| Age | Commit message (Collapse) | Author |
|---|
|
Fixes `npm outdated` to properly parse and display info on aliased
packages.
Fixes: https://github.com/npm/cli/issues/2800
|
|
`npm ci` should never be affected by the `package-lock` config.
Fixes: https://github.com/npm/cli/issues/4185
|
|
Make sure to validate any lock file (either package-lock.json or
npm-shrinkwrap.json) against the current install. This will properly
throw an error in case any of the dependencies being installed don't
match the dependencies that are currently listed in the lock file.
Fixes: https://github.com/npm/cli/issues/2701
Fixes: https://github.com/npm/cli/issues/3947
|
|
Most of these module use npm-registry-fetch under the hood, which will
log things like the `npm-notice` header if seen. Currently we aren't
passing in a logger to them, which means that log message is never seen,
among any other logged messages those modules may need to make.
I added tests where I could. Some tests were in a state where the entire
libnpm* module was an empty mocked function, so asserting that it got
passed a `log` attribute was onerous.
|
|
|
|
|
|
Previously `npm update` was not respecting the `save` option, it
would be impossible for users to use `npm update` and automatically
update their `package.json` files.
This fixes it by adding extra steps on `Arborist.reify._saveIdealTree`
to read direct dependencies of any `package.json` and update them as
needed when reifying using the `update` and `save` options.
- Uses config.isDefault to set a different value for the `save` config
for both the update and dedupe commands
- Tweaks arborist to make sure saveIdealTree preserves the behavior of
skipping writing to package-lock.json on save=false for install while
still writing the lockfile for `npm update` with its new default value
of save=false.
- Updated and added some new tests on arborist to cover for these tweaks
- Added `npm update --save` smoke test on cli
Fixes: https://github.com/npm/cli/issues/708
Fixes: https://github.com/npm/cli/issues/2704
Relates to: https://github.com/npm/feedback/discussions/270
|
|
|
|
Closes: npm/statusboard#417
If the file at `$NPM_CONFIG_PREFIX/package.json` contains a
`publishConfig`, the key/value pairs will be printed along with the rest
of the output from `npm config ls`.
PR-URL: https://github.com/npm/cli/pull/4146
Credit: @lukekarrys
Close: #4146
Reviewed-by: @nlf
|
|
Closes: npm/statusboard#416
PR-URL: https://github.com/npm/cli/pull/4143
Credit: @lukekarrys
Close: #4143
Reviewed-by: @wraithgar
|
|
PR-URL: https://github.com/npm/cli/pull/4142
Credit: @lukekarrys
Close: #4142
Reviewed-by: @wraithgar
|
|
Closes: #4128
This also refactors the logic for cleaning log files to use the `ignore`
option from `glob` to not clean current log files instead of relying on
updating the `logs-max` count.
I also discovered a bug where we weren't cleaning log files written with
the old naming convention, so this fixes that as well.
PR-URL: https://github.com/npm/cli/pull/4134
Credit: @lukekarrys
Close: #4134
Reviewed-by: @wraithgar
|
|
PR-URL: https://github.com/npm/cli/pull/4114
Credit: @lukekarrys
Close: #4114
Reviewed-by: @wraithgar
|
|
|
|
This decouples the log file writing from the terminal logging. We now
open an append only file at the start of the process and stream logs to
it. We still only display the log file message in timing mode or if
there is an error, but the file is still written regardless.
All logging now goes through `proc-log` and this is the first step to
removing `npmlog`. For now `npmlog` is still used for the terminal
logging but with a shim in front of it to make it easier to test and
use in conjunction with `proc-log`. Ref: npm/statusboard#366
This also refactors many of the tests to always use an explicit
`t.testdir` for their cache since the file is opened on each `new Npm()`.
Tests are also refactored to use more of `MockNpm` with behavior to
add config items and load `npm` if necessary. A new fixture `mockGlobals`
was also added to make much of this more ergonomic. Ref: npm/statusboard#410
Closes npm/statusboard#411
Closes npm/statusboard#367
PR-URL: https://github.com/npm/cli/pull/4062
Credit: @lukekarrys
Close: #4062
Reviewed-by: @wraithgar
|
|
PR-URL: https://github.com/npm/cli/pull/4072
Credit: @chalkygames123
Close: #4072
Reviewed-by: @wraithgar
|
|
PR-URL: https://github.com/npm/cli/pull/4060
Credit: @yuqu
Close: #4060
Reviewed-by: @wraithgar
|
|
|
|
now that we're off of node10 we can clean this up
PR-URL: https://github.com/npm/cli/pull/3989
Credit: @wraithgar
Close: #3989
Reviewed-by: @lukekarrys
|
|
During a refactoring of the tests a bug was found in the install command
completion that would return nothing if there was a valid match, this
fixes that bug and also makes the tests actually test things.
PR-URL: https://github.com/npm/cli/pull/4023
Credit: @wraithgar
Close: #4023
Reviewed-by: @lukekarrys
|
|
The fake npm object in the tests wasn't returning an async function
Fixes: https://github.com/npm/cli/issues/4020
PR-URL: https://github.com/npm/cli/pull/4032
Credit: @wraithgar
Close: #4032
Reviewed-by: @lukekarrys
|
|
Clean up tests too
PR-URL: https://github.com/npm/cli/pull/4033
Credit: @wraithgar
Close: #4033
Reviewed-by: @lukekarrys
|
|
PR-URL: https://github.com/npm/cli/pull/4026
Credit: @wraithgar
Close: #4026
Reviewed-by: @isaacs
|
|
These are never valid in the contexts from which this lib is called.
Namely these are the bugs, docs, fund, help, and repo commands, and for
oauth logins.
PR-URL: https://github.com/npm/cli/pull/4025
Credit: @wraithgar
Close: #4025
Reviewed-by: @isaacs
|
|
This brings us in line with the rest of the linting rules we are wanting
to use on the npm cli repos.
There were several hundred over-length lines and instead of editing them
all by hand I piped the failing file through `prettier` and back through
`eslint` just to save some time and energy. This means there may be
some quirks in the linting those files have, but we can fix those if we
see them and they bother us.
Other than that there were about 50 lines that are legitimately
over-length, all are now explicitly overridden. Many are tests that
could be snapshots.
PR-URL: https://github.com/npm/cli/pull/3995
Credit: @wraithgar
Close: #3995
Reviewed-by: @lukekarrys
|
|
PR-URL: https://github.com/npm/cli/pull/3987
Credit: @lukekarrys
Close: #3987
Reviewed-by: @wraithgar
|
|
Windows no longer allows `file://`, but instead requires `file:///` for
local file urls.
Also after the command refactor things shifted and the tests didn't
catch that the help pages didn't work at all anymore, and that the
post-edit rebuild didn't work. This cleans up those two issues.
PR-URL: https://github.com/npm/cli/pull/3994
Credit: @wraithgar
Close: #3994
Reviewed-by: @lukekarrys
|
|
This is safe to do now that we've dropped node 10 support.
PR-URL: https://github.com/npm/cli/pull/3988
Credit: @lukekarrys
Close: #3988
Reviewed-by: @wraithgar
|
|
Fix: #3962
When created from a hidden lockfile, shrinkwrap was always setting the
lockfileVersion to 3. The shrinkwrap command also needed to be updated
to log the correct message based on the lockfileVersion config instead
of the static lockfileVersion.
With these fixes, it was possible to log a better message whenever we
are changing the lockfileVersion, either from a config or any existing
lockfile.
Lastly, the tests for shrinkwrap were completely refactored to use the
real npm and test all conceivable scenarios, as well as removing usage
of `util.promisify` in favor of `fs.promises` now that we've dropped
support for Node 10.
PR-URL: https://github.com/npm/cli/pull/3978
Credit: @lukekarrys
Close: #3978
Reviewed-by: @wraithgar
|
|
This is the first phase of refactoring the internal structure of the npm
commands to set us up for future changes. This iteration changes the
function signature of `exec` for all the commands to be a async (no more
callbacks), and also groups all the commands into their own
subdirectory.
It also removes the Proxy `npm.commands` object, in favor of an
`npm.cmd` and `npm.exec` function that breaks up the two things that
proxy was doing. Namely, getting to the attributes of a given command
(`npm.cmd` now does this), and actually running the command `npm.exec`
does this.
PR-URL: https://github.com/npm/cli/pull/3959
Credit: @wraithgar
Close: #3959
Reviewed-by: @lukekarrys
|
|
PR-URL: https://github.com/npm/cli/pull/3943
Credit: @wraithgar
Close: #3943
Reviewed-by: @lukekarrys
|
|
As all CLI input is considered to be string, eg. a
"npm install --lockfile-version 3" would fail with the error messages:
```
npm WARN invalid config lockfile-version="3" set in command line options
npm WARN invalid config Must be one of: null, 1, 2, 3
```
Until we have a config system that supports setting type and possible values
of configs, we have to specify all string and number values for the
`lockfile-version`, but we coerce all values to numbers in the flattener.
Co-authored-by: @voxpelli
Co-authored-by: @isaacs
PR-URL: https://github.com/npm/cli/pull/3949
Credit: @lukekarrys
Close: #3949
Reviewed-by: @isaacs
|
|
Adds a new config item that includes the workspace root. This also changes
--workspaces to a trinary, so that setting it to false will explicitly exclude
workspaces altogether.
