Skip to content

[BUG] npm version --workspaces still doesn't update dependencies #7843

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
2 tasks done
websolutions-hamburg opened this issue Oct 16, 2024 · 3 comments
Closed
2 tasks done

[BUG] npm version --workspaces still doesn't update dependencies #7843

websolutions-hamburg opened this issue Oct 16, 2024 · 3 comments
Labels
Bug thing that needs fixing Priority 2 secondary priority issue

Comments

@websolutions-hamburg
Copy link

websolutions-hamburg commented Oct 16, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

This issue exists in the latest npm version

  • I am using the latest npm

Current Behavior

The issue #3403 still exists.
The command npm version <version> --workspaces does not update the dependencies nor the devDependencies in the package.json file.

As documented here, the fix provided at the time unfortunately does not work: #4588 (comment)

Expected Behavior

npm version 2.0.0 --workspaces should update all workspace package versions (currently does) and also update the package.json dependencies and devDependencies versions.

Steps To Reproduce

  1. Setup a new npm workspace
  2. Create /packages/package-a with package.json:
{
  "name": "package-a",
  "version": "1.0.0"
}
  1. Create /packages/package-b with package.json:
{
  "name": "package-b",
  "version": "1.0.0",
  "dependencies": {
    "package-a": "1.0.0"
  }
}
  1. Run npm version 2.0.0 --workspaces
  2. Notice the package versions are updated but the dependencies are not.

Environment

  • npm: 10.8.3
  • Node.js: 22.9.0
  • OS Name: macOS 14.7
  • System Model Name: MacBook Pro
  • npm config:
❯ npm config ls
; "user" config from /Users/xxx/.npmrc

@company:registry = "https://npm.pkg.github.com."
//npm.pkg.github.com./:_authToken = (protected)

; node bin location = /Users/xxx/.nodenv/versions/22.9.0/bin/node
; node version = v22.9.0
; npm local prefix = /Users/xxx/Repositories/test
; npm version = 10.8.3
; cwd = /Users/xxx/Repositories/test
; HOME = /Users/xxx
; Run `npm config ls -l` to show all defaults.
@websolutions-hamburg websolutions-hamburg added Bug thing that needs fixing Needs Triage needs review for next steps labels Oct 16, 2024
@milaninfy milaninfy added Priority 2 secondary priority issue and removed Needs Triage needs review for next steps labels Oct 29, 2024
@kchindam-infy kchindam-infy mentioned this issue Nov 11, 2024
Closed
@kchindam-infy
Copy link

After further testing and analysis, here’s what I found: inter-workspace dependency updates in npm workspaces!

Behavior Observed:

When running npm version patch -ws --save or npm version minor -ws --save, inter-workspace dependencies (e.g., package-b depending on package-a) update as expected.
When running npm version major -ws --save, the update doesn’t occur if the dependency uses a caret range (e.g., ^1.0.2) because switching to 2.0.0 is outside of that range.
Explanation:

This behavior aligns with npm’s semver logic. Caret ranges like ^1.0.2 allow updates only within the 1.x.x range.
If the dependency is declared as ">=1.0.0 <3.0.0", a major version bump to 2.x is allowed and updates accordingly.
The declared semver range in package.json dictates whether updates occur during version bumps.

Conclusion: This is not a bug; it’s the expected behavior of npm. To allow major version updates, you’ll need to adjust the semver range in the dependent workspace’s package.json.

@websolutions-hamburg
Copy link
Author

@kchindam-infy thank you for your analysis.
The option --save is unfortunately not documented for npm version. I can confirm that the behavior with a caret is as you describe:

npm version patch -ws --save (or npm version minor -ws --save)

Before:

{
  "name": "package-b",
  "version": "1.0.0",
  "dependencies": {
    "package-a": "^1.0.0"
  }
}

After:

{
  "name": "package-b",
  "version": "1.0.1",
  "dependencies": {
    "package-a": "^1.0.1"
  }
}

But it doesn't work with a tilde. The inter-workspace dependency package-a is not updated:

npm version patch -ws --save

Before:

{
  "name": "package-b",
  "version": "1.0.0",
  "dependencies": {
    "package-a": "~1.0.0"
  }
}

After:

{
  "name": "package-b",
  "version": "1.0.1",
  "dependencies": {
    "package-a": "~1.0.0"
  }
}

A major update only works once for updating the inter-workspace dependency version. Since a >= is turned into a ^:

npm version major -ws --save

Before:

{
  "name": "package-b",
  "version": "1.0.0",
  "dependencies": {
    "package-a": ">=1.0.0"
  }
}

After:

{
  "name": "package-b",
  "version": "2.0.0",
  "dependencies": {
    "package-a": "^2.0.0"
  }
}

As expected, a second run with npm version major -ws --save now leads to the error:

npm error code ENOVERSIONS
npm error No versions available for package-a

If a fixed version number is entered, there is no way to increment this inter-workspace dependency with npm version, as this is not compatible with SemVer logic. And there is no way to make this possible with npm and perhaps an extra option?

@skanaar
Copy link

skanaar commented Mar 20, 2025

I am running into the problem reported by @websolutions-hamburg that npm version --save changes >= to ^.

We would like to migrate from lerna to npm --workspaces and this would causes major version updates to break.

Perhaps this issue should be reopened? @kchindam-infy ?

This was referenced Mar 20, 2025
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug thing that needs fixing Priority 2 secondary priority issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix-npm --workspaces does not update the dependencies kchindam-infy/cli
4 participants
@skanaar @websolutions-hamburg @milaninfy @kchindam-infy