我觉得所有程序员都在努力的学习阅读英语吧，毕竟英语阅读没问题，我们才能更好的阅读文档，为了给大家更快的学习效率，所以翻译了这一篇中英文对照的文章。如果你每次安装 package 包时候会想，what? 各种命令 –save -D 之类的究竟是什么鬼？那么可以接着往下看了。

npm-install

Install a package 安装一个包

SYNOPSIS 简介

npm install (with no args, in package dir)
npm install [<@scope>/]<name>
npm install [<@scope>/]<name>@<tag>
npm install [<@scope>/]<name>@<version>
npm install [<@scope>/]<name>@<version range>
npm install <git-host>:<git-user>/<repo-name>
npm install <git repo url>
npm install <tarball file>
npm install <tarball url>
npm install <folder>

aliases: npm i, npm add
别名：npm i, npm add

common options: [-P|--save-prod|-D|--save-dev|-O|--save-optional] [-E|--save-exact] [-B|--save-bundle] [--no-save] [--dry-run]

DESCRIPTION 描述
This command installs a package, and any packages that it depends on. If the package has a package-lock or shrinkwrap file, the installation of dependencies will be driven by that, with an npm-shrinkwrap.json taking precedence if both files exist. See package-lock.json and npm-shrinkwrap.
此命令将安装程序包及其依赖的任何程序包。如果软件包具有 package-lock 或 shrinkwrap 文件，则依赖项的安装将由此驱动，如果两个文件都存在，则 npm-shrinkwrap.json 优先。请参阅 package-lock.json 和 npm-shrinkwrap。

A package is:

a) a folder containing a program described by a package.json file
b) a gzipped tarball containing (a)
c) a url that resolves to (b)
d) a <name>@<version> that is published on the registry (see npm-registry) with (c)
e) a <name>@<tag> (see npm-dist-tag) that points to (d)
f) a <name> that has a“latest”tag satisfying (e)
g) a <git remote url> that resolves to (a)

包裹是：

a）包含 package.json 文件描述的程序的文件夹
b）包含（a）的压缩的 tarball
c）解析为（b）的网址
d）在注册表上发布的 <name> @ <version>（参见 npm-registry）（c）
e）指向（d）的 <name> @ <tag>（参见 npm-dist-tag）
f）具有满足（e）的“最新”标签的 <name>
g）解析为（a）的 <git remote url>

Even if you never publish your package, you can still get a lot of benefits of using npm if you just want to write a node program (a), and perhaps if you also want to be able to easily install it elsewhere after packing it up into a tarball (b).
即使您从未发布过您的软件包，如果您只想编写一个节点程序（a），或者如果您还希望能够在打包之后轻松地将其安装在其他地方，那么使用 npm 仍然可以获得很多好处。进入 tarball（b）。

npm install (in package directory, no arguments):

npm install（在包目录中，没有参数）：

Install the dependencies in the local node_modules folder.
在本地 node_modules 文件夹中安装依赖项。

In global mode (ie, with -g or –global appended to the command), it installs the current package context (ie, the current working directory) as a global package.
在全局模式下（即，在命令后附加 - g 或 –global），它将当前包上下文（即当前工作目录）安装为全局包。

By default, npm install will install all modules listed as dependencies in package.json.
默认情况下，npm install 将在 package.json 中安装列为依赖项的所有模块。

With the –production flag (or when the NODE_ENV environment variable is set to production), npm will not install modules listed in devDependencies.
使用 –production 标志（或当 NODE_ENV 环境变量设置为 production 时），npm 将不会安装 devDependencies 中列出的模块。

NOTE: The –production flag has no particular meaning when adding a dependency to a project.
注意：向项目添加依赖项时，– production 标志没有特别的意义。

npm install <folder>:

npm install 文件夹

Install the package in the directory as a symlink in the current project. Its dependencies will be installed before it’s linked. If <folder> sits inside the root of your project, its dependencies may be hoisted to the toplevel node_modules as they would for other types of dependencies.
将包作为当前项目中的符号链接安装在目录中。它的依赖项将在链接之前安装。如果 <folder> 位于项目的根目录内，则其依赖关系可能会升级到顶层 node_modules，就像它们对其他类型的依赖项一样。

npm install <tarball file>:

