From 9b311fe522077c7f8a242b94b0e1dbe746992bef Mon Sep 17 00:00:00 2001 From: isaacs Date: Mon, 22 Feb 2021 12:36:24 -0800 Subject: [PATCH] @npmcli/arborist@2.2.4 * Do not rely on underscore fields in `package.json` files * [#2736](https://github.com/npm/cli/issue/2736) Do not remove global packages when updating by name Fix: #2736 --- .../@npmcli/arborist/bin/lib/options.js | 4 +++- .../arborist/lib/arborist/build-ideal-tree.js | 2 ++ .../@npmcli/arborist/lib/arborist/reify.js | 6 +++--- .../@npmcli/arborist/lib/shrinkwrap.js | 10 ++++++++-- node_modules/@npmcli/arborist/package.json | 4 ++-- package-lock.json | 18 +++++++++--------- package.json | 2 +- 7 files changed, 28 insertions(+), 18 deletions(-) diff --git a/node_modules/@npmcli/arborist/bin/lib/options.js b/node_modules/@npmcli/arborist/bin/lib/options.js index 8f0dc2f120324..bf8e08ec22a57 100644 --- a/node_modules/@npmcli/arborist/bin/lib/options.js +++ b/node_modules/@npmcli/arborist/bin/lib/options.js @@ -31,7 +31,9 @@ for (const arg of process.argv.slice(2)) { } else if (/^--omit=/.test(arg)) { options.omit = options.omit || [] options.omit.push(arg.substr('--omit='.length)) - } else if (/^--[^=]+=/.test(arg)) { + } else if (/^--before=/.test(arg)) + options.before = new Date(arg.substr('--before='.length)) + else if (/^--[^=]+=/.test(arg)) { const [key, ...v] = arg.replace(/^--/, '').split('=') const val = v.join('=') options[key] = val === 'false' ? false : val === 'true' ? true : val diff --git a/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js b/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js index 789d1763fb22a..17b42f81bb39a 100644 --- a/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js +++ b/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js @@ -398,6 +398,8 @@ module.exports = cls => class IdealTreeBuilder extends cls { if (this[_global] && (this[_updateAll] || this[_updateNames].length)) { const nm = resolve(this.path, 'node_modules') for (const name of await readdir(nm).catch(() => [])) { + if (this[_updateNames].includes(name)) + this[_explicitRequests].add(name) tree.package.dependencies = tree.package.dependencies || {} if (this[_updateAll] || this[_updateNames].includes(name)) tree.package.dependencies[name] = '*' diff --git a/node_modules/@npmcli/arborist/lib/arborist/reify.js b/node_modules/@npmcli/arborist/lib/arborist/reify.js index 9854d2d0b59d3..c3ea1b43bbc76 100644 --- a/node_modules/@npmcli/arborist/lib/arborist/reify.js +++ b/node_modules/@npmcli/arborist/lib/arborist/reify.js @@ -236,9 +236,9 @@ module.exports = cls => class Reifier extends cls { const actualOpt = this[_global] ? { ignoreMissing: true, global: true, - filter: (node, kid) => this[_explicitRequests].size === 0 || !node.isProjectRoot - ? true - : (node.edgesOut.has(kid) || this[_explicitRequests].has(kid)), + filter: (node, kid) => + this[_explicitRequests].size === 0 || !node.isProjectRoot ? true + : (this.idealTree.edgesOut.has(kid) || this[_explicitRequests].has(kid)), } : { ignoreMissing: true } if (!this[_global]) { diff --git a/node_modules/@npmcli/arborist/lib/shrinkwrap.js b/node_modules/@npmcli/arborist/lib/shrinkwrap.js index 9254531e49d4a..f9f4297dbae86 100644 --- a/node_modules/@npmcli/arborist/lib/shrinkwrap.js +++ b/node_modules/@npmcli/arborist/lib/shrinkwrap.js @@ -59,6 +59,10 @@ const swKeyOrder = [ 'dependencies', ] +// used to rewrite from yarn registry to npm registry +const yarnRegRe = /^https?:\/\/registry.yarnpkg.com\// +const npmRegRe = /^https?:\/\/registry.npmjs.org\// + // sometimes resolved: is weird or broken, or something npa can't handle const specFromResolved = resolved => { try { @@ -291,8 +295,6 @@ class Shrinkwrap { if (fromYarn && fromYarn.version) { // if it's the yarn or npm default registry, use the version as // our effective spec. if it's any other kind of thing, use that. - const yarnRegRe = /^https?:\/\/registry.yarnpkg.com\// - const npmRegRe = /^https?:\/\/registry.npmjs.org\// const {resolved, version, integrity} = fromYarn const isYarnReg = spec.registry && yarnRegRe.test(resolved) const isnpmReg = spec.registry && !isYarnReg && npmRegRe.test(resolved) @@ -733,6 +735,7 @@ class Shrinkwrap { : !