npm downloads package in multiple versions

Question

In my package.json I've added a package and another package which is a dependency of the first package. The dependency tree looks like this:

@
|
+---+ A@0.0.1
|   |
|   +---+ B@^0.0.1
|
+--- B@0.0.2

As the package A requires B in version ^0.0.1 (with a caret) and the project also requires package B in version 0.0.2 (directly in package.json), after invoking npm install I would expect the tree would be flattened to the following form:

@
|
+--- A@0.0.1
|
+--- B@0.0.2

Yet it is not. After installing packages, the npm creates a folder in node_modules for module A in version 0.0.2, creates a folder in node_modules for module B in version 0.0.1 and under the folder B it creates another node_modules with A in version 0.0.1 (despite a caret in the required version). So my question is: why? Am I missing something? Do I understand the purpose of carets and tildes incorrectly? How can I force npm to flatten this strucure? npm dedupe did not help.

Answer 1

Your thinking is right, but caret treats a major version of 0 differently: It only allows updates in patches and for 0.0.x it doesn't allow updates at all.

For example, ^0.0.3 will only permit exactly version 0.0.3.

For versions greater than or equal to 0.1.0, but less than 1.0.0, the caret adopts the same behavior as a tilde and will allow flexibility in patch versions (only).

For example, ^0.1.3 will permit all versions from 0.1.3 to the next minor, 0.2.0.

The reason behind that is that before the first 1.0.0 release, a different patch or minor number does not guarantee that changes are non-breaking.

source