-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Why is plugin-import is peerDep of node-resolver? #437
Comments
https://nodejs.org/en/blog/npm/peer-dependencies/#the-problem-plugins TL;DR: enforcing that the That post is fairly dated, though. Is there a better (or maybe just newer?) way to ensure compatibility? |
|
I should also note that, because npm2 actually installs peerDependencies as siblings (rather than simply emitting warnings as npm3 does), it is common with Such a scenario:
|
I've been able to boil this down to a minimal reproducible issue, that is actually causing production problems for us: (only manifests on npm2)
The above demonstrates a scratch package with direct deps installed: Given such a package, running the following commands:
The cyclical dependency issue of this plugin was not causing a problem until this commit a little over a week ago: f1c420e |
Ah, wild. There were a handful of issues that I never understood around this. The idea originally was that all the resolvers would be plugins, but then I bundled the Node one because I figured that it covered most use cases. My hope was that it could still be installed as a peer to choose a different version than the bundled one. I don't think that actually makes sense, as you've clearly stated. Thanks! @jfmengels: feels like a crossroads between making the node resolver fully optional vs removing the peer dependency. What do you think? I'm tempted to stop bundling it and instead to have the recommended config reference it, but then it's one more step for the average user. So I'm not sure which direction is more practical. |
Indeed. SOOO many things had to line up just perfectly for this scenario. (npm2, shrinkwrap, eslint required as a production dep, plugin-import accepting eslint 2 and 3, dependent package requiring eslint 2 but not 3) insanity
Personally I think the optimal ending scenario would be having the node-resolver still included as a direct dependency as it is now, while allowing end users to provide another resolver of their choosing via configuration. (I would model this how most test frameworks/linters etc have bundled or direct-dep reporters, but still allow custom reporters to be referenced via config.) However, and I think this is the critical part, regardless of whether the node-resolver is left as a direct-dep or fully extracted/made optional; the peerDep listing is having no effect other than to cause plugin-import to be installed into its own node_modules. The removal of the peerDep line from the node resolver can be done without any other changes and the final decision on bundling/configuring can be made separately. If you decide to go with having end-users choose the resolvers, then it will need extracted and at that point the peerDep line would be appropriate. But until then, it is adding no value while blocking shrinkwrap installs. |
Fair enough. I will get a patch out this morning. |
eslint-import-resolver-node is not intended to be installed as a sibling of eslint-plugin-import, which is the sole purpose of `peerDependencies` closes #437
This sounds good to me |
Yeah, I think that's right. |
Just published v0.2.2 of Node resolver to npm, with #438 merged. Should be compatible back to roughly v1.4 of the import plugin. Thanks for this, @jasonkarns! 😁 |
Thank you @benmosher! |
I am tracking down some very strange shrinkwrap issues caused by eslint/eslint-plugin-import and I came across this:
https://github.com/benmosher/eslint-plugin-import/blob/71afde73b8d18a487671d1d4ae0534c0ca52e938/resolvers/node/package.json#L31
Why is eslint-plugin-import (hereafter "import") listed as a peerDep of eslint-import-resolver-node (hereafter "resolver")? Is my understanding correct that in no scenario does resolver expect to be a sibling of import?
Resolver is already a direct dependency of import. And resolver does not
require
or rely on any of the functionality of import to function.The text was updated successfully, but these errors were encountered: