[BUG] DevDependancy are installed in production when also marked as optional peerDependencies #7740
Comments
saziri-arrow
added
Bug
|
@saziri-arrow The typescript is installed with npm install --omit=dev because its a peer dependency of ts-node not directly a devDependency. To prevent typescript from being installed you would need to omit peer dependencies with npm install --omit=peer. |
|
(but note that if you omit peers, your dep graph is invalid and can't work) |
|
@saziri-arrow As pointed by Lijarb potential issues with omitting peer dependencies. If you are sure you can do selective omission instead of omitting all peer dependencies, consider manually managing them use a post-install script in package.json. |
|
Hello I can't use npm install --omit=peer since I need other peerDependencies obviously.
Also if you run npm uninstall ts-node, it will keep it since it's already install with typeorm peerDependancy (package-lock.json) |
|
The reason ts-node is still installed even with --omit=dev is because its listed as peer dependency of typeorm. When npm installs typeorm it sees ts-node as a peer dependency and installs it, regardless of whether its also listed as a devDependency in your root package.json. The npm uninstall ts-node does not remove because its still listed as a peer dependeny of typeorm in your package-lock.json. npm sees that its still required by another package in dependency tree and keeps it installed. optional peer dependencies: |
|
Hello ts-node will not be installed because it is marked as optional dependancy : |
|
This does not appear to be a bug in npm, and there is no way to currently do what you want here. "optional" in peer deps simply means npm will not error if it is unable to be installed. |
|
@wraithgar that’s indeed what optional means in optionalDeps, but optional in peer deps meta is definitely supposed to mean it’s not ever automatically installed, only that it’s version-constrained if present. |
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
Hello,
I have an unexpected behaviour between peerDependencies, peerDependenciesMeta and devDependencies.
I have a library with a package.json with a peerDependancy (example with typeorm) :
"dependencies": {
"typeorm": "^0.3.2"
}
typeorm has ts-node as a peerDependacy optional : https://github.com/typeorm/typeorm/blob/master/package.json#L216
When I run npm install --omit=dev, ts-node and typescript are not installed (correct behavior)
Now add ts-node as a devDependancy :
"devDependencies": {
"ts-node": "^10.9.2"
},
And run npm install --omit=dev, typescript package is installed (wrong behavior)
Tried with npm 9.8.1, and 10.8.1
Any projet who has 'ts-node' as a devDependancy and use typeorm will have typescript installed in production
Can you fix this issue ?
Expected Behavior
ts-node should not be installed with npm install --omit=dev since it's a dev dependancy
Steps To Reproduce
run npm install --omit=dev with the example of package.json I wrote ahead
Environment
The text was updated successfully, but these errors were encountered: