You must have seen at least once package.json file throughout your developer journey.
package.json is a file that contains information about a project, among which are project dependencies and their corresponding versions.
But then, you must have noticed that some versions have ^ (caret) or ~ (tilde) in front of them. What are they for and what do they mean?
REMINDER: x.x.x format
Example:
"pg": "8.7.3"
The x.x.x format you see in version numbers follows this structure:
MAJOR.MINOR.PATCH
So, in the example above:
-
8– MAJOR -
7– MINOR -
3– PATCH
~ (Tilde) – Patch Updates
- Allows only patch updates within the same minor version.
"mongoose": "~6.2.2"
Allows updates up to 6.2.x, but not 6.3.0.
Here, it will install new versions like 6.2.3, 6.2.7, 6.2.9, but it will not install 6.3.0.
Why use ~?
For backend libraries, especially security-related ones, developers often want to allow only patch updates to avoid breaking API changes.
^ (Caret) – Minor and Patch Updates
- Allows updates only within the same major version, meaning it allows only minor and patch updates.
"react": "^18.2.0"
Allows 18.2.0 up to 18.x.x, but not 19.0.0.
Here it will install new versions like 18.2.3, 18.3.4, 18.5.2, 18.8.6, but it will not install 19.0.0.
Why use ^?
Frontend libraries frequently release minor updates, so ^ helps get the latest bug fixes and performance improvements without breaking the major version.
Summary
| Symbol | Example | Allowed Updates |
|---|---|---|
^ |
^4.17.21 |
4.17.21 → 4.x.x (not 5.0.0) |
~ |
~4.17.1 |
4.17.1 → 4.17.x (not 4.18.0) |
