1567 lines
79 KiB
Markdown
1567 lines
79 KiB
Markdown
|
## v4.6.1 (2017-04-21)
|
|||
|
|
|||
|
A little release to tide you over while we hammer out the last bits for npm@5.
|
|||
|
|
|||
|
### FEATURES
|
|||
|
|
|||
|
* [`d13c9b2f2`](https://github.com/npm/npm/commit/d13c9b2f24b6380427f359b6e430b149ac8aaa79)
|
|||
|
`init-package-json@1.10.0`:
|
|||
|
The `name:` prompt is now `package name:` to make this less ambiguous for new users.
|
|||
|
|
|||
|
The default package name is now a valid package name. For example: If your package directory
|
|||
|
has mixed case, the default package name will be all lower case.
|
|||
|
* [`f08c66323`](https://github.com/npm/npm/commit/f08c663231099f7036eb82b92770806a3a79cdf1)
|
|||
|
[#16213](https://github.com/npm/npm/pull/16213)
|
|||
|
Add `--allow-same-version` option to `npm version` so that you can use `npm version` to run
|
|||
|
your version lifecycles and tag your git repo without actually changing the version number in
|
|||
|
your `package.json`.
|
|||
|
([@lucastheisen](https://github.com/lucastheisen))
|
|||
|
* [`f5e8becd0`](https://github.com/npm/npm/commit/f5e8becd05e0426379eb0c999abdbc8e87a7f6f2)
|
|||
|
Timing has been added throughout the install implementation. You can see it by running
|
|||
|
a command with `--loglevel=timing`. You can also run commands with `--timing` which will write
|
|||
|
an `npm-debug.log` even on success and add an entry to `_timing.json` in your cache with
|
|||
|
the timing information from that run.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
### BUG FIXES
|
|||
|
|
|||
|
* [`9c860f2ed`](https://github.com/npm/npm/commit/9c860f2ed3bdea1417ed059b019371cd253db2ad)
|
|||
|
[#16021](https://github.com/npm/npm/pull/16021)
|
|||
|
Fix a crash in `npm doctor` when used with a registry that does not support
|
|||
|
the `ping` API endpoint.
|
|||
|
([@watilde](https://github.com/watilde))
|
|||
|
* [`65b9943e9`](https://github.com/npm/npm/commit/65b9943e9424c67547b0029f02b0258e35ba7d26)
|
|||
|
[#16364](https://github.com/npm/npm/pull/16364)
|
|||
|
Shorten the ELIFECYCLE error message. The shorter error message should make it much
|
|||
|
easier to discern the actual cause of the error.
|
|||
|
([@j-f1](https://github.com/j-f1))
|
|||
|
* [`a87a4a835`](https://github.com/npm/npm/commit/a87a4a8359693518ee41dfeb13c5a8929136772a)
|
|||
|
`npmlog@4.0.2`:
|
|||
|
Fix flashing of the progress bar when your terminal is very narrow.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`41c10974f`](https://github.com/npm/npm/commit/41c10974fe95a2e520e33e37725570c75f6126ea)
|
|||
|
`write-file-atomic@1.3.2`:
|
|||
|
Wait for `fsync` to complete before considering our file written to disk.
|
|||
|
This will improve certain sorts of Windows diagnostic problems.
|
|||
|
* [`2afa9240c`](https://github.com/npm/npm/commit/2afa9240ce5b391671ed5416464f2882d18a94bc)
|
|||
|
[#16336](https://github.com/npm/npm/pull/16336)
|
|||
|
Don't ham-it-up when expecting JSON.
|
|||
|
([@bdukes](https://github.com/bdukes))
|
|||
|
|
|||
|
### DOCUMENTATION FIXES
|
|||
|
|
|||
|
* [`566f3eebe`](https://github.com/npm/npm/commit/566f3eebe741f935b7c1e004bebf19b8625a1413)
|
|||
|
[#16296](https://github.com/npm/npm/pull/16296)
|
|||
|
Use a single convention when referring to the `<command>` you're running.
|
|||
|
([@desfero](https://github.com/desfero))
|
|||
|
* [`ccbb94934`](https://github.com/npm/npm/commit/ccbb94934d4f677f680c3e2284df3d0ae0e65758)
|
|||
|
[#16267](https://github.com/npm/npm/pull/16267)
|
|||
|
Fix a missing space in the example package.json.
|
|||
|
([@famousgarkin](https://github.com/famousgarkin))
|
|||
|
|
|||
|
### DEPENDENCY UPDATES
|
|||
|
|
|||
|
* [`ebde4ea33`](https://github.com/npm/npm/commit/ebde4ea3363dfc154c53bd537189503863c9b3a4)
|
|||
|
`hosted-git-info@2.4.2`
|
|||
|
* [`c46ad71bb`](https://github.com/npm/npm/commit/c46ad71bbe27aaa9ee10e107d8bcd665d98544d7)
|
|||
|
`init-package-json@1.9.6`
|
|||
|
* [`d856d570d`](https://github.com/npm/npm/commit/d856d570d2df602767c039cf03439d647bba2e3d)
|
|||
|
`npm-registry-client@8.1.1`
|
|||
|
* [`4a2e14436`](https://github.com/npm/npm/commit/4a2e1443613a199665e7adbda034d5b9d10391a2)
|
|||
|
`readable-stream@2.2.9`
|
|||
|
* [`f0399138e`](https://github.com/npm/npm/commit/f0399138e6d6f1cd7f807d523787a3b129996301)
|
|||
|
`normalize-package-data@2.3.8`
|
|||
|
|
|||
|
### v4.5.0 (2017-03-24)
|
|||
|
|
|||
|
Welcome a wrinkle on npm's registry API!
|
|||
|
|
|||
|
Codename: Corgi
|
|||
|
|
|||
|
![corgi-meme](https://cloud.githubusercontent.com/assets/757502/24126107/64c14268-0d89-11e7-871b-d457e6d0082b.jpg)
|
|||
|
|
|||
|
This release has some bug fixes, but it's mostly about bringing support for
|
|||
|
MUCH smaller package metadata. How much smaller? Well, for npm itself it
|
|||
|
reduces 416K of gzip compressed JSON to 24K.
|
|||
|
|
|||
|
As a user, all you have to do is update to get to use the new API. If
|
|||
|
you're interested in the details we've [documented the
|
|||
|
changes](https://github.com/npm/registry/blob/master/docs/responses/package-metadata.md)
|
|||
|
in detail.
|
|||
|
|
|||
|
#### CORGUMENTS
|
|||
|
|
|||
|
Package metadata: now smaller. This means a smaller cache and less to download.
|
|||
|
|
|||
|
* [`86dad0d74`](https://github.com/npm/npm/commit/86dad0d747f288eab467d49c9635644d3d44d6f0)
|
|||
|
Add support for filtered package metadata.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`41789cffa`](https://github.com/npm/npm/commit/41789cffac9845603f4bdf3f5b03f412144a0e9f)
|
|||
|
`npm-registry-client@8.1.0`
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### NO SHRINKWRAP, NO PROBLEM
|
|||
|
|
|||
|
Previously we needed to extract every package's tarball to look for an
|
|||
|
`npm-shrinkwrap.json` before we could begin working through what its
|
|||
|
dependencies were. This was one of the things stopping npm's network
|
|||
|
accesses from happening more concurrently. The new filtered package
|
|||
|
metadata provides a new key, `_hasShrinkwrap`. When that's set to `false`
|
|||
|
then we know we don't have to look for one.
|
|||
|
|
|||
|
* [`4f5060eb3`](https://github.com/npm/npm/commit/4f5060eb31b9091013e1d6a34050973613a294a3)
|
|||
|
[#15969](https://github.com/npm/npm/pull/15969)
|
|||
|
Add support for skipping `npm-shrinkwrap.json` extraction when the
|
|||
|
registry can affirm that one doesn't exist.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### INTERRUPTING SCRIPTS
|
|||
|
|
|||
|
* [`878aceb25`](https://github.com/npm/npm/commit/878aceb25e6d6052dac15da74639ce274c8e62c5)
|
|||
|
[#16129](https://github.com/npm/npm/pull/16129)
|
|||
|
Better handle Ctrl-C while running scripts. `npm` will now no longer exit
|
|||
|
until the script it is running has exited. If you press Ctrl-C a second
|
|||
|
time it kill the script rather than just forwarding the Ctrl-C.
|
|||
|
([@jaridmargolin](https://github.com/jaridmargolin))
|
|||
|
|
|||
|
#### DEPENDENCY UPDATES:
|
|||
|
|
|||
|
* [`def75eebf`](https://github.com/npm/npm/commit/def75eebf1ad437bf4fd3f5e103cc2d963bd2a73)
|
|||
|
`hosted-git-info@2.4.1`:
|
|||
|
Preserve case of the user name part of shortcut specifiers, previously they were lowercased.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`eb3789fd1`](https://github.com/npm/npm/commit/eb3789fd18cfb063de9e6f80c3049e314993d235)
|
|||
|
`node-gyp@3.6.0`: Add support for VS2017 and Chakracore improvements.
|
|||
|
([@refack](https://github.com/refack))
|
|||
|
([@kunalspathak](https://github.com/kunalspathak))
|
|||
|
* [`245e25315`](https://github.com/npm/npm/commit/245e25315524b95c0a71c980223a27719392ba75)
|
|||
|
`readable-stream@2.2.6` ([@mcollina](https://github.com/mcollina))
|
|||
|
* [`30357ebc5`](https://github.com/npm/npm/commit/30357ebc5691d7c9e9cdc6e0fe7dc6253220c9c2)
|
|||
|
`which@1.2.14` ([@isaacs](https://github.com/isaacs))
|
|||
|
|
|||
|
### v4.4.4 (2017-03-16)
|
|||
|
|
|||
|
😩😤😅 Okay! We have another `next`
|
|||
|
release for ya today. So, yes! With v4.4.3 we fixed the bug that made
|
|||
|
bundled scoped modules uninstallable. But somehow I overlooked the fact
|
|||
|
that we: A) were using these and B) that made upgrading to v4.4.3 impossible. 😭
|
|||
|
|
|||
|
So I've renamed those two scoped modules to no longer use scopes and we now
|
|||
|
have a shiny new test to ensure that scoped modules don't creep into our
|
|||
|
transitive deps and make it impossible to upgrade to `npm`.
|
|||
|
|
|||
|
(None of our woes applies to most of you all because most of you all don't
|
|||
|
use bundled dependencies. `npm` does because we want the published artifact to be
|
|||
|
installable without having to already have `npm`.)
|
|||
|
|
|||
|
* [`2a7409fcb`](https://github.com/npm/npm/commit/2a7409fcba6a8fab716c80f56987b255983e048e)
|
|||
|
[#16066](https://github.com/npm/npm/pull/16066)
|
|||
|
Ensure we aren't using any scoped modules
|
|||
|
Because `npm`s prior 4.4.3 can't install dependencies that have bundled scoped
|
|||
|
modules. This didn't show up sooner because they ALSO had a bug that caused
|
|||
|
bundled scoped modules to not be included in the bundle.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`eb4c70796`](https://github.com/npm/npm/commit/eb4c70796c38f24ee9357f5d4a0116db582cc7a9)
|
|||
|
[#16066](https://github.com/npm/npm/pull/16066)
|
|||
|
Switch to move-concurrently to remove scoped dependency
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
### v4.4.3 (2017-03-15)
|
|||
|
|
|||
|
This is a small patch release, mostly because the published tarball for
|
|||
|
v4.4.2 was missing a couple of modules, due to a bug involving scoped
|
|||
|
modules, bundled dependencies and legacy tree layouts.
|
|||
|
|
|||
|
There are a couple of other things here that happened to be ready to go. So
|
|||
|
without further ado…
|
|||
|
|
|||
|
#### BUG FIXES
|
|||
|
|
|||
|
* [`3d80f8f70`](https://github.com/npm/npm/commit/3d80f8f70679ad2b8ce7227d20e8dbce257a47b9)
|
|||
|
[npm/fs-vacuum#6](https://github.com/npm/fs-vacuum/pull/6)
|
|||
|
`fs-vacuum@1.2.1`: Make sure we never, ever remove home directories. Previously if your
|
|||
|
home directory was entirely empty then we might `rmdir` it.
