[Bug] Peer dependency constraints allow breaking minor upgrades #9818
Description
Description
Some @deck.gl/* packages specify peerDependencies on other @deck.gl/* packages using caret (^) semver ranges. For example, @deck.gl/layers declares:
"peerDependencies": {
"@deck.gl/core": "^9.1.0",
"@loaders.gl/core": "^4.2.0",
"@luma.gl/core": "^9.2.2",
"@luma.gl/engine": "^9.2.2"
}This accepts any 9.x minor of @deck.gl/core. Because deck.gl minors sometimes introduce breaking changes (see the “Upgrading to v9.1” section of the upgrade guide), users can end up with version combinations that satisfy peer ranges but break at build or runtime.
Flavors
- Script tag
- React
- Python/Jupyter notebook
- MapboxOverlay
- GoogleMapsOverlay
- CARTO
- ArcGIS
Expected Behavior
Peer dependencies constrained to patch versions (e.g., ~9.1.0)
Steps to Reproduce
Explicitly install a @deck.gl/* package, eg.
npm i @deck.gl/[email protected]
Deck.gl peer dependencies will resolve to latest, potentially incompatible, 9.x version
Environment
- Framework version:
[email protected] - Browser: Chrome
- OS: Linux
Logs
No response