Make `npm install --save` add a strict version to package.json
node.jsNpmVersionpackage.jsonnode.js Problem Overview
When you run npm install --save somepackage
, it usually adds something like this into package.json:
"dependencies": {
"somepackage": "^2.1.0"
}
Because the version is prepended with a caret(^), this means that if you later run npm install
, it might install version 2.3.0 instead. This can be undesirable for fairly obvious reasons. npm shrinkwrap
is useful, but doesn't really solve the problem.
So, I have several questions:
- When installing a package, is it possible to specify that you want it to be set to a specific version in package.json (no caret before the version number)?
- When publishing a package to npm, is there any way to prevent the default of including the caret before the version when other developers install your package?
node.js Solutions
Solution 1 - node.js
To specify by default a exact version, you can change your npm config with save-exact
:
npm config set save-exact true
You can also specify the prepend version with a tilde with save-prefix
.
And, no you can't force user to update to a minor or a patch version, NPM uses semver and it's the recommend way of publishing packages.
Solution 2 - node.js
You can change the default behaviour by using the --save-exact
option.
// npm
npm install --save --save-exact react
// yarn
yarn add --exact react
I created a blog post about this if anyone is looking for this in the future.
https://www.dalejefferson.com/blog/how-to-save-exact-npm-package-versions/
Solution 3 - node.js
Run:
npm install --save --save-exact my-module@my-specific-version
Adding an answer to make this advice easier to see.