Can dev dependencies be analyzed, too? #348
-
It doesn't look like dev dependencies are evaluated for being unused. Have I overlooked the feature? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
Hi. You didn't miss the feature. This is not implemented yet. The reason behind this is that composer-unused was originally planned to scan production dependencies to avoid security issues of used dependencies. Also scanning dev dependencies will be supported in a future release. But right now this will bring a lot of "issues" with it, because a lot of dev dependencies are not actually used in the code, but provide tools and other stuff. These will, as of now, be reported as unused, so additional configuration is needed. But, as I said, the feature will be added as an opt-in cli option in the future. |
Beta Was this translation helpful? Give feedback.
Hi. You didn't miss the feature. This is not implemented yet.
The reason behind this is that composer-unused was originally planned to scan production dependencies to avoid security issues of used dependencies.
Also scanning dev dependencies will be supported in a future release. But right now this will bring a lot of "issues" with it, because a lot of dev dependencies are not actually used in the code, but provide tools and other stuff. These will, as of now, be reported as unused, so additional configuration is needed.
But, as I said, the feature will be added as an opt-in cli option in the future.