Two versions of same npm package in Node application

Question

I\'m working on a CLI tool in NodeJS that uses another NodeJs package that we develop, which is an SDK.

The thing is, we just published a V2 version of that SDK, and we

Answer 1

So this is actually a quite common scenario which was addressed several times.

There is a closed issue for npm and open issue for yarn package managers.

---

The first solution was suggested by the author of NPM in this GH comment:

Publish a separate package under a different name. It will require a specific version inside.

{ "name": "express3",
  "version": "1.0.0",
  "description":"Express version 3",
  "dependencies": { "express":"3" } }

// index.js
module.exports = require('express')

In your case you'll publish my-sdk-v1 and my-sdk-v2. And from now you can easily install 2 versions of a package in one project without running into conflicts.

const mySDKLegacy = require('my-sdk-v1');
const mySDKModern = require('my-sdk-v2');

The second way pretty much the same idea proposed - use git url:

{
    "my-sdk-v1": "git://github.com/user/my-sdk#1.0.0",
    "my-sdk-v2": "git://github.com/user/my-sdk#2.0.0"
}

Unlike npm package, you are free to choose any name you wish! The source of truth is the git url.

Later npm-install-version popped up. Buuut, as you already proved, its usage is a bit limited. Since it spawns a child process to execute some commands and writes to tmp dirs. Not the most reliable way for a CLI.

To sum up: you're left with choices 1 & 2. I'd stick with the first one, since the github repo name & tags could change.

2nd option with git url is better when you want to change a version to depend more frequently. Imagine you want to publish a security patch for my-sdk-v1 legacy. Will be easier to reference a git url then publish my-sdk-v1.1 to npm again and again.

Answer 2

Do npm i alias@npm:package_name@package_version

Inside package.json use “alias”: “npm:package_name@package_version”

Answer 3

So to just add up to current solutions you can also provide packages like so:

yarn add my-sdk-newest@npm:my-sdk

or in package.json

{
  ...
  "my-sdk-newest": "npm:my-sdk",
  "my-sdk": "1.0.0"
  ...
}

if you only care about specific legacy version and the newest.

Answer 4

Based on my answer for a similar question:

As of npm v6.9.0, npm now supports package aliases. It implements the same syntax as Yarn uses:

npm install my-sdk-legacy@npm:my-sdk@1
npm install my-sdk

This adds the following to package.json:

"dependencies": {
  "my-sdk-legacy": "npm:my-sdk@^1.0.0",
  "my-sdk": "2.0.0"
}

This seems to me the most elegant solution available, and is compatible with the Yarn solution proposed by @Aivus.

Answer 5

I needed to run two versions of tfjs-core and found that both needed to be built after being installed.

package.json:

"dependencies": {
  "tfjs-core-0.14.3": "git://github.com/tensorflow/tfjs-core#bb0a830b3bda1461327f083ceb3f889117209db2",
  "tfjs-core-1.1.0": "git://github.com/tensorflow/tfjs-core#220660ed8b9a252f9d0847a4f4e3c76ba5188669"
}

Then:

cd node_modules/tfjs-core-0.14.3 && yarn install && yarn build-npm && cd ../../
cd node_modules/tfjs-core-1.1.0  && yarn install && yarn build-npm && cd ../../

And finally, to use the libraries:

import * as tf0143 from '../node_modules/tfjs-core-0.14.3/dist/tf-core.min.js';
import * as tf110  from '../node_modules/tfjs-core-1.1.0/dist/tf-core.min.js';