w3resource

Selective dependency resolutions


In the tutorials preceding this one, we have looked what dependencies are, we explained to you the different types of dependencies that exist, then we showed you how to work with different versions of dependencies. Finally, we will show you how to use selective version resolutions in Yarn.

Yarn has full support for selective version resolution, this will enable you to define custom package versions or ranges in your dependencies through the resolution field that is in your package.json file. This usually require that you make manual edits in the yarn.lock file.

Why would you need a selective dependency resolution?

  • You may be depending on a package that does not update frequently, and this package also depends on another package that got an important upgrade. In this case, if the version range that is specified by your direct dependency does not cover the new sub-dependency version, you will be stuck while waiting for the author.
  • You have a sub-dependency of your project that got an important security update and you do not want to wait for your direct-dependency to issue a minimum version update.
  • You will need selective dependency resolution if you are relying on an unmaintained but working package and one of its own dependencies got upgraded. You know that the upgrade is not a breaking change but you also do not want to fork the package that you are relying on, just because you want to update a minor dependency.
  • It can also be useful when the dependency defines a broad version range and your sub-dependency just got a problematic update, therefore you want to pin it to an earlier version.

How do you use it?

Open your package.json file and add a resolutions field to it, then you define your version overrides:

Package.json

{
  "name": "project",
  "version": "1.0.0",
  "dependencies": {
    "left-pad": "1.0.0",
    "c": "file:../c-1",
    "d2": "file:../d2-1"
  },
  "resolutions": {
    "d2/left-pad": "1.1.1",
    "c/**/left-pad": "^1.1.2"
  }
}

Once this is done, you have to run yarn install.

Tips and Tricks

  • You will get a warning if you define an invalid resolution (such as with an invalid package name)
  • You will be given a warning if your resolution version or range is not valid.
  • You will be given a warning if your resolution version or range is not compatible with the original version range.

Limitations and Caveats

  • Some nested packages may not work properly.
  • You may some edge-cases that do not work properly since this is a fairly new feature.

Previous: Versions of dependencies
Next: Migrating from npm



Follow us on Facebook and Twitter for latest update.