Summary
The Rush pnpm-config.json currently has strictPeerDependencies: false to work around upstream peer dependency issues in Microsoft's SPFx packages. This should be changed to strictPeerDependencies: true with appropriate globalPeerDependencyRules to suppress the known upstream issues, so that any new peer dependency problems are caught immediately.
Current State
In common/config/rush/pnpm-config.json:
"strictPeerDependencies": false,
This silently ignores all peer dependency issues, including any new ones introduced by future dependency changes.
Proposed Change
Enable strict peer dependencies and add rules to suppress the known upstream issues:
"strictPeerDependencies": true,
"globalPeerDependencyRules": {
"ignoreMissing": [
"swiper",
"scheduler",
"@microsoft/microsoft-graph-client"
],
"allowedVersions": {
"@rushstack/heft": ">=0.71.1"
}
}Why This Matters
With strictPeerDependencies: false, any new unmet peer dependency introduced by a dependency upgrade will be silently ignored. This can lead to:
- Runtime errors that are hard to diagnose
- Version conflicts that go unnoticed
- Subtle bugs from incompatible dependency versions
With strictPeerDependencies: true + targeted suppression rules, the known upstream issues are documented and suppressed, while any new peer dependency problems will cause rush update to fail — catching issues early.
Related Issues
Summary
The Rush
pnpm-config.jsoncurrently hasstrictPeerDependencies: falseto work around upstream peer dependency issues in Microsoft's SPFx packages. This should be changed tostrictPeerDependencies: truewith appropriateglobalPeerDependencyRulesto suppress the known upstream issues, so that any new peer dependency problems are caught immediately.Current State
In
common/config/rush/pnpm-config.json:This silently ignores all peer dependency issues, including any new ones introduced by future dependency changes.
Proposed Change
Enable strict peer dependencies and add rules to suppress the known upstream issues:
Why This Matters
With
strictPeerDependencies: false, any new unmet peer dependency introduced by a dependency upgrade will be silently ignored. This can lead to:With
strictPeerDependencies: true+ targeted suppression rules, the known upstream issues are documented and suppressed, while any new peer dependency problems will causerush updateto fail — catching issues early.Related Issues
swiper@^8.2.6(fromadaptivecards)scheduler@>=0.19.0(from@fluentui/react-context-selector)@microsoft/microsoft-graph-client@3.0.2(version mismatch)@rushstack/heft@^0.71.1(version mismatch in build rig)