Why is socket.io not a normal dependency?

[JeredArc]

I’m using yarn with PnP in my dev setup, and I’m having issues using fastify-socket.io, as the yarn loader always tells me

Error: fastify-socket.io tried to access socket.io, but it isn't declared in its dependencies; this makes the require call ambiguous and unsound.

Yarn is very picky with declared dependencies (which basically is a good thing), so just adding socket.io to my project’s dependencies is no solution.

The only way I could resolve this for me, is adding a packageExtension to .yarnrc.yml

packageExtensions:
  fastify-socket.io@*:
    dependencies:
      socket.io: "^4.7.1"

In the package.json, I only see socket.io as devDependency (which explains why yarn is complaining), and I’m wondering why.

Is there a reason behind that (I’d be very curious) or is it an oversight, because npm is more forgiving?

[puzzle9]

install

I think it may socket.io serve suppver version

[alemagio]

socket.io is a peerDependency in the next version