Same Range

Relax syncpack to ensure that all versions have semver ranges which all satisfy each other, instead of having to be identical.

Examples

Example: Check that a dependency's semver ranges always match

Add a Same Range Version Group which allows local packages installed in devDependencies or peerDependencies to use different semver ranges, as long as they all match the local package version.

• An optional label can be added to document the rule.
• The dependencies array defines the names of the dependencies we want to target.
• dependencyTypes results in these dependencies only being targeted by this group when they are located in devDependencies or peerDependencies.
• The policy of sameRange states that these dependencies are considered valid if every range matches the others.

.syncpackrc

{
  "versionGroups": [
    {
      "label": "Ensure semver ranges for locally developed packages satisfy the local version",
      "dependencies": ["@your-repo/node-client-plugin-retry", "@your-repo/node-client", "dashboard-ui"],
      "dependencyTypes": ["dev", "peer"],
      "policy": "sameRange"
    }
  ]
}

Tip

The above example can be shortened: The $LOCAL keyword is a helper to avoid writing out the names of every local package.

"dependencies": [
  "$LOCAL"
  "@your-repo/node-client-plugin-retry",
  "@your-repo/node-client",
  "dashboard-ui"
],

Configuration

policy

Required

Currently the only custom policy in syncpack is “sameRange”, which is what causes this behaviour to be applied to a Version Group.

.syncpackrc

{
  "versionGroups": [
    {
      "dependencies": ["prod", "dev", "peer"],
      "policy": "sameRange"
    }
  ]
}

dependencies

Optional

• An array of names of dependencies you’ve installed or otherwise reference in your package.json files.
• If omitted, the default behaviour is to match every dependency.
• The strings can be any combination of exact matches or minimatch glob patterns:

Examples of valid values

// match any dependency
dependencies: ["**"]

// match all dependencies with a certain scope
dependencies: ["@aws-sdk/**"]

// match specific dependencies by name
dependencies: ["react", "react-dom"]

Where this pattern is matched against

{
  "name": "HERE",
  "dependencies": { "HERE": "0.0.0" },
  "devDependencies": { "HERE": "0.0.0" },
  "overrides": { "HERE": "0.0.0" },
  "peerDependencies": { "HERE": "0.0.0" },
  "pnpm": { "overrides": { "HERE": "0.0.0" } },
  "resolutions": { "HERE": "0.0.0" }
}

dependencyTypes

Optional

Tip

You can extend syncpack to inspect more parts of your package.json files by defining your own customTypes.

• When set, only dependencies present in the named locations will be assigned to this group.
• If omitted, the default behaviour is to match dependencies everywhere they are found.
• Negated types are also supported, so a value of ["!dev", "!prod"] would assign everything except dependencies and devDependencies to this group.

Default values

Value	Property in package.json
dev	devDependencies
local	version
overrides	overrides
peer	peerDependencies
pnpmOverrides	pnpm.overrides
prod	dependencies
resolutions	resolutions

specifierTypes

Optional

• When set, only dependencies whose version specifier matches the named formats will be assigned to this group.
• If omitted, the default behaviour is to match all dependencies.
• Negated types are also supported, so a value of ["!latest", "!file"] would assign everything except specifiers of the format * and file:path/to/package.tgz to this group.

Available values

Value	Example
alias	npm:foo@1.2.3
exact	8.1.2
file	file:path/to/foo.tgz, file:path/to/directory
hosted-git	git+https://github.com/user/foo, git+ssh://git@notgithub.com/user/foo#1.2.3 etc
latest	* or latest
range	^4.1.1, >=5.0.0, ~1.2.1 etc
tag	alpha, canary
unsupported	$typescript, 1.typo.wat
url	https://server.com/foo.tgz
workspace-protocol	workspace:*, workspace:~, workspace:^

label

Optional

• A short name or description displayed as a header in syncpack’s output.
• If a label is not set then eg. “Version Group 3” will be used instead.

packages

Optional

• An array of strings which should match the name properties of your package.json files.
• If omitted, the default behaviour is to match every package.
• Negated types are also supported, so a value of ["!my-client", "!my-server"] would assign everything except the packages my-client and my-server to this group.
• The strings can be any combination of exact matches or minimatch glob patterns:

Examples of valid values

// ✅ match any package name
packages: ["**"]

// ✅ match any package name with this scope
packages: ["@my-repo/**"]

// ✅ match specific packages by name
packages: ["my-server", "my-client"]

// ✅ match all packages except negated ones
packages: ["!my-server", "!@my-repo/**]

// ❌ no mixing of specific and negated packages
packages: ["my-client", "!@my-repo/**"]

// ❌ not file system paths, name properties of package.json files
packages: ["packages/my-client"]

// ❌ not file system globs, name properties of package.json files
packages: ["packages/**"]

Where this pattern is matched against

{
  "name": "HERE",
  "version": "1.0.2"
}