diff --git a/build-tools/packages/build-cli/package.json b/build-tools/packages/build-cli/package.json index f217862ffea4..527b8ecdedb1 100644 --- a/build-tools/packages/build-cli/package.json +++ b/build-tools/packages/build-cli/package.json @@ -123,7 +123,7 @@ "mdast-util-heading-range": "^4.0.0", "mdast-util-to-string": "^4.0.0", "minimatch": "^10.1.1", - "npm-check-updates": "^16.14.20", + "npm-check-updates": "^17.1.18", "oclif": "^4.22.50", "picocolors": "^1.1.1", "prettier": "~3.2.5", diff --git a/build-tools/packages/build-cli/src/library/package.ts b/build-tools/packages/build-cli/src/library/package.ts index 6b006d18512c..6afb71c519d7 100644 --- a/build-tools/packages/build-cli/src/library/package.ts +++ b/build-tools/packages/build-cli/src/library/package.ts @@ -25,8 +25,6 @@ import execa from "execa"; import { readJsonSync } from "fs-extra/esm"; import latestVersion from "latest-version"; import ncu from "npm-check-updates"; -import type { Index } from "npm-check-updates/build/src/types/IndexType.js"; -import type { VersionSpec } from "npm-check-updates/build/src/types/VersionSpec.js"; import * as semver from "semver"; import { AllPackagesSelectionCriteria, @@ -149,7 +147,7 @@ export async function npmCheckUpdates( log?.verbose(`Checking packages in ${path.join(repoPath, glob)}`); // eslint-disable-next-line no-await-in-loop - const result = (await ncu.run({ + const result: unknown = await ncu.run({ filter: depsToUpdate, cwd: repoPath, packageFile: glob === "" ? "package.json" : `${glob}/package.json`, @@ -159,16 +157,18 @@ export async function npmCheckUpdates( jsonUpgraded: true, silent: true, peer: true, - })) as Index; + }); - if (typeof result !== "object") { + if (typeof result !== "object" || result === null) { throw new TypeError(`Expected an object: ${typeof result}`); } // npm-check-updates returns different data depending on how many packages were updated. This code detects the // two main cases: a single package or multiple packages. if (glob.endsWith("*")) { - for (const [pkgJsonPath, upgradedDeps] of Object.entries(result)) { + // With glob patterns, result is Record> (path → upgraded deps) + const resultRecord = result as Record>; + for (const [pkgJsonPath, upgradedDeps] of Object.entries(resultRecord)) { const jsonPath = path.join(repoPath, pkgJsonPath); // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment const { name } = readJsonSync(jsonPath); @@ -188,6 +188,8 @@ export async function npmCheckUpdates( } } } else { + // Without glob, result is Record (dep → new range) + const resultRecord = result as Record; const jsonPath = path.join(repoPath, glob, "package.json"); // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment const { name } = readJsonSync(jsonPath); @@ -197,12 +199,12 @@ export async function npmCheckUpdates( continue; } - for (const [dep, newRange] of Object.entries(result)) { + for (const [dep, newRange] of Object.entries(resultRecord)) { upgradeLogLines.add(indentString(`${dep}: '${newRange}'`)); updatedDependencies[dep] = newRange; } - if (Object.keys(result).length > 0) { + if (Object.keys(resultRecord).length > 0) { updatedPackages.push(pkg); } } diff --git a/build-tools/pnpm-lock.yaml b/build-tools/pnpm-lock.yaml index e02cd8530bf8..1a6122cfa624 100644 --- a/build-tools/pnpm-lock.yaml +++ b/build-tools/pnpm-lock.yaml @@ -215,8 +215,8 @@ importers: specifier: ^10.1.1 version: 10.1.1 npm-check-updates: - specifier: ^16.14.20 - version: 16.14.20 + specifier: ^17.1.18 + version: 17.1.18 oclif: specifier: ^4.22.50 version: 4.22.50(@types/node@22.19.1) @@ -4600,6 +4600,11 @@ packages: engines: {node: '>=14.14'} hasBin: true + npm-check-updates@17.1.18: + resolution: {integrity: sha512-bkUy2g4v1i+3FeUf5fXMLbxmV95eG4/sS7lYE32GrUeVgQRfQEk39gpskksFunyaxQgTIdrvYbnuNbO/pSUSqw==} + engines: {node: ^18.18.0 || >=20.0.0, npm: '>=8.12.1'} + hasBin: true + npm-install-checks@6.1.1: resolution: {integrity: sha512-dH3GmQL4vsPtld59cOn8uY0iOqRmqKvV+DLGwNXV/Q7MDgD2QfOADWd/mFXcIE5LVhYYGjA3baz6W9JneqnuCw==} engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} @@ -10574,6 +10579,8 @@ snapshots: - bluebird - supports-color + npm-check-updates@17.1.18: {} + npm-install-checks@6.1.1: dependencies: semver: 7.7.3