Description
I'm working in an environment in which I have multiple small, self-contained packages that make up a larger project. Many of the packages are open-source libraries (published to the npm registry), some are private closed-source libraries, and some are "end-result" applications.
Initially, I used "npm link" to ensure that every dependent package had access to the latest and greatest of its dependencies. That become unwieldy, especially as I had to jump to another operating system for one of the "end-result" applications. Now, I do the following:
- Every package under development has a version of the form "x.x.x-beta". The patch version is incremented every time I publish to the npm registry, and the package is published with the "beta" tag. Publishing a beta version occurs once a week or so.
- I have Verdaccio installed locally, and I have a script available to all packages, even those that are closed-source, that does the following:
- reads the version from package.json;
- increments the patch version and replaces "-beta" with "-alpha.YYYYMMDDHHMM";
- saves the updated package.json;
- builds the package; and
- publishes the package to Verdaccio with the tag "alpha".
- Packages that depend on others in the project have their dependency versions set to "alpha", so running "npm update" ensures that they get the latest from the Verdaccio registry.
- Because of "alpha" dependency, the process that publishes the beta and production (i.e., non-alpha) releases first replaces the "alpha" versions with the latest appropriate version of the package so that the published package or application is getting its packages from the npm registry only.
Here's the problem. Occasionally, I run "npm update --save" to update the outside packages. Doing this replaces not only the semantic versions but also the tags. In short, this:
...
"dependencies": {
"some-outside-package": "^1.0.3",
"my-internal-package": "alpha"
}
...becomes this:
...
"dependencies": {
"some-outside-package": "^1.0.7",
"my-internal-package": "^2.0.18-alpha.202502190855"
}
...which means that I have to go back and reset the internal package versions to "alpha". Yes, I wrote a script to do that.
I am unable to find any way to prevent this. I hoped that replacing "alpha" with "~alpha" would do the trick, but the CLI doesn't understand that at all.
I would like a way to use tags for versions and have "npm update --save" leave them alone. I think the best way to do this would be to add support for the tilde preceding a tag, i.e., "~alpha", so that it aligns with the way the tilde behaves for semantic versions.
This would have an additional benefit for beta testers as well, as they could simply refer to "~beta" in their dependencies and be sure of getting the latest beta version without any risk of locking into a specific version because they used "npm update --save".
Activity