Skip to content

fix(arborist): fix peerOptional dependency resolution in buildIdealTree#8981

Open
Saibamen wants to merge 3 commits intonpm:latestfrom
Saibamen:fix_#8726
Open

fix(arborist): fix peerOptional dependency resolution in buildIdealTree#8981
Saibamen wants to merge 3 commits intonpm:latestfrom
Saibamen:fix_#8726

Conversation

@Saibamen
Copy link

@Saibamen Saibamen commented Feb 16, 2026
edited
Loading

Fixes #8726

Tested on Windows & NodeJS v24.12.0 with package.json from #8726 (comment):

{
  "name": "testcase",
  "version": "1.0.0",
  "devDependencies": {
    "addons-linter": "6.13.0",
    "htmlhint": "1.1.4"
  }
}

@Saibamen Saibamen requested a review from a team as a code owner February 16, 2026 16:32
@Saibamen Saibamen mentioned this pull request Feb 16, 2026
Open
@Saibamen Saibamen changed the title Fix #8726 fix: skip invalid peerOptional edges in buildIdealTree problem detection Feb 16, 2026
ro0NL
ro0NL reviewed Feb 16, 2026
View reviewed changes
Copy link

@ro0NL ro0NL left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@Saibamen
Copy link
Author

Saibamen commented Feb 16, 2026

FYI: Right now, this PR fixes only npm ci after npm install.

package-lock.json file still has node_modules/node-fetch version 2.7.0 instead of 2.6.11 after first call to npm install.

I will try to fix this too.

@Saibamen @cursoragent
fix(arborist): re-queue nodes when newly placed dep invalidates peerO…
bae3f74 
…ptional

When a dependency is placed (OK) and creates an invalid peerOptional
edge with an already-processed node, re-queue that node for
re-resolution. This handles the case where the peerOptional holder
is processed before the dep exists in the tree (due to alphabetical
processing order), and the dep is later placed by another path with
a version that doesn't satisfy the peer spec.

Also adds npm install tests for issue npm#8726 covering both the
existing-lockfile and fresh-install (no lockfile) scenarios.

Refs: npm#8726
Co-authored-by: Cursor <cursoragent@cursor.com>
@Saibamen
Copy link
Author

Saibamen commented Feb 16, 2026

Now npm install produces a correct package-lock.json file.

@Saibamen Saibamen changed the title fix: skip invalid peerOptional edges in buildIdealTree problem detection fix(arborist): fix peerOptional dependency resolution in buildIdealTree Feb 16, 2026
@Saibamen Saibamen changed the title fix(arborist): fix peerOptional dependency resolution in buildIdealTree fix(arborist): fix peerOptional dependency resolution in buildIdealTree Feb 16, 2026
@GirlBossRush GirlBossRush mentioned this pull request Feb 17, 2026
Open
@owlstronaut owlstronaut self-assigned this Feb 17, 2026
owlstronaut
owlstronaut requested changes Feb 17, 2026
View reviewed changes
Copy link
Contributor

@owlstronaut owlstronaut left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you unwrap the multi-line comments so each sentence/paragraph is on a single line? We avoid hard-wrapping prose in comments for accessibility as it doesn't play well with screen readers (we've been slowly converting the codebase to that anyway, it is still pretty prevalent)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@owlstronaut owlstronaut owlstronaut requested changes

+1 more reviewer

@ro0NL ro0NL ro0NL left review comments

Reviewers whose approvals may not affect merge requirements

Requested changes must be addressed to merge this pull request.

Assignees

@owlstronaut owlstronaut

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BUG] npm ci fails because npm install produces an out-of-sync lockfile (regression since v7.0.9)

3 participants

@Saibamen @owlstronaut @ro0NL