til / override subdependency versions in npm

Sometimes one of our dependency’s dependencies doesn’t play nicely with our project. A library, let’s call it package-im-using, specified one of its dependency, let’s call it sub, as ^1.3.2. The caret (^) means that it would get any minor and patch version. All releases between 1.3.2 and < 2.0.0. This resulted in it resolving to 1.4.0, which contained some changes that broke our build.

The issue was quickly fixed in package-im-using, but we can’t update to the latest version. Luckily, npm provides overrides in package.json. Using this, we could make sure that sub stayed on a version that we knew was working.

// package.json
{
  "overrides": {
    "package-im-using": {
      "sub": "1.3.2"
    }
  }
}