| Age | Commit message (Collapse) | Author |
|---|
|
PR-URL: https://github.com/npm/cli/pull/3893
Credit: @nlf
Close: #3893
Reviewed-by: @nlf
|
|
|
|
PR-URL: https://github.com/npm/cli/pull/3889
Credit: @wraithgar
Close: #3889
Reviewed-by: @nlf
|
|
Bumped patch versions of libnpmexec and libnpmfund to dedupe
|
|
BREAKING CHANGE:
- Drop official support for node versions less than v12.
- Drop support for `require('npm')`
- Update a few subdependencies that dropped node10 support, and brought
in the latest node-gyp
PR-URL: https://github.com/npm/cli/pull/3762
Credit: @wraithgar
Close: #3762
Reviewed-by: @fritzy
|
|
This reverts commit 8349c3c1557ac52973ad08c10db492e3a5a30204.
PR-URL: https://github.com/npm/cli/pull/3817
Credit: @lukekarrys
Close: #3817
Reviewed-by: @wraithgar
|
|
* includeWorkspaceRoot support
* workspacesEnabled=false support
PR-URL: https://github.com/npm/cli/pull/3815
Credit: @wraithgar
Close: #3815
Reviewed-by: @isaacs
|
|
* fix: avoid infinite loops in peer dep replacements
* fix: use Intl.Collator for string sorting when available
* feat(vuln): expose isDirect
|
|
* fix: do not fail adding unresolvable optional dep
|
|
* feat: export npm_config_local_prefix and npm_config_global_prefix
to the environment
|
|
* feat: introduce @npmcli/fs for tmp dir methods
|
|
* fix: treat top-level global packages as "top" nodes
* fix: load global symlinks implicitly as file: deps
* fix(reify): debug crash when extracting into symlink
* fix: node_modules must be a directory
* fix: make Node.children() a case-insensitive Map
* fix(reify): verify existing deps in nm are dirs
|
|
|
|
* [#3632] Fix "cannot read property path of null" error in 'npm
dedupe'
* fix(shrinkwrap): always set name on the root node
|
|
* fix: better error message for duplicate workspace names
|
|
* Refactor ideal tree building to handle more complicated
peerDependencies use cases.
* Do not modify ideal tree while checking if a peerSet can be placed.
Fix: #3377
|
|
|
|
|
|
* bin: allow turning off timer display with --timers=false
* fix: do not try to inflate a fresh lockfile
* fix(diff): walk target children if root is a link
* chore: @npmcli/package-json refactor
|
|
Refactor set-script and init to use @npmcli/package-json as a uniformed
way to update and save package.json files.
Fixes: https://github.com/npm/cli/issues/3234
Relates to: https://github.com/npm/statusboard/issues/368
PR-URL: https://github.com/npm/cli/pull/3455
Credit: @ruyadorno
Close: #3455
Reviewed-by: @nlf
|
|
* fix(inventory) handle old and british forms of 'license'
* fix: removes [_complete] check to apply correct metadata
* ensure node.fsParent is not set to node itself
* fix extraneous deps on load-actual
|
|
We bundle our deps, but we don't need to bundle docs, changelogs,
editorconfigs, test coverage reports, .github workflow definitions,
lint configurations, and all the rest, which we never use.
This cuts about 10% off of our publish artifact file size.
```
$ ls -laF npm-7.16.0-*.tgz
-rw-r--r-- 1 isaacs staff 7174497 Jun 3 13:01 npm-7.16.0-release-next.tgz
-rw-r--r-- 1 isaacs staff 6782377 Jun 3 13:00 npm-7.16.0-trim-node-modules.tgz
$ ls -laF npm-7.16.0-*.tar
-rw-r--r-- 1 isaacs staff 19020288 Jun 3 13:01 npm-7.16.0-release-next.tar
-rw-r--r-- 1 isaacs staff 17474048 Jun 3 13:00 npm-7.16.0-trim-node-modules.tar
```
PR-URL: https://github.com/npm/cli/pull/3362
Credit: @isaacs
Close: #3362
Reviewed-by: @nlf
|
|
make-fetch-happen@9.0.1
* breaking: complete refactor of caching. cache will no longer grow
endlessly with duplicate requests. cache will be used in cases where
it should have been but wasn't before. it will cache multiple
content-types of the same url. it will dedupe existing caches of
their unused entries.
* fix: support url-encoded proxy authorization
* fix: do not lazy-load proxy agents or agentkeepalive. fixes the
intermittent failures to update npm on slower connections.
npm-registry-fetch@11.0.0
* breaking: drop handling of deprecated warning headers
* docs: fix header type for npm-command
* docs: update registry param
* feat: improved logging of cache status
|
|
|
|
|
|
|
|
|
|
|
|
* fix(clone): Do not allow git replacement objects by default
|
|
* fix(add): save packages in the right place
* fix(reify): do not clean up nodes with no parent
* fix(audit): support alias specs & root package names
|
|
|
|
Partially fixes https://github.com/npm/cli/issues/3130
|
|
|
|
|
|
|
|
|
|
|
|
* [#2896](https://github.com/npm/cli/issues/2896) Provide currentEdge in
ERESOLVE if known, and address self-linking edge case.
* Add/remove dependencies to/from workspaces when set, not root project
* Only reify the portions of the dependency graph identified by the
`workspace` configuration value.
* Do not recursively `chown` the project root path.
|
|
|
|
|
|
|
|
Eventually @npmcli/config will move back to the CLI under
lib/utils/config/, so this v2 will be a short-lived release family.
|
|
|
|
|
|
|
|
|
|
|
|
* Do not rely on underscore fields in `package.json` files
* [#2736](https://github.com/npm/cli/issue/2736) Do not remove global
packages when updating by name
Fix: #2736
|
|
* [#1875](https://github.com/npm/cli/issues/1875)
[npm/arborist#230](https://github.com/npm/arborist/pull/230) Set default
advisory `severity`/`vulnerable_range` when missing from audit endpoint
data ([@isaacs](https://github.com/isaacs))
* [npm/arborist#231](https://github.com/npm/arborist/pull/231) skip
optional deps with mismatched platform or engine
([@nlf](https://github.com/nlf))
* [#2251](https://github.com/npm/cli/issues/2251) Unpack shrinkwrapped deps
not already unpacked ([@isaacs](https://github.com/isaacs),
[@nlf](https://github.com/nlf))
* [#2714](https://github.com/npm/cli/issues/2714) Do not write package.json
if nothing changed ([@isaacs](https://github.com/isaacs))
* [npm/rfcs#324](https://github.com/npm/rfcs/issues/324) Prefer peer over
prod dep, if both specified ([@isaacs](https://github.com/isaacs))
* [npm/arborist#236](https://github.com/npm/arborist/issues/236) Fix
additional peerOptional conflict cases
([@isaacs](https://github.com/isaacs))
|
|
|
