Skip to content

fix(overrides): move invalid peers to prod deps#9000

Merged
zkochan merged 14 commits intomainfrom
peer-validation-should-be-compatible-with-overrides-8978
Jan 28, 2025
Merged

fix(overrides): move invalid peers to prod deps#9000
zkochan merged 14 commits intomainfrom
peer-validation-should-be-compatible-with-overrides-8978

Conversation

@KSXGitHub
Copy link
Copy Markdown
Contributor

@KSXGitHub KSXGitHub commented Jan 22, 2025

Fixes #8978

@KSXGitHub KSXGitHub force-pushed the peer-validation-should-be-compatible-with-overrides-8978 branch from da33995 to e9bcd21 Compare January 22, 2025 11:48
@KSXGitHub KSXGitHub marked this pull request as ready for review January 22, 2025 11:48
@KSXGitHub KSXGitHub requested a review from zkochan as a code owner January 22, 2025 11:48
@zkochan
Copy link
Copy Markdown
Member

zkochan commented Jan 26, 2025

I don't think it is the right way to fix this. Maybe in the overrider instead. If a peer is overriden with a link or file, override it by adding such entries to "dependencies" instead of adding the link/file to "peerDependencies"

@KSXGitHub
Copy link
Copy Markdown
Contributor Author

KSXGitHub commented Jan 26, 2025

I don't think it is the right way to fix this. Maybe in the overrider instead. If a peer is overriden with a link or file, override it by adding such entries to "dependencies" instead of adding the link/file to "peerDependencies"

There are still use case for overriding peerDependencies #8978 (comment). We want to support overriding dependencies outside the range of declared peerDependencies.

@zkochan
Copy link
Copy Markdown
Member

zkochan commented Jan 26, 2025

OK, as I said, you can change it just for the link/file overrides

@KSXGitHub KSXGitHub changed the title fix: skip peer validation on overrides fix(overrides): move invalid peers to prod Jan 27, 2025
@KSXGitHub
Copy link
Copy Markdown
Contributor Author

KSXGitHub commented Jan 27, 2025

@zkochan I have changed it. Now overrides would move invalid peer versions from peerDependencies to dependencies. The logic that is used to detect invalid peer versions is now its own package.

