yarn does not report peerdependency version conflicts #4938
Comments
ghost
assigned 
|
I believe the issue here is that if node_modules appears up-to-date according to the lockfile, Yarn just exits without bothering to check peerDeps because that check is done in the "linking" phase, which never happens. |
|
Some initial research notes so I don't forget; I tried making a branch where I copy/pasted the peerDep checking code from package-linker out to its own class, and then called that during Phase1/"Resolving Packages". It seemed like the Manifest peerDependencies were not populated at that time. It seemed like they were not populated until Phase2/"Fetching packages", which again is not run if everything appears to be up to date. Summary; it wasn't as quick and easy as I hoped it would be. If no one else makes a PR, I'll try to come back around to this at a later time, but I have some higher-priority issues to fix first... |
|
@rally25rs, @torifat could you untriage this, if you are not working on it? This is a very dangerous bug. This is not some toy project. It is advertised by facebook and was supposed to solve such problems. I am sorry, but it is beyond my understanding, why a software which calls itself a package manager leaves a critical bug which is dealing .. you know.. with managing dependencies open for almost a year. |
Do you want to request a feature or report a bug?
bug
What is the current behavior?
yarn install does not always report peer dependency version conflicts
If the current behavior is a bug, please provide the steps to reproduce.
https://github.com/dre-hh/yarndep
What is the expected behavior?
yarn must always report peer dependency version conflicts
Please mention your node.js, yarn and operating system version.
OS X Siera 10.12.6 , node v8.9.0, yarn 1.3.2 and yarn 1.3.2-20171114.1200
Here is a similar request for yarn check
#4594
and a bit related bug regarding warnings about actually installed peerDependencies
#4850
The text was updated successfully, but these errors were encountered: