"npm install typescript@">=3.1.1 <3.3" --save-dev" produces incompatible version in package.json

What I Wanted to Do

Update package.json to fix some package in specific minor version.

eg.
Run
npm install typescript@">=3.1.1 <3.3" --save-dev

and update package.json to
devDependencies: { "typescript": "~3.2.4" }

What Happened Instead

The package.json is updated to
devDependencies: { "typescript": "^3.2.4" }

So, on my build machine, the npm install command would still pull typescript@3.3.4 and generate build errors.

Steps

Run npm install typescript@">=3.1.1 <3.3" --save-dev

Details

The package.json should be updated with correct dependency version.
Something like "typescript": "~3.2.4"

instead of typescript": "^3.2.4"

Platform Info

$ npm --versions
6.9.0

$ node -p process.platform
linux

Unfortunately the range in the install command is (currently) only used to determine the latest acceptable version, not a version range. You can use --save-prefix="~" or put it in an .npmrc file instead.

3 Likes

I think maybe npm can add some checks before adding the rangeDescriptor prefix into package.json.

In npm/cli/lib/install/deps.js, line#321

 var futureVersion = semver.maxSatisfying(
    	[semver.inc(version, 'major'), 
         semver.inc(version, 'minor'),
         semver.inc(version, 'patch')],
        npm.config.get('save-prefix') + version)
 if (semver.satisfy(futureVersion, childReq.fetchSpec) {
    //add '^' or '~' only when the future candidates satisfies the requested spec
    rangeDescriptor = npm.config.get('save-prefix')
 }

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.