not all types of express are compatible with each other.
e.g. (4.17.13 and 4.17.14)
Using PNPM in the context of a MonoRepository can lead to other services using a higher/lower version of the express library which can lead to express-prom-bundle using a different version of the express types than installed locally for the current workspace. This leads to a type missmatch.
In this example prometheusMiddleware resolves the type of the key metricsApp as express internally. The types referenced via import express from "express"; is referencing another type version.
Typescript will throw a type missmatch in this case.
That is why in our opinion the production dependency @types/express should be a peerDependency instead.
What is the current behavior?
@types/express is marked as a development dependency.
What is the expected behavior?
@types/express should be marked as a peerDependency.
Why is this an issue?
express-prom-bundle is reexporting the types of express:
not all types of express are compatible with each other. e.g. (4.17.13 and 4.17.14)
Using PNPM in the context of a MonoRepository can lead to other services using a higher/lower version of the express library which can lead to express-prom-bundle using a different version of the express types than installed locally for the current workspace. This leads to a type missmatch.
Codesnipped that can leads to a reproduction:
In this example prometheusMiddleware resolves the type of the key metricsApp as express internally. The types referenced via
import express from "express";
is referencing another type version. Typescript will throw a type missmatch in this case.That is why in our opinion the production dependency @types/express should be a peerDependency instead.