react and react-dom dependencies should have caret range

[gaearon]

I think #1253 made it so that react and react-dom are also installed with exact range:

  "dependencies": {
    "react": "15.4.2",
    "react-dom": "15.4.2"
  },
  "devDependencies": {
    "react-scripts": "0.9.2"
  },

This is not right. We want to pin react-scripts but leave react and react-dom unpinned:

  "dependencies": {
    "react": "^15.4.2",
    "react-dom": "^15.4.2"
  },
  "devDependencies": {
    "react-scripts": "0.9.2"
  },

The easiest way to do it would probably be to remove the exact flag from the installation script in packages/create-react-app/index.js, and instead pin react-scripts to a specific version in the same function that moves react-scripts to devDependencies (also in that file).

[johann-sonntagbauer]

@gaearon it is kinda wired.
Initializing a project with create-react-app will install the dependencies with exact flag which was introduced with #1253
BUT
there also exists an init script (https://github.com/facebookincubator/create-react-app/blob/master/packages/react-scripts/scripts/init.js) which will install the dependencies without the exact flag. Is that init script needed at all any more?

[johann-sonntagbauer]

my suggestion would be as you already mentioned to remove the exact flag and pin react-scripts version AND remove the code path in the init.js

[gaearon]

The init script only does this for backwards compatibility with older global CLIs. It is still necessary because we want older CLIs to keep working.

[johann-sonntagbauer]

thx for clearing that up. One additional question, there exists some mechanism to install additional dependencies listed in a templates.dependeny.json file That mechanism is obsolete?

[Timer]

No, that that code is used for our kitchensink e2e.

[johann-sonntagbauer]

ok :) lots to learn here

Tried out some variants with installing different versions with npm and it seems that it is not possible to install with different modes during an single install. The dependecies will be downloaded and installed with the correct version pattern, but the dependencies in the package.json will all get the same version range.

e.g.

npm install react@^15.0.0 react-dom@^15.0.0 react-scripts@0.9.1 --save
  "dependencies": {
    "react": "^15.4.2",
    "react-dom": "^15.4.2",
    "react-scripts": "^0.9.1"
  }

npm install react@^15.0.0 react-dom@^15.0.0 react-scripts@0.9.1 --save --save-exact
  "dependencies": {
    "react": "15.4.2",
    "react-dom": "15.4.2",
    "react-scripts": "0.9.1"
  }

One way to solve that would be to patch the package.json upfront and afterwards trigger an install.

[gaearon]

Yes, we already patch up package.json after install so I just suggest adding an extra character there.

[johann-sonntagbauer]

THX that will be a perfect spot. Try to formulate a PR.

[Timer]

Fixed in #1669. Thanks @johann-sonntagbauer!