Clarify which packages are causing the multiple-dependency-versions rule

[ericallam]

Just trying out sherif on our monorepo and got the following errors:

12 issues found (12 ⨯, 0 ⚠️, 0 ⊙) across 24 packages:

 ⨯ error The `@team-plain/typescript-sdk` dependency has multiple versions, ^2.2.0 being the lowest and ^2.7.0 the highest.
         multiple-dependency-versions: @team-plain/typescript-sdk has 2 versions: ^2.2.0, ^2.7.0

 ⨯ error The `express` dependency has multiple versions, ^4.18.1 being the lowest and ^4.18.2 the highest.
         multiple-dependency-versions: express has 2 versions: ^4.18.1, ^4.18.2

 ⨯ error The `nanoid` dependency has multiple versions, ^3.3.4 being the lowest and ^4.0.2 the highest.
         multiple-dependency-versions: nanoid has 2 versions: ^3.3.4, ^4.0.2

 ⨯ error The `@types/node` dependency has multiple versions, ^16 being the lowest and ^18.11.15 the highest.
         multiple-dependency-versions: @types/node has 6 versions: ^16, 16.*, ^18, 18.*, ^18, ^18.11.15

 ⨯ error The `@types/node-fetch` dependency has multiple versions, 2.6.* being the lowest and ^2.6.2 the highest.
         multiple-dependency-versions: @types/node-fetch has 2 versions: 2.6.*, ^2.6.2

 ⨯ error The `eslint` dependency has multiple versions, ^8.19.0 being the lowest and ^8.24.0 the highest.
         multiple-dependency-versions: eslint has 2 versions: ^8.19.0, ^8.24.0

 ⨯ error The `typescript` dependency has multiple versions, ^4.8.4 being the lowest and ^5.2.2 the highest.
         multiple-dependency-versions: typescript has 4 versions: ^4.8.4, ^4.9.4, ^4.9.5, ^5.2.2

 ⨯ error The `tsup` dependency has multiple versions, ^6.5.0 being the lowest and ^7.2.0 the highest.
         multiple-dependency-versions: tsup has 4 versions: ^6.5.0, 7.1.*, ^7.1.0, ^7.2.0

 ⨯ error The `node-fetch` dependency has multiple versions, 2.6.* being the lowest and ^3.3.0 the highest.
         multiple-dependency-versions: node-fetch has 2 versions: 2.6.*, ^3.3.0

 ⨯ error The `resend` dependency has multiple versions, ^0.9.1 being the lowest and ^1.0.0 the highest.
         multiple-dependency-versions: resend has 2 versions: ^0.9.1, ^1.0.0

 ⨯ error The `openai` dependency has multiple versions, ^4.2.0 being the lowest and ^4.5.0 the highest.
         multiple-dependency-versions: openai has 2 versions: ^4.2.0, ^4.5.0

 ⨯ error The `vitest` dependency has multiple versions, ^0.34.3 being the lowest and ^0.34.4 the highest.
         multiple-dependency-versions: vitest has 2 versions: ^0.34.3, ^0.34.4

Which is super helpful! But it would be even more helpful if it would print out which packages were using these dependencies and which versions each was on.

[ericallam]

Also I'm curious why this is an issue?

[QuiiBz]

Thanks for trying out Sherif. The main problem with printing more information (e.g. each affected package in the monorepo) is that the output can be very large, and thus harder to understand. I've been thinking of adding a --explain flag that would print more information for each issue, could that help?

About why this issue exists, it's briefly explained in the README: A given dependency should use the same version across the monorepo.. You almost never want to have multiple versions of the same dependency in your monorepo, because that can mean multiple installed versions when it's not needed/desired. You can still ignore this rule for a given dependency using --ignore-dependency.