Optional peer dependencies

[ForbesLindesay]

It would be useful to have a way of specifying something equivalent to peerDependencies but where they are optional. As discussed in #1400

[donaldpipowitch]

+1
That would be very useful for projects like a CMS.

[Raynos]

👍

@domenic any tips on where / how to implement this feature ?

[rlidwka]

I saw issues regarding peer dependencies, optional, bundled, dev, optional peer, optional dev, not to mention exotic stuff binDependencies, did I miss something?

Guys, what about declaring those properties as flags? We can use syntax like that:

{
    dependencies: {
        foo: {
             version: "1.2.3",
             dev: true,
             optional: true,
        },
    },
}

It would really reduce this keyword clutter.

[donaldpipowitch]

Sounds nice. Maybe something like this would be even more flexible and future proof:

{
    dependencies: {
        foo: {
             version: "1.2.3",
             type: "peer | dev | bin | etc.",
             optional: true
        },
    },
}

[ForbesLindesay]

Sadly bin dependencies are not nearly as useful as you'd think. You can't tell whether someone is going to use a module as a binary at install time.

I don't think we should change the syntax like that. It makes things very verbose and what we have works pretty well in practice. It should probably be a separate issue for discussing this though.

[qfox]

@donaldpipowitch Better array:

type: [ 'peer', 'dev' ],
optional: true

[donaldpipowitch]

Yes, indeed. This should just be pseudo code. An array would be better :)

[ronkorving]

👍 yes, npm would really benefit from allowing this

[vjpr]

+1

[ronkorving]

To all who are still interested in optional peer dependencies, I've released a solution to this at https://github.com/Wizcorp/codependency . In a nutshell, it allows for a "optionalPeerDependencies" field in package.json for middleware.

Features:

• automatic semver validation.
• instructive error reporting for your end user.
• optionality (it won't throw errors if you don't want it to).
• a developer-friendly environment (allows symlinking to your middleware).

I hope it can help middleware development, and I would love to get any feedback you may wish to share. Thanks!

PS: If you're still interested, I wrote a tumblr post about this.

[fixe]

@othiym23 is this something that will be integrated?

[othiym23]

@fixe It's not something that's on the development team's radar, so probably not anytime soon.

[jxm262]

👍 would like this as well

[nunofgs]

Optional peer dependencies would be very useful for modules that only conditionally require other modules.

See uphold/validator.js-asserts#35 for an example.

[othiym23]

Given that peerDependencies at most warn in npm@3, and given that npm no longer causes peerDependencies to be installed, in effect all peerDependencies are optional. I'm not exactly declaring victory and going home here, but with the current behavior, I think there's nothing actionable remaining to this issue, so I'm closing it.

[ronkorving]

Then let me be the one declaring victory :) I think it's a great change and it completely satisfies my request. Thanks!

[fyockm]

As all peerDependencies are now optional, can we change the associated peer warning messages? The red highlighting and capitalization on "UNMET PEER DEPENDENCY" makes me think something is actually wrong, and I need to take action.

Additionally, the ending EPEERINVALID warning message states "mongodb-core@1.2.21 requires a peer of kerberos@~0.0 but none was installed." Perhaps the required verbiage should be changed to something like "packageX has an optional peer of packageY but none was installed"?

This is most evident with a screenshot:

$ npm -v
3.3.9
$ npm i -S mongoose

@othiym23 I believe updating these messages is a remaining actionable task.

[fixe]

I agree with @fyockm.

[tgabi333]

i'm in the same shoes with @fyockm. But now i'm stucked, i cannot use npm shrinkwrap

because i got:

npm ERR! peer dep missing: kerberos@~0.0, required by mongodb-core@1.2.24

using npm 3.5.0

[IgorMinar]

optionalPeerDependencies would be useful for declaring dependencies on shims.

I'd like to specify in my package.json which shims might developers need, but since shims are needed only for certain browsers/node versions, I don't want to require them.

Additionally I agree with @fyockm that the current error messaging is confusing and while I haven't tried it @tgabi333 issue with npm shrinkwrap looks like a legit issue.

For now I'm going to make angular2 use peerDependencies even for shims, but it would be better if we could move those over to optionalPeerDependencies in the future.