Please update class-transformer dependency to the latest version

[slavafomin]

Hello!

Thank you for this great library!

However, right now it requires [email protected] (exact version 0.3.1) as a peer dependency. This prevents my project from using the latest version of the class-transformer (which is 0.4.0).

This generates the following error on npm install:

npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR! 
npm ERR! While resolving: @acme/project
npm ERR! Found: [email protected]
npm ERR! node_modules/class-transformer
npm ERR!   class-transformer@"0.4.0" from the root project
npm ERR! 
npm ERR! Could not resolve dependency:
npm ERR! peer class-transformer@"^0.3.1" from [email protected]
npm ERR! node_modules/routing-controllers
npm ERR!   routing-controllers@"0.9.0" from the root project
npm ERR! 
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.

Would you be so kind to update class-transformer dependency to the latest version?

Thanks!

[slavafomin]

The same issue is with class-validator.

Also, it would be much easy to avoid these kind of issues if you would switch to a stable semver range (major version > 0) because it would allow to match dependencies in a more relaxed manner.

[SandraShklyaeva]

Dependency update sounds even more urgent because of the latest security vulnerability fixes for the following packages:
class-validator => 0.13.2 (changelog)
class-transformer => 0.5.0 (changelog)

[biton-ron]

Same issue for us, a fix will be a great help.

Thanks!

[juniopereirab]

Same problem here...

TypeError: class transformer 1.classToPlain is not a function

[RatakondalaArun]

Is there any workaround for this?

I want to use exposeDefaultValues which was added in v0.3.2

[amellalkamel]

+1
this is a serious issue

[ghost]

Is there any update ?

[seblaz]

Hi @NoNameProvided @attilaorosz, would you mind having a look at the pr? Thanks!

[zSakuraEvilz]

Is there no new update for this issue?

[attilaorosz]

Seems like there are no real breaking changes in terms of class-transformer usage (I might be wrong here) so you can just update the package since it is only a peer dependency.

[biton-ron]

Seems like there are no real breaking changes in terms of class-transformer usage (I might be wrong here) so you can just update the package since it is only a peer dependency.

We're working with TypeScript and we get some type differences that reflect breaking changes in the library.

[saschajungfer]

Is there any workaround for this?

I want to use exposeDefaultValues which was added in v0.3.2

I just found a workaround which seems to work, you can install two versions of the same package using an alias:

• npm install class-validator12@npm:[email protected]
• npm install class-transformer3@npm:[email protected]

My package.json now looks like this:

        "class-transformer": "^0.5.1",
        "class-transformer3": "npm:class-transformer@^0.3.1",
        "class-validator": "^0.13.2",
        "class-validator12": "npm:class-validator@^0.12.2",

Never saw that syntax before, but this is working for me.

[pfgallagher]

Is there any workaround for this?
I want to use exposeDefaultValues which was added in v0.3.2

I just found a workaround which seems to work, you can install two versions of the same package using an alias:

• npm install class-validator12@npm:[email protected]
• npm install class-transformer3@npm:[email protected]

My package.json now looks like this:

        "class-transformer": "^0.5.1",
        "class-transformer3": "npm:class-transformer@^0.3.1",
        "class-validator": "^0.13.2",
        "class-validator12": "npm:class-validator@^0.12.2",

Never saw that syntax before, but this is working for me.

@Killasushi - Could you please share your full package.json? Is there additional config you needed to do to point at the aliases? Doesn't seem to be doing the trick on my end.

[saschajungfer]

Is there any workaround for this?
I want to use exposeDefaultValues which was added in v0.3.2

I just found a workaround which seems to work, you can install two versions of the same package using an alias:

• npm install class-validator12@npm:[email protected]
• npm install class-transformer3@npm:[email protected]

My package.json now looks like this:

        "class-transformer": "^0.5.1",
        "class-transformer3": "npm:class-transformer@^0.3.1",
        "class-validator": "^0.13.2",
        "class-validator12": "npm:class-validator@^0.12.2",

Never saw that syntax before, but this is working for me.

@Killasushi - Could you please share your full package.json? Is there additional config you needed to do to point at the aliases? Doesn't seem to be doing the trick on my end.

There is no additional config in my package.json. My package-lock.json looks like this, it is important that both versions do appear. That should be the case after running npm install class-validator12@npm:[email protected] (I'm using Node 16). Is that your case?

 "node_modules/class-validator": {
            "version": "0.13.2",
            "resolved": "https://registry.npmjs.org/class-validator/-/class-validator-0.13.2.tgz",
            "integrity": "sha512-yBUcQy07FPlGzUjoLuUfIOXzgynnQPPruyK1Ge2B74k9ROwnle1E+NxLWnUv5OLU8hA/qL5leAE9XnXq3byaBw==",
            "dependencies": {
                "libphonenumber-js": "^1.9.43",
                "validator": "^13.7.0"
            }
        },
        "node_modules/class-validator12": {
            "name": "class-validator",
            "version": "0.12.2",
            "resolved": "https://registry.npmjs.org/class-validator/-/class-validator-0.12.2.tgz",
            "integrity": "sha512-TDzPzp8BmpsbPhQpccB3jMUE/3pK0TyqamrK0kcx+ZeFytMA+O6q87JZZGObHHnoo9GM8vl/JppIyKWeEA/EVw==",
            "dependencies": {
                "@types/validator": "13.0.0",
                "google-libphonenumber": "^3.2.8",
                "tslib": ">=1.9.0",
                "validator": "13.0.0"
            }
        },   

[LucasGobatto]

Still an issue

[FrancisBehnen]

If someone is forking, please let me know!

[spicemc]

I am using overrides in my package.json. This is my workaround:

...
  "overrides": {
    "class-transformer": "^0.5.1",
    "class-validator": "^0.13.2"
  },
  "dependencies": {
    "class-transformer": "^0.5.1",
    "class-validator": "^0.13.2",
...

Try with npm install --legacy-peer-deps to get it running.

[JotaRaffalli]

Pls, update this 😮‍💨

[laujonat]

No temporary workarounds?

[spicemc]

Did you try my suggested workaround?

[Rasfuranku]

Trying to install "routing-controllers": "^0.9.0" in a new project, having the same issue.

[jstanislawczyk]

Please update it. It's hard to use it in new project when it has such big issue

[spicemc]

If someone is forking, please let me know!

i forked it. Feel free to use it in your projects.

[NoNameProvided]

Hi folks! I have added branch protection bypass to @attilaorosz so he will be able to handle this.

[FrancisBehnen]

If someone is forking, please let me know!

i forked it. Feel free to use it in your projects.

Awesome, I've let the team know!

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.