@npmcli/arborist 4.2.0 → 4.2.1

package/lib/arborist/build-ideal-tree.js

@@ -41,7 +41,7 @@ const _complete = Symbol('complete')
 const _depsSeen = Symbol('depsSeen')
 const _depsQueue = Symbol('depsQueue')
 const _currentDep = Symbol('currentDep')
-const _updateAll = Symbol('updateAll')
+const _updateAll = Symbol.for('updateAll')
 const _mutateTree = Symbol('mutateTree')
 const _flagsSuspect = Symbol.for('flagsSuspect')
 const _workspaces = Symbol.for('workspaces')
@@ -176,7 +176,7 @@ module.exports = cls => class IdealTreeBuilder extends cls {
   // public method
   async buildIdealTree (options = {}) {
     if (this.idealTree) {
-      return Promise.resolve(this.idealTree)
+      return this.idealTree
     }
 
     // allow the user to set reify options on the ctor as well.
@@ -194,8 +194,7 @@ module.exports = cls => class IdealTreeBuilder extends cls {
     process.emit('time', 'idealTree')
 
     if (!options.add && !options.rm && !options.update && this[_global]) {
-      const er = new Error('global requires add, rm, or update option')
-      return Promise.reject(er)
+      throw new Error('global requires add, rm, or update option')
     }
 
     // first get the virtual tree, if possible.  If there's a lockfile, then
@@ -334,6 +333,7 @@ module.exports = cls => class IdealTreeBuilder extends cls {
             root.meta.lockfileVersion = defaultLockfileVersion
           }
         }
+        root.meta.inferFormattingOptions(root.package)
         return root
       })
 
@@ -1180,6 +1180,11 @@ This is a one-time fix-up, please be patient...
           return true
         }
 
+        // If the edge is a workspace, and it's valid, leave it alone
+        if (edge.to.isWorkspace) {
+          return false
+        }
+
         // user explicitly asked to update this package by name, problem
         if (this[_updateNames].includes(edge.name)) {
           return true

package/lib/arborist/reify.js

@@ -58,6 +58,8 @@ const _bundleUnpacked = Symbol('bundleUnpacked')
 const _bundleMissing = Symbol('bundleMissing')
 const _reifyNode = Symbol.for('reifyNode')
 const _extractOrLink = Symbol('extractOrLink')
+const _updateAll = Symbol.for('updateAll')
+const _updateNames = Symbol.for('updateNames')
 // defined by rebuild mixin
 const _checkBins = Symbol.for('checkBins')
 const _symlink = Symbol('symlink')
@@ -1140,21 +1142,33 @@ module.exports = cls => class Reifier extends cls {
     // for install failures.  Those still end up in the shrinkwrap, so we
     // save it first, then prune out the optional trash, and then return it.
 
-    // support save=false option
-    if (options.save === false || this[_global] || this[_dryRun]) {
+    const save = !(options.save === false)
+
+    // we check for updates in order to make sure we run save ideal tree
+    // even though save=false since we want `npm update` to be able to
+    // write to package-lock files by default
+    const hasUpdates = this[_updateAll] || this[_updateNames].length
+
+    // we're going to completely skip save ideal tree in case of a global or
+    // dry-run install and also if the save option is set to false, EXCEPT for
+    // update since the expected behavior for npm7+ is for update to
+    // NOT save to package.json, we make that exception since we still want
+    // saveIdealTree to be able to write the lockfile by default.
+    const saveIdealTree = !(
+      (!save && !hasUpdates)
+      || this[_global]
+      || this[_dryRun]
+    )
+
+    if (!saveIdealTree) {
       return false
     }
 
     process.emit('time', 'reify:save')
 
     const updatedTrees = new Set()
-
-    // resolvedAdd is the list of user add requests, but with names added
-    // to things like git repos and tarball file/urls.  However, if the
-    // user requested 'foo@', and we have a foo@file:../foo, then we should
-    // end up saving the spec we actually used, not whatever they gave us.
-    if (this[_resolvedAdd].length) {
-      for (const { name, tree: addTree } of this[_resolvedAdd]) {
+    const updateNodes = nodes => {
+      for (const { name, tree: addTree } of nodes) {
         // addTree either the root, or a workspace
         const edge = addTree.edgesOut.get(name)
         const pkg = addTree.package
@@ -1168,7 +1182,7 @@ module.exports = cls => class Reifier extends cls {
         // that we couldn't resolve, this MAY be missing.  if we haven't
         // blown up by now, it's because it was not a problem, though, so
         // just move on.
-        if (!child) {
+        if (!child || !addTree.isTop) {
           continue
         }
 
@@ -1259,6 +1273,63 @@ module.exports = cls => class Reifier extends cls {
       }
     }
 
