I am currently developing an NPM package and using rollup for bundling and npm publishing. I am seeking guidance on whether a dependency should be bundled by rollup or not. Below is my detailed analysis:
Every dependency used in the 'src' folder should be added to either 'deps' or 'peerDeps'
If you opt to include it only in 'peerDeps' and not 'deps', for local build purposes, it is advisable to add it to 'devDeps'. Otherwise, you may need third-party tools to install dependencies in 'peerDeps', or consider upgrading to npm@7 (which I have not done yet). I understand that this part might be controversial, but let's proceed as this topic is not solely about 'peerDeps'.
Rollup will bundle every dependency used in 'src', unless excluded in the 'external' configuration. By default, it disregards whether the dependency is listed in 'deps', 'peerDeps', or 'devDeps'.
However, this approach seems unexpected. For any dependencies listed in 'deps', projects utilizing this package would install the dependency separately, allowing webpack to handle and process it without requiring rollup to include it in the bundle file. In that case, should we instruct rollup to treat all 3rd party dependencies as external? Perhaps by implementing this strategy:
// https://github.com/remix-run/react-router/blob/v5.2.0/packages/react-router/rollup.config.js
function isBareModuleId(id) {
return (
!id.startsWith(".") && !id.includes(path.join(process.cwd(), "modules"))
);
}
Alternatively, we could utilize rollup-plugin-peer-deps-external:
peerDepsExternal({
includeDependencies: true, // FIXME: 'deprecated', no idea why?
}),
I am seeking insight into the best practice here and welcome any feedback or corrections to my thought process. Any advice is appreciated.
Thank you.