Age | Commit message (Collapse) | Author |
|
Since we now are using pacote/tar in a way that will rely on the default
process umask setting, and we set file/directory modes explicitly
anyway, there's no need to have a default umask setting that calls
process.umask()
As this method is not worker-thread safe, and is deprecated, it's best
for us to stop using it.
Fix: #1103
PR-URL: https://github.com/npm/cli/pull/2444
Credit: @isaacs
Close: #2444
Reviewed-by: @nlf
|
|
PR-URL: https://github.com/npm/cli/pull/2382
Credit: @nlf
Close: #2382
Reviewed-by: @isaacs
|
|
PR-URL: https://github.com/npm/cli/pull/2381
Credit: @XhmikosR
Close: #2381
Reviewed-by: @isaacs
|
|
PR-URL: https://github.com/npm/cli/pull/2361
Credit: @Edu93Jer
Close: #2361
Reviewed-by: @isaacs
EDIT(@isaacs): amended to match some of the fixes to our current style
conventions
|
|
|
|
We have a linter.
yolo
|
|
Fix: #2021
PR-URL: https://github.com/npm/cli/pull/2331
Credit: @isaacs
Close: #2331
Reviewed-by: @ruyadorno @darcyclarke
|
|
PR-URL: https://github.com/npm/cli/pull/2303
Credit: @nlf
Close: #2303
Reviewed-by: @isaacs
|
|
This removes all other arg/shell escaping mechanisms, as they are no
longer needed, and will be un-done by puka in @npmcli/run-script anyway.
Adds an interactive shell mode when `npm exec` is run without any
arguments, allowing users to interactively test out commands in an npm
script environment. Previously, this would do nothing, and just exit.
Prevent weird behavior from `npm explore ../blah`. `explore` now can
_only_ be used to explore packages that are actually found in the
relevant `node_modules` folder.
|
|
|
|
We have a lot of tests that were not handling errors in callbacks, not
defining variables, defining variables that weren't used, and just
generally not formatted like the rest of npm.
Hazard of moving fast. Thankfully, machines can help.
|
|
When a file named 'npmrc' is in the root of the npm module that is
currently running, it adds config values that override the defaults (but
not the global or user configs).
This is a way for a system package installer to tell the npm that it
installs to put its globals somewhere other than the default. In order
to keep these configs around when users self-update npm with `npm i -g
npm`, these config values must be "sticky", and ride along into the
newly globally installed npm.
This commit restores this behavior, fixing self-updating npm for Windows
users, and any other systems that may make use of this functionality.
Fixes: #2002
PR-URL: https://github.com/npm/cli/pull/2184
Credit: @isaacs
Close: #2184
Reviewed-by: @ruyadorno
|
|
Fixes: #2134
Credit: @isaacs
Close: #2156
Reviewed-by: @ruyadorno
|
|
Fixes: #2150
Credit: @isaacs
Close: #2155
Reviewed-by: @ruyadorno
|
|
Add legacy `_auth` token to flatOptions in order to support it when
reaching out to registries.
Fixes: #2008
Credit: @ruyadorno
Close: #2153
Reviewed-by: @isaacs
|
|
This adds a flatOptions.flatten() method, which takes an object full of
config keys, and turns it into an options object. This method expects
an object that already inherits from npm's defaults, and is thus
expected to be internal only.
This commit also removes some config keys which were used by npm
dependencies at the start of the v7 beta process, but are no longer:
- all lockfile configs (since we don't use lockfiles any more! for
anything! and good riddance, they're a rats' nest of race conditions)
- cacheMax/cacheMin (we only use preferOffline/offline/online now, so
these are strictly legacy support as input and never shared with deps)
Once this lands in cli, we can remove the publishConfig handling logic
in npm-registry-fetch, as it will be redundant.
|
|
|
|
PR-URL: https://github.com/npm/cli/pull/2067
Credit: @isaacs
Close: #2067
Reviewed-by: @nlf
|
|
If we're running the 'audit' command, then a failed endpoint means that
the command failed. Error out in that case.
Otherwise, if it's a quick audit as part of another command, just return
a value to indicate that we should not print audit info.
This avoids showing '0 vulnerabilities found', which, while amusingly
technically correct, is misleading and not very helpful.
Fix: #1951
Credit: @isaacs
Close: #1956
Reviewed-by: @darcyclarke
|
|
Updates to ERESOLVE explanation code
|
|
|
|
|
|
|
|
PR-URL: https://github.com/npm/cli/pull/1859
Credit: @badeggg
Close: #1859
Reviewed-by: @isaacs
EDIT: changed flatOptions.noproxy to flatOptions.noProxy, since
make-fetch-happen reads it from the camel-cased property.
|
|
This gets passed down to dependencies as 'timeout', so that the HTTP
request libraries will all get the right value.
Fix: https://github.com/npm/cli/issues/1780
PR-URL: https://github.com/npm/cli/pull/1870
Credit: @isaacs
Close: #1870
Reviewed-by: @nlf
|
|
The added count on lib/utils/reify-output.js only looks up resulting
keys from arb.diff and does not take into account the fact that some of
these pkgs signaled as diff=ADD might in fact not have been installed,
most common scenario are optional deps that could have failed their
install in a given system or opt-out from configs.
