Vendoring a dependency in a published dependency #8849
Unanswered
alexandercerutti
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
We have an internal package (
@int/a-wrap
) that has an NPM dependency that we must clone in order to apply some patches and build it before shipping our dependency.Let's call it
a
(scoped:@vnd/a
).In order to do so, we have a shell script that we run when we have to compile
a
and publish@int/a-wrap
and, once patches have been applied, it runsa/
includes the minimum files required to be a package, sopackage.json
and adist/
with the compiled files.So, in the
package.json
I then can see"@vnd/a": "link:vendor/a"
as a dependency and I can see it in thenode_modules
in@int/a-wrap
folder as@vnd/a
.Then we publish the main package by including the
vendor
folder in the tarball.From an application, we then run
pnpm install @int/a-wrap
.Installation report the following warn:
So, pnpm in the application is looking for the vendorized dependency in the application and not in the package how it should (to me, at least).
I'm not sure this is a bug or an expected situation, but I preferred asking here before opening a report. I didn't find anything similar among the issues and the discussions.
Does anyone know how can we make it to find a vendorized dependency from the package itself?
I'm using everywhere
[email protected]
(I upgraded to test this, I was on9.1.3
, where we had the same problem).We tried as well with
And it worked until the main app repo had
npm
(while@int/a-wrap
had pnpm), but we are migrating topnpm
in the app as well, so this problem happend.Thank you.
Beta Was this translation helpful? Give feedback.
All reactions