diff --git a/.changeset/petite-cloths-hunt.md b/.changeset/petite-cloths-hunt.md
new file mode 100644
index 00000000..c67df811
--- /dev/null
+++ b/.changeset/petite-cloths-hunt.md
@@ -0,0 +1,5 @@
+---
+"@nodesecure/mama": patch
+---
+
+fix(mama): include optional deps in pkg json integrity hash
diff --git a/workspaces/mama/src/utils/integrity-hash.ts b/workspaces/mama/src/utils/integrity-hash.ts
index 361a2b55..30798164 100644
--- a/workspaces/mama/src/utils/integrity-hash.ts
+++ b/workspaces/mama/src/utils/integrity-hash.ts
@@ -50,7 +50,7 @@ export function packageJSONIntegrityHash(
   const object: PackageJSONIntegrityObject = {
     name,
     version,
-    dependencies,
+    dependencies: document?.optionalDependencies ? { ...dependencies, ...document.optionalDependencies } : dependencies,
     license,
     /**
      * Note: NPM registry automatically add `./node_modules/.bin/` to scripts
diff --git a/workspaces/mama/test/packageJSONIntegrityHash.spec.ts b/workspaces/mama/test/packageJSONIntegrityHash.spec.ts
index 5e91d410..e41af1f4 100644
--- a/workspaces/mama/test/packageJSONIntegrityHash.spec.ts
+++ b/workspaces/mama/test/packageJSONIntegrityHash.spec.ts
@@ -64,4 +64,30 @@ describe("packageJSONIntegrityHash", () => {
       );
     }
   });
+
+  test("should include optional dependencies in the hash when there is some", () => {
+    const packageJSONWithOptionalDeps = {
+      ...kMinimalPackageJSON,
+      optionalDependencies: {
+        canvas: "^2.11.0"
+      }
+    };
+
+    const expectedObject = {
+      ...kMinimalPackageJSON,
+      dependencies: {
+        canvas: "^2.11.0"
+      },
+      scripts: {},
+      license: "NONE"
+
+    };
+
+    const expectedIntegrity = hash(expectedObject);
+
+    const { integrity, object } = packageJSONIntegrityHash(packageJSONWithOptionalDeps, { isFromRemoteRegistry: true });
+
+    assert.deepEqual(object, expectedObject);
+    assert.strictEqual(integrity, expectedIntegrity);
+  });
 });