Install a package that is sitting on the filesystem. Note: if you just want to link a dev directory into your npm root, you can do this more easily by using npm link.
安装位于文件系统上的软件包。注意：如果您只想将 dev 目录链接到 npm 根目录，则可以使用 npm link 更轻松地完成此操作。

Tarball requirements:

The filename must use .tar, .tar.gz, or .tgz as the extension.
The package contents should reside in a subfolder inside the tarball (usually it is called package/). npm strips one directory layer when installing the package (an equivalent of tar x –strip-components=1 is run).
The package must contain a package.json file with name and version properties.
文件名必须使用.tar，.tar.gz 或.tgz 作为扩展名。
包内容应该驻留在 tarball 内的子文件夹中（通常称为 package /）。npm 在安装软件包时剥离一个目录层（运行相当于 tar x –strip-components = 1）。
该包必须包含具有名称和版本属性的 package.json 文件。
Example:

npm install ./package.tgz

npm install <tarball url>:

Fetch the tarball url, and then install it. In order to distinguish between this and other options, the argument must start with“http://”or“https://”
获取 tarball URL，然后安装它。为了区分这个和其他选项，参数必须以“http：//”或“https：//”开头。

Example:

npm install https://github.com/indexzero/forever/tarball/v0.5.6

npm install [<@scope>/]<name>:

Do a <name>@<tag> install, where <tag> is the“tag”config. (See npm-config. The config’s default value is latest.)

In most cases, this will install the version of the modules tagged as latest on the npm registry.
在大多数情况下，这将在 npm 注册表中安装标记为最新的模块版本。

Example:

npm install sax

npm install saves any specified packages into dependencies by default. Additionally, you can control where and how they get saved with some additional flags:
npm install 默认将任何指定的包保存到依赖项中。此外，您可以通过一些额外的标志来控制保存的位置和方式：

-P, –save-prod: Package will appear in your dependencies. This is the default unless -D or -O are present.
包将出现在您的依赖项中。除非存在 - D 或 -O，否则这是默认值。

-D, –save-dev: Package will appear in your devDependencies.
包将出现在您的 devDependencies 中。

-O, –save-optional: Package will appear in your optionalDependencies.
包将出现在您的 optionalDependencies 中。

–no-save: Prevents saving to dependencies.
防止保存到依赖项。

When using any of the above options to save dependencies to your package.json, there are two additional, optional flags:
当使用上述任何选项来保存对 package.json 的依赖关系时，还有两个额外的可选标志：

-E, –save-exact: Saved dependencies will be configured with an exact version rather than using npm’s default semver range operator.
保存的依赖项将使用精确版本配置，而不是使用 npm 的默认 semver 范围运算符。

-B, –save-bundle: Saved dependencies will also be added to your bundleDependencies list.
保存的依赖项也将添加到您的 bundleDependencies 列表中。

Further, if you have an npm-shrinkwrap.json or package-lock.json then it will be updated as well.
此外，如果你有一个 npm-shrinkwrap.json 或 package-lock.json，那么它也会被更新。

<scope> is optional. The package will be downloaded from the registry associated with the specified scope. If no registry is associated with the given scope the default registry is assumed. See npm-scope.
<scope> 是可选的。该包将从与指定范围关联的注册表中下载。如果没有与给定范围关联的注册表，则假定使用默认注册表。请参阅 npm-scope。

Note: if you do not include the @-symbol on your scope name, npm will interpret this as a GitHub repository instead, see below. Scopes names must also be followed by a slash.
注意：如果您没有在范围名称中包含 @ -symbol，则 npm 会将其解释为 GitHub 存储库，请参阅下文。范围名称后面还必须有斜杠。

Examples:

npm install sax
npm install githubname/reponame
npm install @myorg/privatepackage
npm install node-tap --save-dev
npm install dtrace-provider --save-optional
npm install readable-stream --save-exact
npm install ansi-regex --save-bundle

Note: If there is a file or folder named <name> in the current working directory, then it will try to install that, and only try to fetch the package by name if it is not valid.
注意：如果当前工作目录中存在名为 <name> 的文件或文件夹，则它将尝试安装该文件或文件夹，并且只有在无效时才尝试按名称获取程序包。

npm install [<@scope>/]<name>@<tag>:

