Skip to content

Engines package.json: support special characters >=, ~, ^ (npm_and_yarn) #12648

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

fallemand
Copy link

@fallemand fallemand commented Jul 16, 2025

What are you trying to accomplish?

The following syntax from the engines field in the package.json are not supported: >=, ~, ^, and they are valid.

  "engines": {
    "pnpm": ">=10",
    "node": "~22.0.0"
    "npm": "^9.0.0"
  },

How will you know you've accomplished your goal?

This will solve the issue: #12643

Checklist

  • I have run the complete test suite to ensure all tests and linters pass.
  • I have thoroughly tested my code changes to ensure they work as expected, including adding additional tests for new functionality.
  • I have written clear and descriptive commit messages.
  • I have provided a detailed description of the changes in the pull request, including the problem it addresses, how it fixes the problem, and any relevant details about the implementation.
  • I have ensured that the code is well-documented and easy to understand.

@fallemand fallemand force-pushed the main branch 9 times, most recently from ea5d97a to 64840ec Compare July 16, 2025 17:17
@fallemand fallemand marked this pull request as ready for review July 16, 2025 17:25
@fallemand fallemand requested a review from a team as a code owner July 16, 2025 17:25
@fallemand fallemand changed the title Detect correctly the engine version in the package.json (npm_and_yarn) package.json engines: support special characters ">=" "~" "^" (npm_and_yarn) Jul 16, 2025
@fallemand fallemand changed the title package.json engines: support special characters ">=" "~" "^" (npm_and_yarn) package.json engines: support special characters >=, ~, ^ (npm_and_yarn) Jul 16, 2025
@fallemand fallemand changed the title package.json engines: support special characters >=, ~, ^ (npm_and_yarn) Engines package.json: support special characters >=, ~, ^ (npm_and_yarn) Jul 16, 2025
@sachin-sandhu
Copy link
Contributor

Hi @fallemand 👋🏻 ,

thank you for the PR!! , we will triage this asap for review and deploy.

@sachin-sandhu sachin-sandhu moved this to Scoping in Dependabot Jul 16, 2025
@fallemand fallemand force-pushed the main branch 5 times, most recently from 5e8fdf2 to 7fb335d Compare July 17, 2025 07:28
@fallemand
Copy link
Author

fallemand commented Jul 17, 2025

@sachin-sandhu After pulling main, some smoke tests started to fail, but they don't seem to be related to the changes.

EDIT: Here is the smoke tests update PR

@alfaproject
Copy link

@sachin-sandhu any hope?

@alfaproject
Copy link

@fallemand what about this scenario?

{
  "pnpm": "^10.11"
}

If you just remove the character, then the version needed must be 10.11 but that's not the intent and it will probably fail as well because that might not be the same that is installed in Dependabot. Shouldn't you be using a semver library to extract the major version(s)?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: Ready
Development

Successfully merging this pull request may close these issues.

3 participants