David's Blog

How to use resolutions in package.json

By David Li on Saturday, 30 April 2022 13:00:00 GMT

In the dependencies section of your package.json file, you can specify version constraints for the packages your project depends on. This is done using a caret (^) or tilde (~) symbol followed by a version number.

For example, the following dependencies section specifies that the project requires the lodash package in version 4.17.20 or higher, but less than 5.0.0:

"dependencies": {
  "lodash": "^4.17.20"
}

The caret (^) specifies that any version that is compatible with the specified version can be used. In this case, 4.17.20 is compatible with all versions from 4.17.20 up to but not including 5.0.0.

The tilde (~) symbol is similar to the caret, but it allows patch-level changes. For example, the following dependencies section specifies that the project requires the lodash package in version 4.17.19 or higher, but less than 4.18.0:

"dependencies": {
  "lodash": "~4.17.19"
}

By using a version constraint in your package.json, you can ensure that your project is using a version of a package that is known to be compatible with your code. This can help prevent issues that might occur if a new, potentially incompatible version of a package is installed.

You can also specify an exact version of a package by using an equal sign (=) followed by the version number. For example:

"dependencies": {
  "lodash": "=4.17.20"
}

This specifies that the exact version 4.17.20 of the lodash package must be used.

To update the packages in your project to the latest compatible version, you can use the npm update command. This will update the packages specified in your package.json to the latest version that satisfies the version constraints you have specified.

  "resolutions": {
    "astro": "1.4.2"
  },

The resolutions field in a package.json file allows you to specify an exact version of a package that should be used in your project, even if the package is not directly required by your project. This can be useful if you want to ensure that a specific version of a package is used throughout your project and all of its dependencies, even if some of those dependencies do not specify a version constraint for the package.

For example, in the resolutions field shown in your question, the package astro is specified to be used in version 1.4.2. If any of the dependencies of your project require the astro package, they will use version 1.4.2 even if they do not specify a version constraint for astro.

The resolutions field should be placed at the root level of your package.json file, along with other fields such as dependencies and devDependencies.

It is important to note that the resolutions field is only supported in npm version 6.0.0 or higher. If you are using an earlier version of npm, the resolutions field will be ignored.

In this example a dependency, “astro-boilerplate-components” was still relying on the astro@v1.0.0-44 package. This was causing an installation error on github actions. I was able to fix this by adding the following to my package.json file:

  "resolutions": {
    "astro": "1.4.2"
  },
© Copyright 2024 by FriendlyUsers Tech Blog. Built with ♥ by FriendlyUser. Last updated on 2024-03-28.