Install the version of the package that is referenced by the specified tag. If the tag does not exist in the registry data for that package, then this will fail.
安装指定标记引用的包的版本。如果该包的注册表数据中不存在该标记，则此操作将失败。

Example:

npm install sax@latest
npm install @myorg/mypackage@latest

• npm install [<@scope>/]<name>@<version>:

Install the specified version of the package. This will fail if the version has not been published to the registry.
安装指定版本的软件包。如果版本尚未发布到注册表，则会失败。

Example:

npm install sax@0.1.1
npm install @myorg/privatepackage@1.5.0

• npm install [<@scope>/]<name>@<version range>:

Install a version of the package matching the specified version range. This will follow the same rules for resolving dependencies described in package.json.
安装与指定版本范围匹配的软件包版本。这将遵循解决 package.json 中描述的依赖关系的相同规则。

Note that most version ranges must be put in quotes so that your shell will treat it as a single argument.
请注意，大多数版本范围必须放在引号中，以便 shell 将其视为单个参数。

Example:

npm install sax@">=0.1.0 <0.2.0"
npm install @myorg/privatepackage@">=0.1.0 <0.2.0"

• npm install <git remote url>:

Installs the package from the hosted git provider, cloning it with git. For a full git remote url, only that URL will be attempted.
从托管的 git 提供程序安装包，使用 git 克隆它。对于完整的 git 远程 URL，只会尝试该 URL。

<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>[#<commit-ish> | #semver:<semver>]

<protocol> is one of git, git+ssh, git+http, git+https, or git+file.

If #<commit-ish> is provided, it will be used to clone exactly that commit. If the commit-ish has the format #semver:<semver>, <semver> can be any valid semver range or exact version, and npm will look for any tags or refs matching that range in the remote repository, much as it would for a registry dependency. If neither #<commit-ish> or #semver:<semver> is specified, then the default branch of the repository is used.
如果提供了#<commit-ish>，它将用于完全克隆该提交。如果 commit-ish 的格式为 #semver：<semver>，则 <semver> 可以是任何有效的 semver 范围或精确版本，npm 将查找远程存储库中与该范围匹配的任何标记或引用，就像它可以 注册表依赖项。如果既未指定#<commit-ish> 或 #semver：<semver>，则使用存储库的默认分支。

If the repository makes use of submodules, those submodules will be cloned as well.
如果存储库使用子模块，那么也将克隆这些子模块。

If the package being installed contains a prepare script, its dependencies and devDependencies will be installed, and the prepare script will be run, before the package is packaged and installed.
如果正在安装的软件包包含一个 prepare 脚本，则将安装其依赖项和 devDependencies，并在打包和安装软件包之前运行 prepare 脚本。

The following git environment variables are recognized by npm and will be added to the environment when running git:
以下 git 环境变量由 npm 识别，并在运行 git 时添加到环境中：

GIT_ASKPASS
GIT_EXEC_PATH
GIT_PROXY_COMMAND
GIT_SSH
GIT_SSH_COMMAND
GIT_SSL_CAINFO
GIT_SSL_NO_VERIFY
See the git man page for details.

Examples:

npm install git+ssh://git@github.com:npm/cli.git#v1.0.27
npm install git+ssh://git@github.com:npm/cli#semver:^5.0
npm install git+https://isaacs@github.com/npm/cli.git
npm install git://github.com/npm/cli.git#v1.0.27
GIT_SSH_COMMAND='ssh -i ~/.ssh/custom_ident' npm install git+ssh://git@github.com:npm/cli.git

npm install <githubname>/<githubrepo>[#<commit-ish>]:
npm install github:<githubname>/<githubrepo>[#<commit-ish>]:

Install the package at https://github.com/githubname… by attempting to clone it using git.
通过尝试使用 git 克隆它，在 https://github.com/githubname…。

If #<commit-ish> is provided, it will be used to clone exactly that commit. If the commit-ish has the format #semver:<semver>, <semver> can be any valid semver range or exact version, and npm will look for any tags or refs matching that range in the remote repository, much as it would for a registry dependency. If neither #<commit-ish> or #semver:<semver> is specified, then master is used.
如果提供了#<commit-ish>，它将用于完全克隆该提交。如果 commit-ish 的格式为 #semver：<semver>，则 <semver> 可以是任何有效的 semver 范围或精确版本，npm 将查找远程存储库中与该范围匹配的任何标记或引用，就像它可以 注册表依赖项。如果既未指定#<commit-ish> 或 #semver：<semver>，则使用 master。

