘宝的cnpm ，无非是如何又全又快又小巧地获取需要拉取的软件包。

它给自己的slogan是【速度快】、【节省磁盘空间】这两个前缀，具体我们再往下了解下。

pnpm和yarn/cnpm/npm有什么区别？

谈到差别，最主要的还是它标语提到的两点，一个是时间，一个是空间。

它也是在官网上有一个TAB ，就是写的【性能对比】，具体来看看它提供的是怎样的成绩。

取了一次更新于【Jan 1, 2023, 3:20 AM】的分析说明

测试的点有： clean install: 在没有任何lockfile 、packages 、node_modules时 with cache, with lockfile, with node_modules: 在首次install之后，再次install后 with cache, with lockfile: 当开发人员获取存储库并首次运行安装时 with cache: 与上面的相同，但包管理器没有可以使用的lockfile with lockfile: 当安装在 CI 服务器上运行时 with cache, with node_modules: 删除lockfile并再次运行安装命令 with node_modules, with lockfile: 删除包缓存并再次运行安装命令 with node_modules: 删除包缓存和lockfile ，并再次运行安装命令 update: 通过更改 package.json 中的版本并再次运行安装命令来更新依赖项

使用一个固定的package.json进行测试

{ "name": "alotta-modules", "version": "0.0.1", "dependencies": { "animate.less": "^2.2.0", "autoprefixer": "^10.4.8", "babel-core": "^6.26.3", "babel-eslint": "^10.1.0", "babel-loader": "^8.2.5", "babel-plugin-lodash": "^3.3.4", "babel-plugin-module-resolver": "^4.1.0", "babel-plugin-transform-decorators-legacy": "^1.3.5", "babel-plugin-transform-runtime": "^6.23.0", "babel-polyfill": "^6.26.0", "babel-preset-es2015": "^6.24.1", "babel-preset-react": "^6.24.1", "babel-preset-react-hmre": "^1.1.1", "babel-preset-stage-1": "^6.24.1", "babel-runtime": "^6.26.0", "clean-webpack-plugin": "^4.0.0", "core-decorators": "^0.20.0", "css-loader": "^6.7.1", "css-mqpacker": "^7.0.0", "cssnano": "^5.1.13", "custom-event-polyfill": "^1.0.7", "draft-js": "^0.11.7", "ejs": "^3.1.8", "eslint": "^8.23.0", "eslint-config-airbnb": "^19.0.4", "eslint-import-resolver-webpack": "^0.13.2", "eslint-plugin-import": "^2.26.0", "eslint-plugin-jsx-a11y": "^6.6.1", "eslint-plugin-react": "^7.31.6", "express": "^4.18.1", "express-http-proxy": "^1.6.3", "font-awesome": "^4.7.0", "fready": "^1.0.0", "glob": "^8.0.3", "gulp": "^4.0.2", "gulp-concat": "^2.6.1", "gulp-csslint": "^1.0.1", "gulp-cssnano": "^2.1.3", "gulp-eol": "^0.2.0", "gulp-less": "^5.0.0", "gulp-livereload": "^4.0.2", "gulp-minify-css": "^1.2.4", "gulp-postcss": "^9.0.1", "gulp-rename": "^2.0.0", "gulp-util": "^3.0.8", "happypack": "^5.0.1", "highcharts": "^10.2.1", "highcharts-solid-gauge": "^0.1.7", "history": "^5.3.0", "howler": "^2.2.3", "imports-loader": "^4.0.1", "jquery": "^3.6.1", "jquery-ui": "1.13.2", "js-cookie": "^3.0.1", "json-loader": "^0.5.7", "leftpad": "^0.0.1", "less": "^4.1.3", "lesshat": "^4.1.0", "lodash": "^4.17.21", "medium-draft": "^0.5.18", "mobx": "^6.6.1", "mobx-react": "^7.5.2", "moment": "^2.29.4", "moment-range": "^4.0.2", "moment-timezone": "^0.5.37", "password-policy": "0.0.3", "postcss-reporter": "^7.0.5", "progress": "^2.0.3", "qs": "^6.11.0", "raw-loader": "^4.0.2", "rc-slider": "^10.0.1", "react": "^18.2.0", "react-addons-css-transition-group": "^15.6.2", "react-addons-shallow-compare": "^15.6.3", "react-dnd": "^16.0.1", "react-dnd-html5-backend": "^16.0.1", "react-dom": "^18.2.0", "react-draft-wysiwyg": "^1.15.0", "react-dropzone": "^14.2.2", "react-grid-layout": "^1.3.4", "react-highcharts": "^16.1.0", "react-hot-loader": "4.13.0", "react-input-calendar": "^0.5.4", "react-lazyload": "^3.2.0", "react-measure": "^2.5.2", "react-mixin": "^5.0.0", "react-responsive": "9.0.0-beta.10", "react-responsive-tabs": "^4.4.3", "react-router": "^6.3.0", "react-router-dom": "^6.3.0", "react-select-plus": "1.0.0-rc.3.patch12", "react-skylight": "^0.5.1", "react-sortablejs": "^6.1.4", "react-tappable": "^1.0.4", "react-tooltip": "4.2.21", "react-virtualized": "^9.22.3", "react-waypoint": "^10.3.0", "sortablejs": "^1.15.0", "style-loader": "^3.3.1", "stylelint": "^14.11.0", "superagent": "^8.0.0", "uglify-js": "^3.17.0", "uuid": "^8.3.2", "verge": "^1.10.2", "webpack-bundle-analyzer": "^4.6.1", "webpack-hot-middleware": "^2.25.2", "webpack-notifier": "^1.15.0", "webpack-split-by-path": "^2.0.0", "whatwg-fetch": "^3.6.2" }, "devDependencies": { "nan-as": "^1.6.1" } }

