diff --git a/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js b/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js index 9328b8043bd4e..ae92b74cefd18 100644 --- a/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js +++ b/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js @@ -416,7 +416,7 @@ module.exports = cls => class IdealTreeBuilder extends cls { await this[_add](options) // triggers a refresh of all edgesOut - if (options.add && options.add.length || options.rm && options.rm.length) + if (options.add && options.add.length || options.rm && options.rm.length || this[_global]) tree.package = tree.package process.emit('timeEnd', 'idealTree:userRequests') } @@ -1148,6 +1148,7 @@ This is a one-time fix-up, please be patient... [_placeDep] (dep, node, edge, peerEntryEdge = null, peerPath = []) { if (edge.to && !edge.error && + !this[_explicitRequests].has(edge.name) && !this[_updateNames].includes(edge.name) && !this[_isVulnerable](edge.to)) return [] diff --git a/node_modules/@npmcli/arborist/lib/arborist/reify.js b/node_modules/@npmcli/arborist/lib/arborist/reify.js index 19c7fa384de51..6cc129a7cc057 100644 --- a/node_modules/@npmcli/arborist/lib/arborist/reify.js +++ b/node_modules/@npmcli/arborist/lib/arborist/reify.js @@ -233,7 +233,7 @@ module.exports = cls => class Reifier extends cls { const actualOpt = this[_global] ? { ignoreMissing: true, global: true, - filter: (node, kid) => !node.isRoot && node !== node.root.target + filter: (node, kid) => this[_explicitRequests].size === 0 || !node.isProjectRoot ? true : (node.edgesOut.has(kid) || this[_explicitRequests].has(kid)), } : { ignoreMissing: true } @@ -605,7 +605,7 @@ module.exports = cls => class Reifier extends cls { tree: this.diff, visit: diff => { const node = diff.ideal - if (node && !node.isRoot && node.package.bundleDependencies && + if (node && !node.isProjectRoot && node.package.bundleDependencies && node.package.bundleDependencies.length) { maxBundleDepth = Math.max(maxBundleDepth, node.depth) if (!bundlesByDepth.has(node.depth)) @@ -811,7 +811,7 @@ module.exports = cls => class Reifier extends cls { dfwalk({ tree: this.diff, leave: diff => { - if (!diff.ideal.isRoot) + if (!diff.ideal.isProjectRoot) nodes.push(diff.ideal) }, // process adds before changes, ignore removals diff --git a/node_modules/@npmcli/arborist/lib/node.js b/node_modules/@npmcli/arborist/lib/node.js index 01147b9d48da8..9a6b86e4021b8 100644 --- a/node_modules/@npmcli/arborist/lib/node.js +++ b/node_modules/@npmcli/arborist/lib/node.js @@ -247,7 +247,7 @@ class Node { // true for packages installed directly in the global node_modules folder get globalTop () { - return this.global && this.parent.isRoot + return this.global && this.parent.isProjectRoot } get workspaces () { @@ -294,8 +294,11 @@ class Node { const { name = '', version = '' } = this.package // root package will prefer package name over folder name, // and never be called an alias. - const myname = this.isRoot ? name || this.name : this.name - const alias = !this.isRoot && name && myname !== name ? `npm:${name}@` : '' + const { isProjectRoot } = this + const myname = isProjectRoot ? name || this.name + : this.name + const alias = !isProjectRoot && name && myname !