Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EJS/Handlebars/Pug are not really optional Dependencies #1219

Open
kgierke opened this issue Jul 13, 2024 · 1 comment
Open

EJS/Handlebars/Pug are not really optional Dependencies #1219

kgierke opened this issue Jul 13, 2024 · 1 comment

Comments

@kgierke
Copy link

kgierke commented Jul 13, 2024

Describe the bug
The documentation mentions that the template engines are optional dependencies which only need to be installed if necessary. Yet at the moment they are listed as peerDependencies in the package.json and therefore installed automatically since npm version 7.

To Reproduce
Steps to reproduce the behavior:

  1. Install the package
  2. Inspect node_modules to see that ejs, handlebars etc. have been installed.

Expected behavior
The optional peer dependencies shouldn't be installed.

Additional context
This can be solved by defining peerDependenciesMeta in the package.json:

https://docs.npmjs.com/cli/v8/configuring-npm/package-json#peerdependenciesmeta
@AlexDieRobe
Copy link

AlexDieRobe commented Sep 20, 2024
edited
Loading

Handlerbar (^4.7.8) has some security vulnerability that are not patched at the moment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kgierke @AlexDieRobe