Closed xzhou-snyk closed 1 year ago
In our old logic, we assume that the workspaces section in the package.json file would be one of the following:
workspaces
package.json
{ "workspaces": ["packageA/**", "packageB/**"] } { workspaces: { "packages": ["packageA/**", "packageB/**"] } }
But there could be situations that this assumption doesn't hold, in which case our code fails because we can't iterate on a non-array object. For example, it is possible that one declares only information about nohoist, e.g.
nohoist
{ "workspaces": { "nohoist": ["packageA/**", "packageB/**"] } }
This PR strengthens the array type check on workspaces and workspaces.packages to make sure no error would be thrown.
workspaces.packages
:tada: This PR is included in version 1.43.1 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
In our old logic, we assume that the
workspaces
section in thepackage.json
file would be one of the following:But there could be situations that this assumption doesn't hold, in which case our code fails because we can't iterate on a non-array object. For example, it is possible that one declares only information about
nohoist
, e.g.This PR strengthens the array type check on
workspaces
andworkspaces.packages
to make sure no error would be thrown.