@pnpm/lockfile-utils - npm Package Compare versions

Comparing version 4.2.0 to 4.2.1

lib/satisfiesPackageManifest.js

@@ -8,2 +8,3 @@ "use strict";
 const equals_js_1 = __importDefault(require("ramda/src/equals.js"));
+const omit_js_1 = __importDefault(require("ramda/src/omit.js"));
 exports.default = (lockfile, pkg, importerId, opts) => {
@@ -15,13 +16,13 @@ const importer = lockfile.importers[importerId];
     if (opts?.autoInstallPeers) {
-        existingDeps = {
-            ...pkg.peerDependencies,
-            ...existingDeps,
-        };
         pkg = {
             ...pkg,
             dependencies: {
-                ...pkg.peerDependencies,
+                ...(0, omit_js_1.default)(Object.keys(existingDeps), pkg.peerDependencies),
                 ...pkg.dependencies,
             },
         };
+        existingDeps = {
+            ...pkg.peerDependencies,
+            ...existingDeps,
+        };
     }
@@ -28,0 +29,0 @@ if (!(0, equals_js_1.default)(existingDeps, importer.specifiers) ||

package.json

 {
   "name": "@pnpm/lockfile-utils",
-  "version": "4.2.0",
+  "version": "4.2.1",
   "description": "Utils for dealing with pnpm-lock.yaml",
@@ -27,3 +27,3 @@ "main": "lib/index.js",
   "devDependencies": {
-    "@pnpm/lockfile-utils": "4.2.0",
+    "@pnpm/lockfile-utils": "4.2.1",
     "@types/js-yaml": "^4.0.5",
@@ -30,0 +30,0 @@ "@types/ramda": "0.28.14",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

24329

increased by0.77%

Lines of code

315

increased by0.32%

No dependency changes