-
Notifications
You must be signed in to change notification settings - Fork 105
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Package.json packages import #6
Comments
The correct thing according to me is ^2.4.3 only because, if you specify ^2.4.3 as a dependency in your project, it means you are allowing any version that starts with "2" (the major version) and is equal to or greater than 2.4.3. So, it could be 2.4.3, 2.4.4, 2.5.0, 2.6.0, and so on, as long as the major version remains 2. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue Reason:
Your application might crash or behave differently with the new update
Reason
Your application currently uses '^' with the dependencies in the package.json file.
If someone run this app after a while the updated package will get installed with the
npm install
, so there are high chance that your application some component might not work smoothly with those update.So it's best practice to use the stable packages and make them the default
Solution:
You can remove this '^' symbol from your dependencies.
Example
Incorrect > "bcryptjs": "^2.4.3",
Correct > "bcryptjs": "2.4.3",
The text was updated successfully, but these errors were encountered: