@npmcli/arborist 2.8.2 → 2.9.0

package/bin/actual.js

@@ -7,12 +7,14 @@ require('./lib/timers.js')
 const start = process.hrtime()
 new Arborist(options).loadActual(options).then(tree => {
   const end = process.hrtime(start)
-  if (!process.argv.includes('--quiet'))
+  if (!process.argv.includes('--quiet')) {
     print(tree)
+  }
 
   console.error(`read ${tree.inventory.size} deps in ${end[0] * 1000 + end[1] / 1e6}ms`)
-  if (options.save)
+  if (options.save) {
     tree.meta.save()
+  }
   if (options.saveHidden) {
     tree.meta.hiddenLockfile = true
     tree.meta.filename = options.path + '/node_modules/.package-lock.json'

package/bin/audit.js

@@ -7,12 +7,14 @@ require('./lib/logging.js')
 
 const Vuln = require('../lib/vuln.js')
 const printReport = report => {
-  for (const vuln of report.values())
+  for (const vuln of report.values()) {
     console.log(printVuln(vuln))
+  }
   if (report.topVulns.size) {
     console.log('\n# top-level vulnerabilities')
-    for (const vuln of report.topVulns.values())
+    for (const vuln of report.topVulns.values()) {
       console.log(printVuln(vuln))
+    }
   }
 }
 
@@ -37,12 +39,16 @@ const arb = new Arborist(options)
 arb.audit(options).then(tree => {
   process.emit('timeEnd', 'audit script')
   const end = process.hrtime(start)
-  if (options.fix)
+  if (options.fix) {
     print(tree)
-  if (!options.quiet)
+  }
+  if (!options.quiet) {
     printReport(arb.auditReport)
-  if (options.fix)
+  }
+  if (options.fix) {
     console.error(`resolved ${tree.inventory.size} deps in ${end[0] + end[1] / 1e9}s`)
-  if (tree.meta && options.save)
+  }
+  if (tree.meta && options.save) {
     tree.meta.save()
+  }
 }).catch(er => console.error(er))

package/bin/dedupe.js

@@ -10,8 +10,9 @@ const printDiff = diff => {
   depth({
     tree: diff,
     visit: d => {
-      if (d.location === '')
+      if (d.location === '') {
         return
+      }
       switch (d.action) {
         case 'REMOVE':
           console.error('REMOVE', d.actual.location)
@@ -38,9 +39,11 @@ arb.dedupe(options).then(tree => {
   process.emit('timeEnd', 'install')
   const end = process.hrtime(start)
   print(tree)
-  if (options.dryRun)
+  if (options.dryRun) {
     printDiff(arb.diff)
+  }
   console.error(`resolved ${tree.inventory.size} deps in ${end[0] + end[1] / 1e9}s`)
-  if (tree.meta && options.save)
+  if (tree.meta && options.save) {
     tree.meta.save()
+  }
 }).catch(er => console.error(require('util').inspect(er, { depth: Infinity })))

package/bin/funding.js

@@ -19,13 +19,15 @@ a.loadVirtual().then(tree => {
   const end = process.hrtime(start)
   if (!query) {
     for (const node of tree.inventory.values()) {
-      if (node.package.funding)
+      if (node.package.funding) {
         console.log(node.name, node.location, node.package.funding)
+      }
     }
   } else {
     for (const node of tree.inventory.query('name', query)) {
-      if (node.package.funding)
+      if (node.package.funding) {
         console.log(node.name, node.location, node.package.funding)
+      }
     }
   }
   console.error(`read ${tree.inventory.size} deps in ${end[0] * 1000 + end[1] / 1e6}ms`)

package/bin/ideal.js

@@ -11,8 +11,9 @@ new Arborist(options).buildIdealTree(options).then(tree => {
   const end = process.hrtime(start)
   print(tree)
   console.error(`resolved ${tree.inventory.size} deps in ${end[0] + end[1] / 10e9}s`)
-  if (tree.meta && options.save)
+  if (tree.meta && options.save) {
     tree.meta.save()
+  }
 }).catch(er => {
   const opt = { depth: Infinity, color: true }
   console.error(er.code === 'ERESOLVE' ? inspect(er, opt) : er)

