Wanted version is lower than what it should (latest)


(FG) #1

In my project I’ve installed a npm package that I’ve created, and was hoping that npm would specify specify the caret (^) on the package version in package, since I thought it was the default behaviour. However, in the package.json I had something like myPkg: 0.0.8, which I then overwritten to myPkg: ^0.0.8. With this, I thought I would be able to keep making changes and publishing the package and then just use npm i to update it on the project where I’m using it. However, when I do it, the package’s version remains the same. I tried npm update and npm install -P myPkg@latest but none of them worked and they even changed the version on the package.json back to no-caret.

The strangest thing is that when I do npm outdated it shows that the latest version is 0.0.9 and the wanted is 0.0.8, even when I have the caret specified on the package.json. What is causing this?


(Christopher J Brody) #2

According to https://docs.npmjs.com/misc/semver#caret-ranges-123-025-004 (caret ranges):

Allows changes that do not modify the left-most non-zero digit in the
[major, minor, patch] tuple. In other words, this allows patch and
minor updates for versions 1.0.0 and above, patch updates for
versions 0.X >=0.1.0, and no updates for versions 0.0.X.

So the meaning is that, for example, ^0.0.8-beta.1 would match 0.0.8-beta.1, 0.0.8-rc.2, and 0.0.8 but not 0.0.9.

Some more information is coming soon, gotta research it first. As a side point this “left-most non-zero digit” detail is noticeably absent from https://docs.npmjs.com/getting-started/semantic-versioning, which I hope to see fixed really soon.


(Kat Marchán) #3

Frankly we just recommend people start at 1.0.0. semver acts super weird with 0.* releases. It’s why we changed the default for npm init


(Christopher J Brody) #4

@fplgusmao.tcv you should be able to use something like ~0.0.8 to specify “>= 0.0.8 &&
< 0.1.0”. I just tested a case like this in https://github.com/npm/node-semver/pull/252.

@zkat does that mean you guys do not really want to support 0.0.x / 0.x.x semver ranges? As much as consumers would prefer stable package versions I think 0.0.x & 0.x.x ranges could be really useful before an author is ready to label a package version as “stable”. Looks pretty straightforward to me from a quick read, am I missing anything major?


(FG) #6

Still didn’t try a 1.0.0 version, but based on @brodybits take on the left-most non-zero digit I thought that by changing the minor version to 0.1.0 would maybe fix the behaviour. Well, it helped indeed. npm update is working, but npm install <pkg> to install the latest version isn’t. I’ll try making a 1.0.0 version, but as @brodybits said, it would be very useful to support this


(Kat Marchán) #7

If you’re missing the ^ when you save a new dependency, check your npm config get save-prefix. It’s '^' by default but you may have ended up with it being '' for some reason.


(system) #8

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.