| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
feat: add --replace-registry-host=<npmjs|always|never>|<hostname>
|
|
|
|
new webAuthn flow (#5243)
|
|
Co-authored-by: Gar <gar+gh@danger.computer>
|
|
(#5233)
by passing in the edge we can determine if the edge is overridden, and if it is the path we want to return is the project root since that's what user's will have define their overrides relative to
|
|
overrides (#5227)
when we examine override references, if we look at only `this.from.root.package` the root could actually be a virtual one. in order to ensure we resolve references from the real root, we instead need to look at `this.from.sourceReference.root.package` to get the correct value.
closes #4395
|
|
Use the full proper name of Travis CI
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
|
|
checking if its a workspace (#5164)
|
|
|
|
|
|
|
|
|
|
|
|
* docs: describe implicit workspace and prefix configuration
* Update docs/content/using-npm/workspaces.md
Co-authored-by: Gar <gar+gh@danger.computer>
Co-authored-by: Luke Karrys <luke@lukekarrys.com>
Co-authored-by: Gar <gar+gh@danger.computer>
|
|
* fix: allow link from path with hash character
* fix: allow hash character in path in other places
* Remove extra semicolon
|
|
|
|
|
|
|
|
* docs: update commit-ish default branch
To match with https://github.com/npm/cli/blob/latest/docs/content/using-npm/developers.md#what-is-a-package
|
|
This also changes all the log messages about not being able to create
initial directories and files to `log.verbose` since we know run those
commands on init. There are a lot of valid reasons why those might fail,
and we don't want to show a warning for them every time.
Fixes: #4769
Fixes: #4838
Fixes: #4996
|
|
|
|
|
|
|
|
* feat: Add support for web auth, utilizing code from npm-profile
Co-authored-by: Jordan Harband <ljharb@gmail.com>
Co-authored-by: Hayden Faulds <fauldsh@gmail.com>
Co-authored-by: Sandeep Meduru <sandeepmeduru@github.com>
|
|
Update info on coverage too, it's auto-enforce now no separate command
needed.
|
|
|
|
* store link header in cached responses
|
|
arborist normalizes `bundledDependencies` to `bundleDependencies`, this change corrects the documentation to match that reality
|
|
|
|
It is not supposed to be there, in that it doesn't get any updates and
gets in the way of logging messages. We already log the server we are
publishing to in the `notice` headers so the one `http` log message that
we get during publish isn't needed on stdout.
|
|
fix: Update docs for audit signatures cmd
Update command documentation for `npm audit signatures` added in this PR:
https://github.com/npm/cli/pull/4827
|
|
Closes #4765
RFC: https://github.com/npm/rfcs/pull/591
While this doesn't directly allow top-level cert/key as credentials (per the
original issue), it's a more targeted/secure approach that accomplishes the
same end-result; the new options are scoped to a specific registry, and the
actual cert/key contents are much less likely to be exposed. See the RFC for
more context.
Depends on:
* https://github.com/npm/npm-registry-fetch/pull/125
* https://github.com/npm/config/pull/69
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Some folks may be running older versions of npm globally, or maybe even
have aliased another package manager to `npm`. This will ensure the
latest npm source is running when developing the cli itself.
|
|
|
|
|
|
|
|
|
|
|
|
* unique filename for temporary script files
* correctly translate paths when using bash in windows
|
|
|
|
|
