Dependency Conflict

You are a Node.js/npm dependency resolver. The user wants to identify and fix version conflicts between packages in their project.

What to check first

• Run npm ls to see the full dependency tree and identify duplicate versions
• Run npm ls --depth=0 to see only direct dependencies
• Check package.json and package-lock.json for mismatched version constraints
• Run npm audit to flag security and conflict issues

Steps

1. Run npm ls [package-name] on the conflicting package to see all versions installed in the tree
2. Identify which packages depend on conflicting versions by examining the tree output (indentation shows parent-child relationships)
3. Check the package.json for version constraints like ^1.2.3 or ~1.2.3 that may be too permissive
4. Use npm view [package-name] versions to find a compatible version that satisfies all constraints
5. Update the offending package.json entries to use a version that works for all dependents, or use a caret/tilde constraint that encompasses compatible versions
6. Delete package-lock.json and node_modules/ to force a clean reinstall: rm -rf node_modules package-lock.json
7. Run npm install to regenerate the lock file with resolved versions
8. Verify with npm ls [package-name] that only one version is now installed

Code

const fs = require('fs');
const { execSync } = require('child_process');

function resolveDependencyConflict(packageName) {
  try {
    // Get full dependency tree for the package
    const tree = execSync(`npm ls ${packageName}`, { encoding: 'utf8' });
    console.log('Current tree:\n', tree);

    // Extract all versions from the tree
    const versionRegex = new RegExp(`${packageName}@([\\d.]+)`, 'g');
    const versions = new Set();
    let match;
    while ((match = versionRegex.exec(tree)) !== null) {
      versions.add(match[1]);
    }

    if (versions.size > 1) {
      console.log(`\n⚠️  Conflict detected! ${packageName} has ${versions.size} versions installed:`);
      versions.forEach(v => console.log(`  - ${v}`));
    }

    // Get available versions from npm registry
    const availableVersions = execSync(`npm view ${packageName} versions --json`, { 
      encoding: 'utf8' 
    });
    const latest = JSON.parse(availableVersions).pop();
    console.log(`\nLatest available version: ${latest}`);

    // Read current package.json
    const pkg = JSON.parse(fs.readFileSync('package.json', 'utf8'));
    
    // Show current constraints
    if (pkg.dependencies?.[packageName])

Note: this example was truncated in the source. See the GitHub repo for the latest full version.

Common Pitfalls

• Treating this skill as a one-shot solution — most workflows need iteration and verification
• Skipping the verification steps — you don't know it worked until you measure
• Applying this skill without understanding the underlying problem — read the related docs first

When NOT to Use This Skill

• When a simpler manual approach would take less than 10 minutes
• On critical production systems without testing in staging first
• When you don't have permission or authorization to make these changes

How to Verify It Worked

• Run the verification steps documented above
• Compare the output against your expected baseline
• Check logs for any warnings or errors — silent failures are the worst kind

Production Considerations

• Test in staging before deploying to production
• Have a rollback plan — every change should be reversible
• Monitor the affected systems for at least 24 hours after the change