Are you sure what packages you're using are in package.json?
Projects that I'm working on are managed separately, even they are similar and have common packages.
One day, I changed a package manager of a project for a testing purpose, then I've found the code that imported an undefined package lodash.
What are Phantom Dependencies?
Phantom dependencies are packages that are not defined in package.json.
Let's see the example,
there is one dependency express but the project can use an undefined package qs, and there is qs in node_modules.
That means your code can refer packages that you don't know what it is and what version is. It happens when you install packages using npm or yarn v1.
How to get rid of them?
Yarn Berry's approach solves this problem though, I didn't much about it so, I'm going to show you an example using pnpm.
pnpm: Fast, disk space efficient package manager
There are only packages that were defined in package.json.
If you wanna know more about pnpm, visit pnpm.
Happy Coding!
Top comments (3)
But why would someone import a module not listed in his package.json in the first place ?!
Yes, that's also right. But I think the problem is 'that can happen'.
'Don't make the mistake.' is right though, getting rid of that causes of the mistake sounds not bad.
Thanks for the reply. I asked a question here that you may take a look stackoverflow.com/questions/740944...