|
|||
|
([@helio-frota](https://github.com/helio-frota))
|
|||
|
* [`1af85ca9f`](https://github.com/npm/npm/commit/1af85ca9f4d625f948e85961372de7df3f3774e2)
|
|||
|
[#16040](https://github.com/npm/npm/pull/16040)
|
|||
|
Fix bug where bundled transitive dependencies that happened to be
|
|||
|
installed under bundled scoped dependencies wouldn't be included in the
|
|||
|
tarball when building a package.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`13c7fdc2e`](https://github.com/npm/npm/commit/13c7fdc2e87456a87b1c9385a3daeae228ed7c95)
|
|||
|
[#16040](https://github.com/npm/npm/pull/16040)
|
|||
|
Fix a bug where bundled scoped dependencies couldn't be extracted.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`d6cde98c2`](https://github.com/npm/npm/commit/d6cde98c2513fe160eab41e31c3198dfde993207)
|
|||
|
[#16040](https://github.com/npm/npm/pull/16040)
|
|||
|
Stop printing `ENOENT` errors more than once.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`722fbf0f6`](https://github.com/npm/npm/commit/722fbf0f6cf4413cdc24b610bbd60a7dbaf2adfe)
|
|||
|
[#16040](https://github.com/npm/npm/pull/16040)
|
|||
|
Rewrite the `extract` action for greater clarity.
|
|||
|
Specifically, this involves moving things around structurally to do the same
|
|||
|
thing [`d0c6d194`](https://github.com/npm/npm/commit/d0c6d194) did, but in a more comprehensive manner.
|
|||
|
This also fixes a long standing bug where errors from the move step would be
|
|||
|
eaten during this phase and as a result we would get mysterious crashes in
|
|||
|
the finalize phase when finalize tried to act on them.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`6754dabb6`](https://github.com/npm/npm/commit/6754dabb6bd3301504efb3b62f36d3fe70958c19)
|
|||
|
[#16040](https://github.com/npm/npm/pull/16040)
|
|||
|
Flatten out `@npmcorp/move`'s deps for backwards compatibility reasons. Versions prior to this
|
|||
|
one will fail to install any package that bundles a scoped dependency. This was responsible
|
|||
|
for `ENOENT` errors during the `finalize` phase.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### DOC UPDATES
|
|||
|
|
|||
|
* [`fba51c582`](https://github.com/npm/npm/commit/fba51c582d1d08dd4aa6eb27f9044dddba91bb18)
|
|||
|
[#15960](https://github.com/npm/npm/pull/15960)
|
|||
|
Update troubleshooting and contribution guide links.
|
|||
|
([@watilde](https://github.com/watilde))
|
|||
|
|
|||
|
|
|||
|
### v4.4.2 (2017-03-09):
|
|||
|
|
|||
|
This week, the focus on the release was mainly going through [all of npm's deps
|
|||
|
that we manage
|
|||
|
ourselves](https://github.com/npm/npm/wiki/npm-maintained-dependencies), and
|
|||
|
making sure all their PRs and versions were up to date. That means there's a few
|
|||
|
fixes here and there. Nothing too big codewise, though.
|
|||
|
|
|||
|
The most exciting part of this release is probably our [shiny new
|
|||
|
Contributing](https://github.com/npm/npm/blob/latest/CONTRIBUTING.md) and
|
|||
|
[Troubleshooting](https://github.com/npm/npm/blob/latest/TROUBLESHOOTING.md)
|
|||
|
docs! [@snopeks](https://github.com/snopeks) did some ✨fantastic✨ work hashing it
|
|||
|
out, and we're really hoping this is a nice big step towards making contributing
|
|||
|
to npm easier. The troubleshooting doc will also hopefully solve common issues
|
|||
|
for people! Do you think something is missing from it? File a PR and we'll add
|
|||
|
it! The current document is just a baseline for further editing and additions.
|
|||
|
|
|||
|
Also there's maybe a bit of an easter egg in this release. 'Cause those are fun and I'm a huge nerd. 😉
|
|||
|
|
|||
|
#### DOCUMENTATION AHOY
|
|||
|
|
|||
|
* [`07e997a`](https://github.com/npm/npm/commit/07e997a7ecedba7b29ad76ffb2ce990d5c0200fc)
|
|||
|
[#15756](https://github.com/npm/npm/pull/15756)
|
|||
|
Overhaul `CONTRIBUTING.md` and add new `TROUBLESHOOTING.md` files. 🙌🏼
|
|||
|
([@snopeks](https://github.com/snopeks))
|
|||
|
* [`2f3e4b6`](https://github.com/npm/npm/commit/2f3e4b645cdc268889cf95ba24b2aae572d722ad)
|
|||
|
[#15833](https://github.com/npm/npm/pull/15833)
|
|||
|
Mention the [24-hour unpublish
|
|||
|
policy](http://blog.npmjs.org/post/141905368000/changes-to-npms-unpublish-policy)
|
|||
|
on the main registry.
|
|||
|
([@carols10cents](https://github.com/carols10cents))
|
|||
|
|
|||
|
#### NOT REALLY FEATURES, NOT REALLY BUGFIXES. MORE LIKE TWEAKS? 🤔
|
|||
|
|
|||
|
* [`84be534`](https://github.com/npm/npm/commit/84be534aedb78c65cd8012427fc04871ceeccf90)
|
|||
|
[#15888](https://github.com/npm/npm/pull/15888)
|
|||
|
Stop flattening `ls`-tree output. From now on, deduped deps will be marked as
|
|||
|
such in the place where they would've been before getting hoisted by the
|
|||
|
installer.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`e9a5dca`](https://github.com/npm/npm/commit/e9a5dca369ead646ab5922326cede1406c62bd3b)
|
|||
|
[#15967](https://github.com/npm/npm/pull/15967)
|
|||
|
Limit metadata fetches to 10 concurrent requests.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`46aa9bc`](https://github.com/npm/npm/commit/46aa9bcae088740df86234fc199f7aef53b116df)
|
|||
|
[#15967](https://github.com/npm/npm/pull/15967)
|
|||
|
Limit concurrent installer actions to 10.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### BUGFIXES
|
|||
|
|
|||
|
* [`c3b994b`](https://github.com/npm/npm/commit/c3b994b71565eb4f943cce890bb887d810e6e2d4)
|
|||
|
[#15901](https://github.com/npm/npm/pull/15901)
|
|||
|
Use EXDEV aware move instead of rename. This will allow moving across devices
|
|||
|
and moving when filesystems don't support renaming directories full of files. It might make folks using Docker a bit happier.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`0de1a9c`](https://github.com/npm/npm/commit/0de1a9c1db90e6705c65c068df1fe82899e60d68)
|
|||
|
[#15735](https://github.com/npm/npm/pull/15735)
|
|||
|
Autocomplete support for npm scripts with `:` colons in the name.
