I have a relatively complicated enterprise environment where I am writing some reusable code in my own library, which in turn has multiple dependencies, with multiple places that use AJV. One in particular is @seriousme/openapi-schema-validator - which has the following "simple" dependencies: https://github.com/seriousme/openapi-schema-validator/blob/master/package.json#L10
"dependencies": {
"ajv": "^8.6.0",
"ajv-draft-04": "^1.0.0",
"js-yaml": "^4.1.0"
}
When launching an application using my library, though, I get the following error:
internal/modules/cjs/loader.js:883
throw err;
^
Error: Cannot find module 'ajv/dist/core'
Require stack:
- /home/rolf/bmix/myapp/node_modules/ajv-draft-04/dist/index.js
- /home/rolf/bmix/myapp/node_modules/@seriousme/openapi-schema-validator/index.js
- /home/rolf/bmix/myapp/node_modules/fastify-openapi-glue/lib/parser.js
- /home/rolf/bmix/myapp/node_modules/fastify-openapi-glue/index.js
It's quite clear, that AJV 8.6.0 has ajv/dist/core
, though, BUT, even though both:
- ajv-draft-04 has a peerDependency of AJV 8.5.0
- my own library requires AJV 8.6.0 for other reasons.
what happens is that NPM install "trampolines" ajv-draft-04
to the top-level node_modules
of the application. Both my library and the @seriousme/openapi-schema-validator libraries have AJV 8.6.0 in their "local" node_modules
. The actual version of the top-level node_modules
is 6.12.6 - NPM chooses to de-dup that version, instead of 8.6.0... The tail-end of the npm-ls
looks like:
The end result of this is that ajv-draft-04
and ajv
version 6.12.6
are both at the top-level node-modules
, and that AJV version is not compatible.
I am not sure what to recommend, but, it appears, at this moment, that I have to force dozens of applications to require AJV 8.6.0 at their top level to prevent the dedup
of the wrong version of AJV.
Note, running npm --version
version 6.14.11
- I see there's a change in peerDependency handling with npm 7.... as an enterprise, we are slow to move to version, but will try npm 7