Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Package.json packages import #6

Open
Hamza-Sajid opened this issue Aug 19, 2023 · 1 comment
Open

Package.json packages import #6

Hamza-Sajid opened this issue Aug 19, 2023 · 1 comment

Comments

@Hamza-Sajid
Copy link

Issue Reason:
Your application might crash or behave differently with the new update

Reason
Your application currently uses '^' with the dependencies in the package.json file.
If someone run this app after a while the updated package will get installed with the npm install, so there are high chance that your application some component might not work smoothly with those update.
So it's best practice to use the stable packages and make them the default

Solution:
You can remove this '^' symbol from your dependencies.

Example
Incorrect > "bcryptjs": "^2.4.3",
Correct > "bcryptjs": "2.4.3",
@GautamTirumala
Copy link

The correct thing according to me is ^2.4.3 only because, if you specify ^2.4.3 as a dependency in your project, it means you are allowing any version that starts with "2" (the major version) and is equal to or greater than 2.4.3. So, it could be 2.4.3, 2.4.4, 2.5.0, 2.6.0, and so on, as long as the major version remains 2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Hamza-Sajid @GautamTirumala