|
|||
|
([@beyondcompute](https://github.com/beyondcompute))
|
|||
|
* [`84b0b92`](https://github.com/npm/npm/commit/84b0b92e7f78ec4add42e8161c555325c99b7f98)
|
|||
|
[#15874](https://github.com/npm/npm/pull/15874)
|
|||
|
Stop using [undocumented](https://github.com/nodejs/node/pull/11355)
|
|||
|
`res.writeHeader` alias for `res.writeHead`.
|
|||
|
([@ChALkeR](https://github.com/ChALkeR))
|
|||
|
* [`895ffe4`](https://github.com/npm/npm/commit/895ffe4f3eecd674796395f91c30eda88aca6b36)
|
|||
|
[#15824](https://github.com/npm/npm/pull/15824)
|
|||
|
Fix empty versions column in `npm search` output.
|
|||
|
([@bcoe](https://github.com/bcoe))
|
|||
|
* [`38c8d7a`](https://github.com/npm/npm/commit/38c8d7adc1f43ab357d1e729ae7cd5d801a26e68)
|
|||
|
`init-package-json@1.9.5`: [npm/init-package-json#61](https://github.com/npm/init-package-json/pull/61) Exclude existing `devDependencies` from being added to `dependencies`. Fixes [#12260](https://github.com/npm/npm/issues/12260).
|
|||
|
([@addaleax](https://github.com/addaleax))
|
|||
|
|
|||
|
### v4.4.1 (2017-03-06):
|
|||
|
|
|||
|
This is a quick little patch release to forgo the update notification
|
|||
|
checker if you're on an unsupported (but not otherwise broken) version of
|
|||
|
Node.js. Right now that means 0.10 or 0.12.
|
|||
|
|
|||
|
* [`56ac249`](https://github.com/npm/npm/commit/56ac249ef8ede1021f1bc62a0e4fe1e9ba556af2)
|
|||
|
[#15864](https://github.com/npm/npm/pull/15864)
|
|||
|
Only use `update-notifier` on supported versions.
|
|||
|
([@legodude17](https://github.com/legodude17))
|
|||
|
|
|||
|
### v4.4.0 (2017-02-23):
|
|||
|
|
|||
|
Aaaah, [@iarna](https://github.com/iarna) here, it's been a little while
|
|||
|
since I did one of these! This is a nice little release, we've got an
|
|||
|
update notifier, vastly less verbose error messages, new warnings on package
|
|||
|
metadata that will probably give you a bad day, and a sprinkling of bug
|
|||
|
fixes.
|
|||
|
|
|||
|
#### UPDATE NOTIFICATIONS
|
|||
|
|
|||
|
We now have a little nudge to update your `npm`, courtesy of
|
|||
|
[update-notifier](https://www.npmjs.com/package/update-notifier).
|
|||
|
|
|||
|
* [`148ee66`](https://github.com/npm/npm/commit/148ee663740aa05877c64f16cdf18eba33fbc371)
|
|||
|
[#15774](https://github.com/npm/npm/pull/15774)
|
|||
|
`npm` will now check at start up to see if a newer version is available.
|
|||
|
It will check once a day. If you want to disable this, set `optOut` to `true` in
|
|||
|
`~/.config/configstore/update-notifier-npm.json`.
|
|||
|
([@ceejbot](https://github.com/ceejbot))
|
|||
|
|
|||
|
#### LESS VERBOSE ERROR MESSAGES
|
|||
|
|
|||
|
`npm` has, for a long time, had very verbose error messages. There was a
|
|||
|
lot of info in there, including the cause of the error you were seeing but
|
|||
|
without a lot of experience reading them pulling that out was time consuming
|
|||
|
and difficult.
|
|||
|
|
|||
|
With this change the output is cut down substantially, centering the error
|
|||
|
message. So, for example if you try to `npm run sdlkfj` then the entire
|
|||
|
error you'll get will be:
|
|||
|
|
|||
|
```
|
|||
|
npm ERR! missing script: sldkfj
|
|||
|
|
|||
|
npm ERR! A complete log of this run can be found in:
|
|||
|
npm ERR! /Users/rebecca/.npm/_logs/2017-02-24T00_41_36_988Z-debug.log
|
|||
|
```
|
|||
|
|
|||
|
The CLI team has discussed cutting this down even further and stripping the
|
|||
|
`npm ERR!` prefix off those lines too. We'd appreciate your feedback on
|
|||
|
this!
|
|||
|
|
|||
|
* [`e544124`](https://github.com/npm/npm/commit/e544124592583654f2970ec332003cfd00d04f2b)
|
|||
|
[#15716](https://github.com/npm/npm/pull/15716)
|
|||
|
Make error output less verbose.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`166bda9`](https://github.com/npm/npm/commit/166bda97410d0518b42ed361020ade1887e684af)
|
|||
|
[#15716](https://github.com/npm/npm/pull/15716)
|
|||
|
Stop encouraging users to visit the issue tracker unless we know for
|
|||
|
certain that it's an npm bug.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### OTHER NEW FEATURES
|
|||
|
|
|||
|
* [`53412eb`](https://github.com/npm/npm/commit/53412eb22c1c75d768e30f96d69ed620dfedabde)
|
|||
|
[#15772](https://github.com/npm/npm/pull/15772)
|
|||
|
We now warn if you have a module listed in both dependencies and
|
|||
|
devDependencies.
