yarnpkg
[Bug?]: yarn does not take into account peerDependenciesMeta.optional for privately published packages
Self-service
- [ ] I'd be willing to implement a fix
Describe the bug
As commented on https://github.com/yarnpkg/berry/issues/4653
This is definitely an issue showing up, but it seems to only be an issue for privately published packages somehow.
"name": "@easy-agile/scripts",
"version": "4.0.21",
...
"dependencies": {
...
"license-webpack-plugin": "^4.0.2",
},
"devDependencies": {
...
"atlassian-webresource-webpack-plugin": "^5.2.8",
"crossorigin-webpack-plugin": "^1.0.0",
"html-webpack-plugin": "^5.5.0",
"prettier": "^2.2.1",
"webpack": "^5.74.0",
"webpack-dev-server": "^4.7.4"
},
"peerDependencies": {
"atlassian-webresource-webpack-plugin": "^5.2.8",
"crossorigin-webpack-plugin": "^1.0.0",
"eslint": "^7.12.1",
"html-webpack-plugin": "^5.5.0",
"prettier": "^2.1.2",
"webpack-dev-server": "4"
},
"peerDependenciesMeta": {
"eslint": {
"optional": true
},
"prettier": {
"optional": true
},
"atlassian-webresource-webpack-plugin": {
"optional": true
},
"crossorigin-webpack-plugin": {
"optional": true
},
"html-webpack-plugin": {
"optional": true
}
}
}
And we're getting this in the output.
➤ YN0002: │ something@workspace:. doesn't provide atlassian-webresource-webpack-plugin (p3f480), requested by @easy-agile/scripts
➤ YN0002: │ something@workspace:. doesn't provide crossorigin-webpack-plugin (p6295d), requested by @easy-agile/scripts
➤ YN0002: │ something@workspace:. doesn't provide html-webpack-plugin (p0373d), requested by @easy-agile/scripts
➤ YN0002: │ something@workspace:. doesn't provide webpack-dev-server (paf88a), requested by @easy-agile/scripts
However, these are the dependencies in the root package.json of the workspace
{
"dependencies": {
"@changesets/cli": "^2.26.0",
"@easy-agile/eslint-config": "^2.0.6",
"@easy-agile/scripts": "^4.0.21",
"@manypkg/cli": "^0.19.2",
"eslint": "^8.30.0",
"husky": "^8.0.2",
"is-ci": "^3.0.1",
"jest": "^29.3.1",
"jest-environment-jsdom": "^29.3.1",
"lerna": "^6.1.0",
"lint-staged": "^13.1.0",
"prettier": "^2.8.1",
"typescript": "^4.9.4"
}
}
and @easy-agile/scripts has a dependency on license-webpack-plugin, which has optional peer dependencies on webpack and webpack-sources which are not provided by @easy-agile/scripts nor the root package.json and there is no error message about them not being provided.
So I think this feature is indeed working but only for public packages somehow.
To reproduce
Cannot reproduce this with Sherlock
Environment
System:
OS: Linux 5.15 Debian GNU/Linux 11 (bullseye) 11 (bullseye)
CPU: (8) arm64 unknown
Binaries:
Node: 18.8.0 - /tmp/xfs-64f72f7c/node
Yarn: 3.3.0 - /tmp/xfs-64f72f7c/yarn
npm: 8.18.0 - /usr/bin/npm
Additional context
No response
@arcanis could this be looked at? It adds incorrect noise for repos with private dependencies that have optional peer dependencies.
@ramblingenzyme What package registry are you using? I've noticed GitHub Package Registry strips the peerDependenciesMeta field. Their docs claim they support it so I think this is just a bug on GitHub's side
See: https://github.com/orgs/community/discussions/51104
Hi! 👋
It seems like this issue as been marked as probably resolved, or missing important information blocking its progression. As a result, it'll be closed in a few days unless a maintainer explicitly vouches for it.
