Skip to content

Bun not able to be used in place of npm for install due to peerDependency resolution strategy #15711

Description

@Stono

What version of Bun is running?

1.1.38+bf2f153f5

What platform is your computer?

macosx

What steps can reproduce the bug?

Hey!
So I really want to use bun, and we're getting tantalisingly close to being able to. All my apps now run with bun, which is mega, however i cannot use bun install. I have to use npm i, then use bun to start it - which is a shame as bun i is much faster.

This appears to be because bun is not honouring peer dependencies in the same way... let me try and explain.

Given this structure:

myApp:
  - devDependency: some-module

some-module:
  - peerDependency: eslint@8

Where some-module has a peerDependency for, say eslint@8. If I bun i, then I correctly get eslintv8.

However if that peer is 2 deep, and i have another module which also has a peer (albeit looser):

myApp:
- devDependency: some-other-module

some-other-module:
- peerDependency: some-module 
- peerDependency: and-another-module 

and-another-module:
  - peerDependency: eslint@8 || eslint@9
some-module:
  - peerDependency: eslint@8

Then it seems to pull in the latest eslint (v9), not the one that satisfies both. You can see it complaining about it during the output of bun i:

❯ bun i
[0.07ms] ".env"
bun install v1.1.38 (bf2f153f)
warn: incorrect peer dependency "google-auth-library@9.15.0"

warn: incorrect peer dependency "eslint@9.16.0"

warn: incorrect peer dependency "eslint@9.16.0"

warn: incorrect peer dependency "eslint@9.16.0"

warn: incorrect peer dependency "eslint@9.16.0"

warn: incorrect peer dependency "eslint@9.16.0"

warn: incorrect peer dependency "eslint@9.16.0"

+ @at/webserver-dev@2.0.985
+ @at/azure@1.0.619
+ @at/kubernetes@1.0.1697
+ @at/slack@1.0.722
+ @at/webserver@2.0.968
+ csv-parse@5.5.6 (v5.6.0 available)

752 packages installed [3.64s]

Blocked 2 postinstalls. Run `bun pm untrusted` for details.

I've attached the output of 2 npm ls --tree commands, one from the result of the npm install and the other from the result of bun install

bun.txt
npm.txt

Looking at the output I see:

│ ├─┬ eslint-plugin-zod-openapi@1.0.0
│ │ └─┬ @typescript-eslint/utils@8.18.0
│ │   ├── @eslint-community/eslint-utils@4.4.1 deduped
│ │   ├─┬ @typescript-eslint/scope-manager@8.18.0
│ │   │ ├── @typescript-eslint/types@8.18.0 deduped
│ │   │ └─┬ @typescript-eslint/visitor-keys@8.18.0
│ │   │   ├── @typescript-eslint/types@8.18.0 deduped
│ │   │   └── eslint-visitor-keys@4.2.0 deduped
│ │   ├── @typescript-eslint/types@8.18.0
│ │   ├─┬ @typescript-eslint/typescript-estree@8.18.0
│ │   │ ├── @typescript-eslint/types@8.18.0 deduped
│ │   │ ├─┬ @typescript-eslint/visitor-keys@8.18.0
│ │   │ │ ├── @typescript-eslint/types@8.18.0 deduped
│ │   │ │ └── eslint-visitor-keys@4.2.0 deduped
│ │   │ ├── debug@4.4.0 deduped
│ │   │ ├── fast-glob@3.3.2 deduped
│ │   │ ├── is-glob@4.0.3 deduped
│ │   │ ├─┬ minimatch@9.0.5
│ │   │ │ └── brace-expansion@2.0.1 deduped
│ │   │ ├── semver@7.6.3 deduped
│ │   │ ├── ts-api-utils@1.4.3 deduped
│ │   │ └── typescript@5.7.2 deduped
│ │   ├── eslint@9.16.0 deduped invalid: "8.57.0" from node_modules/@at/eslint-config-infrastructure, "^8.56.0" from node_modules/@darraghor/eslint-plugin-nestjs-typed, "^8.56.0" from node_modules/@typescript-eslint/eslint-plugin, "^8.56.0" from node_modules/@typescript-eslint/parser

If you look at @typescript-eslint/utils, their package.json is:

  "peerDependencies": {
    "eslint": "^8.57.0 || ^9.0.0",
    "typescript": ">=4.8.4 <5.8.0"
  },

So here it looks like bun is deciding to install v9, but that subsequently conflicts with the peerDependency of v8. However deciding to pick v8 here would satisfy both - which is what npm must be doing.

What is the expected behavior?

I would expect dependencies to be resolved in broadly the same way as npm, to make it feasible to use bun as a replacement for npm.

What do you see instead?

No response

Additional information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workingbun installSomething that relates to the npm-compatible client

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions