@pnpm/real-hoist - npm Package Compare versions

Comparing version 1.0.4 to 1.1.0

lib/index.d.ts

 import { Lockfile } from '@pnpm/lockfile-utils';
 import { HoisterResult } from '@yarnpkg/nm';
-export declare type HoistingLimits = Map<string, Set<string>>;
+export type HoistingLimits = Map<string, Set<string>>;
 export { HoisterResult };
 export declare function hoist(lockfile: Lockfile, opts?: {
     hoistingLimits?: HoistingLimits;
+    externalDependencies?: Set<string>;
 }): HoisterResult;

lib/index.js

@@ -29,3 +29,3 @@ "use strict";
 const lockfile_utils_1 = require("@pnpm/lockfile-utils");
-const dp = __importStar(require("dependency-path"));
+const dp = __importStar(require("@pnpm/dependency-path"));
 const nm_1 = require("@yarnpkg/nm");
@@ -44,2 +44,9 @@ function hoist(lockfile, opts) {
             ...lockfile.importers['.']?.optionalDependencies,
+            ...(Array.from(opts?.externalDependencies ?? [])).reduce((acc, dep) => {
+                // It doesn't matter what version spec is used here.
+                // This dependency will be removed from the tree anyway.
+                // It is only needed to prevent the hoister from hoisting deps with this name to the root of node_modules.
+                acc[dep] = 'link:';
+                return acc;
+            }, {}),
         }),
@@ -64,3 +71,11 @@ };
     }
-    return (0, nm_1.hoist)(node, opts);
+    const hoisterResult = (0, nm_1.hoist)(node, opts);
+    if (opts?.externalDependencies) {
+        for (const hoistedDep of hoisterResult.dependencies.values()) {
+            if (opts.externalDependencies.has(hoistedDep.name)) {
+                hoisterResult.dependencies.delete(hoistedDep);
+            }
+        }
+    }
+    return hoisterResult;
 }
@@ -67,0 +82,0 @@ exports.hoist = hoist;

package.json

 {
   "name": "@pnpm/real-hoist",
   "description": "Hoists dependencies in a node_modules created by pnpm",
-  "version": "1.0.4",
+  "version": "1.1.0",
   "bugs": {
@@ -14,3 +14,3 @@ "url": "https://github.com/pnpm/pnpm/issues"
   ],
-  "homepage": "https://github.com/pnpm/pnpm/blob/main/packages/real-hoist#readme",
+  "homepage": "https://github.com/pnpm/pnpm/blob/main/pkg-manager/real-hoist#readme",
   "keywords": [
@@ -24,13 +24,13 @@ "pnpm7",
   },
-  "repository": "https://github.com/pnpm/pnpm/blob/main/packages/real-hoist",
+  "repository": "https://github.com/pnpm/pnpm/blob/main/pkg-manager/real-hoist",
   "dependencies": {
+    "@yarnpkg/nm": "4.0.0-rc.27",
     "@pnpm/error": "4.0.0",
-    "@pnpm/lockfile-utils": "5.0.0",
-    "@yarnpkg/nm": "4.0.0-rc.27",
-    "dependency-path": "9.2.8"
+    "@pnpm/lockfile-utils": "5.0.1",
+    "@pnpm/dependency-path": "1.0.0"
   },
   "funding": "https://opencollective.com/pnpm",
   "devDependencies": {
-    "@pnpm/lockfile-file": "6.0.2",
-    "@pnpm/real-hoist": "1.0.4"
+    "@pnpm/real-hoist": "1.1.0",
+    "@pnpm/lockfile-file": "6.0.4"
   },
@@ -37,0 +37,0 @@ "exports": {

New alerts

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Fixed alerts

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

11118

increased by13.26%

Lines of code

131

increased by13.91%

Number of low quality alerts

0

decreased by-100%

Dependency changes

• + Added@pnpm/dependency-path@1.0.0

• + Added@pnpm/dependency-path@1.0.0(transitive)

• + Added@pnpm/lockfile-utils@5.0.1(transitive)

• - Removeddependency-path@9.2.8

• - Removed@pnpm/lockfile-utils@5.0.0(transitive)

• - Removeddependency-path@9.2.8(transitive)

• Updated@pnpm/lockfile-utils@5.0.1