You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When used in the context of a monorepo (typically with pnpm), since all packages dependencies are hoisted to <root>/node_modules, if any of them has decimal.js in its dependencies (even a nested one), the method getDecimalJSInstalled using require.resolve finds it in the root node_modules and returns true as a false positive (since the module is not actually a dependency of the current package).
A typical tree would be :
<root>/
|- node_modules/ // `pnpm` hoisting all modules here, including `zod-prisma-types` and `decimal.js`
|- packages/
| |- package-a/
| | |- schema.prisma
| | |- node_modules/ // `zod-prisma-types` installed here
| |
| |- package-b/
| | |- node_modules/ // `decimal.js` installed only here, not even as a direct dependency of `package-b`
... ... ...
Package versions (please complete the following information):
The method getDecimalJSInstalled should use a more contained approach to detect if decimal.js module is a dependency of the current package.
Problem is, given the versatile nature of monorepo dependency hoisting and the several options given to the user to set it up, it can become very tricky to know if a given decimal.js package is actually a direct dependency of the current package or not.
I would probably look directly into the current package.json dependencies since that would be the only reliable source of truth in such context.
I can do a PR but first I could use your thoughts on this @chrishoermann
The text was updated successfully, but these errors were encountered:
Describe the bug
When used in the context of a monorepo (typically with
pnpm
), since all packages dependencies are hoisted to<root>/node_modules
, if any of them hasdecimal.js
in its dependencies (even a nested one), the methodgetDecimalJSInstalled
usingrequire.resolve
finds it in the rootnode_modules
and returnstrue
as a false positive (since the module is not actually a dependency of the current package).A typical tree would be :
Package versions (please complete the following information):
Additional context
zod-prisma-types/packages/generator/src/utils/getDecimalJSInstalled.ts
Lines 1 to 8 in a34b9f3
The method
getDecimalJSInstalled
should use a more contained approach to detect ifdecimal.js
module is a dependency of the current package.Problem is, given the versatile nature of monorepo dependency hoisting and the several options given to the user to set it up, it can become very tricky to know if a given
decimal.js
package is actually a direct dependency of the current package or not.I would probably look directly into the current package.json dependencies since that would be the only reliable source of truth in such context.
I can do a PR but first I could use your thoughts on this @chrishoermann
The text was updated successfully, but these errors were encountered: