You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
npm versions 1, 2, and 7 will automatically install peerDependencies if they are not explicitly depended upon higher in the dependency tree. For npm versions 3 through 6, you will receive a warning that the peerDependency is not installed instead.
fix: support optional peerDependencies with npm7
For each peerDependency, check if peerDependencyMeta[depName].optional is true.
If so, do not include the peerDependency in the tree, else include it.
Modified the fixtures for the npm7 peer-deps tests by adding another
peerDependency and marking it as optionnal using peerDependencyMeta
See https://docs.npmjs.com/cli/v7/configuring-npm/package-json#peerdependenciesmetafixsnyk#121
child peerDependencies should be parsed
consider svelte-nodegui-starter
part of the dependency tree
acorn-import-assertions peerDependencies -> acorn
this is also visible in package-lock.json
but in the snyk-nodejs-lockfile-parser deptree, the peerDependencies field is missing
related #104
details: peerDependencies are NOT listed in yarn.lock
details: peerDependencies in pnpm-lock.yaml
details: when are peerDependencies installed?
https://nodejs.org/en/blog/npm/peer-dependencies/
https://docs.npmjs.com/cli/v7/configuring-npm/package-json#peerdependencies
... except its marked "optional" in peerDependenciesMeta
The text was updated successfully, but these errors were encountered: