@npmcli/arborist - npm Package Compare versions

Comparing version 0.0.25 to 0.0.26

lib/arborist/build-ideal-tree.js

		@@ -89,2 +89,3 @@ // mixin implementing the buildIdealTree method
		const _retrieveSpecName = Symbol('retrieveSpecName')
		const _strictPeerDeps = Symbol('strictPeerDeps')

		@@ -116,5 +117,7 @@ // used for the ERESOLVE error to show the last peer conflict encountered
		packageLock = true,
		strictPeerDeps = false,
		} = options

		this[_force] = !!force
		this[_strictPeerDeps] = !!strictPeerDeps

		@@ -763,2 +766,5 @@ this.idealTree = options.idealTree
		// problems than a few unnecessary packument fetches.

		// also skip over any nodes in the tree that failed to load, since those
		// will crash the install later on anyway.
		const bd = node.isRoot ? null : node.package.bundleDependencies
		@@ -769,2 +775,3 @@ const bundled = new Set(bd \|\| [])
		.filter(edge => !bundled.has(edge.name) &&
		!(edge.to && this[_loadFailures].has(edge.to)) &&
		!(edge.to && edge.to.inShrinkwrap) &&
		@@ -916,4 +923,5 @@ (!edge.valid \|\| !edge.to \|\| this[_updateNames].includes(edge.name) \|\|
		}
		const override = this[_force] \|\| !this[_strictPeerDeps]

		if (this[_force] && expl.fixWithForce) {
		if (override && expl.fixWithForce) {
		this.log.warn('ERESOLVE', 'overriding peer dependency', expl)
		@@ -920,0 +928,0 @@ return []

lib/arborist/rebuild.js

		@@ -13,2 +13,3 @@ // Arborist.rebuild({path = this.path}) will do all the binlinks and
		const boolEnv = b => b ? '1' : ''
		const sortNodes = (a, b) => (a.depth - b.depth) \|\| a.path.localeCompare(b.path)

		@@ -116,4 +117,3 @@ const _rebuildBundle = Symbol('rebuildBundle')
		// than another, but sorting somehow makes it consistent.
		const queue = [...set].sort((a, b) =>
		(a.depth - b.depth) \|\| a.path.localeCompare(b.path))
		const queue = [...set].sort(sortNodes)

		@@ -239,3 +239,5 @@ for (const node of queue) {
		const promises = []
		for (const node of queue) {
		// sort the queue by node path, so that the module-local collision
		// detector in bin-links will always resolve the same way.
		for (const node of queue.sort(sortNodes)) {
		promises.push(this[_createBinLinks](node))
		@@ -242,0 +244,0 @@ }

lib/arborist/reify.js

		@@ -332,3 +332,3 @@ // mixin implementing the reify method
		if (failures.length)
		this.log.warn('Failed to clean up some directories', failures)
		this.log.warn('cleanup', 'Failed to remove some directories', failures)
		})
		@@ -485,3 +485,7 @@ .then(() => process.emit('timeEnd', 'reify:rollback:createSparse'))
		} catch (er) {
		this.log.warn(er)
		this.log.warn(er.code, er.message, {
		package: er.pkgid,
		required: er.required,
		current: er.current,
		})
		}
		@@ -807,3 +811,3 @@ }
		if (failures.length)
		this.log.warn('Failed to clean up some directories', failures)
		this.log.warn('cleanup', 'Failed to remove some directories', failures)
		})
		@@ -810,0 +814,0 @@ .then(() => process.emit('timeEnd', 'reify:trash'))

lib/vuln.js

		@@ -67,2 +67,6 @@ // An object representing a vulnerability either as the result of an
		for (const v of this.via) {
		// don't blow up on loops
		if (v.fixAvailable === f)
		continue

		if (f === false)
		@@ -69,0 +73,0 @@ v.fixAvailable = f

package.json

		{
		"name": "@npmcli/arborist",
		"version": "0.0.25",
		"version": "0.0.26",
		"description": "Manage node_modules trees",
		@@ -8,7 +8,9 @@ "dependencies": {
		"@npmcli/map-workspaces": "0.0.0-pre.1",
		"@npmcli/metavuln-calculator": "^1.0.0",
		"@npmcli/name-from-folder": "^1.0.1",
		"@npmcli/run-script": "^1.3.1",
		"bin-links": "^2.1.2",
		"bin-links": "^2.1.4",
		"cacache": "^15.0.3",
		"common-ancestor-path": "^1.0.1",
		"json-parse-even-better-errors": "^2.3.1",
		"json-stringify-nice": "^1.1.1",
		@@ -27,5 +29,3 @@ "mkdirp-infer-owner": "^2.0.0",
		"treeverse": "^1.0.4",
		"walk-up-path": "^1.0.0",
		"json-parse-even-better-errors": "^2.3.1",
		"@npmcli/metavuln-calculator": "^1.0.0"
		"walk-up-path": "^1.0.0"
		},
		@@ -32,0 +32,0 @@ "devDependencies": {

New alerts