Closed JamesPatrickGill closed 1 year ago
@JamesPatrickGill Do you mind adding tests to cover the use cases?
And an example for noobies like me 🙏🏻
:tada: This PR is included in version 1.48.2 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
This addition, means that we further fix indexing into the pkg lock
packages
option when a dependency has a number of similar candidates.When npm resolves packages for npm-lock-v2 it uses some scoping rules to make unique entries for the packages objct in the lockfile. We must then choose the correct key when we are resolving this ourselves. We were missing a case where we have two similar length keys that did not have the entire ancestry hierarchy in them.
To fix this we are now looking for the resolution to at least all it's parent in our ancestry of the package we are currently evaluating. This narrows it down in most scenarios.