将npm/pnpm/Yarn/Yarn Pnp四个管理器进行比对。

npm是一个有效的软件包管理器，但是出于国内资源的不稳定性，还是会给使用者一些困扰，比如安装的不确定性（可以通过开启skrinkwrap实现预测，并不默认），安装程序有风险 yarn是一个在npm的基础上，默认创建yarn.lock文件，包含安装内容的校验和，来确保库的版本相同。不仅提升了安全性，运行速度也是有显著提升虽然yarn已经很优秀了，但是pnpm在性能上给出了更好的成绩，也利用硬链接和符号链接来避免复制所有本地缓存源文件（yarn最大的性能弱点）

pnpm有什么特点和优势？

主要就是节省磁盘空间并且提升安装速度，这是它存在的动机，具体来说：

去除多依赖包副本的逻辑，统一存放依赖包，不同版本分别存储安装软件包时，使用需要的文件都硬链接至此位置，不占用额外磁盘空间，不同项目可以共享相同版本的依赖包扁平化的node_modules目录结构，也极大地解决Windows系统下可能的依赖包存储问题

如何安装和使用pnpm？

pnpm的安装方法有很多，官方也有明确指导，可以看这里

1.通过脚本安装:windows\posix系统\Linux

2.通过Corepack安装

3.通过npm安装

4.通过homebrew安装

5.通过scoop安装

那我本地是已经具备npm的条件，我尝试使用npm来安装pnpm ，非常快速地就安装上了

a@b:~$ sudo npm install -g pnpm Password: /usr/local/bin/pnpx -> /usr/local/lib/node_modules/pnpm/bin/pnpx.cjs /usr/local/bin/pnpm -> /usr/local/lib/node_modules/pnpm/bin/pnpm.cjs + pnpm@7.22.0 added 1 package in 1.736s a@b:~$ which pnpm /usr/local/bin/pnpm

也有pnpm与npm对比的指令

npm 命令 pnpm 等价命令 npm install pnpm install npm i pnpm add npm run pnpm

直接看一下pnpm安装成功了没？

a@b:~$ pnpm -v ERROR: This version of pnpm requires at least Node.js v14.6 The current version of Node.js is v8.16.0 Visit https://r.pnpm.io/comp to see the list of past pnpm versions with respective Node.js version support.

根据错误提示，说必须要Node.js v14.6及以上，那么我目前是 v8.16.0 ，我这边使用n指令（是node版本管理器）来切换一下node的版本，最终pnpm是可以使用了

a@b:~$ node -v v14.15.0 a@b:~$ pnpm -v 7.22.0

此外升级和卸载指令：

pnpm add -g pnpm pnpm rm -g pnpm