npm: Making sense of versions

While giving a code walkthrough, some one recently asked "How do we keep our dependencies updated?" and "what is the meaning of caret ^ in package.json?". This seems like a very easy question, but sometimes it confuses people and i feel it's good to know these little things.

Introducing Semantic Version

tilde (~) in package.json, it means when someone gets your repo or package and try to install the library, it is going to install latest patch version.

So if package.json looks like this:

...
"dependencies": {
  "some_dependencies": "^4.17.1",
},
...

So if the latest version is 4.17.11 then 4.17.11 version is going to be installed.

caret (^) in package.json, it means when someone gets your repo or package and try to install the library, it is going to install latest minor version.

so if package.json looks like this:

...
"dependencies": {
  "some_dependencies": "^4.17.8",
},
...

And latest version is 4.18.9, then if we do npm i it is going to pick up 4.18.9 version.

When it is written as ("lodash": "*") it basically says to go ahead and install its absolute new version. This is not always a good idea, it might break your system, so we need to plan these kind of changes.