diff options
author | Rebecca Turner <me@re-becca.org> | 2018-04-13 00:47:16 +0300 |
---|---|---|
committer | Rebecca Turner <me@re-becca.org> | 2018-04-13 03:08:52 +0300 |
commit | d44fd5b1a4e1c66beef696c91b164dc88703fbc1 (patch) | |
tree | f47e6da0745a241aff0f3497a8158da433bde4bd /changelogs | |
parent | 5f6212b65012e52da7d401bdb797a8e57d0ef02c (diff) |
doc: update changelog for npm@5.10.0
Diffstat (limited to 'changelogs')
-rw-r--r-- | changelogs/CHANGELOG-5.md | 129 |
1 files changed, 129 insertions, 0 deletions
diff --git a/changelogs/CHANGELOG-5.md b/changelogs/CHANGELOG-5.md index 6306063ee..af04f4d11 100644 --- a/changelogs/CHANGELOG-5.md +++ b/changelogs/CHANGELOG-5.md @@ -1,3 +1,132 @@ +## v5.10.0 (2018-04-12): + +### NEW FEATURES + +* [`32ec2f54b`](https://github.com/npm/npm/commit/32ec2f54b2ad7370f2fd17e6e2fbbb2487c81266) + [#20257](https://github.com/npm/npm/pull/20257) + Add shasum and integrity to the new `npm view` output. + ([@zkat](https://github.com/zkat)) +* [`a22153be2`](https://github.com/npm/npm/commit/a22153be239dfd99d87a1a1c7d2c3700db0bebf3) + [#20126](https://github.com/npm/npm/pull/20126) + Add `npm cit` command that's equivalent of `npm ci && npm t` that's equivalent of `npm it`. + ([@SimenB](https://github.com/SimenB)) + +### BUG FIXES + +* [`089aeaf44`](https://github.com/npm/npm/commit/089aeaf4479f286b1ce62716c6442382ff0f2150) + Fix a bug where OTPs passed in via the commandline would have leading + zeros deleted resulted in authentication failures. + ([@iarna](https://github.com/iarna)) +* [`6eaa860ea`](https://github.com/npm/npm/commit/6eaa860ead3222a6dbd6d370b4271e7bf242b30b) + Eliminate direct use of `new Buffer` in `npm`. While the use of it in `npm` was safe, there + are two other reasons for this change: + + 1. Node 10 emits warnings about its use. + 2. Users who require npm as a library (which they definitely should not do) + can call the functions that call `new Buffer` in unsafe ways, if they try + really hard. + + ([@iarna](https://github.com/iarna)) + +* [`85900a294`](https://github.com/npm/npm/commit/85900a2944fed14bc8f59c48856fb797faaafedc) + Starting with 5.8.0 the `requires` section of the lock-file saved version ranges instead of + specific versions. Due to a bug, further actions on the same lock-file would result in the + range being switched back to a version. This corrects that, keeping ranges when they appear. + ([@iarna](https://github.com/iarna)) +* [`0dffa9c2a`](https://github.com/npm/npm/commit/0dffa9c2ae20b669f65c8e596dafd63e52248250) + [`609d6f6e1`](https://github.com/npm/npm/commit/609d6f6e1b39330b64ca4677a531819f2143a283) + [`08f81aa94`](https://github.com/npm/npm/commit/08f81aa94171987a8e1b71a87034e7b028bb9fc7) + [`f8b76e076`](https://github.com/npm/npm/commit/f8b76e0764b606e2c129cbaa66e48ac6a3ebdf8a) + [`6d609822d`](https://github.com/npm/npm/commit/6d609822d00da7ab8bd05c24ec4925094ecaef53) + [`59d080a22`](https://github.com/npm/npm/commit/59d080a22f7314a8e4df6e4f85c84777c1e4be42) + Restore the ability to bundle dependencies that are uninstallable from the + registry. This also eliminates needless registry lookups for bundled + dependencies. + + Fixed a bug where attempting to install a dependency that is bundled + inside another module without reinstalling that module would result in + ENOENT errors. + ([@iarna](https://github.com/iarna)) +* [`db846c2d5`](https://github.com/npm/npm/commit/db846c2d57399f277829036f9d96cd767088097e) + [#20029](https://github.com/npm/npm/pull/20029) + Allow packages with non-registry specifiers to follow the fast path that + the we use with the lock-file for registry specifiers. This will improve install time + especially when operating only on the package-lock (`--package-lock-only`). + + ([@zkat](https://github.com/zkat)) + + Fix the a bug where `npm i --only=prod` could remove development + dependencies from lock-file. + ([@iarna](https://github.com/iarna)) +* [`3e12d2407`](https://github.com/npm/npm/commit/3e12d2407446661d3dd226b03a2b6055b7932140) + [#20122](https://github.com/npm/npm/pull/20122) + Improve