Don’t require packages’ dependencies to be declared in the root package.json

[steve-taylor]

Title	Description
Version	N/A
Type	Feature request
node	N/A
Operating System	N/A
Short Description	Don’t require packages’ dependencies to be declared in the root package.json
Detailed description	It should be possible to have all the benefits of Bolt (except a single source of truth for dependency versions) without requiring that all packages’ dependencies be declared in the root package.json. As it currently stands, when a dependency is removed from a package, developers have to manually garbage collect from the root package’s dependencies, by checking for the dependency in all other packages and also checking if any internal tooling depends on the package. The reality is that unused packages accumulate over time, which increases disk usage and how long bolt install takes to run, especially in CI pipelines. This would require Bolt to build the list of dependencies otherwise manually provided in the root package.json, and then throw an error when there are mismatched versions between packages. I'd like to keep the root package.json’s dependencies section for the internal tools’ dependencies.

[steve-taylor]

Since creating this issue, I've gained a slightly better understanding of Bolt. Dependencies are declared in the root because Bolt uses Yarn to install all hoisted dependencies. So it seems like more of an implementation detail than a design choice. This means it's not as easy a change as I first thought. Nevertheless, it's a minor annoyance to maintain all dependencies in the root.

[dreadwail]

@steve-taylor Did you happen to run across any docs that helped you understand this implementation limitation? I didn't find much in the README and all I could find was this issue you had opened.