outdated dependencies in generated package.json

[igorkb]

First: Nice work!
I'm learning some server-side js and this tool is of high value to me. It's confusing for someone like me to understand why the most popular backend framework in javascript still uses old practices such as commonjs.

Anyway, here's my question/issue:

Is there a reason for some of the package.json dependencies to require outdated versions? some of them are limiting the update to only patches (using ~)...

Here's what i just got in my generated package.json and what is the latest version of each package:

INSTALLED                                LATEST VERSION       
--------------------------------------   --------------
  "dependencies": {	                     
    "cookie-parser": "~1.4.4",           1.4.6
    "debug": "~2.6.9",                   4.3.4
    "dirname-filename-esm": "^1.1.1",    up to date
    "dotenv": "^16.3.1",                 up to date
    "ejs": "~2.6.1",                     3.1.9
    "express": "~4.16.1",                4.18.2
    "hbs": "~4.0.4",                     4.2.0
    "http-errors": "~1.6.3",             2.0.0
    "morgan": "~1.9.1",                  1.10.0
    "pug": "2.0.0-beta11"                3.0.2
  },                                     
  "devDependencies": {                   
    "gen-express-app": "^0.2.5",         0.2.9
    "typescript": "^5.2.2",              5.3.2
    "nodemon": "^3.0.1",                 up to date
    "@types/cookie-parser": "^1.4.5",    1.4.6
    "@types/express": "^4.17.20",        4.17.21
    "@types/http-errors": "^2.0.3",      2.0.4
    "@types/morgan": "^1.9.7",           1.9.9
    "@types/node": "^20.8.10"            20.9.5

[Dalufishe]

I apologize for the delay in responding to you. First of all, I want to thank you for your feedback; it has been a great encouragement to me :D Additionally, the primary reason I developed this tool was actually due to encountering issues with some mainstream frameworks, like commonjs.

Regarding your mention of using older versions in the dependency libraries, this is largely because I have synchronized with the dependency files of express-generator. Since express-generator itself may have some outdated issues, this is also reflected in my tool. I wonder, has this caused any specific problems for you? If these outdated dependencies have caused significant issues, I will consider updating these dependencies to the latest versions. Thank you once again for your feedback, it's very important for the improvement of my work.

[igorkb]

Hey!
I just saw your response, sorry for the 2 weeks delay!

Particularly, I haven't had any issues with the dependencies because I ran a npm-check-updates to get the latest versions as I was starting a black project.

Keep up the good work!!!

[the-az-dev]

Sorry if i write it after so long delay, but how about just using in package.json empty "" near package name? I test it when I make one project and it automatically install latest version of packages 🤔