What does two version requirements on single line mean in a package-lock.json?

Question

I was looking through my package-lock.json and I came across this requirement:

"requires": {
    "bootstrap": ">=4.5.3 <5.0.0",
}

What does it mean to have two version expressions in one line like this? I'm writing something to compare package versions and I don't know how to interpret it.

https://semver.npmjs.com/, it's more commonly expressed as `^4.5.3`. — jonrsharpe, Dec 14 '22 at 08:40

Daniel Vernon · Answer 1 · 2022-12-15T22:16:53.663

1

In the context of a package requirement, "bootstrap": ">=4.5.3 <5.0.0" means that the package requires a version of bootstrap that is greater than or equal to 4.5.3 and less than 5.0.0. In this context it would function the same as ^4.5.3 but you could use this functionality to specify a larger range if needed. Eg: "bootstrap": ">=4.5.3 <5.3.7" which would make the package compatible with any version of bootstrap from 4.5.3 up to (but not including) 5.3.7.

edited Dec 15 '22 at 22:16

answered Dec 14 '22 at 23:50

Daniel Vernon

46
5

_"to `4.9.9`"_ is wrong - version numbers aren't just decimals, you can have e.g. 4.10.0 that would still be compatible with the requirement. – jonrsharpe Dec 15 '22 at 16:12

What does two version requirements on single line mean in a package-lock.json?

1 Answers1