npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

Wanted version is lower than what it should (latest)

In my project I’ve installed a npm package that I’ve created, and was hoping that npm would specify specify the caret (^) on the package version in package, since I thought it was the default behaviour. However, in the package.json I had something like myPkg: 0.0.8, which I then overwritten to myPkg: ^0.0.8. With this, I thought I would be able to keep making changes and publishing the package and then just use npm i to update it on the project where I’m using it. However, when I do it, the package’s version remains the same. I tried npm update and npm install -P myPkg@latest but none of them worked and they even changed the version on the package.json back to no-caret.

The strangest thing is that when I do npm outdated it shows that the latest version is 0.0.9 and the wanted is 0.0.8, even when I have the caret specified on the package.json. What is causing this?


According to https://docs.npmjs.com/misc/semver#caret-ranges-123-025-004 (caret ranges):

Allows changes that do not modify the left-most non-zero digit in the
[major, minor, patch] tuple. In other words, this allows patch and
minor updates for versions 1.0.0 and above, patch updates for
versions 0.X >=0.1.0, and no updates for versions 0.0.X.

So the meaning is that, for example, ^0.0.8-beta.1 would match 0.0.8-beta.1, 0.0.8-rc.2, and 0.0.8 but not 0.0.9.

Some more information is coming soon, gotta research it first. As a side point this “left-most non-zero digit” detail is noticeably absent from https://docs.npmjs.com/getting-started/semantic-versioning, which I hope to see fixed really soon.


Frankly we just recommend people start at 1.0.0. semver acts super weird with 0.* releases. It’s why we changed the default for npm init


@fplgusmao.tcv you should be able to use something like ~0.0.8 to specify “>= 0.0.8 &&
< 0.1.0”. I just tested a case like this in https://github.com/npm/node-semver/pull/252.

@zkat does that mean you guys do not really want to support 0.0.x / 0.x.x semver ranges? As much as consumers would prefer stable package versions I think 0.0.x & 0.x.x ranges could be really useful before an author is ready to label a package version as “stable”. Looks pretty straightforward to me from a quick read, am I missing anything major?


(post withdrawn by author, will be automatically deleted in 24 hours unless flagged)


Still didn’t try a 1.0.0 version, but based on @brodybits take on the left-most non-zero digit I thought that by changing the minor version to 0.1.0 would maybe fix the behaviour. Well, it helped indeed. npm update is working, but npm install <pkg> to install the latest version isn’t. I’ll try making a 1.0.0 version, but as @brodybits said, it would be very useful to support this


If you’re missing the ^ when you save a new dependency, check your npm config get save-prefix. It’s '^' by default but you may have ended up with it being '' for some reason.