|
|||
|
([@TedYav](https://github.com/TedYav))
|
|||
|
* [`426b180`](https://github.com/npm/npm/commit/426b1805904a13bdc5c0dd504105ba037270cbee)
|
|||
|
[#15757](https://github.com/npm/npm/pull/15757)
|
|||
|
Default reporting metrics to default registry. Previously it defaulted to using
|
|||
|
`https://registry.npmjs.org`, now it will default to the result of
|
|||
|
`npm config get registry`. For most folks this won't actually change anything, but it
|
|||
|
means that folks who use a private registry will have metrics routed there by default.
|
|||
|
This has the potential to be interesting because it means that in the
|
|||
|
future private registry products ([npme](https://npme.npmjs.com/docs/)!)
|
|||
|
will be able to report on these metrics.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### BUG FIXES
|
|||
|
|
|||
|
* [`8ea0de9`](https://github.com/npm/npm/commit/8ea0de98563648ba0db032acd4d23d27c4a50a66)
|
|||
|
[#15716](https://github.com/npm/npm/pull/15716)
|
|||
|
Write logs for `cb() never called` errors.
|
|||
|
* [`c4e83dc`](https://github.com/npm/npm/commit/c4e83dca830b24305e3cb3201a42452d56d2d864)
|
|||
|
Make it so that errors while reading the existing node_modules tree can't
|
|||
|
result in installer crashes.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`2690dc2`](https://github.com/npm/npm/commit/2690dc2684a975109ef44953c2cf0746dbe343bb)
|
|||
|
Update `npm doctor` to not treat broken symlinks in your global modules as
|
|||
|
a permission failure. This is particularly important if you link modules and your text
|
|||
|
editor uses the convention of creating symlinks from `.#filename.js` to a
|
|||
|
machine name and pid to lock files (eg emacs and compatible things).
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`f4c3f48`](https://github.com/npm/npm/commit/f4c3f489aa5787cf0d60e8436be2190e4b0d0ff7)
|
|||
|
[#15777](https://github.com/npm/npm/pull/15777)
|
|||
|
Not exactly a bug, but change a parameterless `.apply` to `.call`.
|
|||
|
([@notarseniy](https://github.com/notarseniy))
|
|||
|
|
|||
|
#### DEPENDENCY UPDATES
|
|||
|
|
|||
|
* [`549dcff`](https://github.com/npm/npm/commit/549dcff58c7aaa1e7ba71abaa14008fdf2697297)
|
|||
|
`rimraf@2.6.0`:
|
|||
|
Retry EBUSY, ENOTEMPTY and EPERM on non-Windows platforms too.
|
|||
|
More reliable `rimraf.sync` on Windows.
|
|||
|
([@isaacs](https://github.com/isaacs))
|
|||
|
* [`052dfb6`](https://github.com/npm/npm/commit/052dfb623da508f2b5f681da0258125552a18a4a)
|
|||
|
`validate-npm-package-name@3.0.0`:
|
|||
|
Remove ableist language in README.
|
|||
|
Stop allowing ~'!()* in package names.
|
|||
|
([@tomdale](https://github.com/tomdale))
|
|||
|
([@chrisdickinson](https://github.com/chrisdickinson))
|
|||
|
* [`6663ea6`](https://github.com/npm/npm/commit/6663ea6ac0f0ecec5a3f04a3c01a71499632f4dc)
|
|||
|
`abbrev@1.1.0` ([@isaacs](https://github.com/isaacs))
|
|||
|
* [`be6de9a`](https://github.com/npm/npm/commit/be6de9aab9e20b6eac70884e8626161eebf8721a)
|
|||
|
`opener@1.4.3` ([@dominic](https://github.com/dominic))
|
|||
|
* [`900a5e3`](https://github.com/npm/npm/commit/900a5e3e3411ec221306455f99b24b9ce35757c0)
|
|||
|
`readable-stream@2.2.3` ([@RangerMauve](https://github.com/RangerMauve)) ([@mcollina](https://github.com/mcollina))
|
|||
|
* [`c972a8b`](https://github.com/npm/npm/commit/c972a8b0f20a61a79c45b6642f870bea8c55c7e4)
|
|||
|
`tacks@1.2.6`
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`85a36ef`](https://github.com/npm/npm/commit/85a36efdac0c24501876875cb9ad40292024e0b0)
|
|||
|
[`7ac9265`](https://github.com/npm/npm/commit/7ac9265c56b4d9eeaca6fcfb29513f301713e7bb)
|
|||
|
`tap@10.2.0`
|
|||
|
([@isaacs](https://github.com/saacs))
|
|||
|
|
|||
|
### v4.3.0 (2017-02-09):
|
|||
|
|
|||
|
Yay! Release time! It's a rainy day, and we have another smallish release for
|
|||
|
y'all. These things are not necessarily related. Or are they 🌧🤔
|
|||
|
|
|||
|
As far as news go, you may have noticed that the CLI team dropped support for
|
|||
|
`node@0.12` when that version went out of maintenance. Still, we've avoided
|
|||
|
explicitly breaking it and `node@0.10` so far -- but not much longer.
|
|||
|
|
|||
|
Sometime soon, the CLI team plans on switching over to language features only
|
|||
|
available as of `node@4 LTS`, and will likely start dropping old versions of node
|
|||
|
as they go out of maintenance. The new features are exciting! We're really
|
|||
|
looking forward to using them in the core CLI (and its dependencies) as we keep up
|
|||
|
with our current feature work.
|
|||
|
|
|||
|
And speaking of features, this release is a minor bump due to a small change in
|
|||
|
how `npm login` works for the sake of supporting OAuth-based login for npm
|
|||
|
Enterprise users. But we won't leave the rest of y'all out -- we're working on a
|
|||
|
larger version of this feature. Soon enough, you'll be able to log in to npm
|
|||
|
with, say, GitHub -- and use some shiny features that come from the integration.
|
|||
|
Or turn on 2FA and other such security features. Keep your eyes peeled for new
|
|||
|
on this in the next few releases and our weekly newsletter!
|
|||
|
|
|||
|
#### NEW AUTH TYPES
|
|||
|
|
|||
|
There's a new command line option: `--auth-type`, which can be used to log in to
|
|||
|
a supporting registry with OAuth2 or SAML. The current implementation is mainly
|
|||
|
meant to support npmE customers, so if you're one of those: ask us about using
|
|||
|
it! If not, just hold off cause we'll have a much more complete version of this
|
|||
|
feature out soon.