the update-notifier messaging (borrowing ideas from pnpm) and + eliminate false positives. + ([@zkat](https://github.com/zkat)) +* [`f18be9b39`](https://github.com/npm/npm/commit/f18be9b39888d05c7f98946c53214f40914f6284) + [#20154](https://github.com/npm/npm/pull/20154) + Let version succeed when `package-lock.json` is gitignored. + ([@nwoltman](https://github.com/nwoltman)) +* [`ced29253d`](https://github.com/npm/npm/commit/ced29253df6c6d67e4bf47ca83e042db4fb19034) + [#20212](https://github.com/npm/npm/pull/20212) + Ensure that we only create an `etc` directory if we are actually going to write files to it. + ([@buddydvd](https://github.com/buddydvd)) +* [`8e21b19a8`](https://github.com/npm/npm/commit/8e21b19a8c5e7d71cb51f3cc6a8bfaf7749ac2c5) + [#20140](https://github.com/npm/npm/pull/20140) + Note in documentation that `package-lock.json` version gets touched by `npm version`. + ([@srl295](https://github.com/srl295)) +* [`5d17c87d8`](https://github.com/npm/npm/commit/5d17c87d8d27caeac71f291fbd62628f2765fda2) + [#20032](https://github.com/npm/npm/pull/20032) + Fix bug where unauthenticated errors would get reported as both 404s and + 401s, i.e. `npm ERR! 404 Registry returned 401`. In these cases the error + message will now be much more informative. + ([@iarna](https://github.com/iarna)) +* [`05ff6c9b1`](https://github.com/npm/npm/commit/05ff6c9b14cb095988b768830e51789d6b6b8e6e) + [#20082](https://github.com/npm/npm/pull/20082) + Allow optional @ prefix on scope with `npm team` commands for parity with other commands. + ([@bcoe](https://github.com/bcoe)) +* [`6bef53891`](https://github.com/npm/npm/commit/6bef538919825b8cd2e738333bdd7b6ca2e2e0e3) + [#19580](https://github.com/npm/npm/pull/19580) + Improve messaging when two-factor authentication is required while publishing. + ([@jdeniau](https://github.com/jdeniau)) +* [`155dab2bd`](https://github.com/npm/npm/commit/155dab2bd7b06724eca190abadd89c9f03f85446) + Fix a bug where optional status of a dependency was not being saved to + the package-lock on the initial install. + ([@iarna](https://github.com/iarna)) +* [`8d6a4cafc`](https://github.com/npm/npm/commit/8d6a4cafc2e6963d9ec7c828e1af6f2abc12e7f3) + [`a0937e9af`](https://github.com/npm/npm/commit/a0937e9afe126dce7a746c1a6270b1ac69f2a9b3) + Ensure that `--no-optional` does not remove optional dependencies from the lock-file. + ([@iarna](https://github.com/iarna)) + +### DEPENDENCY UPDATES + +* [`8baa37551`](https://github.com/npm/npm/commit/8baa37551945bc329a6faf793ec5e3e2feff489b) + [zkat/cipm#46](https://github.com/zkat/cipm/pull/46) + `libcipm@1.6.2`: + Detect binding.gyp for default install lifecycle. Let's `npm ci` work on projects that + have their own C code. + ([@caleblloyd](https://github.com/caleblloyd)) +* [`323f74242`](https://github.com/npm/npm/commit/323f74242066c989f7faf94fb848ff8f3b677619) + [zkat/json-parse-better-errors#1](https://github.com/zkat/json-parse-better-errors/pull/1) + `json-parse-better-errors@1.0.2` + ([@Hoishin](https://github.com/Hoishin)) +* [`d0cf1f11e`](https://github.com/npm/npm/commit/d0cf1f11e5947446f74881a3d15d6a504baea619) + `readable-stream@2.3.6` + ([@mcollina](https://github.com/mcollina)) +* [`9e9fdba5e`](https://github.com/npm/npm/commit/9e9fdba5e7b7f3a1dd73530dadb96d9e3445c48d) + `update-notifier@2.4.0` + ([@sindersorhus](https://github.com/sindersorhus)) +* [`57fa33870`](https://github.com/npm/npm/commit/57fa338706ab122ab7e13d2206016289c5bdacf3) + `marked@0.3.1` + ([@joshbruce](https://github.com/joshbruce)) +* [`d2b20d34b`](https://github.com/npm/npm/commit/d2b20d34b60f35eecf0d51cd1f05de79b0e15096) + [#20276](https://github.com/npm/npm/pull/20276) + `node-gyp@3.6.2` +* [`2b5700679`](https://github.com/npm/npm/commit/2b5700679fce9ee0c24c4509618709a4a35a3d27) + [zkat/npx#172](https://github.com/zkat/npx/pull/172) + `libnpx@10.1.1` + ([@jdalton](https://github.com/jdalton)) + ## v5.9.0 (2018-03-23): Coming to you this week are a fancy new package view, pack/publish previews |