If the repo on which this tool is run has a dependency that uses the patch: protocol — this is common when using Yarn's patch feature — then the tool will fail immediately, without presenting the user with a spec. This happens because when parsing package.json we need to validate the shape of the manifest data. When we encounter dependencies we only allow npm: and workspace: dependencies and we reject the rest. We should investigate whether this is necessary and allow everything if possible.
If the repo on which this tool is run has a dependency that uses the
patch:protocol — this is common when using Yarn's patch feature — then the tool will fail immediately, without presenting the user with a spec. This happens because when parsingpackage.jsonwe need to validate the shape of the manifest data. When we encounterdependencieswe only allownpm:andworkspace:dependencies and we reject the rest. We should investigate whether this is necessary and allow everything if possible.