One of the very great features of pnpm is that in one project, a specific version of a package will always have one set of dependencies. There is one exclusion from it though - packages with peer dependencies.
Peer dependencies are resolved from dependencies installed higher in the dependency graph.
That means if
email@example.com has two peers (
baz@^1) then it might have different sets of dependencies
in the same project.
- foo-parent-1 - firstname.lastname@example.org - email@example.com - firstname.lastname@example.org - foo-parent-2 - email@example.com - firstname.lastname@example.org - email@example.com
In the example above,
firstname.lastname@example.org is installed for
foo-parent-2. Both packages have
bazas well, but
they depend on different versions of
baz. As a result,
email@example.com has two different sets of dependencies: one with
and the other one with
firstname.lastname@example.org. In order to support these use cases, pnpm has to hard link
email@example.com as many times as many different dependency sets it has.
Normally, if a package does not have peer dependencies, it is hard linked to a
node_modules folder next to symlinks of its dependencies.
foo has peer dependencies, there cannot be one single set of dependencies for it, so
we create different sets, for different peer dependency resolutions:
We create symlinks either to the
foo that is inside
firstname.lastname@example.orgemail@example.com/node_modules or to the one in
As a consequence, the Node.js module resolver algorithm will find the correct peers.
If the resolved peer is a direct dependency of the project, it is not grouped separately with the dependent package.
This is done to make it easier to make predictable and fast named (
pnpm i foo) and general (
pnpm i) installations.
So if the project dependends on
firstname.lastname@example.org, the dependencies from our example will be grouped like this:
If a package has no peer dependencies but has dependencies with peers that are resolved higher in the graph, then
that transitive package can appear in the project with different sets of dependencies. For instance, there's package
with a single dependency
email@example.com has a peer dependency
firstname.lastname@example.org will never resolve the
email@example.com, so it becomes dependent from the peers of
firstname.lastname@example.org as well.
Here's how it will look like in
node_modules/.registry.npmjs.org, in case if
email@example.com will need to appear twice in the project's
node_modules, once resolved with
firstname.lastname@example.org and once with