Dialogflow Package.json Updates

Question

I have a concern about updates related to package.json (dialogflow). I would like to know when I need to update the dependencies. For example I have "actions-on-google": "^ 2.2.0" and check a new version "3.0.0" or "nodemailer": "6.4.11" with the new version "6.7.0". I would like to clarify that with all previous versions the dialogflow agent actually works fine. However in the future it may not work without updates ... Can anyone give me a suggestion? Thanks

Answer 1

Applications depends on a variety of third-party packages. As time passes, dependencies on the application will change.

There are two things you need to know about the dependencies updates.

1. When and why do you need to update application's dependencies.

   Some reasons you need to update the dependencies:

   • Security and Critical bug fixes. Security updates and other critical bug fixes need to happen as soon as possible. Application needs to be secured enough for someone not to steal your data or your data being corrupted.
   • New releases with new features. Updates have new APIs, and less critical but still a useful bug fixes.

   For best practice, you should atleast update the dependencies once or twice a month. Most of the dependencies won’t have an update, or will only have point releases, this makes the update low risk. When doing updates frequently, there's only a small number of major changes should have happened, so if there are problems you will be able to easily pinpoint the issue.

2. The Symbols relating to the package version.

   Version number is split into three values. These are called major, minor and patch. For example, "nodemailer": "6.4.11", the major is 6, the minor is 4 and the patch is 11. The patch will change most frequently (for very small change), while the major should only be changed if there are a major or serious code overhaul.

   Symbols:

   • equality. If not operator in front of the version number or having equal sign in front. Example, "nodemailer": "6.4.11" or "nodemailer": "=6.4.11"

   • less than/greater. You will see <=, >, etc. Example, "nodemailer": ">=6.4.11" would match 6.7.0, 6.6.5, 6.5.0, etc.

   • hyphen. You can use - between two versions, the you specify. This is useful if you need to maintain some legacy feature that you know will break at a specific version. Example, 6.4.11 - 6.6.5. This will include both endpoints.

   • X marks the spot. Any of X, x, or * may be used to “stand in” for one of the numeric values. Example:

     • * := >=0.0.0 (Any version satisfies)
     • 6.x := >=6.0.0 <7.0.0 (Matching major version)
     • 6.4.x := >=6.4.0 <6.5.0 (Matching major and minor versions)

   • tilde. The ~ means "approximate version". This allows for more recent patches, but does not accept any packages with a different minor version. Example, ~6.4.11 will allow values between 6.4.11 and 6.5, not including 6.5.

   • carat. The ^ means "compatible with version", and is more broad than the tilde. It only refuses changes to the major version. Example, ^6.4.11 will allow any version between the value and 7.0.0, not including version 7.

For more information, please check semantic versioning.