All validation libraries from optional dependencies are installed in dev environment

[vladshcherbin]

• Before posting an issue, read the FAQ and search the previous issues.

Description
Found in #350

Currently all validation libraries are installed even when they are not used (all optional dependencies).
This is not good for a lot of reasons - wasted space, traffic, package stats update, etc.

From referenced issue it's also visible that some bundlers (vite in my case) are trying to process/include this dependencies in the bundle which is also not desired.

You can see a massive library size increase: https://packagephobia.com/result?p=sveltekit-superforms@2.3.0

I've tried different combinations of commands with no luck to install only what I need:

yarn add sveltekit-superforms
yarn add sveltekit-superforms valibot
yarn add sveltekit-superforms -D
yarn add sveltekit-superforms valibot -D

A solution should be found on how to get only used packages 🤔

[ciscoheat]

This is not accurate, the packages are only installed in a dev environment. Vite/Rollup will only bundle what's referenced in the project. For example, when I build with Valibot:

[vladshcherbin]

I've added a reproduction with screenshot - https://github.com/vladshcherbin/svelte-superforms.

From screenshot it's visible vite is at least processing zod-to-json-schema which is not used anywhere in the app.

From superforms & valibot dependency commit it's visible how many unused packages are installed which is also not desirable for the reasons above.

I'd be happy to help solve but have no idea except splitting adapters into different packages and install only needed e.g.

yarn add sveltekit-superforms sveltekit-superforms-adapters/valibot valibot

[ciscoheat]

What's installed during development is not an issue, I'm concerned with the final bundle size. You can even look through the non-minified output to see that Zod is never referenced anywhere.

[ciscoheat]

About the circular dependency, it doesn't happen with pnpm, so maybe it's a yarn issue.

[vladshcherbin]

Well, that's the best reproduction I can give. I do believe both issues should be solved and only required libraries be installed but I respect your opinion, direction and ideas.

Sorry for opening so many issues and thanks for the library, everything else seems to be working and simplifying forms is a huge relief 😇

Hopefully this ones can be resolved some day 🙌

[gregmsanderson]

If it helps at all, I came across this issue while investigating this warning:

vite v5.1.3 building for production...
[plugin:vite:resolve] Module "node:dns/promises" has been externalized for browser compatibility, imported by "/node_modules/@vinejs/vine/build/chunk-TVEIURSI.js". See https://vitejs.dev/guide/troubleshooting.html#module-externalized-for-browser-compatibility for more details.

I've been playing with superforms (via formsnap). It's great! But I was puzzled where @vinejs was coming from, having not installed it. From: npm ls --all I noticed a peer dependency.

I agree that (in my case) @vinejs won't be in the production bundle ... however its presence does seemingly result in that Vite warning while bundling it. Vine appears to be form validation focused on Node apps and so while they might change it at their end, not including it as a peer dependency would also avoid that warning. I would assume people would install their choice of validation library separately.

I do agree it's an enhancement since a warning isn't an error.