-
-
Notifications
You must be signed in to change notification settings - Fork 937
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot delete an optional dependency by using .pnpmfile.cjs - becomes a dependency instead? #7441
Comments
The lockfile will always include optional dependencies regardless of whether pnpm installs them. You should run |
Hello again, @EdwardDrapkin. This is a non-issue and should be closed, but I have left this issue open to wait for your response. Have you received my message? |
PNPM definitely installs it - bun hard crashes when that package is imported, it's conditionally imported by an upstream dependency, and removing it from node_modules allows bun to run the app I'm trying to run. Even if it didn't, if it's removed from the optional dependencies, it should not be added to the lockfile as a hard dependency... a user who goes out of their way to remove something from an optional dependency should not suggest to the package manager that they mean to make some package that was previously optional now mandatory. This is an issue in both the lockfile generated and that the dependency gets installed. If you read the code I pasted and the lockfile output, you'll see that the pnpmfile is not being correctly applied at all. That dependency is manually deleted from both optionalDependencies and dependencies, and no permutation of option actually removes it from the lockfile or the node_modules directory. |
Please do a clean install again and run The command I use was When I try to reproduce your steps (that is: create a |
I think there is a real bug in pnpm with respect to
Expected result: pnpm removes the optional dependency. To get to the expected state, you have to run |
The issue is that pnpm doesn't know when In any case, I think we should support a new setting for selectively ignoring some optional dependencies. Something like, {
"pnpm": {
"ignoredOptionalDependencies": ["nice-napi"]
}
} |
Should pnpm write a checksum for
That would work for me too. |
New feature: #7714 |
I believe the original issue has been fixed by this PR: #7704 |
Verify latest release
pnpm version
8.13.0
Which area(s) of pnpm are affected? (leave empty if unsure)
Dependencies resolver
Link to the code that reproduces this issue or a replay of the bug
No response
Reproduction steps
I'm trying to prevent an optional dependency of a transitive dependency from being installed. Adding the following pnpmfile:
and the dependency ssh2-sftp-client will re-create the issue.
Describe the Bug
The package
ssh2-sftp-client
has a dependency onssh2
.ssh2
has an optionalDependency oncpu-features
which I specifically want to exclude from installation. I am trying to exclude it using a .pnpmfile.cjs that looks like this:The output of running pnpm i includes the modified package.json, which looks as I'd expect:
The output lock file has not just removed
cpu-features
from the optionalDependencies, it's added it to the dependencies as well!Expected Behavior
cpu-features is not installed
Which Node.js version are you using?
v18.19.0
Which operating systems have you used?
If your OS is a Linux based, which one it is? (Include the version if relevant)
No response
The text was updated successfully, but these errors were encountered: