@npmcli/arborist - npm Package Compare versions

Comparing version 7.5.1 to 7.5.2

lib/packument-cache.js

lib/arborist/build-ideal-tree.js

		@@ -56,44 +56,22 @@ // mixin implementing the buildIdealTree method
		class DepsQueue {
		// [{ sorted, items }] indexed by depth
		#deps = []
		#sorted = true
		#minDepth = 0
		#length = 0

		get length () {
		return this.#length
		return this.#deps.length
		}

		push (item) {
		if (!this.#deps[item.depth]) {
		this.#length++
		this.#deps[item.depth] = { sorted: true, items: [item] }
		// no minDepth check needed, this branch is only reached when we are in
		// the middle of a shallower depth and creating a new one
		return
		if (!this.#deps.includes(item)) {
		this.#sorted = false
		this.#deps.push(item)
		}
		if (!this.#deps[item.depth].items.includes(item)) {
		this.#length++
		this.#deps[item.depth].sorted = false
		this.#deps[item.depth].items.push(item)
		if (item.depth < this.#minDepth) {
		this.#minDepth = item.depth
		}
		}
		}

		pop () {
		let depth
		while (!depth?.items.length) {
		depth = this.#deps[this.#minDepth]
		if (!depth?.items.length) {
		this.#minDepth++
		}
		if (!this.#sorted) {
		this.#deps.sort((a, b) => (a.depth - b.depth) \|\| localeCompare(a.path, b.path))
		this.#sorted = true
		}
		if (!depth.sorted) {
		depth.items.sort((a, b) => localeCompare(a.path, b.path))
		depth.sorted = true
		}
		this.#length--
		return depth.items.shift()
		return this.#deps.shift()
		}
		@@ -1026,2 +1004,6 @@ }
		for (const e of this.#problemEdges(placed)) {
		// XXX This is somehow load bearing. This makes tests that print
		// the ideal tree of a tree with tarball dependencies fail. This
		// can't be changed or removed till we figure out why
		// The test is named "tarball deps with transitive tarball deps"
		promises.push(() =>
		@@ -1209,2 +1191,3 @@ this.#fetchManifest(npa.resolve(e.name, e.spec, fromPath(placed, e)))
		avoid: this.#avoidRange(spec.name),
		fullMetadata: true,
		}
		@@ -1218,15 +1201,6 @@ // get the intended spec and stored metadata from yarn.lock file,
		} else {
		const cleanRawSpec = redact(spec.rawSpec)
		log.silly('fetch manifest', spec.raw.replace(spec.rawSpec, cleanRawSpec))
		const o = {
		...options,
		fullMetadata: true,
		}
		const p = pacote.manifest(spec, o)
		.then(({ license, ...mani }) => {
		this.#manifests.set(spec.raw, mani)
		return mani
		})
		this.#manifests.set(spec.raw, p)
		return p
		log.silly('fetch manifest', spec.raw.replace(spec.rawSpec, redact(spec.rawSpec)))
		const mani = await pacote.manifest(spec, options)
		this.#manifests.set(spec.raw, mani)
		return mani
		}
		@@ -1233,0 +1207,0 @@ }

lib/arborist/index.js

		@@ -34,6 +34,6 @@ // The arborist manages three trees:
		const { log, time } = require('proc-log')

		const { saveTypeMap } = require('../add-rm-pkg-deps.js')
		const AuditReport = require('../audit-report.js')
		const relpath = require('../relpath.js')
		const PackumentCache = require('../packument-cache.js')

		@@ -86,3 +86,3 @@ const mixins = [
		packageLockOnly: !!options.packageLockOnly,
		packumentCache: options.packumentCache \|\| new Map(),
		packumentCache: options.packumentCache \|\| new PackumentCache(),
		path: options.path \|\| '.',
		@@ -89,0 +89,0 @@ rebuildBundle: 'rebuildBundle' in options ? !!options.rebuildBundle : true,

lib/node.js

		@@ -122,2 +122,4 @@ // inventory, path, realpath, root, and parent

		// TODO if this came from pacote.manifest we don't have to do this,
		// we can be told to skip this step
		const pkg = sourceReference ? sourceReference.package
		@@ -124,0 +126,0 @@ : normalize(options.pkg \|\| {})

lib/shrinkwrap.js

		@@ -1156,3 +1156,4 @@ // a module that manages a shrinkwrap file (npm-shrinkwrap.json or
		log.warn(
		`Converting lock file (${relative(process.cwd(), this.filename)}) from v${this.originalLockfileVersion} -> v${this.lockfileVersion}`
		'shrinkwrap',
		`Converting lock file (${relative(process.cwd(), this.filename)}) from v${this.originalLockfileVersion} -> v${this.lockfileVersion}`
		)
		@@ -1159,0 +1160,0 @@ }

package.json

		{
		"name": "@npmcli/arborist",
		"version": "7.5.1",
		"version": "7.5.2",
		"description": "Manage node_modules trees",
		"dependencies": {
		"@isaacs/string-locale-compare": "^1.1.0",
		"@npmcli/fs": "^3.1.0",
		"@npmcli/fs": "^3.1.1",
		"@npmcli/installed-package-contents": "^2.1.0",
		"@npmcli/map-workspaces": "^3.0.2",
		"@npmcli/metavuln-calculator": "^7.1.0",
		"@npmcli/metavuln-calculator": "^7.1.1",
		"@npmcli/name-from-folder": "^2.0.0",
		@@ -17,15 +17,16 @@ "@npmcli/node-gyp": "^3.0.0",
		"@npmcli/run-script": "^8.1.0",
		"bin-links": "^4.0.1",
		"cacache": "^18.0.0",
		"bin-links": "^4.0.4",
		"cacache": "^18.0.3",
		"common-ancestor-path": "^1.0.1",
		"hosted-git-info": "^7.0.1",
		"json-parse-even-better-errors": "^3.0.0",
		"hosted-git-info": "^7.0.2",
		"json-parse-even-better-errors": "^3.0.2",
		"json-stringify-nice": "^1.1.4",
		"lru-cache": "^10.2.2",
		"minimatch": "^9.0.4",
		"nopt": "^7.0.0",
		"nopt": "^7.2.1",
		"npm-install-checks": "^6.2.0",
		"npm-package-arg": "^11.0.2",
		"npm-pick-manifest": "^9.0.0",
		"npm-registry-fetch": "^17.0.0",
		"pacote": "^18.0.1",
		"npm-pick-manifest": "^9.0.1",
		"npm-registry-fetch": "^17.0.1",
		"pacote": "^18.0.6",
		"parse-conflict-json": "^3.0.0",
		@@ -38,3 +39,3 @@ "proc-log": "^4.2.0",
		"semver": "^7.3.7",
		"ssri": "^10.0.5",
		"ssri": "^10.0.6",
		"treeverse": "^3.0.0",
		@@ -45,3 +46,3 @@ "walk-up-path": "^3.0.1"
		"@npmcli/eslint-config": "^4.0.0",
		"@npmcli/template-oss": "4.21.3",
		"@npmcli/template-oss": "4.22.0",
		"benchmark": "^2.1.4",
		@@ -97,5 +98,5 @@ "minify-registry-metadata": "^3.0.0",
		"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
		"version": "4.21.3",
		"version": "4.22.0",
		"content": "../../scripts/template-oss/index.js"
		}
		}

@npmcli/arborist - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics

Dependency changes