[BUG] failed to resolve peer dependencies (conflict) when peer dependencies are in range.
Closed this issue ยท 17 comments
Current Behavior:
npm install
favors getting higher versions of peer dependencies.
for example:
"@angular/cdk": 10.2.5 has the following peer dependencies
{
...
"@angular/common": "^10.0.0 || ^11.0.0-0",
"@angular/core": "^10.0.0 || ^11.0.0-0"
...
}
"@angular/forms": 10.2.5 has the following peer dependencies
{
...
"@angular/common": "10.2.5",
"@angular/core": "10.2.5"
...
}
if you try to install both packages above you'll get an error because when resolving peer dependencies it chooses "@angular/common": 11.2.11 (and then "@angular/core": 11.2.11) thus results in a conflict
Expected Behavior:
when resolving peer dependencies it should choose "@angular/common": 10.2.5 (and then "@angular/core": 10.2.5) that would have satisfy all deps
Steps To Reproduce:
- open an empty project / folder
- run
npm init
(package.json doesn't list any dependencies) - run
npm i @angular/cdk@10.2.5 @angular/forms@10.2.5
result:
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! Found: @angular/core@11.2.11
npm ERR! node_modules/@angular/core
npm ERR! peer @angular/core@"^10.0.0 || ^11.0.0-0" from @angular/cdk@10.2.5
npm ERR! node_modules/@angular/cdk
npm ERR! @angular/cdk@"10.2.5" from the root project
npm ERR! peer @angular/core@"11.2.11" from @angular/common@11.2.11
npm ERR! node_modules/@angular/common
npm ERR! peer @angular/common@"^10.0.0 || ^11.0.0-0" from @angular/cdk@10.2.5
npm ERR! node_modules/@angular/cdk
npm ERR! @angular/cdk@"10.2.5" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! @angular/forms@"10.2.5" from the root project
npm ERR!
npm ERR! Conflicting peer dependency: @angular/core@10.2.5
npm ERR! node_modules/@angular/core
npm ERR! peer @angular/core@"10.2.5" from @angular/forms@10.2.5
npm ERR! node_modules/@angular/forms
npm ERR! @angular/forms@"10.2.5" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
Environment:
npm: 7.11.1
this is one we intend to resolve in some fashion, but it is surprisingly complicated with the current state of arborist.
as a work around for now you can specify @angular/common@10.2.5
as a direct dependency and you'll at least be unblocked and able to install your tree.
@nlf thanks, i really appreciate your suggestion for a workaround but this is merely an example to demonstrate the nature of the issue.
The real issue I'm facing is more complicated than the example above- i actually want to rely on npm to install peer dependencies correctly and to fail when it finds conflicts.
There are however many published libraries that will fail to install without a workaround.
There are also many CLIs and other tools that will not work because of this issue.
yup, totally understood. we're working on it but this one creates a huge amount of complexity so it may be some time before we come up with a solution that resolves as many conflicts as it possibly can without introducing massive slow downs.
Hey @talsi , does npm 7.11.2 work for you?
I'm still getting the same errors.
hi,
npm 7.11.2
does fixes the bug described above (successfully running npm i @angular/cdk@10.2.5 @angular/forms@10.2.5
), but unfortunately, i'm still having a similar issue.
for example,
when trying to install @angular-slider/ngx-slider@"^2.0.3"
and @angular/common@"^10.2.4"
-
@angular-slider/ngx-slider@"2.0.3"
has a peer-dependency on@angular/common@">=6.1.0"
it chooses@angular/common@"10.2.5"
that satisfies the root dependency of@angular/common@"^10.2.4"
-
@angular-slider/ngx-slider@"2.0.3"
has a peer-dependency on@angular/forms@">=6.1.0"
it favors the higher version (11.2.12) of@angular/forms
which has a peer-dependency on@angular/common@"11.2.12"
steps to reproduce are:
running npm i @angular-slider/ngx-slider@"^2.0.3" @angular/common@"^10.2.4"
result:
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: untitled45@1.0.0
npm ERR! Found: @angular/common@10.2.5
npm ERR! node_modules/@angular/common
npm ERR! @angular/common@"^10.2.4" from the root project
npm ERR! peer @angular/common@">=6.1.0" from @angular-slider/ngx-slider@2.0.3
npm ERR! node_modules/@angular-slider/ngx-slider
npm ERR! @angular-slider/ngx-slider@"^2.0.3" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer @angular/common@"11.2.12" from @angular/forms@11.2.12
npm ERR! node_modules/@angular/forms
npm ERR! peer @angular/forms@">=6.1.0" from @angular-slider/ngx-slider@2.0.3
npm ERR! node_modules/@angular-slider/ngx-slider
npm ERR! @angular-slider/ngx-slider@"^2.0.3" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
Has there been any progress on this issue?
@Quazmoz it's fixed. try npm 8 latest, and if you're getting an error like the above, then it means your dependency graph is invalid, and the error message explains why.
@Quazmoz @ljharb
actually this bug is not fixed and it's very easy to see it, just run
npm i @angular-slider/ngx-slider@"^2.0.3" @angular/common@"^10.2.4"
here's the output of the running it using the latest version (8,4,1)
the dependency graph is OK.
during install npm choose the highest version possible of @angular/forms
instead of choosing a compatible version which would satisfy peer dependencies.
this bug is repeatedly getting closed. it doesn't seem like anyone thinks it's too serious.
@talsi it's not always going to be possible (in a P=NP sense) to pick the right version; it's not really a bug that sometimes you have to do it yourself and explicitly add a peer dep (all your peer deps should be explicitly added anyways).
It seems like your project already depends on v13.2.2 of @angular/forms
, and npm (correctly) respects that and does not downgrade it (because that might break your code, if you depend in a feature added in v13.2.0, for example).
I think you need to downgrade @angular/forms
yourself, and then npm will be able to figure out the rest.
@ljharb
hi, my project is not dependent on anything. In fact, it's a fresh, completely empty project. No package-lock.json. No node_modules folder. No other dependencies in package.json. so npm choose to install an incompatible version of @angular/forms
.
I can't control the peer dependencies of 3rd party libs.
If the default settings in npm 7 is to install peer dependencies then it shoud work flawlessly. That's the reason why it was removed after version 3.
For experienced developers this can be just a minor issue but new ones will immediately start using yarn or anything else that works for them.
I truly understand the complexity of this issue i just think that if there are no plans to fix this issue maybe it'll better to have users opt-in to use this feature instead of closing all of the bugs users open about it and keeping it as the the default setting.
I honstly don't understand how come this issue don't get more attention.
@talsi indeed, you can't. which is why in this case you'd need to add @angular/forms
to your initial npm install
command. It's not possible for it to work flawlessly; but this is still an improvement over npm 6's behavior.
why this issue is closed? it still happening in June 2022 @ljharb
I am still facing this issue.
@faizaldong because the bug is likely in your package.json, not in npm