New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BREAKING CHANGE: Drop peer deps #40
Conversation
O M G |
1749384
to
f9753ca
Compare
I think this should be a |
f9753ca
to
3daf9f8
Compare
|
@michael-go Added a better description & why, are you thinking to keep these deps still? |
can you please also mention that this not only removes annotations, but actual subtrees |
@darscan can please take a look too? |
Bundled is being used in CLI, will re-check exactly for what and if it changes this PR |
3daf9f8
to
cfccfb7
Compare
Left bundled deps alone for now as they are being used in CLI, will come back to fix those in a separate PR |
cfccfb7
to
53ca05b
Compare
lib/dep-types.js
Outdated
type = depTypes.PEER; | ||
from = pkg.peerDependencies[depName]; | ||
} | ||
var bundled = !!(pkg.bundleDependencies && |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
any reason this was moved above the if (pkg.dependencies ..
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
None I can think of, let me move it back
…lled after npm > 3
53ca05b
to
252904e
Compare
With this breaking change the resolved tree will no longer resolve
peerDependencies
Why?
package.json
if they do decide to add them anyway.react
andreact-dropzone
. The tree before this PR would duplicate the wholereact
sub-tree underreact-dropzone
althoughreact
wasn't installed by NPM due to thepeerDependency
onreact
inreact-dropzone
. So after this PR -react-dropzone
will no longer havereact
as a dependency.react.native
e.g.) this will create drastically smaller treesWhat will this PR do
Peer deps will be DROPPED, this will bring this packages dependency support more in line with https://github.com/snyk/nodejs-lockfile-parser. Also npm is no longer installing peer deps since npm >= 3 https://docs.npmjs.com/files/package.json#peerdependencies