Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Caret range and package-lock.json: how to get latest non-breaking versions with them?

Tags:

javascript

npm

package-lock.json

I got what package-lock.json is standing for, but I don't understand how is caret range work after adding this file?

Say I have a package (my-module) that I want to have all new non-breaking versions without specifying new versions manually. I install latest version and this is the result in package.json file:

"my-module": "^4.1.1"

However package-lock.json is also getting updated with fixing the version of my-module to 4.1.1.

Next time a new version comes out of my-module: 4.1.2. Running npm i will not install it as the version in package-lock.json is fixed to the old version.

Question

How can I achieve that npm i will download latest non-breaking version of my-module without creating new package-lock.json file all the time? Did this file just invalidate using caret range?

like image 575
atoth Avatar asked Apr 25 '18 12:04

atoth

2 Answers

We came up with the idea of using preinstall functionality of package.json.

So under in your package.json file under scripts tag you add: "preinstall": "npm update".

Since npm update only updates packages affected by the caret range syntax you can have both package-lock.json and latest updates.

like image 188
atoth Avatar answered Oct 25 '22 22:10

atoth

While I'm not fond of just posting pieces of documentation verbatim, I feel it is the best source to explain why what you're asking for is exactly what package-lock.json was designed to NOT NECESSARILY DO:

  1. package-lock.json is automatically generated for any operations where npm modifies either the node_modules tree, or package.json.

  2. It describes the exact tree that was generated, such that subsequent installs are able to generate identical trees, regardless of intermediate dependency updates.

WHEN package.json is fed into npm i the result of the operation is a filesystem node_modules, consistent with all the dependencies as declared in the package.json file.

This operation DOES NOT produce the same result all the time: even when using the exact same package.json file. And there are good reason why npm i was designed to do this, specifically:

  • If a new version of a direct semver-range package may have been published since the last time your packages were installed, and thus a newer version will be used.
like image 28
Fernando Espinosa Avatar answered Oct 25 '22 23:10

Fernando Espinosa
Sign in to Comment

Related questions

Can I create a WordPress plugin with JavaScript only?
Upload File with Cypress.io via Request
WEBP image fall back
How to render results of search in another component in React?
Why does Object.assign not copy the properties of a URL object?
loading large array in oi-select takes too much of time in angularjs
JavaScript Decorator pattern. Error: Maximum call stack size exceeded
Error - Zoom in D3 map - d3.behavior is undefined
Tooltip showing hidden values in table format on hover
Javascript prototype extend base-class unable to access base-class properties/methods from prototype class
How to set multiple env variables for webpack?
How does JavaScript evaluate greater-than and less-than operations?
Undo and Redo Canvas Not Working as Expected
Socket.io-client - TypeError: socket_io_client_1.default is not a function
React Context and separate classes
error in getting value from input that have ngIf directive
How to configure pm2 with webpack for typescripts compile and reload?
Puppeteer iterating through elementHandles from page.$$ selector
vue-class-component: Super expression must either be null or a function, not undefined
FCM Admin - where are the registration tokens for web app users?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!