[BUG] Inconsistent dependancies versions for sub-dependancies due to deduplication #5202
Closed
2 tasks done
Labels
Bug
thing that needs fixing
Needs Triage
needs review for next steps
Release 8.x
work is associated with a specific npm 8 release
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
Consider the following scenario (also available at https://github.com/gplopes/npm-dedupe-peer-deps for repro).
The
npm install
will produce following node_modules structure:@graphql-tools/schema
uses the wronggraphql
version from the root project (main-app
).The version of
graphql
for@graphql-tools/schema
should be decided by the actual consumer of@graphql-tools/schema
, which in this case isproject-a
, notmain-app
.Expected Behavior
npm install
should produce following node_modules stucture:Deduplication should consider the version of
graphql
installed inproject-a
to be the required version for its dependancies defininggraphql
as peer dependancy, like@graphql-tools/schema
in this scenario.Alternatively, sub dependancies with peer dependancies defined should not be deduped at all for version safety.
Steps To Reproduce
npm i
.node_modules
folder where@graphql-tools/schema
and@graphql-tools/stitch
are deduped to the root node_modules.Environment
The text was updated successfully, but these errors were encountered: