I am looking to update the following NPM (v5) dependency in my application from version 1.0.0 to 1.0.1 without any change to my package.json file.
"dependencies": {
"package": "~1.0.0"
},
My current package-lock.json file references the dependency as version 1.0.0, so as expected, running npm install installs version 1.0.0 of the package.
The issue lies when running either npm install [email protected] or npm update package where both mands seem to change how the package version reference in package.json
Is there a single mand I can run to achieve a minor version update to only the package-lock.json file?
Thanks in advance!
I am looking to update the following NPM (v5) dependency in my application from version 1.0.0 to 1.0.1 without any change to my package.json file.
"dependencies": {
"package": "~1.0.0"
},
My current package-lock.json file references the dependency as version 1.0.0, so as expected, running npm install installs version 1.0.0 of the package.
The issue lies when running either npm install [email protected] or npm update package where both mands seem to change how the package version reference in package.json
Is there a single mand I can run to achieve a minor version update to only the package-lock.json file?
Thanks in advance!
Share Improve this question asked Nov 2, 2018 at 11:21 Ryan ErringtonRyan Errington 3131 gold badge3 silver badges7 bronze badges 3-
why would you want to do this without updating
package.json? – mihai Commented Nov 2, 2018 at 16:34 - @mihai We use the tilda character to pick up the latest patch version of our package. I see no reason why we need to change how we reference the package version between development and release branches. – Ryan Errington Commented Nov 4, 2018 at 18:03
- I think these answers 1-package versions in package lock.json have a prefix, sometimes its ~ sometimes ^ 2-updating the version in the package-lock.json file manually can help – Amany Zohair Commented Nov 6, 2022 at 13:24
2 Answers
Reset to default 12Run npm update <package>.
This will update it to the latest version that satisfies the requirements specified in your package.json and reflect the update in the package-lock.json.
package-lock.json is generated by npm and it's difficult to modify without npm since it contains package hashes.
If you're only referencing modules using the patch version (~1.0.0) I think it's safe to do the following:
- Backup
package.jsonand delete it - Run
npm update package. This will usepackage-lock.jsonas a reference and will also updatepackage-lock.json - Restore
package.json - Running
npm update packagenow will not updatepackage.jsonsincepackage-lock.jsonis the newer version
If you're looking for a one line mand:
mv package.json package.json.tmp && npm update package && mv package.json.tmp package.json
Again, this is safe to do only when dealing with patch versions (~1.0.0). If you specify minor (^1.0.0) or major (1.0.0) versions you may want to update package.json directly.