-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"Root has devDependencies" #114
Comments
I agree with this. The "Root has devDependencies" is too opiniated. |
Also the main reason "The root package.json of a monorepo is not published" is incorrect. There are many uses in having root dependencies or not, in prod or dev. Examples:
Hence my need for "devDependencies" and not "dependencies". |
I second this, but would prefer to see this as an option, defaulting to the current behaviour. This would then necessitate another rule for those of us who use Bolt: Ensure that any dependency in a sub-package that's in My use case: I'm Dockerizing a Next.js app in the monorepo and I want to exclude |
I have a similar use case to @Offirmo and @steve-taylor. I want to install certain deps when installing on my machine but need a way to ignore them when installing in a Docker container. The only method of doing so I'm aware of is to pass I agree this rule is too opinionated and there needs to be a way to ignore it. I'm using pnpm workspaces. |
Although, I just found out that I was able to add this property to my root "manypkg": {
"ignoredRules": [
"ROOT_HAS_DEV_DEPENDENCIES",
]
}, |
I would like to raise a concern about this rule mostly due to the problem with
npm audit
and the general expectation of some underlaying tools that only dependencies should be scanned for vulnerabilities.Still creates a huge room for some uncertainly of decision which dep should do where, but I would like to have this rule configurable.
The text was updated successfully, but these errors were encountered: