diff options
author | npm-robot <ops+robot@npmjs.com> | 2022-02-07 22:15:05 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-02-07 20:15:05 +0000 |
commit | af7caf8d4746ca527f7fee97b0dea18c026538d0 (patch) | |
tree | 732490e8f22597b76993b6b6178d0efd122e3ac8 /deps/npm/node_modules/@npmcli/arborist | |
parent | f7ff2ff304404751de4f1528d727413f4da930a9 (diff) | |
download | node-new-af7caf8d4746ca527f7fee97b0dea18c026538d0.tar.gz |
deps: upgrade npm to 8.4.1
PR-URL: https://github.com/nodejs/node/pull/41836
Reviewed-By: Ruy Adorno <ruyadorno@github.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Diffstat (limited to 'deps/npm/node_modules/@npmcli/arborist')
5 files changed, 51 insertions, 7 deletions
diff --git a/deps/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js b/deps/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js index f20a554bd5..0375e18514 100644 --- a/deps/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js +++ b/deps/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js @@ -269,6 +269,22 @@ module.exports = cls => class IdealTreeBuilder extends cls { this[_complete] = !!options.complete this[_preferDedupe] = !!options.preferDedupe this[_legacyBundling] = !!options.legacyBundling + + // validates list of update names, they must + // be dep names only, no semver ranges are supported + for (const name of update.names) { + const spec = npa(name) + const validationError = + new TypeError(`Update arguments must not contain package version specifiers + +Try using the package name instead, e.g: + npm update ${spec.name}`) + validationError.code = 'EUPDATEARGS' + + if (spec.fetchSpec !== 'latest') { + throw validationError + } + } this[_updateNames] = update.names this[_updateAll] = update.all @@ -320,7 +336,7 @@ module.exports = cls => class IdealTreeBuilder extends cls { // Load on a new Arborist object, so the Nodes aren't the same, // or else it'll get super confusing when we change them! .then(async root => { - if (!this[_updateAll] && !this[_global] && !root.meta.loadedFromDisk) { + if ((!this[_updateAll] && !this[_global] && !root.meta.loadedFromDisk) || (this[_global] && this[_updateNames].length)) { await new this.constructor(this.options).loadActual({ root }) const tree = root.target // even though we didn't load it from a package-lock.json FILE, diff --git a/deps/npm/node_modules/@npmcli/arborist/lib/arborist/load-actual.js b/deps/npm/node_modules/@npmcli/arborist/lib/arborist/load-actual.js index 0d260858d8..c06ed80265 100644 --- a/deps/npm/node_modules/@npmcli/arborist/lib/arborist/load-actual.js +++ b/deps/npm/node_modules/@npmcli/arborist/lib/arborist/load-actual.js @@ -212,7 +212,8 @@ module.exports = cls => class ActualLoader extends cls { const promises = [] for (const path of tree.workspaces.values()) { if (!this[_cache].has(path)) { - const p = this[_loadFSNode]({ path, root: this[_actualTree] }) + // workspace overrides use the root overrides + const p = this[_loadFSNode]({ path, root: this[_actualTree], useRootOverrides: true }) .then(node => this[_loadFSTree](node)) promises.push(p) } @@ -240,7 +241,7 @@ module.exports = cls => class ActualLoader extends cls { this[_actualTree] = root } - [_loadFSNode] ({ path, parent, real, root, loadOverrides }) { + [_loadFSNode] ({ path, parent, real, root, loadOverrides, useRootOverrides }) { if (!real) { return realpath(path, this[_rpcache], this[_stcache]) .then( @@ -250,6 +251,7 @@ module.exports = cls => class ActualLoader extends cls { real, root, loadOverrides, + useRootOverrides, }), // if realpath fails, just provide a dummy error node error => new Node({ @@ -289,6 +291,9 @@ module.exports = cls => class ActualLoader extends cls { parent, root, loadOverrides, + ...(useRootOverrides && root.overrides + ? { overrides: root.overrides.getNodeRule({ name: pkg.name, version: pkg.version }) } + : {}), }) }) .then(node => { diff --git a/deps/npm/node_modules/@npmcli/arborist/lib/arborist/reify.js b/deps/npm/node_modules/@npmcli/arborist/lib/arborist/reify.js index d5e7032383..45ef939853 100644 --- a/deps/npm/node_modules/@npmcli/arborist/lib/arborist/reify.js +++ b/deps/npm/node_modules/@npmcli/arborist/lib/arborist/reify.js @@ -5,6 +5,7 @@ const pacote = require('pacote') const AuditReport = require('../audit-report.js') const { subset, intersects } = require('semver') const npa = require('npm-package-arg') +const semver = require('semver') const debug = require('../debug.js') const walkUp = require('walk-up-path') @@ -1273,6 +1274,21 @@ module.exports = cls => class Reifier extends cls { } } + // Returns true if any of the edges from this node has a semver + // range definition that is an exact match to the version installed + // e.g: should return true if for a given an installed version 1.0.0, + // range is either =1.0.0 or 1.0.0 + const exactVersion = node => { + for (const edge of node.edgesIn) { + try { + if (semver.subset(edge.spec, node.version)) { + return false + } + } catch {} + } + return true + } + // helper that retrieves an array of nodes that were // potentially updated during the reify process, in order // to limit the number of nodes to check and update, only @@ -1284,6 +1300,8 @@ module.exports = cls => class Reifier extends cls { const filterDirectDependencies = node => !node.isRoot && node.resolveParent.isRoot && (!names || names.includes(node.name)) + && exactVersion(node) // skip update for exact ranges + const directDeps = this.idealTree.inventory .filter(filterDirectDependencies) diff --git a/deps/npm/node_modules/@npmcli/arborist/lib/shrinkwrap.js b/deps/npm/node_modules/@npmcli/arborist/lib/shrinkwrap.js index b45fea0ac6..bb6971f7ad 100644 --- a/deps/npm/node_modules/@npmcli/arborist/lib/shrinkwrap.js +++ b/deps/npm/node_modules/@npmcli/arborist/lib/shrinkwrap.js @@ -476,8 +476,13 @@ class Shrinkwrap { // all good! hidden lockfile is the newest thing in here. return data }).catch(er => { - const rel = relpath(this.path, this.filename) - this.log.verbose('shrinkwrap', `failed to load ${rel}`, er) + /* istanbul ignore else */ + if (typeof this.filename === 'string') { + const rel = relpath(this.path, this.filename) + this.log.verbose('shrinkwrap', `failed to load ${rel}`, er) + } else { + this.log.verbose('shrinkwrap', `failed to load ${this.path}`, er) + } this.loadingError = er this.loadedFromDisk = false this.ancientLockfile = false diff --git a/deps/npm/node_modules/@npmcli/arborist/package.json b/deps/npm/node_modules/@npmcli/arborist/package.json index 493a0a78c5..5c33f71678 100644 --- a/deps/npm/node_modules/@npmcli/arborist/package.json +++ b/deps/npm/node_modules/@npmcli/arborist/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/arborist", - "version": "4.2.1", + "version": "4.3.0", "description": "Manage node_modules trees", "dependencies": { "@isaacs/string-locale-compare": "^1.1.0", @@ -22,7 +22,7 @@ "npm-install-checks": "^4.0.0", "npm-package-arg": "^8.1.5", "npm-pick-manifest": "^6.1.0", - "npm-registry-fetch": "^11.0.0", + "npm-registry-fetch": "^12.0.1", "pacote": "^12.0.2", "parse-conflict-json": "^2.0.1", "proc-log": "^1.0.0", |