|
|||
|
|
|||
|
* [`ac8595e`](https://github.com/npm/npm/commit/ac8595e3c9b615ff95abc3301fac1262c434792c) [`bcf2dd8`](https://github.com/npm/npm/commit/bcf2dd8a165843255c06515fa044c6e4d3b71ca4) [`9298d20`](https://github.com/npm/npm/commit/9298d20af58b92572515bfa9cf7377bd4221dc7d) [`66b61bc`](https://github.com/npm/npm/commit/66b61bc42e81ee8a1ee00fc63517f62284140688) [`dc85de7`](https://github.com/npm/npm/commit/dc85de7df6bb61f7788611813ee82ae695a18f1f)
|
|||
|
[#13389](https://github.com/npm/npm/pull/13389)
|
|||
|
Implement single-sign-on support with `--auth-type` option.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
|
|||
|
#### FASTER STARTUP. SOMETIMES!
|
|||
|
|
|||
|
`request` is pretty heavy. And it loads a bunch of things. It's actually a
|
|||
|
pretty big chunk of npm's load time. This small patch by Rebecca will make it so
|
|||
|
npm only loads that module when we're actually intending to make network
|
|||
|
requests. Those of you who use npm commands that run offline might see a small
|
|||
|
speedup in startup time.
|
|||
|
|
|||
|
* [`ac73568`](https://github.com/npm/npm/commit/ac735682e666e8724549d56146821f3b8b018e25)
|
|||
|
[#15631](https://github.com/npm/npm/pull/15631)
|
|||
|
Lazy load `caching-registry-client`.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### DOCUMENTATION
|
|||
|
|
|||
|
* [`4ad9247`](https://github.com/npm/npm/commit/4ad9247aa82f7553c9667ee93c74ec7399d6ceec)
|
|||
|
[#15630](https://github.com/npm/npm/pull/15630)
|
|||
|
Fix formatting/rendering for root npm README.
|
|||
|
([@ungoldman](https://github.com/ungoldman))
|
|||
|
|
|||
|
#### DEPENDENCY UPDATES
|
|||
|
|
|||
|
* [`8cc1112`](https://github.com/npm/npm/commit/8cc1112958638ff88ac2c24c4a065acacb93d64b)
|
|||
|
[npm/hosted-git-info#21](https://github.com/npm/hosted-git-info/pull/21)
|
|||
|
`hosted-git-info@2.2.0`:
|
|||
|
Add support for `.tarball()` URLs.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
* [`6eacc1b`](https://github.com/npm/npm/commit/6eacc1bc1925fe3cc79fc97bdc3194d944fce55e)
|
|||
|
`npm-registry-mock@1.1.0`
|
|||
|
([@addaleax](https://github.com/addaleax))
|
|||
|
* [`a9b6d77`](https://github.com/npm/npm/commit/a9b6d775e61cf090df0e13514c624f99bf31d1e7)
|
|||
|
`aproba@1.1.1`
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
### v4.2.0 (2017-01-26):
|
|||
|
|
|||
|
Hi all! I'm Kat, and I'm currently sitting in a train traveling at ~300km/h
|
|||
|
through Spain. So clearly, this release should have *something* to do with
|
|||
|
speed. And it does! Heck, with this release, you could say we're really
|
|||
|
_blazing_, even. 🌲🔥😏
|
|||
|
|
|||
|
#### IMPROVED CLI SEARCH~
|
|||
|
|
|||
|
You might recall if you've been keeping up that one of the reasons for a
|
|||
|
semver-major bump to `npm@4` was an improved CLI search (read: no longer blowing
|
|||
|
up Node). The work done for that new search system, while still relying on a
|
|||
|
full metadata download and local search, was also meant to act as groundwork for
|
|||
|
then-ongoing work on a brand-new, smarter search system for npm. Shortly after
|
|||
|
`npm@4` came out, the bulk of the server-side work was done, and with this
|
|||
|
release, the npm CLI has integrated use of the new endpoint for high-quality,
|
|||
|
fast-turnaround searches.
|
|||
|
|
|||
|
No, seriously, it's *fast*. And *relevant*:
|
|||
|
|
|||
|
[![GOTTA GO FAST! This is a gif of the new npm search returning results in around a second for `npm search web framework`.](https://cloud.githubusercontent.com/assets/17535/21954136/f007e8be-d9fd-11e6-9231-f899c12790e0.gif)](https://github.com/npm/npm/pull/15481)
|
|||
|
|
|||
|
Give it a shot! And remember to check out the new website version of the search,
|
|||
|
too, which uses the same backend as the CLI now. 🎉
|
|||
|
|
|||
|
Incidentally, the backend is a public service, so you can write your own search
|
|||
|
tools, be they web-based, CLI, or GUI-based. You can read up on the [full
|
|||
|
documentation for the search
|
|||
|
endpoint](https://github.com/npm/registry/blob/master/docs/REGISTRY-API.md#get-v1search),
|
|||
|
and let us know about the cool things you come up with!
|
|||
|
|
|||
|
* [`ce3ca51`](https://github.com/npm/npm/commit/ce3ca51ca2d60e15e901c8bf6256338e53e1eca2)
|
|||
|
[#15481](https://github.com/npm/npm/pull/15481)
|
|||
|
Add an internal `gunzip-maybe` utility for optional gunzipping.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
* [`e322932`](https://github.com/npm/npm/commit/e3229324d507fda10ea9e94fd4de8a4ae5025c75) [`a53055e`](https://github.com/npm/npm/commit/a53055e423f1fe168f05047aa0dfec6d963cb211) [`a1f4365`](https://github.com/npm/npm/commit/a1f436570730c6e4a173ca92d1967a87c29b7f2d) [`c56618c`](https://github.com/npm/npm/commit/c56618c62854ea61f6f716dffe7bcac80b5f4144)
|
|||
|
[#15481](https://github.com/npm/npm/pull/15481)
|
|||
|
Add support for using the new npm search endpoint for fast, quality search
|
|||
|
results. Includes a fallback to "classic" search.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
|
|||
|
#### WHERE DID THE DEBUG LOGS GO
|
|||
|
|
|||
|
This is another pretty significant change: Usually, when the npm process
|
|||
|
crashed, you would get an `npm-debug.log` in your current working directory.