@socket-security
Copy link
Copy Markdown

socket-security bot commented Jan 27, 2025
edited
Loading

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@pnpm/[email protected] filesystem 0 13.6 kB zkochan
npm/@pnpm/[email protected] None 0 9.73 kB zkochan
npm/@pnpm/[email protected] None 0 6.58 kB zkochan
npm/@pnpm/[email protected] None 0 11.7 kB zkochan
npm/@pnpm/[email protected] environment Transitive: filesystem, shell +2 1.24 MB zkochan
npm/@pnpm/[email protected] None 0 4.32 kB zkochan
npm/@pnpm/[email protected] None 0 22.9 kB zkochan
npm/@pnpm/[email protected] None 0 19.7 kB zkochan
npm/@pnpm/[email protected] None 0 8.76 kB zkochan
npm/@pnpm/[email protected] filesystem, unsafe Transitive: environment, network +39 393 kB zkochan
npm/@pnpm/[email protected] Transitive: environment, eval, network +12 303 kB zkochan
npm/@pnpm/[email protected] network +2 247 kB zkochan
npm/@pnpm/[email protected] environment +1 31.8 kB zkochan
npm/@pnpm/[email protected] environment, filesystem Transitive: network +5 114 kB zkochan
npm/@pnpm/[email protected] environment, filesystem, shell +10 820 kB zkochan
npm/@pnpm/[email protected] None +1 38.2 kB zkochan
npm/@pnpm/[email protected] Transitive: environment, filesystem +4 207 kB zkochan
npm/@pnpm/[email protected] environment, filesystem +1 313 kB zkochan
npm/@pnpm/[email protected] None 0 1.11 MB zkochan
npm/@pnpm/[email protected] environment, filesystem Transitive: network, shell +6 571 kB pnpmuser
npm/@pnpm/[email protected] None 0 5.14 kB zkochan
npm/@pnpm/[email protected] environment, filesystem +1 904 kB zkochan
npm/@pnpm/[email protected] None 0 13.5 MB zkochan
npm/@pnpm/[email protected] None 0 7.63 kB zkochan
npm/@pnpm/[email protected] environment 0 7.55 kB zkochan
npm/@pnpm/[email protected] Transitive: environment, filesystem, network +43 738 kB zkochan
npm/@pnpm/[email protected] None +2 25.6 kB pnpmuser
npm/@reflink/[email protected] filesystem, shell 0 12.9 kB ialdama
npm/@rushstack/[email protected] None 0 29 kB odspnpm
npm/@types/[email protected] None +1 2.24 MB types
npm/@types/[email protected] None 0 3.69 kB types
npm/@types/[email protected] None +1 2.22 MB types
npm/@types/[email protected] None +1 2.22 MB types
npm/@types/[email protected] None +1 2.24 MB types
npm/@types/[email protected] None +1 2.22 MB types
npm/@types/[email protected] None 0 5.43 kB types
npm/@types/[email protected] None 0 4.57 kB types
npm/@types/[email protected] None 0 2.62 kB types
npm/@types/[email protected] None 0 3.14 kB types
npm/@types/[email protected] None +1 2.22 MB types
npm/@types/[email protected] None +2 253 kB types
npm/@types/[email protected] None 0 9.12 kB types
npm/@types/[email protected] None +1 870 kB types
npm/@types/[email protected] None +1 870 kB types
npm/@types/[email protected] None +1 31.7 kB types
npm/@types/[email protected] 🔁 npm/@types/[email protected], npm/@types/[email protected] None 0 1.97 MB types
npm/@types/[email protected] None 0 2.81 kB types
npm/@types/[email protected] None 0 6.67 kB types
npm/@types/[email protected] None 0 2.95 kB types
npm/@types/[email protected] None 0 3.25 kB types
npm/@types/[email protected] None 0 34.8 kB types
npm/@types/[email protected] None 0 7.57 kB types
npm/@types/[email protected] None +3 2.24 MB types
npm/@types/[email protected] None 0 23.8 kB types
npm/@types/[email protected] None 0 6.09 kB types
npm/@types/[email protected] None 0 3.49 kB types
npm/@types/[email protected] None +1 93 kB types
npm/@types/[email protected] None +1 2.22 MB types
npm/@types/[email protected] None 0 4.67 kB types
npm/@types/[email protected] None +1 2.22 MB types
npm/@types/[email protected] None +1 2.24 MB types
npm/@types/[email protected] None +1 2.22 MB types
npm/@types/[email protected] None 0 6.67 kB types
npm/@types/[email protected] None 0 4.45 kB types
npm/@types/[email protected] None 0 6.06 kB types
npm/@types/[email protected] None +1 2.22 MB types
npm/@types/[email protected] None 0 3.71 kB types
npm/@typescript-eslint/[email protected] Transitive: environment, filesystem +17 6.17 MB jameshenry
npm/@typescript-eslint/[email protected] Transitive: environment, filesystem +10 1.52 MB jameshenry
npm/@yao-pkg/[email protected] environment, filesystem, shell, unsafe Transitive: network +22 6.02 MB roberts_lando
npm/@yarnpkg/[email protected] environment, eval, filesystem, network, unsafe +33 5.63 MB yarnbot
npm/@yarnpkg/[email protected] None 0 35.9 kB yarnbot
npm/@yarnpkg/[email protected] environment, eval, filesystem 0 280 kB arcanis
npm/@yarnpkg/[email protected] Transitive: environment, eval, filesystem, network, unsafe +37 8.33 MB yarnbot
npm/@yarnpkg/[email protected] None 0 197 kB yarnbot
npm/@yarnpkg/[email protected] environment, filesystem, unsafe +2 2.82 MB yarnbot
npm/@zkochan/[email protected] environment 0 37.5 kB zkochan
npm/@zkochan/[email protected] environment 0 7.59 kB zkochan
npm/@zkochan/[email protected] Transitive: environment, filesystem +1 557 kB zkochan
npm/@zkochan/[email protected] None 0 15 kB zkochan
npm/@zkochan/[email protected] filesystem 0 2.87 kB zkochan
npm/@zkochan/[email protected] Transitive: eval +4 1.72 MB zkochan
npm/[email protected] filesystem 0 105 kB cthackers
npm/[email protected] None +2 17.1 kB mafintosh
npm/[email protected] None 0 8.42 kB substack
npm/[email protected] None 0 3.06 kB zkochan
npm/[email protected] filesystem +1 32.8 kB npm-cli-ops
npm/[email protected] None +2 86.4 kB rvagg
npm/[email protected] None +2 32.2 kB sindresorhus
npm/[email protected] filesystem, unsafe Transitive: shell +5 640 kB oss-bot
npm/[email protected] None +1 16.3 kB sindresorhus
npm/[email protected] 🔁 npm/[email protected], npm/[email protected] None 0 11.7 kB sindresorhus
npm/[email protected] filesystem 0 3.9 kB zkochan
npm/[email protected] filesystem 0 3.92 kB zkochan
npm/[email protected] None +3 85.9 kB sindresorhus
npm/[email protected] environment 0 26.1 kB sibiraj-s
npm/[email protected] None 0 8.2 kB shannonmoeller
npm/[email protected] None 0 10.4 kB sindresorhus
npm/[email protected] environment 0 2.27 kB zkochan
npm/[email protected] None 0 2.54 kB zkochan
npm/[email protected] environment, filesystem +2 7.05 MB gustavohenke
npm/[email protected] environment 0 29.1 kB kentcdodds
npm/[email protected] environment, filesystem, shell 0 16.1 kB satazor
npm/[email protected] environment, filesystem, network Transitive: shell +88 5.83 MB jason-dent
npm/[email protected] None +2 13 kB zkochan
npm/[email protected] None 0 11.2 kB sindresorhus
npm/[email protected] filesystem, shell 0 23.6 kB lovell
npm/[email protected] None +2 366 kB foray1010
npm/[email protected] filesystem 0 6.09 kB zkochan
npm/[email protected] filesystem 0 5.18 kB zkochan
npm/[email protected] None 0 3.34 kB zkochan
npm/[email protected] environment +1 215 kB jonschlinkert
npm/[email protected] environment, filesystem, network, shell 0 133 kB evanw
npm/[email protected] None 0 3.79 kB sindresorhus
npm/[email protected] None +1 33.8 kB mightyiam
npm/[email protected] environment, filesystem, unsafe Transitive: eval +44 4.66 MB ljharb
npm/[email protected] filesystem Transitive: unsafe +14 1.96 MB weiran.zsd
npm/[email protected] filesystem +4 846 kB mysticatea
npm/[email protected] None 0 72.5 kB eslint-community-bot
npm/[email protected] environment, filesystem Transitive: eval, unsafe +34 8.85 MB eslintbot
npm/[email protected] filesystem 0 4.07 kB zkochan
npm/[email protected] filesystem +5 211 kB mrmlnc
npm/[email protected] None +1 10.8 kB sindresorhus
npm/[email protected] 🔁 npm/[email protected] None 0 11.8 kB sindresorhus
npm/[email protected] None 0 54.9 kB ryanzim
npm/[email protected] environment, filesystem, shell +4 8.39 MB mafintosh
npm/[email protected] None 0 8.52 kB zkochan
npm/[email protected] network 0 8.74 kB sindresorhus
npm/[email protected] environment, filesystem Transitive: shell +3 92.3 kB gtramontina
npm/[email protected] None 0 4.19 kB zkochan
npm/[email protected] None +1 35.8 kB grantila
npm/[email protected] network Transitive: environment, eval, filesystem +26 3.46 MB ialdama
npm/[email protected] None 0 0 B
npm/[email protected] None 0 19.7 kB andrewosh
npm/[email protected] None 0 12.7 kB npm-cli-ops