package/bin/lib/logging.js

@@ -24,12 +24,13 @@ const colors = process.stderr.isTTY
 const magenta = colors ? msg => `\x1B[35m${msg}\x1B[39m` : m => m
 if (loglevel !== 'silent') {
   process.on('log', (level, ...args) => {
-    if (levelMap.get(level) < levelMap.get(loglevel))
+    if (levelMap.get(level) < levelMap.get(loglevel)) {
       return
+    }
     const pref = `${process.pid} ${magenta(level)} `
-    if (level === 'warn' && args[0] === 'ERESOLVE')
+    if (level === 'warn' && args[0] === 'ERESOLVE') {
       args[2] = inspect(args[2], { depth: 10, colors })
-    else {
+    } else {
       args = args.map(a => {
         return typeof a === 'string' ? a
           : inspect(a, { depth: 10, colors })

package/bin/lib/options.js

@@ -11,17 +11,17 @@ for (const arg of process.argv.slice(2)) {
   } else if (/^--rm=/.test(arg)) {
     options.rm = options.rm || []
     options.rm.push(arg.substr('--rm='.length))
-  } else if (arg === '--global')
+  } else if (arg === '--global') {
     options.global = true
-  else if (arg === '--global-style')
+  } else if (arg === '--global-style') {
     options.globalStyle = true
-  else if (arg === '--prefer-dedupe')
+  } else if (arg === '--prefer-dedupe') {
     options.preferDedupe = true
-  else if (arg === '--legacy-peer-deps')
+  } else if (arg === '--legacy-peer-deps') {
     options.legacyPeerDeps = true
-  else if (arg === '--force')
+  } else if (arg === '--force') {
     options.force = true
-  else if (arg === '--update-all') {
+  } else if (arg === '--update-all') {
     options.update = options.update || {}
     options.update.all = true
   } else if (/^--update=/.test(arg)) {
@@ -31,9 +31,9 @@ for (const arg of process.argv.slice(2)) {
   } else if (/^--omit=/.test(arg)) {
     options.omit = options.omit || []
     options.omit.push(arg.substr('--omit='.length))
-  } else if (/^--before=/.test(arg))
+  } else if (/^--before=/.test(arg)) {
     options.before = new Date(arg.substr('--before='.length))
-  else if (/^-w.+/.test(arg)) {
+  } else if (/^-w.+/.test(arg)) {
     options.workspaces = options.workspaces || []
     options.workspaces.push(arg.replace(/^-w/, ''))
   } else if (/^--workspace=/.test(arg)) {
@@ -43,15 +43,17 @@ for (const arg of process.argv.slice(2)) {
     const [key, ...v] = arg.replace(/^--/, '').split('=')
     const val = v.join('=')
     options[key] = val === 'false' ? false : val === 'true' ? true : val
-  } else if (/^--.+/.test(arg))
+  } else if (/^--.+/.test(arg)) {
     options[arg.replace(/^--/, '')] = true
-  else if (options.path === undefined)
+  } else if (options.path === undefined) {
     options.path = arg
-  else
+  } else {
     options._.push(arg)
+  }
 }
 
-if (options.path === undefined)
+if (options.path === undefined) {
   options.path = '.'
+}
 
 console.error(options)

package/bin/lib/timers.js

@@ -3,21 +3,24 @@ const { format } = require('util')
 const options = require('./options.js')
 
 process.on('time', name => {
-  if (timers[name])
+  if (timers[name]) {
     throw new Error('conflicting timer! ' + name)
+  }
   timers[name] = process.hrtime()
 })
 
 const dim = process.stderr.isTTY ? msg => `\x1B[2m${msg}\x1B[22m` : m => m
 const red = process.stderr.isTTY ? msg => `\x1B[31m${msg}\x1B[39m` : m => m
 process.on('timeEnd', name => {
-  if (!timers[name])
+  if (!timers[name]) {
     throw new Error('timer not started! ' + name)
+  }
   const res = process.hrtime(timers[name])
   delete timers[name]
   const msg = format(`${process.pid} ${name}`, res[0] * 1e3 + res[1] / 1e6)
-  if (options.timers !== false)
+  if (options.timers !== false) {
     console.error(dim(msg))
+  }
 })
 
 process.on('exit', () => {

package/bin/license.js

@@ -8,27 +8,31 @@ const query = options._.shift()
 
 a.loadVirtual().then(tree => {
   // only load the actual tree if the virtual one doesn't have modern metadata
-  if (!tree.meta || !(tree.meta.originalLockfileVersion >= 2))
+  if (!tree.meta || !(tree.meta.originalLockfileVersion >= 2)) {
     throw 'load actual'
-  else
+  } else {
     return tree
+  }
 }).catch((er) => {
   console.error('loading actual tree', er)
   return a.loadActual()
 }).then(tree => {
   if (!query) {
     const set = []
-    for (const license of tree.inventory.query('license'))
+    for (const license of tree.inventory.query('license')) {
       set.push([tree.inventory.query('license', license).size, license])
+    }
 
