Skip to content

feat!: prevent nonsense peerDependencies#8942

Merged
zkochan merged 8 commits intomainfrom
forbid-file-and-link-in-peer
Jan 7, 2025
Merged

feat!: prevent nonsense peerDependencies#8942
zkochan merged 8 commits intomainfrom
forbid-file-and-link-in-peer

Conversation

@KSXGitHub
Copy link
Contributor

@KSXGitHub KSXGitHub commented Jan 7, 2025

Closes #8934

@KSXGitHub KSXGitHub requested a review from zkochan as a code owner January 7, 2025 07:01
@zkochan
Copy link
Member

zkochan commented Jan 7, 2025

I don't think aliases make sense in peer deps. Also, why should it be validated? Doesn't it already fail during peer dependencies resolution? What happens currently?

@KSXGitHub
Copy link
Contributor Author

KSXGitHub commented Jan 7, 2025

Doesn't it already fail during peer dependencies resolution?

It doesn't seem to be the case. The "bug" in #8934 was possible because pnpm install allows file: in peerDependencies.

I don't think aliases make sense in peer deps.

I added it because I'm not sure what exactly is allowed and not allowed. But if you want to remove it, I'll remove it.

zkochan
zkochan reviewed Jan 7, 2025
View reviewed changes
pkg-manager/resolve-dependencies/test/validatePeerDependencies.test.ts Outdated
Comment on lines +6 to +7
'use-workspace': 'workspace:^',
'use-catalog': 'catalog:',
Copy link
Member

@zkochan zkochan Jan 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are only valid for packages from the workspace but you validate all dependencies at the moment. Maybe just validate packages from the workspace.

Copy link
Contributor Author

@KSXGitHub KSXGitHub Jan 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have moved the call to validatePeerDependencies to toResolveImporter: 924a868

@KSXGitHub KSXGitHub requested a review from zkochan January 7, 2025 11:16
@zkochan zkochan merged commit 26fe994 into main Jan 7, 2025
@zkochan zkochan deleted the forbid-file-and-link-in-peer branch January 7, 2025 13:55
@Timeless0911 Timeless0911 mentioned this pull request Jan 16, 2025
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zkochan zkochan zkochan approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

False negative peer dependency warning when using aliases

2 participants

@KSXGitHub @zkochan