Library should not update peerDependencies
ehaynes99 opened this issue · 3 comments
- I have searched for similar issues
- I am using the latest version of
npm-check-updates - I am using
node >= 10.17
When running npm-check-updates, it updates versions in peerDependencies by default. This is fundamentally wrong. When using peerDependencies, you should always try to select the most permissive version possible, i.e. the lowest possible version that works. Where possible, it's even better to have multiple major versions as options. Setting this unnecessarily high makes the library overly restrictive, maximizing the chance of a conflict with the consuming project's dependencies, thus minimizing its utility.
E.g. If I create a component library for React that uses hooks (introduced in 16.8), the ideal values would be:
"peerDependencies": {
"react": "^16.8.0 || ^17.0.0"
},
"devDependencies: {
"react": "^17.0.2",or for a library supplementing jest, it should have:
"peerDependencies": {
"jest": "^24.0.0 || ^25.0.0 || ^26.0.0 || ^27.0.0"
},
"devDependencies: {
"jest": "^27.2.3",
...I realize that I can use the --dep flag for this, but there really isn't a valid case for maximizing this value...
That makes a lot of sense. Thanks for the explanation! I think we should change the default behavior to exclude peerDependencies on the next major version.
Fixed and published in v12.0.0.
@raineorshine just wanna say big thank you!! < 3