@npmcli/arborist@2.2.3 #2727

isaacs · 2021-02-18T23:20:31Z

#1875
npm/arborist#230 Set default
advisory severity/vulnerable_range when missing from audit endpoint
data (@isaacs)
npm/arborist#231 skip
optional deps with mismatched platform or engine
(@nlf)
#2251 Unpack shrinkwrapped deps
not already unpacked (@isaacs,
@nlf)
#2714 Do not write package.json
if nothing changed (@isaacs)
npm/rfcs#324 Prefer peer over
prod dep, if both specified (@isaacs)
npm/arborist#236 Fix
additional peerOptional conflict cases
(@isaacs)

References

@isaacs

* [#1875](#1875) [npm/arborist#230](npm/arborist#230) Set default advisory `severity`/`vulnerable_range` when missing from audit endpoint data ([@isaacs](https://github.com/isaacs)) * [npm/arborist#231](npm/arborist#231) skip optional deps with mismatched platform or engine ([@nlf](https://github.com/nlf)) * [#2251](#2251) Unpack shrinkwrapped deps not already unpacked ([@isaacs](https://github.com/isaacs), [@nlf](https://github.com/nlf)) * [#2714](#2714) Do not write package.json if nothing changed ([@isaacs](https://github.com/isaacs)) * [npm/rfcs#324](npm/rfcs#324) Prefer peer over prod dep, if both specified ([@isaacs](https://github.com/isaacs)) * [npm/arborist#236](npm/arborist#236) Fix additional peerOptional conflict cases ([@isaacs](https://github.com/isaacs))

isaacs requested a review from a team as a code owner February 18, 2021 23:20

isaacs merged commit 8c36697 into release/v7.5.5 Feb 18, 2021

isaacs deleted the isaacs/release-v7.5.5-arborist-update branch February 18, 2021 23:32