- Update all the Node.js dependencies to their latest version When you install a package using npm install, the latest available version of the package is downloaded and put in the nodemodulesfolder, and a corresponding entry is added to the package.jsonand package-lock.jsonfiles that are present in your current folder.
- Install modules and save them to your package.json as a dependency. As with npm init, the npm install command has a flag or two that you'll find useful in your workflow - it'll save you time and effort with regard to your project's package.json file. When you're running npm install to install a module, you can add the optional flag -save to.
Npm calculates the dependencies and installs the latest available version of those as well. Let’s say you install cowsay, a cool command line tool that lets you make a cow say things. When you npm install cowsay, this entry is added to the package.json file:.
-->A specific package is always referred to using its package identifier and an exact version number. For example, Entity Framework on nuget.org has several dozen specific packages available, ranging from version 4.1.10311 to version 6.1.3 (the latest stable release) and a variety of pre-release versions like 6.2.0-beta1.
When creating a package, you assign a specific version number with an optional pre-release text suffix. When consuming packages, on the other hand, you can specify either an exact version number or a range of acceptable versions.
In this topic:
- Version basics including pre-release suffixes.
Version basics
A specific version number is in the form Major.Minor.Patch[-Suffix], where the components have the following meanings:
- Major: Breaking changes
- Minor: New features, but backwards compatible
- Patch: Backwards compatible bug fixes only
- -Suffix (optional): a hyphen followed by a string denoting a pre-release version (following the Semantic Versioning or SemVer 1.0 convention).
Examples:
Important
nuget.org rejects any package upload that lacks an exact version number. The version must be specified in the
.nuspec
or project file used to create the package.Pre-release versions
Technically speaking, package creators can use any string as a suffix to denote a pre-release version, as NuGet treats any such version as pre-release and makes no other interpretation. That is, NuGet displays the full version string in whatever UI is involved, leaving any interpretation of the suffix's meaning to the consumer.
That said, package developers generally follow recognized naming conventions:
-alpha
: Alpha release, typically used for work-in-progress and experimentation.-beta
: Beta release, typically one that is feature complete for the next planned release, but may contain known bugs.-rc
: Release candidate, typically a release that's potentially final (stable) unless significant bugs emerge.
Note
NuGet 4.3.0+ supports SemVer 2.0.0, which supports pre-release numbers with dot notation, as in 1.0.1-build.23. Dot notation is not supported with NuGet versions before 4.3.0. You can use a form like 1.0.1-build23.
When resolving package references and multiple package versions differ only by suffix, NuGet chooses a version without a suffix first, then applies precedence to pre-release versions in reverse alphabetical order. For example, the following versions would be chosen in the exact order shown:
Semantic Versioning 2.0.0
With NuGet 4.3.0+ and Visual Studio 2017 version 15.3+, NuGet supports Semantic Versioning 2.0.0.
Certain semantics of SemVer v2.0.0 are not supported in older clients. NuGet considers a package version to be SemVer v2.0.0 specific if either of the following statements is true:
- The pre-release label is dot-separated, for example, 1.0.0-alpha.1
- The version has build-metadata, for example, 1.0.0+githash
For nuget.org, a package is defined as a SemVer v2.0.0 package if either of the following statements is true:
- The package's own version is SemVer v2.0.0 compliant but not SemVer v1.0.0 compliant, as defined above.
- Any of the package's dependency version ranges has a minimum or maximum version that is SemVer v2.0.0 compliant but not SemVer v1.0.0 compliant, defined above; for example, [1.0.0-alpha.1, ).
If you upload a SemVer v2.0.0-specific package to nuget.org, the package is invisible to older clients and available to only the following NuGet clients: Itunes visualizer mac.
- NuGet 4.3.0+
- Visual Studio 2017 version 15.3+
- Visual Studio 2015 with NuGet VSIX v3.6.0
- dotnet
- dotnetcore.exe (.NET SDK 2.0.0+)
Third-party clients:
- JetBrains Rider
- Paket version 5.0+
Version ranges
When referring to package dependencies, NuGet supports using interval notation for specifying version ranges, summarized as follows:
Notation | Applied rule | Description |
---|---|---|
1.0 | x ≥ 1.0 | Minimum version, inclusive |
(1.0,) | x > 1.0 | Minimum version, exclusive |
[1.0] | x 1.0 | Exact version match |
(,1.0] | x ≤ 1.0 | Maximum version, inclusive |
(,1.0) | x < 1.0 | Maximum version, exclusive |
[1.0,2.0] | 1.0 ≤ x ≤ 2.0 | Exact range, inclusive |
(1.0,2.0) | 1.0 < x < 2.0 | Exact range, exclusive |
[1.0,2.0) | 1.0 ≤ x < 2.0 | Mixed inclusive minimum and exclusive maximum version |
(1.0) | invalid | invalid |
Npm Get Current Package Version
When using the PackageReference format, NuGet also supports using a floating notation, *, for Major, Minor, Patch, and pre-release suffix parts of the number. Floating versions are not supported with the
packages.config
format.Note
Version ranges in PackageReference include pre-release versions. By design, floating versions do not resolve prerelease versions unless opted into. For the status of the related feature request, see issue 6434.
Examples
Always specify a version or version range for package dependencies in project files,
packages.config
files, and .nuspec
files. Without a version or version range, NuGet 2.8.x and earlier chooses the latest available package version when resolving a dependency, whereas NuGet 3.x and later chooses the lowest package version. Specifying a version or version range avoids this uncertainty.References in project files (PackageReference)
References in
packages.config
:In
packages.config
, every dependency is listed with an exact version
attribute that's used when restoring packages. The allowedVersions
attribute is used only during update operations to constrain the versions to which the package might be updated.References in
.nuspec
filesThe
version
attribute in a <dependency>
element describes the range versions that are acceptable for a dependency.Normalized version numbers
Note
This is a breaking change for NuGet 3.4 and later.
When obtaining packages from a repository during install, reinstall, or restore operations, NuGet 3.4+ treats version numbers as follows:
- Leading zeroes are removed from version numbers:
- A zero in the fourth part of the version number will be omitted
- SemVer 2.0.0 build metadata is removed
pack
and restore
operations normalize versions whenever possible. For packages already built, this normalization does not affect the version numbers in the packages themselves; it affects only how NuGet matches versions when resolving dependencies.Semantic Versioning Npm
However, NuGet package repositories must treat these values in the same way as NuGet to prevent package version duplication. Thus a repository that contains version 1.0 of a package should not also host version 1.0.0 as a separate and different package.