This fixes the counting number by looking up at arb.inventory and
confirming it has the node that has been marked as added on diff result.
Fix: #1813
PR-URL: https://github.com/npm/cli/pull/1858
Credit: @ruyadorno
Close: #1858
Reviewed-by: @nlf
|
|
* Fix EBADPLATFORM error message
Error format evolved out from under message generation's
expectations.
* Fix formatting
|
|
PR-URL: https://github.com/npm/cli/pull/1825
Credit: @nlf
Close: #1825
Reviewed-by: @isaacs
|
|
PR-URL: https://github.com/npm/cli/pull/1818
Credit: @nlf
Close: #1818
Reviewed-by: @ruyadorno
|
|
Reduce visual noise, make the more important information more obvious.
|
|
When peerDependencies conflict, Arborist is now providing details of the
nodes and their reasons for inclusion on the Error object, including
whether or not this resolution error could be overridden using the
--force flag.
Print this data out in a minimal way as a warning if we override an
ERESOLVE forcefully. When the ERESOLVE causes the install to fail,
print a somewhat longer message, and save a MUCH longer full report to
the cache folder.
PR-URL: https://github.com/npm/cli/pull/1761
Credit: @isaacs
Close: #1761
Reviewed-by: @darcyclarke, @ruyadorno
|
|
The `flatOptions.scope` option should not default to `projectScope`
since that's causing projects that have a defined `projectScope`
corresponding to configured scoped registries to try and download ALL
packages (including the ones that should be downloaded from the public
registry) to be fetch from that scoped registry url.
fix #1654
PR-URL: https://github.com/npm/cli/pull/1758
Credit: @ruyadorno
Close: #1758
Reviewed-by: @isaacs
|
|
Add unit tests to `lib/utils/error-handler.js`, these are very special
since the module handles some internal state through variables which are
not exposed and binds itself to multiple global `process` events.
Also two minor tweaks/fixes to the original implementation:
- Refactored unused param in `reallyExit()`
- Fixed String.prototype.match group capture usage
PR-URL: https://github.com/npm/cli/pull/1742
Credit: @ruyadorno
Close: #1742
Reviewed-by: @isaacs
|
|
* Also, test this with a mock, so that tests pass in CI.
* test: streamline snapshot on config test
* test: add workaround for node 10's broken promises
* test: make cache dir cross-platform consistent in config test
PR-URL: https://github.com/npm/cli/pull/1719
Credit: @isaacs
Close: #1719
Reviewed-by: @ruyadorno
|
|
Reported by @lumaxis
|
|
PR-URL: https://github.com/npm/cli/pull/1688
Credit: @isaacs
Close: #1688
Reviewed-by: @ruyadorno
|
|
|
|
|
|
|
|
Credit: @jamesgeorge007
PR-URL: https://github.com/npm/cli/pull/1071
Close: #1071
Reviewed-By: @isaacs
EDIT(@isaacs): changed dependency in a separate commit
|
|
|
|
This drops our usage of the update-notifier module, in favor of checking
ourselves, using the modules and UX patterns that npm already has in
place.
- While on a prerelease version, updates are checked for every day,
instead of every week, and always checks for a new beta in the current
release family. Ie, ^7.0.0-beta.2 instead of latest.
- Latest version is suggested if newer than current.
- If current version is newer than latest, then we check again for an
update in the current version family. Ie, ^7.0.0 instead of latest,
if current is 7.0.0 and latest is 6.x.
- Output is printed using log.notice, at the end of all other log
output, so that it's both less visually disruptive, and less likely to
be missed among other warnings and notices.
This has the side effect of requiring that we set npm.flatOptions as
soon as config is loaded, rather than waiting for a command to be run.
Since the cli runs a command immediately after loading anyway, this is
not a relevant change for our purposes, but worth mentioning here.
|
|
- Refactored dist-tag tests into unit tests in test/lib
- Small tweaks and fixes to dist-tag found while writing tests
- Refactored lib/utils/read-local-package.js and its tests
- Tweaked usage in consuming lib/owner.js
PR-URL: https://github.com/npm/cli/pull/1611
Credit: @ruyadorno
Close: #1611
Reviewed-by: @isaacs
|
|
Fix #1595
|
|
Also, get Windows up to full coverage.
PR-URL: https://github.com/npm/cli/pull/1598
Credit: @isaacs
Close: #1598
Reviewed-by: @ruyadorno
|
|
Still pending test coverage for most of these, but wanted to give them a
clean sweep to get the "load-all-commands" tests passing.
The following changes are in here:
- All commands now have a `completion()` method and a usage string that
uses the same `usage` util consistently.
- The `silent` argument to many commands has been removed.
- All commands use the `cmd = ${cmd}(args).then(() => cb()).catch(cb)`
pattern consistently.
Full test coverage for all commands is still lacking, and will have to
be done prior to the GA v7 release.
|
|
It should not be completing to all installed packages. No completion
makes sense, as of npm v4.
|
|
|
|
|
|
Refactored lib/utils/completion/installed-deep.js to use Arborist, also
removed the `read-installed` dependency as it's no longer used.
fix: #1574
PR-URL: https://github.com/npm/cli/pull/1577
Credit: @ruyadorno
Close: #1577
Reviewed-by: @isaacs
|