Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
* chore(latest): release libnpmexec 4.0.4
* deps: libnpmexec@4.0.4
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: npm cli ops bot <ops+npm-cli@npmjs.com>
|
|
* chore(latest): release arborist 5.1.0
* deps: @npmcli/arborist@5.1.0
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: npm cli ops bot <ops+npm-cli@npmjs.com>
|
|
Co-authored-by: Marco Tizzoni <marco.tizzoni@ecb.europa.eu>
|
|
|
|
Fixes the proper path location to use when targetting specific
workspaces.
Fixes: https://github.com/npm/cli/issues/3520
Relates to: https://github.com/npm/statusboard/issues/403
|
|
This code wasn't doing anything special, just dereferencing `name` from
a packument. There is no need for this to exist.
Most of the tests were able to handle having this go away, except for
`npm owner` which had to have its tests rewritten to be real, which of
course surfaced bugs along the way of behavior that was incorrectly
being tested. `npm owner` needs some love to clean up its UX, it throws
or returns inconsistently. I did fix it so that if there is no
package.json in cwd it errored as expected instead of throwing `ENOENT`
which is what it did before.
|
|
Throws an usage error if finding an invalid argument in global install.
Fixes: https://github.com/npm/cli/issues/3029
|
|
|
|
We don't usually include the commit body in the release notes, so this
removes it from the output by default. It's now behind the
`--format=long` flag, and the command can be rerun with that in case we
need the full commit body sometimes.
Also do an extra check for PR references in titles, since squashed PRs
don't always include the `associatedPullRequests`.
|
|
|
|
It should happen whenever we read a manifest anyways.
Tests were also rewritten to be real.
|
|
Refactor / clean up of the logic around reading installed
packages. Fixes reading packages from mixed sources (one being
from the local installed tree and the other from the registry
using pacote.manifest).
Makes it so that libnpmexec is always reading from the
Arborist actual tree instead of reading `node_modules` from
the file system when retrieving local package data.
Fixes: https://github.com/npm/cli/issues/3668
Relates to: https://github.com/npm/cli/pull/4643
Relates to: https://github.com/npm/cli/issues/4619
Relates to: https://github.com/npm/statusboard/issues/403
|
|
|
|
|
|
|
|
|
|
when set, installLinks instructs arborist to pack and extract a file:
dependency rather than creating a symlink to it. this has the effect of
also installing the dependencies for the linked dependency, though if
local changes are made it also requires the user to reinstall the
package
|
|
Link target from the root
|
|
|
|
|
|
3 deps are gone now, and there's a new workspace
|
|
Found a bug refactoring the tests.
libnpmaccess mutates the response from the server, and the completion
code was not looking for the right value.
|
|
You cannot use a secret as part of an if expression in actions
|
|
|
|
|
|
|
|
|
|
target
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This makes `npm ls` use the same logic as other commands (eg `outdated`)
when parsing config items that filter the output based on package type.
Previously `--development` and `--production` has special semantics when
used with `npm ls` that were inconsistent with the rest of the CLI. To
achieve the same behavior as these deprecated flags use:
- in place of `--development` use `--omit peer --omit prod --omit optional`
- in place of `--production` use `--omit dev --omit peer`
Fixes #4739
|
|
|
|
chalk is already in use elsewhere and does what we need
|
|
cacache appears to not write everything to the cache by the time doctor
is checking permissions. This limits the permissions error to a single
directory that we know exists by the time the checks run.
|
|
They mock real registry calls now
|
|
|
|
|
|
When generating an audit report, a cache of seen advisories is kept to
avoid doing any repeat fanout work on its nodes. Previously this cache
was also preventing audits from being added to the report. This has been
fixed so the cache is only used to prevent extra work, but all valid
advisories are added to the output.
Fixes #4681
|
|
|
|
|
|
Fixes #4317
|
|
|