I am writing an internal tool which compares the version installed in a project and only allow certain version to be passed. For that I have to check the version which is resolved in the yarn.lock
file, as package.json file has a semver range, not specific version and it doesn’t tell you the dependency of the dependency anyway.
I tried using yarn list
command, but it prints the semver range too and is very hard to parse (even with --json
option).
So yarn.lock
seems like the only way. I know that yarn.lock
may have separate versions of the same package and in that case I want only the version which is installed in. the node_nodules
(must be just one of them). I have no idea how to parse the lockfile though.
Another way I could think of is actually going into node_modules
folder and checking the version in the package.json
of the package.
None of the above option looks clean to me. Is there any way I can know the resolved version of a specific package (provided I know the name of the package and I know that it’s installed) easily and as cleanly as possible?
Update:
I actually wanted all the versions of the installed package (even if they’re really deep in the dependency tree).
Advertisement
Answer
I found out that yarn why
is the best way to find out the currently installed version of a package (Thanks to one of my colleague who point out to me). This is how my test code looks in the JavaScript.
const { spawnSync } = require('child_process'); const packageName = 'micromatch'; const whyBuffer = spawnSync('yarn', ['why', packageName]); const grepBuffer = spawnSync('grep', ['Found'], { input: whyBuffer.stdout }); const outputArray = grepBuffer.stdout.toString().split('n'); console.log(outputArray); // ['info r=> Found "micromatch@3.1.10"', 'info r=> Found "fast-glob#micromatch@4.0.2"', '' ] const parsedOutputArray = outputArray.filter(output => output.length > 0).map((output) => output.split('@')[1].replace('"', '')) console.log(parsedOutputArray); // [ '3.1.10', '4.0.2' ]