Install exact versions of transitive dependencies even without yarn.lock

[laggingreflex]

Do you want to request a feature or report a bug?

feature

What is the current behavior?

(currently this feature is actually a bug: #2364, so when it gets fixed this functionality should be added as a new feature)

When installing dependencies for the first time (without a yarn.lock) transitive dependencies' semver range is (ought to be?) respected and latest versions installed.

If the current behavior is a bug, please provide the steps to reproduce.

#2364

What is the expected behavior?

There should be an option to install exact versions of transitive dependencies even if they've specified them as ranges.

Please mention your node.js, yarn and operating system version.

[bestander]

This RFC yarnpkg/rfcs#68 should address issues when you want to avoid a specific version of a dependency.

Right now what you ask is to choose the minimum version for a range, e.g. ^1.0.0 would result in 1.0.0 even if 1.3.2 is available.
I don't think we want that because there will be edge cases like * or <2.0.0.
I'll close the issue but feel free to discuss and contribute to the RFC