Skip to content

fix(common): move file-type to optional peer dependency #16012

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
malkovitc wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(common): move file-type to optional peer dependency #16012

malkovitc wants to merge 1 commit into from
+4 −1

Conversation

@malkovitc
Copy link

@malkovitc malkovitc commented Dec 3, 2025

Summary

Move file-type from dependencies to peerDependencies to resolve npm hoisting issues.

Problem

When another package (like jimp) depends on an older version of file-type, npm may hoist that older version to the root node_modules. The dynamic import in FileTypeValidator then loads the wrong version, causing validation failures with cryptic error messages like:

Validation failed (current file type is application/octet-stream, expected type is application/octet-stream)

Solution

Moved (not added) file-type from dependencies to peerDependencies as optional:

  • Removes file-type: "21.1.1" from dependencies
  • Adds file-type: "^21.0.0" to peerDependencies
  • Marks it as optional: true in peerDependenciesMeta

This ensures npm warns users when an incompatible version would be hoisted, while not breaking projects that don't use FileTypeValidator.

Test plan

  • All FileTypeValidator tests pass
  • No breaking changes for existing projects

Related

Closes #15270

fix(common): move file-type to optional peer dependency
bb4e842 
Move file-type from dependencies to peerDependencies to resolve npm
hoisting issues. When other packages depend on older file-type versions,
npm may hoist the incompatible version to root node_modules, causing
FileTypeValidator to load the wrong version.

By making file-type an optional peer dependency with version ^21.0.0,
npm will warn about version conflicts and ensure the correct version
is used.

Closes nestjs#15270
@malkovitc malkovitc mentioned this pull request Dec 3, 2025
Closed
2 tasks
@coveralls
Copy link

coveralls commented Dec 3, 2025

Pull Request Test Coverage Report for Build f7887e28-8e3d-458a-b464-75f285ef93b5

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 88.939%
Totals Coverage Status
Change from base Build 360082e1-1510-4dc0-83b3-4311204590dc: 0.0%
Covered Lines: 7325
Relevant Lines: 8236
💛 - Coveralls

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@micalevisk micalevisk micalevisk approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

FileTypeValidator can use the wrong version of file-type

3 participants

@malkovitc @coveralls @micalevisk