## thet I have a problem with a package.json dependency. One of the dependencies of `@patternslib/patternslib` is `@patternslib/dev`, which uses release-it with conventionalcommits and has a dependency on `"@release-it/conventional-changelog": "^10.0.4"` which needs `"conventional-changelog-conventionalcommits": "^9.1.0"`. But there is also a dependency on `"@commitlint/config-conventional": "^20.2.0"` which itself depends on `"conventional-changelog-conventionalcommits": "^7.0.2"`. Now, with conventionalcommits 7 present the changelog generation isn't working properly. Therefore I added in `@patternslib/dev` an explicit dependency on `"conventional-changelog-conventionalcommits": "^9.1.0"` and added the same dependency in the `resolutions` field like so: ```json "resolutions": { "conventional-changelog-conventionalcommits": "9.1.0" }, ```` This works fine, if I do a `yarn install` in @patternslib/dev itself, but in @patternslib/patternslib, which uses @patternslib/dev, both conventionalcommits - 7 and 9 - are installed and the changelog generation is not in the format I want to. It looks like the `resolutions` field isn't respected from a dependency package. Why is that and how can I solve this issue? ## CodeCompanion (Copilot) You've identified a key limitation: the `resolutions` field in `package.json` only applies to the **root workspace**, not to dependencies. When `@patternslib/patternslib` installs `@patternslib/dev`, it doesn't inherit or apply the resolutions defined within that dependency's `package.json`. This is by design—`resolutions` are a workspace-level configuration meant to solve conflicts at the consuming project's level, not to be exported transitively. ### Solutions **Option 1: Add resolutions to @patternslib/patternslib (simplest)** Define the same resolution in `@patternslib/patternslib`'s `package.json`: ````json { "resolutions": { "conventional-changelog-conventionalcommits": "9.1.0" } } ```` This forces the version at the root level, affecting all dependencies. **Option 2: Use workspaces (if applicable)** If both packages are part of the same monorepo using yarn workspaces, put the resolution in the root `package.json` of the monorepo. All workspace members will respect it. **Option 3: Peer dependency (better long-term)** In `@patternslib/dev`, consider declaring `conventional-changelog-conventionalcommits` as a peer dependency rather than a direct dependency: ````json { "peerDependencies": { "conventional-changelog-conventionalcommits": ">=9.1.0" } } ```` This makes the consuming project responsible for providing the correct version, which is more explicit and avoids version conflicts. **Option 4: Update @commitlint/config-conventional** Check if a newer version of `@commitlint/config-conventional` (beyond `^20.2.0`) has been released that depends on `conventional-changelog-conventionalcommits@^9.x`, which would naturally resolve the conflict. I'd recommend **Option 1** as the quickest fix, combined with **Option 3** if you want a more robust long-term solution. Would you like help implementing either of these approaches or checking if a newer version of `@commitlint/config-conventional` is available?