|
|||
|
This debug log would get cleared out as soon as you ran npm again. This was a
|
|||
|
bit annoying because 1) you would get a random file in your `git status` that
|
|||
|
you might accidentally commit, and 2) if you hit a hard-to-reproduce bug and
|
|||
|
instinctually tried again, you would no longer have access to the repro
|
|||
|
`npm-debug.log`.
|
|||
|
|
|||
|
So now, any time a crash happens, we'll save your debug logs to your cache
|
|||
|
folder, under `_logs` (`~/.npm` on *nix, by default -- use `npm config get
|
|||
|
cache` to see what your current value is). The cache will now hold a
|
|||
|
(configurable) number of `npm-debug.log` files, which you can access in the
|
|||
|
future. Hopefully this will help clean stuff up and reduce frustration from
|
|||
|
missed repros! In the future, this will also be used by `npm report` to make it
|
|||
|
super easy to put up issues about crashes you run into with npm. 💃🕺🏿👯♂️
|
|||
|
|
|||
|
* [`04fca22`](https://github.com/npm/npm/commit/04fca223a0f704b69340c5f81b26907238fad878)
|
|||
|
[#11439](https://github.com/npm/npm/pull/11439)
|
|||
|
Put debug logs in `$(npm get cache)/_logs` and store multiple log files.
|
|||
|
([@KenanY](https://github.com/KenanY))
|
|||
|
([@othiym23](https://github.com/othiym23))
|
|||
|
([@isaacs](https://github.com/isaacs))
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### DOCS
|
|||
|
|
|||
|
* [`ae8e71c`](https://github.com/npm/npm/commit/ae8e71c2b7d64d782af287a21e146d7cea6e5273)
|
|||
|
[#15402](https://github.com/npm/npm/pull/15402)
|
|||
|
Add missing backtick in one of the `npm doctor` messages.
|
|||
|
([@watilde](https://github.com/watilde), [@charlotteis](https://github.com/charlotteis))
|
|||
|
* [`821fee6`](https://github.com/npm/npm/commit/821fee6d0b12a324e035c397ae73904db97d07d2)
|
|||
|
[#15480](https://github.com/npm/npm/pull/15480)
|
|||
|
Clarify that unscoped packages can depend on scoped packages and vice-versa.
|
|||
|
([@chocolateboy](https://github.com/chocolateboy))
|
|||
|
* [`2ee45a8`](https://github.com/npm/npm/commit/2ee45a884137ae0706b7c741c671fef2cb3bac96)
|
|||
|
[#15515](https://github.com/npm/npm/pull/15515)
|
|||
|
Update minimum supported Node version number in the README to `node@>=4`.
|
|||
|
([@watilde](https://github.com/watilde))
|
|||
|
* [`af06aa9`](https://github.com/npm/npm/commit/af06aa9a357578a8fd58c575f3dbe55bc65fc376)
|
|||
|
[#15520](https://github.com/npm/npm/pull/15520)
|
|||
|
Add section to `npm-scope` docs to explain that scope owners will own scoped
|
|||
|
packages with that scope. That is, user `@alice` is not allowed to publish to
|
|||
|
`@bob/my-package` unless explicitly made an owner by user (or org) `@bob`.
|
|||
|
([@hzoo](https://github.com/hzoo))
|
|||
|
* [`bc892e6`](https://github.com/npm/npm/commit/bc892e6d07a4c6646480703641a4d71129c38b6d)
|
|||
|
[#15539](https://github.com/npm/npm/pull/15539)
|
|||
|
Replace `http` with `https` and fix typos in some docs.
|
|||
|
([@watilde](https://github.com/watilde))
|
|||
|
* [`1dfe875`](https://github.com/npm/npm/commit/1dfe875b9ac61a0ab9f61a2eab02bacf6cce583c)
|
|||
|
[#15545](https://github.com/npm/npm/pull/15545)
|
|||
|
Update Node.js download link to point to the right place.
|
|||
|
([@watilde](https://github.com/watilde))
|
|||
|
|
|||
|
#### DEPENDENCIES
|
|||
|
|
|||
|
* [`b824bfb`](https://github.com/npm/npm/commit/b824bfbeb2d89c92762e9170b026af98b5a3668a)
|
|||
|
`ansi-regex@2.1.1`
|
|||
|
* [`81ea3e8`](https://github.com/npm/npm/commit/81ea3e8e4ea34cd9c2b418512dcb508abcee1380)
|
|||
|
`mississippi@1.3.0`
|
|||
|
|
|||
|
#### MISC
|
|||
|
|
|||
|
* [`98df212`](https://github.com/npm/npm/commit/98df212a91fd6ff4a02b9cd247f4166f93d3977a)
|
|||
|
[#15492](https://github.com/npm/npm/pull/15492)
|
|||
|
Update the "master" node version used for AppVeyor to `node@7`.
|
|||
|
([@watilde](https://github.com/watilde))
|
|||
|
* [`d75fc03`](https://github.com/npm/npm/commit/d75fc03eda5364f12ac266fa4f66e31c2e44e864)
|
|||
|
[#15413](https://github.com/npm/npm/pull/15413)
|
|||
|
`npm run-script` now exits with the child process' exit code on exit.
|
|||
|
([@kapals](https://github.com/kapals))
|
|||
|
|
|||
|
### v4.1.2 (2017-01-12)
|
|||
|
|
|||
|
We have a twee little release this week as we come back from the holidays.
|
|||
|
|
|||
|
#### 0.12 IS UNSUPPORTED NOW (really)
|
|||
|
|
|||
|
After [jumping the gun a
|
|||
|
little](https://github.com/npm/npm/releases/tag/v4.0.2), we can now
|
|||
|
officially remove 0.12 from our supported versions list. The Node.js
|
|||
|
project has now officially ended even maintenance support for 0.12 and thus,
|
|||
|
so will we. To reiterate from the last time we did this:
|
|||
|
|
|||
|
What this means:
|
|||
|
|
|||
|
* Your contributions will no longer block on the tests passing on 0.12.