/file:/.test(node.resolved) ? node.resolved : consistentResolve(node.resolved, node.path, this.path, true) + const spec = npa(`${node.name}@${edge.spec}`) const entry = this.yarnLock.entries.get(`${node.name}@${edge.spec}`) if (!entry || @@ -741,6 +744,9 @@ class Shrinkwrap { mismatch(pathFixed, entry.resolved)) return + if (entry.resolved && yarnRegRe.test(entry.resolved) && spec.registry) + entry.resolved = entry.resolved.replace(yarnRegRe, 'https://registry.npmjs.org/') + node.integrity = node.integrity || entry.integrity || null node.resolved = node.resolved || consistentResolve(entry.resolved, this.path, node.path) || null diff --git a/node_modules/@npmcli/arborist/package.json b/node_modules/@npmcli/arborist/package.json index 678c51c980e63..77c11e7221816 100644 --- a/node_modules/@npmcli/arborist/package.json +++ b/node_modules/@npmcli/arborist/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/arborist", - "version": "2.2.3", + "version": "2.2.4", "description": "Manage node_modules trees", "dependencies": { "@npmcli/installed-package-contents": "^1.0.6", @@ -24,7 +24,7 @@ "parse-conflict-json": "^1.1.1", "promise-all-reject-late": "^1.0.0", "promise-call-limit": "^1.0.1", - "read-package-json-fast": "^2.0.1", + "read-package-json-fast": "^2.0.2", "readdir-scoped-modules": "^1.1.0", "semver": "^7.3.4", "tar": "^6.1.0", diff --git a/package-lock.json b/package-lock.json index 138d10e93b084..fa2d80623f49d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -252,7 +252,7 @@ ], "license": "Artistic-2.0", "dependencies": { - "@npmcli/arborist": "^2.2.3", + "@npmcli/arborist": "^2.2.4", "@npmcli/ci-detect": "^1.2.0", "@npmcli/config": "^1.2.9", "@npmcli/run-script": "^1.8.3", @@ -813,9 +813,9 @@ } }, "node_modules/@npmcli/arborist": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.2.3.tgz", - "integrity": "sha512-K7yWh9uQZ87o8ktcsr+5ummcshP6Jsif05T4F7j1jA8WNCN6CP6I/1ePEsi1fTjCwKF/TAYn2gLX719LbW7gCA==", + "version": "2.2.4", + "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.2.4.tgz", + "integrity": "sha512-JajrhRKOgHe/s3kC5OKc6j5hKv2C6dDLMXx0lDP3jU70rUyHV0w0bqUTYeJAcu1y+eyA4szj6/PUcIQUsQmCVQ==", "inBundle": true, "dependencies": { "@npmcli/installed-package-contents": "^1.0.6", @@ -839,7 +839,7 @@ "parse-conflict-json": "^1.1.1", "promise-all-reject-late": "^1.0.0", "promise-call-limit": "^1.0.1", - "read-package-json-fast": "^2.0.1", + "read-package-json-fast": "^2.0.2", "readdir-scoped-modules": "^1.1.0", "semver": "^7.3.4", "tar": "^6.1.0", @@ -11221,9 +11221,9 @@ "dev": true }, "@npmcli/arborist": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.2.3.tgz", - "integrity": "sha512-K7yWh9uQZ87o8ktcsr+5ummcshP6Jsif05T4F7j1jA8WNCN6CP6I/1ePEsi1fTjCwKF/TAYn2gLX719LbW7gCA==", + "version": "2.2.4", + "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.2.4.tgz", + "integrity": "sha512-JajrhRKOgHe/s3kC5OKc6j5hKv2C6dDLMXx0lDP3jU70rUyHV0w0bqUTYeJAcu1y+eyA4szj6/PUcIQUsQmCVQ==", "requires": { "@npmcli/installed-package-contents": "^1.0.6", "@npmcli/map-workspaces": "^1.0.2", @@ -11246,7 +11246,7 @@ "parse-conflict-json": "^1.1.1", "promise-all-reject-late": "^1.0.0", "promise-call-limit": "^1.0.1", - "read-package-json-fast": "^2.0.1", + "read-package-json-fast": "^2.0.2", "readdir-scoped-modules": "^1.1.0", "semver": "^7.3.4", "tar": "^6.1.0", diff --git a/package.json b/package.json index 81c1d6a1b9ba1..60c91d0346cf3 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,7 @@ "./package.json": "./package.json" }, "dependencies": { - "@npmcli/arborist": "^2.2.3", + "@npmcli/arborist": "^2.2.4", "@npmcli/ci-detect": "^1.2.0", "@npmcli/config": "^1.2.9", "@npmcli/run-script": "^1.8.3",