Feature: Don't require version if package has `"private": true`

[altano]

While it is valid for a private package ("private": true) to have a version, it certainly shouldn't require one.

Tools like changeset require that you remove the private package version number (instead of, say providing a useless one like 0.0.1) or it will try to manage that version, even if the package is private. Ideally this package would just allow no versions on private packages.

(Moving the discussion from https://github.com/JoshuaKGoldberg/eslint-plugin-package-json/issues/250 to here)

[altano]

BTW the README for this project mentions an option to pick which spec to use, with "npm" being the default.

Where is the npm package.json spec? I can't find it.

[JoshuaKGoldberg]

👍 from me on this. The npm docs in https://docs.npmjs.com/cli/v10/configuring-npm/package-json#version say:

If you don't plan to publish your package, the name and version fields are optional.

Ignoring whether skipping the name is ok even if it's optional, skipping version seems like a straightforward "yes". Thanks for filing!

[JoshuaKGoldberg]

Where is the npm package.json spec? I can't find it.

I don't believe there's a spec more specific than what's linked in the README: docs.npmjs.com. I've never seen one at any rate.

[altano]

FWIW I went back to having a version of "0.0.0" in my private packages because pnpm won't publish packages that have dev dependencies on private packages without a version, for some reason. I was also able to get changesets to ignore these private, versioned packages so I'm a happy camper. (https://github.com/pnpm/pnpm/issues/5094)

I still think this feature request is a good idea for this package, so I'm not closing the issue. Just thought I'd call out that I'm not clamoring for it.

[JoshuaKGoldberg]

Published in [email protected]. Thanks for the issue @altano and PR @hyoban! 🚀