[nodejs] npm: version locking in modules

Hi all,

Some node.js modules depend on strict versions of another modules like
that:
"dependencies":{"mongodb":"0.9.9-3"} // mongode

or that:
"engines": { "node": "~0.6" } // express did it some time ago

Now suppose I want to always use newer versions of any modules and don't
care much about what maintainers thinks about it. What should I do?

Is there any option for npm to lose respect for upper bounds of version
range, but still respect lower bounds? Or any configuration like "whenever
you see module@X, always install module@Y"?

--
// alex

On Tue, Oct 23, 2012 at 6:11 PM, Alex Kocharin wrote:


It's because I strongly believe that, if you have enough time for testing,
it's far better to always use latest versions of every software.

If you have a good knowledge of the software you use, and good integration
tests, and a testing team, it's nothing wrong with usage of, say, node
0.9.x on production, right? I assume that newer versions of a software is
generally better, if you have a time to test everything and track all API
changes.
--
// alex


23.10.2012, 11:06, "greelgorke" <greelgorke@gmail.com>:

only option is to install all dependencies, then remove all
sub-dependencies and reinstall then manually also.
but why do you that that anyway?

Am Dienstag, 23. Oktober 2012 01:22:47 UTC+2 schrieb Alex Kocharin:

Hi all,

Some node.js modules depend on strict versions of another modules like
that:
"dependencies":{"mongodb":"0.9.9-3"} // mongode

or that:
"engines": { "node": "~0.6" } // express did it some time ago

Now suppose I want to always use newer versions of any modules and don't
care much about what maintainers thinks about it. What should I do?

Is there any option for npm to lose respect for upper bounds of version
range, but still respect lower bounds? Or any configuration like "whenever
you see module@X, always install module@Y"?

--
// alex


--
Job Board: http://jobs.nodejs.org/
Posting guidelines:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to nodejs@googlegroups.com
To unsubscribe from this group, send email to
nodejs+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en

--
Job Board: http://jobs.nodejs.org/
Posting guidelines:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to nodejs@googlegroups.com
To unsubscribe from this group, send email to
nodejs+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en

It's because I strongly believe that, if you have enough time for testing,
it's far better to always use latest versions of every software.

If you have a good knowledge of the software you use, and good integration
tests, and a testing team, it's nothing wrong with usage of, say, node
0.9.x on production, right? I assume that newer versions of a software is
generally better, if you have a time to test everything and track all API
changes.
--
// alex


23.10.2012, 11:06, "greelgorke" <greel...@gmail.com <javascript:>>:

only option is to install all dependencies, then remove all
sub-dependencies and reinstall then manually also.
but why do you that that anyway?

Am Dienstag, 23. Oktober 2012 01:22:47 UTC+2 schrieb Alex Kocharin:

Hi all,

Some node.js modules depend on strict versions of another modules like
that:
"dependencies":{"mongodb":"0.9.9-3"} // mongode

or that:
"engines": { "node": "~0.6" } // express did it some time ago

Now suppose I want to always use newer versions of any modules and don't
care much about what maintainers thinks about it. What should I do?

Is there any option for npm to lose respect for upper bounds of version
range, but still respect lower bounds? Or any configuration like "whenever
you see module@X, always install module@Y"?

--
// alex


--
Job Board: http://jobs.nodejs.org/
Posting guidelines:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to nod...@googlegroups.com <javascript:>
To unsubscribe from this group, send email to
nodejs+un...@googlegroups.com <javascript:>
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en

On Wed, Oct 24, 2012 at 9:00 AM, greelgorke wrote:

There is mostly enough time for testing, but not enough time to find out
why test break. and if i can ensure, that the breaks are not caused by some
unstable urgent release of a subsubsubdependency, i'd rather use lates
stable version. life is too short to search for bugs in every peace of
software you depend on. thats why we all use software, others done, and
hope they did it right.

Am Mittwoch, 24. Oktober 2012 03:11:28 UTC+2 schrieb Alex Kocharin:
Job Board: http://jobs.nodejs.org/
Posting guidelines:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to nodejs@googlegroups.com
To unsubscribe from this group, send email to
nodejs+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en

On Oct 23, 2012, at 07:51, Chad Engler wrote:

"package": ">=1.0.1"

Will grab the latest above that version. Is that what you are looking
for?

On Oct 23, 2012, at 07:51, Chad Engler wrote:

"package": ">=1.0.1"

Will grab the latest above that version. Is that what you are looking
for?