As with regular git dependencies, dependencies and devDependencies will be installed if the package has a prepare script, before the package is done installing.
与常规 git 依赖项一样，如果程序包具有 prepare 脚本，则在安装程序包之前将安装依赖项和 devDependencies。

Examples:

npm install mygithubuser/myproject
npm install github:mygithubuser/myproject

• npm install gist:[<githubname>/]<gistID>[#<commit-ish>|#semver:<semver>]:

Install the package at https://gist.github.com/gistID by attempting to clone it using git. The GitHub username associated with the gist is optional and will not be saved in package.json.
通过尝试使用 git 克隆它，在 https://gist.github.com/gistI…。与 gist 关联的 GitHub 用户名是可选的，不会保存在 package.json 中。

As with regular git dependencies, dependencies and devDependencies will be installed if the package has a prepare script, before the package is done installing.
与常规 git 依赖项一样，如果程序包具有 prepare 脚本，则在安装程序包之前将安装依赖项和 devDependencies。

Example:

npm install gist:101a11beef

• npm install bitbucket:<bitbucketname>/<bitbucketrepo>[#<commit-ish>]:

Install the package at https://bitbucket.org/bitbuck… by attempting to clone it using git.
通过尝试使用 git 克隆它，在 https://bitbucket.org/bitbuck…。

If #<commit-ish> is provided, it will be used to clone exactly that commit. If the commit-ish has the format #semver:<semver>, <semver> can be any valid semver range or exact version, and npm will look for any tags or refs matching that range in the remote repository, much as it would for a registry dependency. If neither #<commit-ish> or #semver:<semver> is specified, then master is used.
如果提供了#<commit-ish>，它将用于完全克隆该提交。如果 commit-ish 的格式为 #semver：<semver>，则 <semver> 可以是任何有效的 semver 范围或精确版本，npm 将查找远程存储库中与该范围匹配的任何标记或引用，就像它可以 注册表依赖项。如果既未指定#<commit-ish> 或 #semver：<semver>，则使用 master。

As with regular git dependencies, dependencies and devDependencies will be installed if the package has a prepare script, before the package is done installing.
与常规 git 依赖项一样，如果程序包具有 prepare 脚本，则在安装程序包之前将安装依赖项和 devDependencies。

Example:

npm install bitbucket:mybitbucketuser/myproject

• npm install gitlab:<gitlabname>/<gitlabrepo>[#<commit-ish>]:

Install the package at https://gitlab.com/gitlabname… by attempting to clone it using git.
通过尝试使用 git 克隆它，在 https://gitlab.com/gitlabname…。

If #<commit-ish> is provided, it will be used to clone exactly that commit. If the commit-ish has the format #semver:<semver>, <semver> can be any valid semver range or exact version, and npm will look for any tags or refs matching that range in the remote repository, much as it would for a registry dependency. If neither #<commit-ish> or #semver:<semver> is specified, then master is used.
如果提供了#<commit-ish>，它将用于完全克隆该提交。如果 commit-ish 的格式为 #semver：<semver>，则 <semver> 可以是任何有效的 semver 范围或精确版本，npm 将查找远程存储库中与该范围匹配的任何标记或引用，就像它可以 注册表依赖项。如果既未指定#<commit-ish> 或 #semver：<semver>，则使用 master。

As with regular git dependencies, dependencies and devDependencies will be installed if the package has a prepare script, before the package is done installing.
与常规 git 依赖项一样，如果程序包具有 prepare 脚本，则在安装程序包之前将安装依赖项和 devDependencies。

Example:

npm install gitlab:mygitlabuser/myproject
npm install gitlab:myusr/myproj#semver:^5.0

You may combine multiple arguments, and even multiple types of arguments. For example:
您可以组合多个参数，甚至多种类型的参数。例如：

npm install sax@”>=0.1.0 <0.2.0″ bench supervisor
The –tag argument will apply to all of the specified install targets. If a tag with the given name exists, the tagged version is preferred over newer versions.
–tag 参数将应用于所有指定的安装目标。如果存在具有给定名称的标记，则标记版本优先于较新版本。

