[Feature] Peer dependency resolutions

[aaronadamsCA]

• I'd be willing to implement this feature (contributing guide)
• This feature is important to have in this repository; a contrib plugin wouldn't do

Describe the user story

As a developer, I want to overwrite the version number of a peer dependency in a nested package, so that Yarn will stop warning that the installed version of the dependency doesn't satisfy the requested version, but will still check the peer dependency using the new version number I've specified.

Describe the solution you'd like

I can think of a few options, each having its own set of potential drawbacks:

1. Create a new peerResolutions field.
2. Allow resolutions to replace peerDependencies as well as dependencies.
3. Allow packageExtensions to overwrite existing peer dependencies, maybe with a new syntax where I provide version: XXX and overwrite: true.

Describe the drawbacks of your solution

1. More fields to support.
2. I'm not sure, actually. It feels like this would be safe, but I have to imagine there's some reason it doesn't already work this way.
3. More syntax to support, potentially dangerous, fundamentally changes the purpose of packageExtensions.

Describe alternatives you've considered

I haven't had any success ignoring the mismatched peer dependencies using peerDependenciesMeta, nor trying to adjust them with resolutions; neither seems to work.

I could use logFilters to discard matching messages, but that's not much of a solution, and doesn't suppress the warning "Some peer dependencies are incorrectly met".

[dobesv]

My first attempt to resolve the issue was to override peerDependencies using packageExtensions but it seems yarn will not replace an existing dependency.

Basically I would like to eliminate the big block of warnings yarn outputs so that if there's a new warning I know it's a good one.

I guess the current workaround might be to add logFilters to hide those warnings. I don't think updating peerDependencies on those packages would actually change the resulting module resolution, it would just hide the warning. So the same effect can be achieved by just hiding the warning?

I'd be willing to make an attempt at a PR for this, but I'm not sure which solution would be accepted.

[gruckion]

You can do this using yarn patch and yarn patch-commit.

https://yarnpkg.com/features/protocols#patch

This allows you to modify the src of a dependency.

[kachkaev]

@gruckion I've tried to patch peerDependencies in a transient dependency, but this has not resolved the issue.

Project: https://github.com/kachkaev/njt (updated Yarn to 4.0.0-rc.23 in dc55c6ad).

Original problem:

root-workspace-0b6124@workspace:. provides react (p8b678) with version 18.0.0, which doesn't satisfy what use-dark-mode and some of its descendants request

💬 yarn explain peer-requirements p8b678
➤ YN0000: root-workspace-0b6124@workspace:. provides react@npm:18.0.0 with version 18.0.0, which doesn't satisfy the following requirements:

➤ YN0000: @use-it/event-listener@npm:0.1.7 [996ff] → >=16.8.0           ✓
➤ YN0000: use-dark-mode@npm:2.3.1 [dc3fc]          → ^16.8.0            ✘
➤ YN0000: use-persisted-state@npm:0.3.3 [996ff]    → ^16.8.0 || ^17.0.0 ✘

I have replaced use-dark-mode with a fork (@fisch0920/use-dark-mode) according to donavon/use-dark-mode#96 (comment) . Got this:

root-workspace-0b6124@workspace:. provides react (p822ff) with version 18.0.0, which doesn't satisfy what @fisch0920/use-dark-mode and some of its descendants request

💬 yarn explain peer-requirements p822ff
➤ YN0000: root-workspace-0b6124@workspace:. provides react@npm:18.0.0 with version 18.0.0, which doesn't satisfy the following requirements:

➤ YN0000: @fisch0920/use-dark-mode@npm:2.4.0 [dc3fc] → >=16.8             ✓
➤ YN0000: @use-it/event-listener@npm:0.1.7 [c1c92]   → >=16.8.0           ✓
➤ YN0000: use-persisted-state@npm:0.3.3 [c1c92]      → ^16.8.0 || ^17.0.0 ✘

This is not yet solved because of donavon/use-persisted-state#69. So I’ve created a local patch: via yarn patch use-persisted-state – you can see the result in kachkaev/njt#6d7af4dc. However, when I run yarn install I still see the problem:

root-workspace-0b6124@workspace:. provides react (p822ff) with version 18.0.0, which doesn't satisfy what @fisch0920/use-dark-mode and some of its descendants request

💬 yarn explain peer-requirements p822ff
➤ YN0000: root-workspace-0b6124@workspace:. provides react@npm:18.0.0 with version 18.0.0, which doesn't satisfy the following requirements:

➤ YN0000: @fisch0920/use-dark-mode@npm:2.4.0 [dc3fc]                                                                                                                  → >=16.8             ✓
➤ YN0000: @use-it/event-listener@npm:0.1.7 [c1c92]                                                                                                                    → >=16.8.0           ✓
➤ YN0000: use-persisted-state@patch:use-persisted-state@npm%3A0.3.3#~/.yarn/patches/use-persisted-state-npm-0.3.3-c90a367c6d.patch::version=0.3.3&hash=083366 [c1c92] → ^16.8.0 || ^17.0.0 ✘

The patch has applied, but peerDependencies in yarn.lock have not changed. I’ve tried exploring comments in #4231, but haven’t found any working ideas. Oddly enough, yarn.lock has two entries for the patched package, both with the same peerDependencies:

"use-persisted-state@npm:0.3.3":
  version: 0.3.3
  resolution: "use-persisted-state@npm:0.3.3"
  dependencies:
    "@use-it/event-listener": "npm:^0.1.2"
  peerDependencies:
    react: ^16.8.0 || ^17.0.0
  checksum: 9d31133d7367f65505c605bbb0a40d3db3791db6a31241e063a7cd4960f977fe650458d7c532eb7ad14bf4547c8ba35ed09cbf876065d60b57438a9686676973
  languageName: node
  linkType: hard

"use-persisted-state@patch:use-persisted-state@npm%3A0.3.3#~/.yarn/patches/use-persisted-state-npm-0.3.3-c90a367c6d.patch":
  version: 0.3.3
  resolution: "use-persisted-state@patch:use-persisted-state@npm%3A0.3.3#~/.yarn/patches/use-persisted-state-npm-0.3.3-c90a367c6d.patch::version=0.3.3&hash=083366"
  dependencies:
    "@use-it/event-listener": "npm:^0.1.2"
  peerDependencies:
    react: ^16.8.0 || ^17.0.0
  checksum: bfb493da60e47d87995173870a24e81d40558ffc70100a6b5e7c152a74abeb2865eb101020378131fd7a3b929fa94a24e0a55f0e84cc26b94f149f2a4b2e1e36
  languageName: node
  linkType: hard

What am I missing?

UPD: I removed a dependency with problematic peer dependency, yarn install shows no warnings now. The question remains, but it is now theoretical for me (at least for now) 🙂

[deokseong-kim-toss]

I have same issue. yarn patch doesn't update peerDependencies. it create patch file, but yarn continues to show warnings. It seems yarn install warning is run before patch.

[DiFuks]

• I have same issue

[ernestostifano]

Same issue. No luck with yarn patch