avoid unstable releases of mongoose in npm / package.json

 

How can I avoid installing unstable releases of mongoose with npm?

After running npm update , I get the following warning in my node app: 

#   !!! MONGOOSE WARNING !!!
#
#   This is an UNSTABLE release of Mongoose.
#   Unstable releases are available for preview/testing only.
#   DO NOT run this in production.

In my package.json file I have the following entry: 

"mongoose": "^3.8.8"

Mongoose is not following standard npm practices and so their unstable builds get recognized as stable by npm. Basically they released 3.9 as an unstable version, this is what causes the warning.

My advise is that you don't trust them anymore to follow such conventions and just lock the version in your package.json: 

 "mongoose": "3.8"

Check out this answer: How do I update each dependency in package.json to the latest version?

The advice is that if you specify "*" as the version then you will always be updating to the latest stable version.

In your case, I'd recommend uninstalling the mongoose package first and then reinstalling mongoose.

The code: 

npm uninstall mongoose
(change "mongoose":"^3.8.8" to "mongoose":"3.8")
npm install

You probably never installed 3.8.8 in the first place (which should be stable) but a 3.9.x version.

Actually, with the ^ you will also install 3.9.x when having ^3.8.8 in the package.json.

In your case, you can either fix the 3.8.8 (or 3.8.18 which is stable as of today, as described in other answer here, by removing the ^) or use th ~ character, which will only match new version on the lowermost version part.

So the following will match (with x being latest available): 

*      => x.x
^3.8.8 => 3.x
~3.8.8 => 3.8.x
3.8.8  => 3.8.8

Since 3.9 is considered unstable, but ^ will go to 3.9, that is the problem.

Good explanation on version is also found here: https://stackoverflow.com/a/22345808/586754

and use 

npm view mongoose versions

to see what versions are available, eg what is latest in 3.8 on when 4 is out.

With ~3.8 it will always stay latest in 3.8 (on update), but you will need to update it manually once 4.0 is out.

Also: you can edit the package.json directly and then run 

npm update

without having to uninstall/reinstall.

链接地址: http://www.djcxy.com/p/27650.html

上一篇: ^在package.json依赖版本中

下一篇: 避免在npm / package.json中发生不稳定的猫鼬释放