A component may have two kinds of dependencies
- Direct dependencies - are directly required by the component. A direct dependency is also referred to as a first level dependency
- Transitive dependencies - dependencies that your component needs, but only because another dependency needs them.
- Direct dependencies can be upgraded to the required version with just a simple command line process 'npm update@dependency-name' .
- But in the case of transitive dependencies, you may use 'npm-force-resolutions' method or come up with some work around strategy to upgrade them to required version.
How to use
-
Step 1: Add a field resolutions with the dependency version you want to fix to your package.json, for example:
"resolutions": { "hoek": "4.2.1" } -
Step 2: add npm-force-resolutions to the preinstall script so that it patches the package-lock.json file before every npm install you run:
"scripts": { "preinstall": "npx npm-force-resolutions" } -
Step 3: then
npm install -
Final step: Confirm that the right version was installed,
npm ls hoek