Menu
I am writing an internal tool which compares the version installed in a project and only allow certain version to be passed. For that I have to check the version which is resolved in the yarn.lock file, as package.json file has a semver range, not specific version and it doesn't tell you the dependency of the dependency anyway.
I tried using yarn list command, but it prints the semver range too and is very hard to parse (even with --json option).
So yarn.lock seems like the only way. I know that yarn.lock may have separate versions of the same package and in that case I want only the version which is installed in. the node_nodules (must be just one of them). I have no idea how to parse the lockfile though.
Another way I could think of is actually going into node_modules folder and checking the version in the package.json of the package.
None of the above option looks clean to me. Is there any way I can know the resolved version of a specific package (provided I know the name of the package and I know that it's installed) easily and as cleanly as possible?
Update:
I actually wanted all the versions of the installed package (even if they're really deep in the dependency tree).
857
yarn info <package> [<field>] This command will fetch information about a package and return it in a tree format. The package does not have to have been installed locally. yarn info vx. x.x { name: 'react', version: '15.4.
To check the installed version of all npm packages in your project, you can use the npm list command. Note: The npm list command doesn't only show the installed version of packages, but also their dependencies (version). For globally installed packages, you can use the npm list -g command.
In npm v7, if a yarn. lock file exists, npm will use the metadata it contains. The resolved values will tell it where to fetch packages from, and the integrity will be used to check that the result matches expectations. If packages are added or removed, then the yarn.
You can specify versions using one of these: yarn add package-name installs the “latest” version of the package. yarn add [email protected] installs a specific version of a package from the registry. yarn add package-name@tag installs a specific “tag” (e.g. beta , next , or latest ).
I found out that yarn whyis the best way to find out the currently installed version of a package (Thanks to one of my colleague who point out to me). This is how my test code looks in the JavaScript.
const { spawnSync } = require('child_process');
const packageName = 'micromatch';
const whyBuffer = spawnSync('yarn', ['why', packageName]);
const grepBuffer = spawnSync('grep', ['Found'], { input: whyBuffer.stdout });
const outputArray = grepBuffer.stdout.toString().split('\n');
console.log(outputArray); // ['info \r=> Found "[email protected]"', 'info \r=> Found "fast-glob#[email protected]"', '' ]
const parsedOutputArray = outputArray.filter(output => output.length > 0).map((output) => output.split('@')[1].replace('"', ''))
console.log(parsedOutputArray); // [ '3.1.10', '4.0.2' ]
Since, you know the name of the package, do this:
yarn list --pattern <package_name>
The above command will get you all installed versions of a package at any depth. For example, I have different versions of camelcase library installed at various depths. On running the command : yarn list --pattern "camelcase", this is the output:
yarn list v1.22.5
├─ [email protected]
└─ [email protected]
└─ [email protected]
For programmatic use, I like yarn list:
yarn list --pattern lodash --depth=0 --json --non-interactive --no-progress | jq -r '.data.trees[].name'
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
For even better programmatic use: https://www.npmjs.com/package/@yarnpkg/lockfile
3
npm list --depth=0 is 1000x faster than yarn why <each package>.
It also tells you about extraneous dependencies, unmet peer deps, etc, but the output is very clean - still cleaner than yarn why
2
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
