这个 npm semver 有什么问题？

Question

I want do add following dependency to package.json of my npm package:

"redux-saga": "^1.0.0-beta.0 || ^0.16.0"`.

So when I install this package of mine inside different project that already has

"redux-saga": "^1.0.0-beta.1

I expect npm/yarn to install only 1.0.0-beta.1 inside project's node_modules . However, it installs 0.16.0 transitively inside my package.

So I checked with semver calculator and got weird results for redux-saga package:

• ^1.0.0-beta.0 || ^0.16.0 ^1.0.0-beta.0 || ^0.16.0 only allows 0.16.0 - this is unexpected

• ^1.0.0-beta.0 || ^0.15.0 ^1.0.0-beta.0 || ^0.15.0 allows expected

  0.15.0 0.15.1 0.15.2 0.15.3 0.15.4 0.15.5 0.15.6 1.0.0-beta.0 1.0.0-beta.1

I could not find any explanation in docs. My question is - if it's not a bug, then why ^1.0.0-beta.0 || ^0.16.0 ^1.0.0-beta.0 || ^0.16.0 does not allow 1.0.0-beta.1 ?

Answer 1

My question has been answered on npm community forums .

0.16.0 gets installed because it is tagged latest , and npm prioritizes latest tag. The algorithm can be found in npm-pick-manifest package.

I ended up usingyarn resolutions to solve versions conflict