     for (const [count, license] of set.sort((a, b) =>
       a[1] && b[1] ? b[0] - a[0] || a[1].localeCompare(b[1], 'en')
       : a[1] ? -1
       : b[1] ? 1
-      : 0))
+      : 0)) {
       console.log(count, license)
+    }
   } else {
-    for (const node of tree.inventory.query('license', query === 'undefined' ? undefined : query))
+    for (const node of tree.inventory.query('license', query === 'undefined' ? undefined : query)) {
       console.log(`${node.name} ${node.location} ${node.package.description || ''}`)
+    }
   }
 })

package/bin/prune.js

@@ -10,8 +10,9 @@ const printDiff = diff => {
   depth({
     tree: diff,
     visit: d => {
-      if (d.location === '')
+      if (d.location === '') {
         return
+      }
       switch (d.action) {
         case 'REMOVE':
           console.error('REMOVE', d.actual.location)
@@ -38,9 +39,11 @@ arb.prune(options).then(tree => {
   process.emit('timeEnd', 'install')
   const end = process.hrtime(start)
   print(tree)
-  if (options.dryRun)
+  if (options.dryRun) {
     printDiff(arb.diff)
+  }
   console.error(`resolved ${tree.inventory.size} deps in ${end[0] + end[1] / 1e9}s`)
-  if (tree.meta && options.save)
+  if (tree.meta && options.save) {
     tree.meta.save()
+  }
 }).catch(er => console.error(require('util').inspect(er, { depth: Infinity })))

package/bin/reify.js

@@ -10,8 +10,9 @@ const printDiff = diff => {
   depth({
     tree: diff,
     visit: d => {
-      if (d.location === '')
+      if (d.location === '') {
         return
+      }
       switch (d.action) {
         case 'REMOVE':
           console.error('REMOVE', d.actual.location)
@@ -38,9 +39,11 @@ arb.reify(options).then(tree => {
   process.emit('timeEnd', 'install')
   const end = process.hrtime(start)
   print(tree)
-  if (options.dryRun)
+  if (options.dryRun) {
     printDiff(arb.diff)
+  }
   console.error(`resolved ${tree.inventory.size} deps in ${end[0] + end[1] / 1e9}s`)
-  if (tree.meta && options.save)
+  if (tree.meta && options.save) {
     tree.meta.save()
+  }
 }).catch(er => console.error(require('util').inspect(er, { depth: Infinity })))

package/bin/virtual.js

@@ -8,9 +8,11 @@ require('./lib/timers.js')
 const start = process.hrtime()
 new Arborist(options).loadVirtual().then(tree => {
   const end = process.hrtime(start)
-  if (!options.quiet)
+  if (!options.quiet) {
     print(tree)
-  if (options.save)
+  }
+  if (options.save) {
     tree.meta.save()
+  }
   console.error(`read ${tree.inventory.size} deps in ${end[0] * 1000 + end[1] / 1e6}ms`)
 }).catch(er => console.error(er))

package/lib/add-rm-pkg-deps.js

@@ -1,8 +1,11 @@
 // add and remove dependency specs to/from pkg manifest
 
+const localeCompare = require('@isaacs/string-locale-compare')('en')
+
 const add = ({pkg, add, saveBundle, saveType, log}) => {
-  for (const spec of add)
+  for (const spec of add) {
     addSingle({pkg, spec, saveBundle, saveType, log})
+  }
 
   return pkg
 }
@@ -24,8 +27,9 @@ const addSingle = ({pkg, spec, saveBundle, saveType, log}) => {
   // to keep based on the same order of priority we do when
   // building the tree as defined in the _loadDeps method of
   // the node class.
-  if (!saveType)
+  if (!saveType) {
     saveType = inferSaveType(pkg, spec.name)
+  }
 
   if (saveType === 'prod') {
     // a production dependency can only exist as production (rpj ensures it
@@ -48,8 +52,9 @@ const addSingle = ({pkg, spec, saveBundle, saveType, log}) => {
   const depType = saveTypeMap.get(saveType)
 
