Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

About dependencies in package.json #82

Closed
ryouaki opened this issue Nov 8, 2019 · 4 comments
Closed

About dependencies in package.json #82

ryouaki opened this issue Nov 8, 2019 · 4 comments

Comments

@ryouaki
Copy link

ryouaki commented Nov 8, 2019

Expected Behavior

What did you want to happen?

Actual Behavior

In package.json,have three dependencies:

  "dependencies": {
    "commander": "^2.18.0",
    "gettext-parser": "2.0.0",
    "gettext-to-messageformat": "^0.3.0"
  },
  "devDependencies": {
    "jed": "~1.1.1",
    "messageformat": "^2.0.4",
    "nodeunit": "*"
  },

Steps to Reproduce

When I use po2json on my project,it will install two dependencies which has two different version like "commander@2.20.0" and "commander@2.15.1", and will both build in my production Javascript files.

Additional Data

change to peerdependencies will fix this problem。

  "peerDependencies": {
    "commander": "^2.18.0",
    "gettext-parser": "2.0.0",
    "gettext-to-messageformat": "^0.3.0"
    "jed": "~1.1.1",
    "messageformat": "^2.0.4",
    "nodeunit": "*"
  },
@mikeedwards
Copy link
Owner

I felt a little weird removing the dependencies entirely, but I added some to peer dependencies in the latest beta. Let me know if that helps you @ryouaki

@ryouaki
Copy link
Author

ryouaki commented Jan 10, 2020

I felt a little weird removing the dependencies entirely, but I added some to peer dependencies in the latest beta. Let me know if that helps you

Thank you for your replay , yes it will help me and fix my problem.

@ryouaki
Copy link
Author

ryouaki commented Jan 10, 2020

I saw your change, But I think move to peer dependencies is better。

If still keep in dependencies, I have a package need "commander" with version "1.0.0", and in po2json is version 2.18.0, when I run npm install --production, it will install 2.18.0 and 1.0.0 form my project. And will get risk for my project.

@mondeja
Copy link

mondeja commented Oct 29, 2020
edited
Loading

If still keep in dependencies, I have a package need "commander" with version "1.0.0", and in po2json is version 2.18.0, when I run npm install --production, it will install 2.18.0 and 1.0.0 form my project. And will get risk for my project.

If you are using both versions in your project, both will be installed. The risk would be install one only. You need to go ahead with one of both if you want to remove the redundancy: upgrade your commander-dependent code in your project in order to use 2.18.0 only or stop using po2json because does not meet your dependencies versions.

I felt a little weird removing the dependencies entirely, but I added some to peer dependencies in the latest beta.

Sorry @mikeedwards, but I'm getting always the next warning message installing po2json:

warning " > po2json@1.0.0-beta-3" has unmet peer dependency "commander@^6.0.0".
warning " > po2json@1.0.0-beta-3" has unmet peer dependency "gettext-parser@2.0.0".
warning " > po2json@1.0.0-beta-3" has unmet peer dependency "gettext-to-messageformat@0.3.1".

This redundancy in the dependencies of the project doesn't have any sense. Are peer or normal dependencies? Please, consider remove peerDependencies in package.json. I think that this change has been a misconception of what peer dependencies are.

@diox diox mentioned this issue Apr 22, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mikeedwards @ryouaki @mondeja