Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

avoid unstable releases of mongoose in npm / package.json

Tags:

How can I avoid installing unstable releases of mongoose with npm?

After running npm update, I get the following warning in my node app:

#   !!! MONGOOSE WARNING !!! # #   This is an UNSTABLE release of Mongoose. #   Unstable releases are available for preview/testing only. #   DO NOT run this in production. 

In my package.json file I have the following entry:

"mongoose": "^3.8.8" 
like image 769
Jorre Avatar asked Jun 03 '14 20:06

Jorre


People also ask

What is mongoosejs?

Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Mongoose supports both promises and callbacks. The official documentation website is mongoosejs.com. Mongoose 5.0.0 was released on January 17, 2018.

What happens if NPM fails to install a package?

If a dependency can be used, but you would like npm to proceed if it cannot be found or fails to install, then you may put it in the optionalDependencies object. This is a map of package name to version or url, just like the dependencies object. The difference is that build failures do not cause installation to fail.

How to prevent NPM from publishing private repositories?

It is now recommended that you install any binaries as local devDependencies wherever possible. If you set "private": true in your package.json, then npm will refuse to publish it. This is a way to prevent accidental publication of private repositories.

What are the most important things in a JSON package?

If you plan to publish your package, the most important things in your package.json are the name and version fields as they will be required. The name and version together form an identifier that is assumed to be completely unique.


1 Answers

Mongoose is not following standard npm practices and so their unstable builds get recognized as stable by npm. Basically they released 3.9 as an unstable version, this is what causes the warning.

My advise is that you don't trust them anymore to follow such conventions and just lock the version in your package.json:

 "mongoose": "3.8" 
like image 165
bluehallu Avatar answered Sep 19 '22 07:09

bluehallu