The –dry-run argument will report in the usual way what the install would have done without actually installing anything.
–dry-run 参数将以通常的方式报告安装将在没有实际安装任何内容的情况下完成的操作。

The –package-lock-only argument will only update the package-lock.json, instead of checking node_modules and downloading dependencies.
–package-lock-only 参数只会更新 package-lock.json，而不是检查 node_modules 和下载依赖项

The -f or –force argument will force npm to fetch remote resources even if a local copy exists on disk.
即使磁盘上存在本地副本，- f 或 –force 参数也会强制 npm 获取远程资源。

npm install sax –force
The -g or –global argument will cause npm to install the package globally rather than locally. See npm-folders.
- g 或 –global 参数将导致 npm 全局安装包而不是本地安装包。请参阅 npm-folders。

The –global-style argument will cause npm to install the package into your local node_modules folder with the same layout it uses with the global node_modules folder. Only your direct dependencies will show in node_modules and everything they depend on will be flattened in their node_modules folders. This obviously will eliminate some deduping.
–global-style 参数将导致 npm 将包安装到本地 node_modules 文件夹中，其文件布局与全局 node_modules 文件夹使用的布局相同。只有您的直接依赖项将显示在 node_modules 中，它们所依赖的所有内容将在其 node_modules 文件夹中展平。这显然会消除一些重复数据删除。

The –ignore-scripts argument will cause npm to not execute any scripts defined in the package.json. See npm-scripts.
–ignore-scripts 参数将导致 npm 不执行 package.json 中定义的任何脚本。请参阅 npm-scripts。

The –legacy-bundling argument will cause npm to install the package such that versions of npm prior to 1.4, such as the one included with node 0.8, can install the package. This eliminates all automatic deduping.
–legacy-bundling 参数将导致 npm 安装包，使得 1.4 之前的 npm 版本（例如节点 0.8 中包含的版本）可以安装包。这消除了所有自动扣除。

The –link argument will cause npm to link global installs into the local space in some cases.
在某些情况下，– link 参数将导致 npm 将全局安装链接到本地空间。

The –no-bin-links argument will prevent npm from creating symlinks for any binaries the package might contain.
–no-bin-links 参数将阻止 npm 为包可能包含的任何二进制文件创建符号链接。

The –no-optional argument will prevent optional dependencies from being installed.
–no-optional 参数将阻止安装可选的依赖项。

The –no-shrinkwrap argument, which will ignore an available package lock or shrinkwrap file and use the package.json instead.
–no-shrinkwrap 参数，它将忽略可用的包锁或 shrinkwrap 文件，而是使用 package.json。

The –no-package-lock argument will prevent npm from creating a package-lock.json file. When running with package-lock’s disabled npm will not automatically prune your node modules when installing.
–no-package-lock 参数将阻止 npm 创建 package-lock.json 文件。在使用 package-lock 运行时，npm 在安装时不会自动修剪节点模块。

The –nodedir=/path/to/node/source argument will allow npm to find the node source code so that npm can compile native modules.
–nodedir = / path / to / node / source 参数将允许 npm 查找节点源代码，以便 npm 可以编译本机模块。

The –only={prod[uction]|dev[elopment]} argument will cause either only devDependencies or only non-devDependencies to be installed regardless of the NODE_ENV.
–only = {prod [uction] | dev [elopment]}参数将导致仅安装 devDependencies 或仅安装非 devDependencies，而不管 NODE_ENV 如何。

The –no-audit argument can be used to disable sending of audit reports to the configured registries. See npm-audit for details on what is sent.
–no-audit 参数可用于禁止将审计报告发送到已配置的注册表。有关发送内容的详细信息，请参阅 npm-audit。

See npm-config. Many of the configuration params have some effect on installation, since that’s most of what npm does.
请参阅 npm-config。许多配置参数对安装有一些影响，因为这是 npm 的大部分内容。

本文首发于公众号“前端的极致实现”。欢迎小可爱们来交流~ 加我微信 (wangyuedewechat2) 拉大家进群