This repository has been archived by the owner on Feb 18, 2021. It is now read-only.
Too aggressive in deleting new dependencies of unchanged packages #62
Comments
|
The simplest way to implement this is to:
Actually implementing the proper detection of whether a nested dependency churn is churn or not is hard. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
If shrinkwrap sync encounters a new dependency on disk even though the version of the dependee did not change from the previous shrinkwrap, it assumes that it was introduced because of install churn. However, the dependency was originally not installed because a parent package already had a copy, and that parent changed in such a way that it no longer depended upon the dependency, it would be necessary for the dependency to be introduced. npm-shrinkwrap needs to not delete the dependency in this case.
The text was updated successfully, but these errors were encountered: