Closed toverux closed 6 years ago
Move @types/express from deps to devDeps, as discussed in #4. Works fine if the client has @types/express in it's own dependencies, which should be the case. Otherwise, that user isn't working in strict mode and having or not @types/express won't make any difference.
Can you clarify that? I think I do not fully understand the consequences you are describing.
I think that there are two main cases:
The user uses TypeScript normally. He/she has likely installed express before express-basic-auth, and @types/express
alongside because otherwise he/she couldn't have used express in the first place. And then that user adds express-basic-auth. As the definitions for express are already there (installed as a direct dependency), boom, compiles.
The user has enabled a variety of flags / cheated the TypeScript compiler to make possible the import of files without type definitions. Then express-basic-auth removes @types/express
as a dependency. TypeScript can't find the declaration file for express. Nobody cares as it's allowed. User just looses intellisense on express-specific symbols.
Worst case scenario: TypeScript fails, giving a clear and unambiguous message saying that @types/express
should be installed.
Merged, thank you
@toverux
He/she has likely installed express before express-basic-auth, and @types/express alongside because otherwise he/she couldn't have used express in the first place
This is a bad assumption. To be valid, a pkg must explicitly define its dependencies. Otherwise you are relying on hoisting. This will break pnpm and Yarn PnP.
Yes, but TypeScript was a special case. Lots of people were doing that, and maybe still do. Indeed, we were relying on hoisting since it was a known behaviour of all the package managers at the time.
Maybe yarn pnp is a bit young if it's still so fragile and intolerant? :)
According to you, we should put @types/express
in dependencies
? How are other packages doing today?
Three little commits, three little things :
npm test
was failing on my machine because it's used intest.js
without being mentioned inpackage.json
.@types/express
from deps to devDeps, as discussed in #4. Works fine if the client has@types/express
in it's own dependencies, which should be the case. Otherwise, that user isn't working in strict mode and having or not@types/express
won't make any difference.