PR-URL: https://github.com/npm/cli/pull/3890
Credit: @fritzy
Close: #3890
Reviewed-by: @wraithgar
|
|
Depends on @npmcli/arborist@4.0.0
Re: https://github.com/npm/rfcs/pull/434
PR-URL: https://github.com/npm/cli/pull/3880
Credit: @isaacs
Close: #3880
Reviewed-by: @wraithgar
|
|
BREAKING CHANGE:
- Drop official support for node versions less than v12.
- Drop support for `require('npm')`
- Update a few subdependencies that dropped node10 support, and brought
in the latest node-gyp
PR-URL: https://github.com/npm/cli/pull/3762
Credit: @wraithgar
Close: #3762
Reviewed-by: @fritzy
|
|
This reverts commit f17dfa0ced7d8df9bb7baf378bb20d33175c8e8b.
|
|
Adds a new config item that includes the workspace root when running
non-arborist commands (i.e. repo, version, publish). Arborist will need
to be udpated to look for this flag to change its behavior to include
the workspace root for its functions.
This also changes --workspaces to a trinary, so that setting it to false
will explicitly exclude workspaces altogether. This is also going to
require an arborist change so that it ignores workspaces altogether.
Co-author: @fritzy
PR-URL: https://github.com/npm/cli/pull/3816
Credit: @isaacs
Close: #3816
Reviewed-by: @wraithgar
|
|
The npm/cli form of https://github.com/npm/arborist/pull/324
Required adding options support to package used for this.
PR-URL: https://github.com/npm/cli/pull/3809
Credit: @isaacs
Close: #3809
Reviewed-by: @wraithgar
|
|
closes: https://github.com/npm/cli/issues/2556
xref: https://github.com/npm/cli/pull/1750
The xref'ed PR apparently dropped this behavior
without any explanation.
PR-URL: https://github.com/npm/cli/pull/3799
Credit: @gfyoung
Close: #3799
Reviewed-by: @wraithgar
|
|
will filter out a small subset of non-URL-safe characters that still
parse properly with `new URL`
PR-URL: https://github.com/npm/cli/pull/3804
Credit: @isaacs
Close: #3804
Reviewed-by: @wraithgar
|
|
PR-URL: https://github.com/npm/cli/pull/3766
Credit: @felixonmars
Close: #3766
Reviewed-by: @wraithgar
|
|
PR-URL: https://github.com/npm/cli/pull/3761
Credit: @wraithgar
Close: #3761
Reviewed-by: @lukekarrys
|
|
PR-URL: https://github.com/npm/cli/pull/3760
Credit: @yacoman89
Close: #3760
Reviewed-by: @wraithgar
|
|
PR-URL: https://github.com/npm/cli/pull/3738
Credit: @AyushRawal
Close: #3738
Reviewed-by: @wraithgar
|
|
The way we were flattening user-agent back into itself meant that any
values that were dependent on other config items would never be seen,
since we have to re-flatten the item for each one it depends on.
We also weren't re-flattening the user-agent when setting workspaces or
workspace, which were things that affected the final result.
This does change the main config value of `user-agent` but not the
flattened one. We are not using the main config value anywhere (which
is correct).
PR-URL: https://github.com/npm/cli/pull/3754
Credit: @wraithgar
Close: #3754
Reviewed-by: @nlf
|
|
Before, `npm view npm@^6` would incorrectly report “published over a
year from now” for every entry. Now it reports the correct dates.
PR-URL: https://github.com/npm/cli/pull/3739
Credit: @andersk
Close: #3739
Reviewed-by: @wraithgar
|
|
The did-you-mean code was trying to parse a local package.json to
suggest scripts and bins, which was causing an exception if you ran npm
outside of a directory with a valid package.json.
This fixes that.
PR-URL: https://github.com/npm/cli/pull/3747
Credit: @wraithgar
Close: #3747
Reviewed-by: @nlf
|
|
This will do an engines check when installing npm globally and fail if
the new npm is known not to work in the current node version.
It will not work for older npm versions because they don't have an
engines field (it wasn't added till npm@6.14.0). It will at least
prevent npm@7 from being installed in node@8.
PR-URL: https://github.com/npm/cli/pull/3731
Credit: @wraithgar
Close: #3731
Reviewed-by: @nlf
|
|
If the package being installed is a url it needs to be cleaned before
logging so passwords aren't potentially logged.
PR-URL: https://github.com/npm/cli/pull/3732
Credit: @wraithgar
Close: #3732
Reviewed-by: @nlf
|
|
This corrects two things,
`--global` implies `--location=global` and `--package-lock-only` implies
`--package-lock`
It also introduces a new sandbox runner for testing purposes. it's not
the prettiest thing i've ever written, but it seems to do the job pretty
nicely and doesn't require keeping track of wild shenanigans everywhere.
Fixes #2747
Fixes #3572
PR-URL: https://github.com/npm/cli/pull/3684
Credit: @nlf
Close: #3684
Reviewed-by: @wraithgar
|
