Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement →
@npmcli/arborist
Advanced tools
@npmcli/arborist - npm Package Compare versions
@@ -120,5 +120,7 @@ // mixin implementing the reify method | ||
| this.idealTree = await this.createIsolatedTree() | ||
| this.#linkedActualForDiff = this.#buildLinkedActualForDiff( | ||
| this.idealTree, this.actualTree | ||
| ) | ||
| if (this.actualTree) { | ||
| this.#linkedActualForDiff = this.#buildLinkedActualForDiff( | ||
| this.idealTree, this.actualTree | ||
| ) | ||
| } | ||
| } | ||
@@ -819,2 +821,6 @@ await this[_diffTrees]() | ||
| } | ||
| // Skip store links whose ideal realpath doesn't exist on disk yet — the store hash changed and the symlink needs recreating via ADD. | ||
| if (child.isLink && child.resolved?.startsWith('file:.store/') && !existsSync(child.realpath)) { | ||
| continue | ||
| } | ||
| let entry | ||
@@ -821,0 +827,0 @@ if (child.isLink) { |
+23
-2
@@ -198,6 +198,27 @@ const npa = require('npm-package-arg') | ||
| // The override sets are incomparable. Neither one contains the other. | ||
| log.silly('Conflicting override sets', first, second) | ||
| // The override sets are incomparable (e.g. siblings like the "react" and "react-dom" children of the root override set). Check if they have semantically conflicting rules before treating this as an error. | ||
| if (this.haveConflictingRules(first, second)) { | ||
| log.silly('Conflicting override sets', first, second) | ||
| return undefined | ||
| } | ||
| // The override sets are structurally incomparable but have compatible rules. Fall back to their nearest common ancestor so the node still has a valid override set. | ||
| return this.findCommonAncestor(first, second) | ||
| } | ||
| static findCommonAncestor (first, second) { | ||
| const firstAncestors = [] | ||
| for (const ancestor of first.ancestry()) { | ||
| firstAncestors.push(ancestor) | ||
| } | ||
| for (const secondAnc of second.ancestry()) { | ||
| for (const firstAnc of firstAncestors) { | ||
| if (firstAnc.isEqual(secondAnc)) { | ||
| return firstAnc | ||
| } | ||
| } | ||
| } | ||
| return null | ||
| } | ||
| static doOverrideSetsConflict (first, second) { | ||
@@ -204,0 +225,0 @@ // If override sets contain one another then we can try to use the more specific one. |
+1
-1
| { | ||
| "name": "@npmcli/arborist", | ||
| "version": "9.4.1", | ||
| "version": "9.4.2", | ||
| "description": "Manage node_modules trees", | ||
@@ -5,0 +5,0 @@ "dependencies": { |
New alerts
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Fixed alerts
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
487415
0.23%- Lines of code
12839
0.2%No dependency changes