Open In App

We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy

How to override nested NPM dependency versions?

In projects the packages download and used using npm are called dependency and each dependencies can have their own nested dependencies that also gets downloaded. These nested dependency creates conflicts due to the presence of multiple version of the same dependency. This will lead to issues like compatibility, security vulnerabilities, and unexpected behavior.

To solve that we got multiple ways such as overrides property in package.json file, npm-force-resolutions, npm dedupe, npm-check-updates or yarn-upgrade-all.



Table of Content

Manual override in package.json

In the package.json file the overrides property can be used to add key value pair of dependency and its versions. The package name will be key and the value will be the version. Nesting of dependency as key is used for deeper nested dependency. After adding overrides property install or update the packages to apply the changes.



Syntax:

{
  "overrides": {
    "<dependency_name>": {
      "<nested_dependency_name>": "<exact_version_or_range>"
    }
  }
}

Utilizing npm’s npm-force-resolutions

You can install npm-force-resolutions package to force installation of a specific version of the dependency. Follow the steps to install and use this:

Step 1: Install npm-force-resolutions as a dev dependencies using the following command:

npm install npm-force-resolutions --save-dev

Step 2: Add resolutions to package.json with the dependency name and version that you want to change.

{
  "resolutions": {
    "<dependency_name>": "<version>" // Replace with the dependency and desired version
  }
}

Step 3: Add npm-force-resolutions to the preinstall script. This script runs npm-force-resolutions before every npm install command and modifies the package-lock.json file to reflect the forced version.

"scripts": {
  "preinstall": "npx npm-force-resolutions"
}

Step 4: Use the npm install command for installing the required dependency.

 npm install

Step 5: To verify the installation worked and the right version is installed run the following command.

npm ls <dependency_name>

Using npm dedupe(deduplicate)

The npm dedupe command used for analyzing and making the project’s dependency tree much shorter by removing unnecessary copies of packages within your project’s dependency tree. It searches for shared dependencies which are packages used by multiple packages in your project and then attempts to move them higher in the tree thus reducing disk space and improving efficiency in some cases.

You need not required to install anything as this dedupe is a native command of npm. Now the steps to use it is as follows:

Step 1: The terminal should be opened in your project root where package.json file is there. Use the cd command to navigate to the required directory.

 cd <path>

Step 2: Run npm dedupe to analyze your dependency tree and removing unnecessary copies of packages.

npm dedupe

Automation with npm-check-updates or yarn-upgrade-all

You also have npm-check-updates or yarn-upgrade-all commands that helps you to automate dependency updates, but they does not always handle nested dependency conflicts perfectly. Depending upon the package you are using you can automatically update all your project dependency to the latest versions.

npm users

Step 1: Use the following command to install the npm-check-updates package.

npm install -g npm-check-updates

Step 2: Use the the npm-check-updates or ncu command to check the list of possible updates.

ncu

Step 3: Use the u flag along with the ncu command to upgrade the version in the package.json file. This only changes the package.json file not install it.

ncu -u

Step 4: Install the required changes using the install command of npm.

 npm install

yarn users

Step 1: Install the yarn-upgrade-all package as a dev dependency using the following command.

yarn add --dev yarn-upgrade-all

Step 2: Now run the following command to update all the dependencies present in your package.json file.

yarn yarn-upgrade-all

Testing and documentation for changes

Testing

The various things to consider for testing the project for changes are:

Documentation

The various things to consider for documentation of the changes to the project and dependencies are:

Best practices for management


Article Tags :
Node.js
Web Technologies
Recommended Articles
1. Unpublishing Specific version number & All Available Versions of NPM Package
2. How to add a non-npm dependency to package.json?
3. Difference between npm i and npm ci in Node.js
4. Difference between npm install and npm update in Node.js
5. How to solve npm error npm ERR! code ELIFECYCLE ?
6. How to Get a List of Globally Installed NPM Packages in npm ?
7. Axios npm - How to Install Axios npm in Terminal?
8. npm cache clean - How to Clear the Cache in NPM ?
9. Node.js process.versions Property
10. How to run two PHP versions for two projects on same apache server ?
11. How to Run Multiple Versions of Node.js ?
12. What are LTS versions of Node.js ?
13. Node JS Versions
14. Which versions of React include Hooks?
15. CSS History, Versions
16. JavaScript History, Versions
17. JavaScript Versions
18. Angular Versions and Releases
19. How to override the current text direction using HTML ?
20. How to override a JavaScript function ?
21. How to override functions of module in Node.js ?
22. How to override inline styles with external in CSS ?
23. Tailwind CSS 3 Classes doesn't Override Previous Classes
24. How to override React Bootstrap active Tab default border styling?
25. How to override the CSS properties of a class using another CSS class ?