Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Please update class-transformer dependency to the latest version

See original GitHub issue

Hello!

Thank you for this great library!

However, right now it requires class-transformer@0.3.1 (exact version 0.3.1) as a peer dependency. This prevents my project from using the latest version of the class-transformer (which is 0.4.0).

This generates the following error on npm install:

npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR! 
npm ERR! While resolving: @acme/project
npm ERR! Found: class-transformer@0.4.0
npm ERR! node_modules/class-transformer
npm ERR!   class-transformer@"0.4.0" from the root project
npm ERR! 
npm ERR! Could not resolve dependency:
npm ERR! peer class-transformer@"^0.3.1" from routing-controllers@0.9.0
npm ERR! node_modules/routing-controllers
npm ERR!   routing-controllers@"0.9.0" from the root project
npm ERR! 
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.

Would you be so kind to update class-transformer dependency to the latest version?

Thanks!

Issue Analytics

State:
Created 2 years ago
Reactions:33
Comments:25 (3 by maintainers)

Top GitHub Comments

16reactions

slavafomincommented, Oct 8, 2021

The same issue is with class-validator.

Also, it would be much easy to avoid these kind of issues if you would switch to a stable semver range (major version > 0) because it would allow to match dependencies in a more relaxed manner.

12reactions

SandraShklyaevacommented, Nov 22, 2021

Dependency update sounds even more urgent because of the latest security vulnerability fixes for the following packages: class-validator => 0.13.2 (changelog) class-transformer => 0.5.0 (changelog)

Top Results From Across the Web

class-transformer - npm

Latest version : 0.5.1, last published: a year ago. Start using class-transformer in your project by running `npm i class-transformer`.

class-transformer | Yarn - Package Manager

NOTE: This version fixes a security vulnerability allowing denial of service attacks with a specially crafted request payload. Please update as soon as...

How to update each dependency in package.json to the latest ...

Simply change every dependency's version to * , then run npm update --save . (Note: broken in recent (3.11) versions of npm). Before:...

class-transformer-validator - npm package - Snyk

Learn more about class-transformer-validator: package health score, popularity, security, ... updated class-transformer dependency to version ^0.2.3 ...

Source - GitHub

It was accidentally released as patch version. ... updated CI configuration - removed some unused dev dependencies - updated dependencies to latest version...