til / override subdependency versions in npm

Sometimes one of our dependency’s dependencies doesn’t play nicely with our project. A library, let’s call it package-im-using, specified one of its dependency, let’s call it sub, as ^1.3.2. The caret (^) means that it would get any minor and patch version. All releases between 1.3.2 and < 2.0.0. This resulted in it resolving to 1.4.0, which contained some changes that broke our build.

The issue was quickly fixed in package-im-using, but we can’t update to the latest version. Luckily, npm provides overrides in package.json. Using this, we could make sure that sub stayed on a version that we knew was working.

1// package.json
2{
3  "overrides": {
4    "package-im-using": {
5      "sub": "1.3.2"
6    }
7  }
8}