When you run npm install --save somepackage
, it usually adds something like this into package.json:
\"dependencies\": {
\"somepackage\": \"^2.1.
To specify by default a exact version, you can change your npm config with save-exact:
npm config set save-exact true
You can also specify the prepend version with a tilde with save-prefix.
And, no you can't force user to update to a minor or a patch version, NPM uses semver and it's the recommend way of publishing packages.