ember-cli 2.2.0-beta.1 moved ember-data out of bower.json and into package.json handled by npm. How do I specify I want to use the canary version of ember-data in package.json?
You can use the git url dependency feature of package.json. It should look something like:
// package.json
...
"devDependencies": {
"ember-data": "emberjs/data#master"
}
Related
In a react-native project, there is mocha (9.2.0) as a devDependency like the following -
react-native-svg -
"dependencies": {
"css-select": "^5.1.0",
"css-tree": "^1.1.3"
}
css-tree -
"devDependencies": {
...
"mocha": "9.2.0",
...
}
When I perform the app bundle, I found the mocha is there.
Now I want to upgrade the mocha version to 10.1.0. I can do that by modifying the package-lock.json. But is it possible to do the same without modifying the package-lock.json by using the npm override or resolution or something similar to that?
you can use patch-package https://github.com/ds300/patch-package, modify dependencies in node_modules and then patch it with npx patch-package css-tree or what package do you want to fix.
You can try this command but it will still update your package.json ultimately
npm install mocha#10.1.0 --save --only=dev
Trying to install a dev dependency but one of its dependencies is lodash: 4.17.20. When Snyk does a scan of my dependencies, it marks this dependency as a high security vulnerability.
How can we have this dev dependency try to resolve a different version of lodash for a dev dependency and pass the Snyk test?
Was thinking that in the yarn.lock file, it somehow needs to resolve a higher version of lodash for this dev dependency, so I've referred to https://classic.yarnpkg.com/en/docs/selective-version-resolutions/
Doing something in my package.json like
"resolutions": {
"**/lodash": "^4.17.20"
}
Or
"resolutions": {
"<that dev dependency>/lodash": "^4.17.20"
}
Seems like it hasn't quite worked, and the Yarn.lock hasn't updated the lodash dependency for that dev dependency. Wanted to see if this was possible without updating the yarn.lock manually as I could see it being re-overwritten in the future. This is done in a Lerna monorepo.
Update from the Snyk team, they do not have monorepo support with Lerna as of 04/05/21
I'm creating a small Laravel package, I've set it up in package/my-package and initiated a composer.json in package/my-package/composer.json.
It's working fine, but I need to add dependencies like Bootstrap, jQuery, jQuery Datatables...
How should I use npm to install thoses dependencies automatically after composer is done installing?
Like for example, after publishing the package, users should only use composer require my-packakge/my-package and it should install everything including the dependencies I mentioned.
I've tried adding this code to my composer.json, but it did nothing:
"extra": {
"npm": {
"bootstrap": "^4.3.1"
},
}
Should I add a separate package.json file in addition to composer.json ? if so how will it work ?
I have a package.json from my template with several dependencies.
If I want to create a new project, I use my template.
But how to convert all * (asterisk sign / latest version) to a fixed version which is downloaded from npm. npm install --save does not work.
Before npm install (template package.json)
"devDependencies": {
"one": "*",
"two": "*",
"three": "*"
}
should convert to following by npm i --save.
"devDependencies": {
"one": "1.0.0",
"two": "2.0.0",
"three": "3.0.0"
}
How to overwrite the version string?
As per the documentation
(*) --> Matches any version
("") --> (just an empty string) Same as *
The workaround of this issue is shrinkwrap(Read documentation for further information). You can use this command npm shrinkwrap.That creats a npm-shrinkwrap.json file. When you run the command,You get the following comments on console (npm notice package-lock.json has been renamed to npm-shrinkwrap.json. npm-shrinkwrap.json will be used for future installations.). And that will gave the updated package version whatever you have in package.json.
Use npm list --depth=0 to see what versions were installed by installing 'latest' from your template. You should get something like this:
├── #angular-devkit/architect#0.1501.1
├── #angular-devkit/build-angular#15.1.1
├── #angular-eslint/builder#15.2.0
Copy, modify and paste output into your package.json. Then you should probably remove node_modules and check if running npm ci works properly.
Notes:
This is how you should specify wanted versions in package.json:
"react": "^16.0.0" // carat: allow 16.1.0
"react": "~16.0.0" // tilde: allow 16.0.1
"react": "16.0.0" // exact: only 16.0.0
If your template is fairly complicated, it is highly unlikly that such workflow would be convenient. I would advise having specific versions in the template carefully combined, so that they work. Then, once every couple of months, you should (again, carefully) updgrade libraries in your template. Otherwise, sooner or later you are going to install two latest version of some conflicting pakages.
I am attempting to use bluebird in a node application. I have tried adding bluebird to my package.json, as well as installing via npm install bluebird.
My package.json dependencies:
"dependencies": {
"express": "visionmedia/express",
"mocha": "visionmedia/mocha",
"bluebird": "petkaantonov/bluebird",
"waitjs": "elving/wait"
}
Regardless of what method I try, it doesn't look like the module is actually being installed. After I run the install; in node_modules\bluebird there are only 4 files:
changelog.md
LICENSE
package.json
READEME.md
As you can see, there is no code pulled down which would actually comprise the module. The package.json for bluebird does not have a dependencies section, so I am not sure if maybe the package.json file for the module is incorrect?
I've pasted the package.json contents on pastebin for easier viewing.
I'm pretty stumped why this is not installing correctly.
npm version: 2.11.3.
node version: v0.12.7.
Thanks for any help.
The dependencies section of the packages.json should have version numbers as the module values, not git repos.
If you are having this issue, remove your dependcies section from package.json and then install each module using npm install {module name} -save.
My package.json ended up looking like:
"dependencies": {
"bluebird": "^2.9.34",
"express": "^4.13.1",
"mocha": "^2.2.5",
"waitjs": "^0.2.0"
}
Thanks to untogethered on reddit for the answer.
First thing to always try with module install problems is:
npm cache clean
Then try and install again, also remember to remove the bad install at node_modules/bluebird