+    // helper that retrieves an array of nodes that were
+    // potentially updated during the reify process, in order
+    // to limit the number of nodes to check and update, only
+    // select nodes from the inventory that are direct deps
+    // of a given package.json (project root or a workspace)
+    // and in ase of using a list of `names`, restrict nodes
+    // to only names that are found in this list
+    const retrieveUpdatedNodes = names => {
+      const filterDirectDependencies = node =>
+        !node.isRoot && node.resolveParent.isRoot
+        && (!names || names.includes(node.name))
+      const directDeps = this.idealTree.inventory
+        .filter(filterDirectDependencies)
+
+      // traverses the list of direct dependencies and collect all nodes
+      // to be updated, since any of them might have changed during reify
+      const nodes = []
+      for (const node of directDeps) {
+        for (const edgeIn of node.edgesIn) {
+          nodes.push({
+            name: node.name,
+            tree: edgeIn.from.target,
+          })
+        }
+      }
+      return nodes
+    }
+
+    if (save) {
+      // when using update all alongside with save, we'll make
+      // sure to refresh every dependency of the root idealTree
+      if (this[_updateAll]) {
+        const nodes = retrieveUpdatedNodes()
+        updateNodes(nodes)
+      } else {
+        // resolvedAdd is the list of user add requests, but with names added
+        // to things like git repos and tarball file/urls.  However, if the
+        // user requested 'foo@', and we have a foo@file:../foo, then we should
+        // end up saving the spec we actually used, not whatever they gave us.
+        if (this[_resolvedAdd].length) {
+          updateNodes(this[_resolvedAdd])
+        }
+
+        // if updating given dependencies by name, restrict the list of
+        // nodes to check to only those currently in _updateNames
+        if (this[_updateNames].length) {
+          const nodes = retrieveUpdatedNodes(this[_updateNames])
+          updateNodes(nodes)
+        }
+
+        // grab any from explicitRequests that had deps removed
+        for (const { from: tree } of this.explicitRequests) {
+          updatedTrees.add(tree)
+        }
+      }
+    }
+
     // preserve indentation, if possible
     const {
       [Symbol.for('indent')]: indent,
@@ -1291,15 +1362,12 @@ module.exports = cls => class Reifier extends cls {
       await pkgJson.save()
     }
 
-    // grab any from explicitRequests that had deps removed
-    for (const { from: tree } of this.explicitRequests) {
-      updatedTrees.add(tree)
-    }
-
-    for (const tree of updatedTrees) {
-      // refresh the edges so they have the correct specs
-      tree.package = tree.package
-      promises.push(updatePackageJson(tree))
+    if (save) {
+      for (const tree of updatedTrees) {
+        // refresh the edges so they have the correct specs
+        tree.package = tree.package
+        promises.push(updatePackageJson(tree))
+      }
     }
 
     await Promise.all(promises)

package/lib/shrinkwrap.js

@@ -424,6 +424,18 @@ class Shrinkwrap {
       .map(fn => fn && maybeStatFile(fn)))
   }
 
+  inferFormattingOptions (packageJSONData) {
+    // don't use detect-indent, just pick the first line.
+    // if the file starts with {" then we have an indent of '', ie, none
+    // which will default to 2 at save time.
+    const {
+      [Symbol.for('indent')]: indent,
+      [Symbol.for('newline')]: newline,
+    } = packageJSONData
+    this.indent = indent !== undefined ? indent : this.indent
+    this.newline = newline !== undefined ? newline : this.newline
+  }
+
   load () {
     // we don't need to load package-lock.json except for top of tree nodes,
     // only npm-shrinkwrap.json.
@@ -451,15 +463,7 @@ class Shrinkwrap {
 
       return data ? parseJSON(data) : {}
     }).then(async data => {
-      // don't use detect-indent, just pick the first line.
-      // if the file starts with {" then we have an indent of '', ie, none
-      // which will default to 2 at save time.
-      const {
-        [Symbol.for('indent')]: indent,
-        [Symbol.for('newline')]: newline,
-      } = data
-      this.indent = indent !== undefined ? indent : this.indent
-      this.newline = newline !== undefined ? newline : this.newline
+      this.inferFormattingOptions(data)
 
       if (!this.hiddenLockfile || !data.packages) {
         return data

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@npmcli/arborist",
-  "version": "4.2.0",
+  "version": "4.2.1",
   "description": "Manage node_modules trees",
   "dependencies": {
     "@isaacs/string-locale-compare": "^1.1.0",
@@ -12,7 +12,7 @@
     "@npmcli/node-gyp": "^1.0.3",
     "@npmcli/package-json": "^1.0.1",
     "@npmcli/run-script": "^2.0.0",
-    "bin-links": "^2.3.0",
+    "bin-links": "^3.0.0",
     "cacache": "^15.0.3",
     "common-ancestor-path": "^1.0.1",
     "json-parse-even-better-errors": "^2.3.1",
@@ -37,7 +37,7 @@
     "walk-up-path": "^1.0.0"
   },
   "devDependencies": {
-    "@npmcli/template-oss": "^2.3.1",
+    "@npmcli/template-oss": "^2.4.2",
     "benchmark": "^2.1.4",
     "chalk": "^4.1.0",
     "minify-registry-metadata": "^2.1.0",
@@ -94,9 +94,11 @@
   "engines": {
     "node": "^12.13.0 || ^14.15.0 || >=16"
   },
-  "templateVersion": "2.3.1",
   "eslintIgnore": [
     "test/fixtures/",
     "!test/fixtures/*.js"
-  ]
+  ],
+  "templateOSS": {
+    "version": "2.4.3"
+  }
 }