   pkg[depType] = pkg[depType] || {}
-  if (rawSpec !== '' || pkg[depType][name] === undefined)
+  if (rawSpec !== '' || pkg[depType][name] === undefined) {
     pkg[depType][name] = rawSpec || '*'
+  }
   if (saveType === 'optional') {
     // Affordance for previous npm versions that require this behaviour
     pkg.dependencies = pkg.dependencies || {}
@@ -58,24 +63,25 @@ const addSingle = ({pkg, spec, saveBundle, saveType, log}) => {
 
   if (saveType === 'peer' || saveType === 'peerOptional') {
     const pdm = pkg.peerDependenciesMeta || {}
-    if (saveType === 'peer' && pdm[name] && pdm[name].optional)
+    if (saveType === 'peer' && pdm[name] && pdm[name].optional) {
       pdm[name].optional = false
-    else if (saveType === 'peerOptional') {
+    } else if (saveType === 'peerOptional') {
       pdm[name] = pdm[name] || {}
       pdm[name].optional = true
       pkg.peerDependenciesMeta = pdm
     }
     // peerDeps are often also a devDep, so that they can be tested when
     // using package managers that don't auto-install peer deps
-    if (pkg.devDependencies && pkg.devDependencies[name] !== undefined)
+    if (pkg.devDependencies && pkg.devDependencies[name] !== undefined) {
       pkg.devDependencies[name] = pkg.peerDependencies[name]
+    }
   }
 
   if (saveBundle && saveType !== 'peer' && saveType !== 'peerOptional') {
     // keep it sorted, keep it unique
     const bd = new Set(pkg.bundleDependencies || [])
     bd.add(spec.name)
-    pkg.bundleDependencies = [...bd].sort((a, b) => a.localeCompare(b, 'en'))
+    pkg.bundleDependencies = [...bd].sort(localeCompare)
   }
 }
 
@@ -87,47 +93,54 @@ const inferSaveType = (pkg, name) => {
         saveType === 'peerOptional' &&
         (!hasSubKey(pkg, 'peerDependenciesMeta', name) ||
         !pkg.peerDependenciesMeta[name].optional)
-      )
+      ) {
         return 'peer'
+      }
       return saveType
     }
   }
   return 'prod'
 }
 
+const { hasOwnProperty } = Object.prototype
 const hasSubKey = (pkg, depType, name) => {
-  return pkg[depType] && Object.prototype.hasOwnProperty.call(pkg[depType], name)
+  return pkg[depType] && hasOwnProperty.call(pkg[depType], name)
 }
 
 // Removes a subkey and warns about it if it's being replaced
 const deleteSubKey = (pkg, depType, name, replacedBy, log) => {
   if (hasSubKey(pkg, depType, name)) {
-    if (replacedBy && log)
+    if (replacedBy && log) {
       log.warn('idealTree', `Removing ${depType}.${name} in favor of ${replacedBy}.${name}`)
+    }
     delete pkg[depType][name]
 
-    // clean up peerDependenciesMeta if we are removing something from peerDependencies
+    // clean up peerDepsMeta if we are removing something from peerDependencies
     if (depType === 'peerDependencies' && pkg.peerDependenciesMeta) {
       delete pkg.peerDependenciesMeta[name]
-      if (!Object.keys(pkg.peerDependenciesMeta).length)
+      if (!Object.keys(pkg.peerDependenciesMeta).length) {
         delete pkg.peerDependenciesMeta
+      }
     }
 
-    if (!Object.keys(pkg[depType]).length)
+    if (!Object.keys(pkg[depType]).length) {
       delete pkg[depType]
+    }
   }
 }
 
 const rm = (pkg, rm) => {
   for (const depType of new Set(saveTypeMap.values())) {
-    for (const name of rm)
+    for (const name of rm) {
       deleteSubKey(pkg, depType, name)
+    }
   }
   if (pkg.bundleDependencies) {
     pkg.bundleDependencies = pkg.bundleDependencies
       .filter(name => !rm.includes(name))
-    if (!pkg.bundleDependencies.length)
+    if (!pkg.bundleDependencies.length) {
       delete pkg.bundleDependencies
+    }
   }
   return pkg
 }

package/lib/arborist/audit.js

@@ -22,8 +22,9 @@ module.exports = cls => class Auditor extends cls {
 
     process.emit('time', 'audit')
     const tree = await this.loadVirtual()
-    if (this[_workspaces] && this[_workspaces].length)
+    if (this[_workspaces] && this[_workspaces].length) {
       options.filterSet = this.workspaceDependencySet(tree, this[_workspaces])
+    }
     this.auditReport = await AuditReport.load(tree, options)
     const ret = options.fix ? this.reify(options) : this.auditReport
     process.emit('timeEnd', 'audit')