fix(arborist): safeguard against null node.target in flag calculation #7579
Conversation
|
This needs a test. It's one thing to say the code can get into this situation, it's another to know why and show it in tests. |
|
If I'm understanding this PR correctly, when npm encounters an invalid tree (i.e. an incomplete linking) it will now ignore it? I don't know if this is what we want. Folks are going to have an even tougher time figuring out why things aren't working in this situation. npm will not give any errors, but their code is not going to work properly when requiring those dependencies. |
|
When I run into this category of problem, everything about my code works fine when i patch npm to not throw on a null node.target, fwiw. |
|
Is there any overlap here with #7588? |
I'm not sure if I can call that invalid tree, because everything about the code will work fine when we apply the patch or, use pnpm or yarn. the target can be null in some deps, mostly private packages and local deps. check out the issues I mentioned in this PR. |
|
Thanks for your patience on this. I think it's ready to land. |
If a node represents a symbolic link or a file dep (node.isLink is true), its target is expected to reference another node in the dependency tree. If the linking is not done correctly or is incomplete, node.target might be null.
in this PR, a null check is added to ensure node.target is not null or before proceeding, which will prevent causing errors like:
npm error Cannot set properties of null (setting 'peer')References
Related to #7065,
Fixes #6622, #5007,
Closes #6622, #5007