| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
In preparation for @npmcli/eslint-config@3.1.0
|
|
|
|
Lots of bugfixes here, we properly parse ranges and versions, and we
also now work with git repos and gists, and know when they are already
installed.
|
|
feat: add --replace-registry-host=<npmjs|always|never>|<hostname>
|
|
new webAuthn flow (#5243)
|
|
Co-authored-by: Gar <gar+gh@danger.computer>
|
|
This also changes all the log messages about not being able to create
initial directories and files to `log.verbose` since we know run those
commands on init. There are a lot of valid reasons why those might fail,
and we don't want to show a warning for them every time.
Fixes: #4769
Fixes: #4838
Fixes: #4996
|
|
* feat: Add support for web auth, utilizing code from npm-profile
Co-authored-by: Jordan Harband <ljharb@gmail.com>
Co-authored-by: Hayden Faulds <fauldsh@gmail.com>
Co-authored-by: Sandeep Meduru <sandeepmeduru@github.com>
|
|
Closes #4765
RFC: https://github.com/npm/rfcs/pull/591
While this doesn't directly allow top-level cert/key as credentials (per the
original issue), it's a more targeted/secure approach that accomplishes the
same end-result; the new options are scoped to a specific registry, and the
actual cert/key contents are much less likely to be exposed. See the RFC for
more context.
Depends on:
* https://github.com/npm/npm-registry-fetch/pull/125
* https://github.com/npm/config/pull/69
|
|
|
|
|
|
|
|
(#4960)
Prompt before opening web-login URL when performing login/adduser
|
|
Many of our commands parse their args via
[npm-package-arg](https://npm.im/npm-package-arg), which is a good
standard way of parsing a "package" argument. However the docs
surrounding these args are not very consistent. This can lead to
confusion in commands such as `npm publish` where the behavior is
slightly different than in the past due to this.
This adds a new help command `npm help package-spec` that describes what
this argument is, and can be, and also updates all the commands that
interpret their args this with to refer to them as `<package-spec>`. It
also adds a link to the new help page on their docs pages.
|
|
|
|
* feat: Add --use-webauth flag
* Add docs
* Switch from a separate flag to a variation of auth-type
* Update snapshot
|
|
|
|
|
|
* feat(arborist): added flag to omit lockfile resolved
* feat: add flag --omit-lockfile-registry-resolved
Co-authored-by: Caleb ツ Everett <calebev@amazon.com>
|
|
|
|
All three of these commands do the same thing: open a manifest and find
a url inside to open it. The finding of that manifest was not very
consistent across these three commands. Some work with workspaces while
others don't. Some work correctly with `--prefix` while others don't.
This PR consolidates these commands so that they all are consistent in
how they find the manifest being referenced. The specifics of which url
they open are still left to each command. The util that only these
three commands were using was consolidated into their base class.
|
|
Turns out there were three files that still had no test coverage because
of the combination of the mocks in tests and the coverage map. Removing
the map altogether exposed them.
This PR removes the coverage map and fixes test to cover all lines that
were being missed.
While adding coverage to the `npm search` codebase multiple unneeded
guards and at least one bug was found (it was impossible to exclude
searches based on username). These were fixed.
The `npm view` tests were also refactored to use the real npm object.
Finally, a small inlining of lib/utils/file-exists.js was done.
|
|
As of npm@7, extraneous modules are always auto pruned
|
|
|
|
|
|
|
|
|
|
Do not pass the `if-present` env config value to spawned processes.
Fixes: https://github.com/npm/cli/issues/3352
Close: https://github.com/npm/cli/pull/3589
|
|
|
|
.substr() is deprecated so we replace it with .slice() which works similarily but isn't deprecated
Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
|
|
It was only ever used by `npm edit` so it's inline now.
Rewrote `npm edit` tests to be real
|
|
|
|
|
|
|
|
|
|
|
|
Each command now signals whether or not it is a shellout
|
|
* fix: 100% coverage in tests
* Removed dead code in `lib/utils/usage.js`.
* Removed dead code in `lib/base-command.js`.
* Removed "load-all" test, we currently have 100% coverage and new PRs
without tests will be rejected if they don't add coverage for new
files.
* Removed `check-coverage` script as a separate command.
* Removed separate coverage test in ci.yml.
* Removed `coverage` flag from tap config, the default is already to
enforce 100% coverage.
Removed a tiny bit of dead code resulting from this
* fix: clean up usage output
Removed usage lib, rolled logic into base-command.js
Cleaned up usage output to be less redundant
|
|
This also allows logs-max to be set to 0 to disable log file writing.
Closes #4466
Closes #4206
|
|
Adds a minimalistic reify step that updates the installed tree after a
version change within one of the configured workspaces when using any
of the workspaces config options.
It's also possible to use the `--save` config option in order to
auto update semver ranges of dependencies declarations accross dependent
`package.json` files.
Fixes: https://github.com/npm/cli/issues/3403
Relates to: https://github.com/npm/rfcs/issues/556
Relates to: https://github.com/npm/cli/issues/3757
Relates to: https://github.com/npm/cli/issues/4193
|
|
Also add explanation of what `--force` does for unpublish
|
|
|
|
Without this, the isntall-clean alias is matched and ran
|
|
|
|
|
|
|
|
|
|
|
