Open rus0000 opened 7 years ago
Thanks for the issue, I'll have to think on this one.. This was added because it can cause an infinite loop if there are circular dependencies. The issue here is that the nsp
package has an npm-shrinkwrap.json
file that prohibits it from using the updated version of ansi-regex
.
I'll have to look into seeing how I can trap the infinite loop so that I can remove this.
https://github.com/davglass/license-checker/blob/master/lib/index.js#L45 Here, to avoid circular dependencies traversal we also avoid to scan same package version twice.
read-installed module returns package dependencies as they are resolved by Node module loading mechanism. This mechanism allows to have same package version to be loaded with different dependency tree. That means we should analyze same package version again, even if it already was processed.
Steps to reproduce
ansi-regex@2.0.0 is missed from license-checker, because chalk@1.1.3 is not processed twice.