Dependency Resolution Algorithms
npm employs a depth-first algorithm to resolve dependencies. It installs the latest version of each dependency that satisfies the version constraints specified in `package.json`[1].
Bun, on the other hand, uses a breadth-first algorithm. It installs the lowest common denominator version of each dependency that satisfies all the version constraints[1].
Overrides and Resolutions
Both npm and Bun support overriding dependency versions using `"overrides"` in `package.json`[1][2].
- npm uses `"resolutions"` for this purpose[1]
- Bun supports both `"overrides"` and `"resolutions"`[1]
These allow pinning specific dependencies to a version, even if it conflicts with version constraints of other dependencies[1][2].
Peer Dependencies
npm is able to detect peer dependency conflicts, while Bun currently does not[2].
- npm will issue warnings and exit with a non-zero status code if peer dependencies conflict[2]
- Bun does not detect peer dependency conflicts, and will successfully install even if there are conflicts[2]
This can lead to runtime errors when using Bun if peer dependencies are not properly managed[2].
In summary, Bun takes a different approach to dependency resolution compared to npm, using a breadth-first algorithm and supporting both `"overrides"` and `"resolutions"`[1]. However, it currently lacks npm's ability to detect peer dependency conflicts[2].
Citations:[1] https://bun.sh/docs/install/overrides
[2] https://github.com/oven-sh/bun/issues/9135
[3] https://github.com/oven-sh/bun/issues/5856
[4] https://www.builder.io/blog/bun-vs-node-js
[5] https://stackoverflow.com/questions/77200646/what-is-difference-between-bun-install-and-bun-add-as-mentioned-in-the-bun-offic
[6] https://dev.to/thejaredwilcurt/bun-hype-how-we-learned-nothing-from-yarn-2n3j
[7] https://bun.sh
[8] https://www.linkedin.com/posts/phillip-nzau-0576b3131_npm-bun-dependencymanagement-activity-7201804711744704512-SLsA