Skip to content

Instantly share code, notes, and snippets.

@belgattitude
Last active February 12, 2023 15:41
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save belgattitude/df235dc0ca3929ef2b56eb26fe6f3bed to your computer and use it in GitHub Desktop.
Save belgattitude/df235dc0ca3929ef2b56eb26fe6f3bed to your computer and use it in GitHub Desktop.

peer-deps

Support for peerDependencies and peerDependenciesMeta.optional seems consistent for Yarn 1/2/3, PNPM 6 and NPM 8.

Exception: NPM v7 always install the peerDependencies, which has the consequence to download deps that might not be needed (the --legacy-peer-deps can help).

NPM v8 reverted the behaviour to align with other package managers

Remark: There's still few blind spots for frameworks that comes with precompiled version of libraries (ie: nextjs has webpack 'inlined'). Not sure how package managers will know they are present (the meta.optional: true might be used)

Without peerDeps and peerMeta it's very difficult to achieve

  • Multi-ranges support (^4 || ^5)
  • Conditional install of certain deps (ie: database driver, webpack...)

(PS: as the node resolution algo is very lax, an alternative is to not declare the dependency when there's enough probablity it will exists in the consuming app/package. This is not recommended and create other issues. Better to be strict.)

Test 1: With peer-deps but not meta.optional

Without peerDependency.optional, most pm will emit a warning but don't download the dep.

Exception: npm 7 will download (except with --legacy-peer-deps), yarn pnp/pnpm linkers will fail.


| PM                         | peer-deps (no meta)       | if not present in the current app  | Solution             |
| -------------------------- | ------------------------- | ---------------------------------- | -------------------- |
| NPM 6                      |                           | warn                               |                      |
| NPM 7 --legacy-peer-deps   | Ok                        | warn                               |                      | 
| NPM 7                      | NOK Ok:auto-install       | **can't control install**          | ?                    |
| NPM 8                      | Ok                        | warn                               |                      |
| NPM 8  --strict-peer-deps  | Ok (error)                | **error**                          | Must install         | 
| YARN 1                     | Ok                        | warn                               | Install if needed    | 
| YARN 3.0+ (node-modules)   | Ok                        | warn                               | Install if needed    | 
| YARN 3.0+ (pnp linker)     | TBD                       | **error**                          | Must install         | 
| YARN 3.1+ (pnpm linker)    | TBD                       | **error**                          | Must install         | 
| PNPM 6                     | TBD                       | ?                                  | ?                    | 


### Test 2: With peer-deps+meta.optional

With peerDependency.optional=true, most pm will work as expected

Exception: npm 7 will download the dep (except with --legacy-peer-deps)

| PM                         | peer-deps+meta.optional   | if not present in the current app  | Solution             |
| -------------------------- | ------------------------- | ---------------------------------- | -------------------- |
| NPM 6                      |                           | silent                             |                      |
| NPM 7 --legacy-peer-deps   | Ok                        | silent                             |                      | 
| NPM 7                      | NOK: auto-install         | **can't control install**          | ?                    |
| NPM 8                      | Ok                        | silent                             |                      |
| NPM 8  --strict-peer-deps  | TBD                       | ?                                  |                      | 
| YARN 1                     | Ok                        | silent                             | Install if needed    | 
| YARN 3.0+ (node-modules)   | Ok                        | silent                             | Install if needed    | 
| YARN 3.0+ (pnp linker)     | TBD                       | ?error?                            | May have to install  | 
| YARN 3.1+ (pnpm linker)    | TBD                       | ?error?                            | May have to install  | 
| PNPM 6                     | TBD                       | ?                                  | ?                    | 



Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment