| Age | Commit message (Collapse) | Author |
|---|
|
This makes scoped packages skip reinstallation the same way normal,
unscoped packages do.
|
|
Test failure was leaving an assortment of files dangling around:
test/tap/scripts-whitespace-windows/cache/scripts-whitespace-windows-dep/0.0.1/package.tgz
test/tap/scripts-whitespace-windows/cache/scripts-whitespace-windows-dep/0.0.1/package/package.json
|
|
Test failure was leaving an assortment of files dangling around:
test/tap/scoped_package/cache/@scope/generic-package/90000.100001.5/package.tgz
test/tap/scoped_package/cache/@scope/generic-package/90000.100001.5/package/package.json
test/tap/scoped_package/package.json
test/tap/scoped_package/scope-generic-package-90000.100001.5.tgz
|
|
If a dependency occurs in both the `dependencies` and the `devDependencies`
sections of package.json, npm should prefer the version from the `dependencies`
section since it is what is used when installed with `--production`
A warning is issued with information about what version is used.
|
|
a71615a accidentally got reverted by 355bb7e, which split the changed
file into multiple files.
Original commit message:
Check SHA before using files from cache
Fixes #3265.
Because 'npm install' *always* writes every package to the cache (even
if it isn't installed from the registry) before installing it, it's easy
to end up in a situation where "npm install foo" installs something
other than the appropriate version from the registry. eg:
npm cache clean
# Install a fork of version 0.0.1:
npm install https://github.com/glasser/npm-cache-corruption/tarball/93c447e
rm -rf node_modules
# Before this commit, this would install the same fork as above
npm install npm-cache-corruption
|
|
Fixes #5520
This adds back the ability to run `npm view .`
Includes multiple tests for `npm view`
|
|
Specify dummy template dir when cloning to prevent copying hooks.
|
|
IT IS ALWAYS A #%@^& RACE CONDITION!
|
|
|
|
See discussion in #3059.
|
|
|
|
|
|
|
|
|
|
This ought to nail the ENOENT issues we're seeing in #6043 by deferring
all rollback unbuilds to the end of the install process. This also
depends on the upgrade to slide@1.1.5.
Includes a test with a very racy optional dependency situation. (*wink*)
|
|
|
|
This does a few things to clean up the error output and make it a bit
more user-friendly (and maintainer friendly!)
1. Remove the 'npm ERR code 0' at the bottom. We're not exiting with
code 0, so that's just confusing and weird. It just means that we don't
YET have an error code, so it's better to just omit it.
2. Never print out stack traces at loglevel=error. They're too verbose,
and send users into a brain-shutdown-overload panic which is
uncomfortable and not a very nice to do to them.
3. Since most users jump to the bottom of an error report and read
increased importance in the last line, reorder the output a bit.
a. The system/version/argv info is printed first, where it'll be
mostly ignored by users but still output by default for the benefit of
support staff. This is useful for us, but just excess noise for them,
since they presumably already know what operating system they're
using, etc.
b. Next, print out the human-friendly error message for things we
know, like "the script exited with such and such error code, it's a
bug with the fooblz package, get the owner info with blah blah", etc.
c. Last, we print out the npm-debug.log file, but instead of just
saying "Additional debugging info is available", we explicitly ask the
user to attach it to any support request. This is generally always
the first thing we ask for, so we may as well just go ahead and ask
for it here.
4. Corrected a few blatantly un-helpful suggestions (like using
unpublish to get around a publish version conflict.)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
fix local short circuit to avoid problems when path looks like a github shortcut
|
|
Fix #6082
|
|
In general, we should never be relying on {cwd}/package.json.
The current working directory should be used for printing out relative
paths for human consumption, but npm should always walk up the directory
tree to find its working dir for *doing* stuff.
Fix #6059
|
|
Fix #6064
|
|
The better to prevent extraneous sub-dependencies
|
|
Possibly related to #5987 #6029
Not sure if this is a new thing in a Windows 8 system update, or a new
Node bug, but the contract whereby ENOENT spawn errors trigger a
simulated failure-exit in Node (and thus `exit` and `close` events)
seems to have changed recently.
Handle this by catching error events that are fired on the child
process, so that at least we can print out the script and package that
we were TRYING to execute, and debug it at all.
|
|
|
|
|
|
|
|
Fix #5658
Note that this doesn't actually *ignore* the files specified by the
.gitignore and/or .npmignore files. That would likely require removing
them after the fact, as well as all the same logic that exists in
fstream-npm, since tar does not give us a directory listing, and
tarballs may have their files in any random order.
|
|
The primary purpose is so that everything doing network requests
includes auth, if so required. Sends bearer token by default, will send
HTTP Basic auth with `always-auth` set in the config.
|
|
|
|
A previous fix for https://github.com/npm/npm/issues/3117
explicitly set the permissions for all files to a hard-coded
value, regardless of what the permissions were previously.
This changes that behavior to *add* the permissions that were
previously being *set* so that existing execute permissions are
maintained.
This is a redo of the much more blunt solution attempted in
https://github.com/npm/npm/pull/5728
thanks to some very helpful feedback from @othiym23
|
|
Was relying on using an administrator-owned global folder, which is a pita.
|
|
|
|
|
|
|
|
Adds support for 'init.version' config, and falling back to _auth
config as default auth when using default registry.
|
|
It's hard for me to construct a scenario where an optional dependency
with a plainly invalid name failing to install is actually useful to
anyone, so I nerfed the relevant line in the test.
|
|
|
|
|
|
|
|
|
|
|
|
|
