Peer dependency installation behavior

[markcellus]

npm 7 will install peer deps by default which is great. But I can't find any information on what version of a peer dep will be installed in the following scenario.

Let's say there is a foo-package and it's latest version is at 2.0.0. If my package.json sets peerDependencies.foo-package to >=2 and it's installed on a project that already has foo-package 1.17.5 installed as a dependency, what happens? Will there be any warning at all because the peer dep doesn't satisfy the >=2 version range? Or will it auto-upgrade to the latest 2.0.0 version?

Sorry if this is documented somewhere but after searching a bit, I couldn't find any detail. I did take a look at the RFC 25: Install Peer Dependencies but didn't find any information that would clarify this. Thanks in advance!

[ljharb]

If the peer dep is set to require “not version 1”, then it’d be a peer dep conflict. If it’s set to “>= 1” and you already have v1.17.5 installed, it’ll likely use that. If it’s set to “>= 1” and you have nothing installed, it’ll likely install the latest (v2).

This all assumes that in your scenario, there’s only the one source of a peer dep constraint, and the one possible source of an existing version (the root project).

[markcellus]

Thanks but not sure if that answers my question 😃. Can you tell me what would/should happen in the scenario I mentioned? What would be output in the console upon installation of my hypothetical package when 1.17.5 of foo-package is already installed? Happy to provide more info if I didnt describe as well.

[ljharb]

In npm 7, you'd get an error and the install would fail, as your dep graph is invalid.

[markcellus]

Ah ok so errors and fails to install instead of just a warning. Thanks!