DEV Community 👩‍💻👨‍💻

Cover image for Are you sure what packages you're using are in package.json? (Phantom Dependency)
SeongKuk Han
SeongKuk Han

Posted on

Are you sure what packages you're using are in package.json? (Phantom Dependency)

Are you sure what packages you're using are in package.json?

Projects that I'm working on are managed separately, even they are similar and have common packages.

One day, I changed a package manager of a project for a testing purpose, then I've found the code that imported an undefined package lodash.


What are Phantom Dependencies?

Phantom dependencies are packages that are not defined in package.json.

using-undefined-package

Let's see the example,
there is one dependency express but the project can use an undefined package qs, and there is qs in node_modules.

That means your code can refer packages that you don't know what it is and what version is. It happens when you install packages using npm or yarn v1.


How to get rid of them?

Yarn Berry's approach solves this problem though, I didn't much about it so, I'm going to show you an example using pnpm.

pnpm: Fast, disk space efficient package manager

cannot_use_undefined_packages_anymore

There are only packages that were defined in package.json.

If you wanna know more about pnpm, visit pnpm.


Happy Coding!

Top comments (0)

🌚 Browsing with dark mode makes you a better developer.

It's a scientific fact.