🚮 Removed packages: npm/@pnpm.e2e/[email protected], npm/@zkochan/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

@socket-security
Copy link
Copy Markdown

socket-security bot commented Jan 27, 2025
edited
Loading

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report↗︎

KSXGitHub
KSXGitHub commented Jan 27, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor Author

@KSXGitHub KSXGitHub left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not exactly a "refactor" if the behavior changes.

@zkochan
Copy link
Copy Markdown
Member

zkochan commented Jan 28, 2025

Right, but the commits will be squashed anyway to a single commit. So, it doesn't matter that much what are in these commit messages.

@zkochan zkochan changed the title fix(overrides): move invalid peers to prod fix(overrides): move invalid peers to prod deps Jan 28, 2025
@zkochan zkochan merged commit e8c2b17 into main Jan 28, 2025
@zkochan zkochan deleted the peer-validation-should-be-compatible-with-overrides-8978 branch January 28, 2025 17:01
haoqunjiang added a commit to vuejs/ecosystem-ci that referenced this pull request Feb 3, 2025
@haoqunjiang
fix: override pnpm 10.0-10.1.0 to 9.15.5 to fix vue-macros ci issue
029178d 
The bug is fixed in the pnpm repo but not yet released.
pnpm/pnpm#9000
@stormslowly stormslowly mentioned this pull request Mar 12, 2025
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zkochan zkochan zkochan approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

peerDependencies validation should compatiable with pnpm.overrides

2 participants

@KSXGitHub @zkochan