== name ? `npm:${name}@` + : '' return `${myname}@${alias}${version}` } @@ -339,14 +342,14 @@ class Node { } [_explain] (edge, seen) { - if (this.isRoot && !this.sourceReference) { + if (this.isProjectRoot && !this.sourceReference) { return { location: this.path, } } const why = { - name: this.isRoot ? this.package.name : this.name, + name: this.isProjectRoot ? this.package.name : this.name, version: this.package.version, } if (this.errors.length || !this.package.name || !this.package.version) { @@ -384,7 +387,7 @@ class Node { // and are not keeping it held in this spot anyway. const edges = [] for (const edge of this.edgesIn) { - if (!edge.valid && !edge.from.isRoot) + if (!edge.valid && !edge.from.isProjectRoot) continue edges.push(edge) @@ -453,7 +456,7 @@ class Node { } get isWorkspace () { - if (this.isRoot) + if (this.isProjectRoot) return false const { root } = this const { type, to } = root.edgesOut.get(this.package.name) || {} @@ -733,7 +736,9 @@ class Node { // Linked targets that are disconnected from the tree are tops, // but don't have a 'path' field, only a 'realpath', because we // don't know their canonical location. We don't need their devDeps. - if (this.isTop && this.path && !this.sourceReference) + const { isTop, path, sourceReference } = this + const { isTop: srcTop, path: srcPath } = sourceReference || {} + if (isTop && path && (!sourceReference || srcTop && srcPath)) this[_loadDepType](this.package.devDependencies, 'dev') const pd = this.package.peerDependencies @@ -902,8 +907,8 @@ class Node { if (this.isLink) return node.isLink && this.target.matches(node.target) - // if they're two root nodes, they're different if the paths differ - if (this.isRoot && node.isRoot) + // if they're two project root nodes, they're different if the paths differ + if (this.isProjectRoot && node.isProjectRoot) return this.path === node.path // if the integrity matches, then they're the same. diff --git a/node_modules/@npmcli/arborist/package.json b/node_modules/@npmcli/arborist/package.json index bf0de29939182..2107652c6754d 100644 --- a/node_modules/@npmcli/arborist/package.json +++ b/node_modules/@npmcli/arborist/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/arborist", - "version": "2.1.0", + "version": "2.1.1", "description": "Manage node_modules trees", "dependencies": { "@npmcli/installed-package-contents": "^1.0.5", @@ -20,7 +20,7 @@ "npm-package-arg": "^8.1.0", "npm-pick-manifest": "^6.1.0", "npm-registry-fetch": "^9.0.0", - "pacote": "^11.2.3", + "pacote": "^11.2.4", "parse-conflict-json": "^1.1.1", "promise-all-reject-late": "^1.0.0", "promise-call-limit": "^1.0.1", @@ -55,7 +55,7 @@ "postversion": "npm publish", "prepublishOnly": "git push origin --follow-tags", "eslint": "eslint", - "lint": "npm run eslint -- \"lib/**/*.js\"", + "lint": "npm run eslint -- \"lib/**/*.js\" \"test/arborist/*.js\" \"test/*.js\"", "lintfix": "npm run lint -- --fix", "benchmark": "node scripts/benchmark.js", "benchclean": "rm -rf scripts/benchmark/*/" diff --git a/node_modules/pacote/lib/fetcher.js b/node_modules/pacote/lib/fetcher.js index c4e5852daf8a8..ad3cacec89bf4 100644 --- a/node_modules/pacote/lib/fetcher.js +++ b/node_modules/pacote/lib/fetcher.js @@ -103,7 +103,7 @@ class FetcherBase { this.npmBin = opts.npmBin || 'npm' // command to install deps for preparing - this.npmInstallCmd = opts.npmInstallCmd || [ 'install' ] + this.npmInstallCmd = opts.npmInstallCmd || [ 'install', '--force' ] // XXX fill more of this in based on what we know from this.opts // we explicitly DO NOT fill in --tag, though, since we are often diff --git a/node_modules/pacote/package.json b/node_modules/pacote/package.json index b55685a48b241..959cb1ec48831 100644 --- a/node_modules/pacote/package.json +++ b/node_modules/pacote/package.json @@ -1,6 +1,6 @@ { "name": "pacote", - "version": "11.2.3", + "version": "11.2.4", "description": "JavaScript package downloader", "author": "Isaac Z. Schlueter (https://izs.me)", "bin": { diff --git a/package-lock.json b/package-lock.json index 7536487824b24..aba69288a1c00 100644 --- a/package-lock.json +++ b/package-lock.json @@ -358,7 +358,7 @@ ], "license": "Artistic-2.0", "dependencies": { - "@npmcli/arborist": "^2.1.0", + "@npmcli/arborist": "^2.1.1", "@npmcli/ci-detect": "^1.2.0", "@npmcli/config": "^1.2.8", "@npmcli/run-script": "^1.8.1", @@ -687,9 +687,9 @@ } }, "node_modules/@npmcli/arborist": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.1.0.tgz", - "integrity": "sha512-ltBA6olA04/Gt1KJ2YTE5V0Bxi2U4to7psst6JFlRHBfqxE6LiHKbqqiIRXB5qmW0c+26LOR9ocH+NxKjddX8w==", + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.1.1.tgz", + "integrity": "sha512-zt+dabNvSuhQMlmJL4H0YV4mGujylxgxeXPWSSjMjMoZI3laniHUB+oGOhJi/k68FVoZ/o/Aevi4rWDClfm5ZQ==", "inBundle": true, "dependencies": { "@npmcli/installed-package-contents": "^1.0.5", @@ -709,7 +709,7 @@ "npm-package-arg": "^8.1.0", "npm-pick-manifest": "^6.1.0", "npm-registry-fetch": "^9.0.0", - "pacote": "^11.2.3", + "pacote": "^11.2.4", "parse-conflict-json": "^1.1.1", "promise-all-reject-late": "^1.0.0", "promise-call-limit": "^1.0.1", @@ -5381,9 +5381,9 @@ } }, "node_modules/pacote": { - "version": "11.2.3", - "resolved": "https://registry.npmjs.org/pacote/-/pacote-11.2.3.tgz", - "integrity": "sha512-Jphxyk1EjGyLzNwa+MkbcQUQeTIqlKcIoPq0t9ekR9ZxsTGjzhRjz/cOoL9PTVkqAW1FH7qBoVbYL4FqQGNNJg==", + "version": "11.2.4", + "resolved": "https://registry.npmjs.org/pacote/-/pacote-11.2.4.tgz", + "integrity": "sha512-GfTeVQGJ6WyBQbQD4t3ocHbyOmTQLmWjkCKSZPmKiGFKYKNUaM5U2gbLzUW8WG1XmS9yQFnsTFA0k3o1+q4klQ==", "inBundle": true, "dependencies": { "@npmcli/git": "^2.0.1", @@ -9924,9 +9924,9 @@ } }, "@npmcli/arborist": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.1.0.tgz", - "integrity": "sha512-ltBA6olA04/Gt1KJ2YTE5V0Bxi2U4to7psst6JFlRHBfqxE6LiHKbqqiIRXB5qmW0c+26LOR9ocH+NxKjddX8w==", + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.1.1.tgz", + "integrity": "sha512-zt+dabNvSuhQMlmJL4H0YV4mGujylxgxeXPWSSjMjMoZI3laniHUB+oGOhJi/k68FVoZ/o/Aevi4rWDClfm5ZQ==", "requires": { "@npmcli/installed-package-contents": "^1.0.5", "@npmcli/map-workspaces": "^1.0.1", @@ -9945,7 +9945,7 @@ "npm-package-arg": "^8.1.0", "npm-pick-manifest": "^6.1.0", "npm-registry-fetch": "^9.0.0", - "pacote": "^11.2.3", + "pacote": "^11.2.4", "parse-conflict-json": "^1.1.1", "promise-all-reject-late": "^1.0.0", "promise-call-limit": "^1.0.1", @@ -13372,9 +13372,9 @@ } }, "pacote": { - "version": "11.2.3", - "resolved": "https://registry.npmjs.org/pacote/-/pacote-11.2.3.tgz", - "integrity": "sha512-Jphxyk1EjGyLzNwa+MkbcQUQeTIqlKcIoPq0t9ekR9ZxsTGjzhRjz/cOoL9PTVkqAW1FH7qBoVbYL4FqQGNNJg==", + "version": "11.2.4", + "resolved": "https://registry.npmjs.org/pacote/-/pacote-11.2.4.tgz", + "integrity": "sha512-GfTeVQGJ6WyBQbQD4t3ocHbyOmTQLmWjkCKSZPmKiGFKYKNUaM5U2gbLzUW8WG1XmS9yQFnsTFA0k3o1+q4klQ==", "requires": { "@npmcli/git": "^2.0.1", "@npmcli/installed-package-contents": "^1.0.5", diff --git a/package.json b/package.json index 3c967869a6dcc..3c2a06c0e68a6 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,7 @@ "./package.json": "./package.json" }, "dependencies": { - "@npmcli/arborist": "^2.1.0", + "@npmcli/arborist": "^2.1.1", "@npmcli/ci-detect": "^1.2.0", "@npmcli/config": "^1.2.8", "@npmcli/run-script": "^1.8.1",