|
|||
|
* We will no longer block dependency upgrades on working with 0.12.
|
|||
|
* Bugs filed on the npm CLI that are due to incompatibilities with 0.12
|
|||
|
(and older versions) will be closed with a strong urging to upgrade to a
|
|||
|
supported version of Node.
|
|||
|
* On the flip side, we'll continue to (happily!) accept patches that
|
|||
|
address regressions seen when running the CLI with Node.js 0.12.
|
|||
|
|
|||
|
What this doesn't mean:
|
|||
|
|
|||
|
* The CLI is going to start depending on ES2015+ features. npm continues
|
|||
|
to work, in almost all cases, all the way back to Node.js 0.8, and our
|
|||
|
long history of backwards compatibility is a source of pride for the
|
|||
|
team.
|
|||
|
* We aren't concerned about the problems of users who, for whatever
|
|||
|
reason, can't update to newer versions of npm. As mentioned above, we're
|
|||
|
happy to take community patches intended to address regressions.
|
|||
|
|
|||
|
We're not super interested in taking sides on what version of Node.js
|
|||
|
you "should" be running. We're a workflow tool, and we understand that
|
|||
|
you all have a diverse set of operational environments you need to be
|
|||
|
able to support. At the same time, we _are_ a small team, and we need
|
|||
|
to put some limits on what we support. Tracking what's supported by our
|
|||
|
runtime's own team seems most practical, so that's what we're doing.
|
|||
|
|
|||
|
* [`c7bbba8`](https://github.com/npm/npm/commit/c7bbba8744b62448103a1510c65d9751288abb5d)
|
|||
|
Remove 0.12 from our supported versions list.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### WRITING TO SYMLINKED `package.json` (AND OTHER FILES)
|
|||
|
|
|||
|
If your `package.json`, `npm-shrinkwrap.json` or `.npmrc` were a symlink and
|
|||
|
you used an `npm` command that modified one of these (eg `npm config set` or
|
|||
|
`npm install --save`) then previously we would have removed your symlink and
|
|||
|
replaced it with an ordinary file. While making these files symlinks is pretty
|
|||
|
uncommon, this was still surprising behavior. With this fix we now overwrite
|
|||
|
the _destination_ of the symlink and preserve the symlink itself.
|
|||
|
|
|||
|
* [`a583983`](https://github.com/npm/npm/commit/a5839833d3de7072be06884b91902c093aff1aed)
|
|||
|
[write-file-atomic/#5](https://github.com/npm/write-file-atomic/issues/5)
|
|||
|
[#10223](https://github.com/npm/npm/10223)
|
|||
|
`write-file-atomic@1.3.1`:
|
|||
|
When the target is a symlink, write-file-atomic now overwrites the
|
|||
|
_destination_ of the symlink, instead of replacing the symlink itself. This
|
|||
|
makes it's behavior match `fs.writeFile`.
|
|||
|
|
|||
|
Fixed a bug where it would ALWAYS fs.stat to look up default mode and chown
|
|||
|
values even if you'd passed them in. (It still used the values you passed
|
|||
|
in, but did a needless stat.)
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### DEPENDENCY UPDATES
|
|||
|
|
|||
|
* [`521f230`](https://github.com/npm/npm/commit/521f230dd57261e64ac9613b3db62f5312971dca)
|
|||
|
`node-gyp@3.5.0`:
|
|||
|
Improvements to how Python is located. New `--devdir` flag.
|
|||
|
([@bnoordhuis](https://github.com/bnoordhuis))
|
|||
|
([@mhart](https://github.com/mhart))
|
|||
|
* [`ccd83e8`](https://github.com/npm/npm/commit/ccd83e8a70d35fb0904f8a9adb2ff7ac8a6b2706)
|
|||
|
`JSONStream@1.3.0`:
|
|||
|
Add new emitPath option.
|
|||
|
([@nathanwills](https://github.com/nathanwills))
|
|||
|
|
|||
|
#### TEST IMPROVEMENTS
|
|||
|
|
|||
|
* [`d76e084`](https://github.com/npm/npm/commit/d76e08463fd65705217624b861a1443811692f34)
|
|||
|
Disable metric reporting for test suite even if the user has it enabled.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
### v4.1.1 (2016-12-16)
|
|||
|
|
|||
|
This fixes a bug in the metrics reporting where, if you had enabled it then
|
|||
|
installs would create a metrics reporting process, that would create a
|
|||
|
metrics reporting process, that would… well, you get the idea. The only
|
|||
|
way to actually kill these processes is to turn off your networking, then
|
|||
|
on MacOS/Linux kill them with `kill -9`. Alternatively you can just reboot.
|
|||
|
|
|||
|
Anyway, this is a quick release to fix that bug:
|
|||
|
|
|||
|
* [`51c393f`](https://github.com/npm/npm/commit/51c393feff5f4908c8a9fb02baef505b1f2259be)
|
|||
|
[#15237](https://github.com/npm/npm/pull/15237)
|
|||
|
Don't launch a metrics sender process if we're running from a metrics
|
|||
|
sender process.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
### v4.1.0 (2016-12-15)
|
|||
|
|
|||
|
I'm really excited about `npm@4.1.0`. I know, I know, I'm kinda overexcited
|
|||
|
in my changelogs, but this one is GREAT. We've got a WHOLE NEW subcommand, I
|
|||
|
mean, when was the last time you saw that? YEARS! And we have the beginnings
|
|||
|
of usage metrics reporting. Then there's a fix for a really subtle bug that
|
|||
|
resulted in `shasum` errors. And then we also have a few more bug fixes and
|
|||
|
other improvements.
|
|||
|
|
|||
|
#### ANONYMOUS METRIC REPORTING
|
|||
|
|
|||
|
We're adding the ability for you all to help us track the quality of your
|
|||
|
experiences using `npm`. Metrics will be sent if you run:
|
|||
|
|
|||
|
```
|
|||
|
npm config set send-metrics true
|
|||
|
```
|
|||
|
|
|||
|
Then `npm` will report to `registry.npmjs.org` the number of successful and
|
|||
|
failed installations you've had. The data contains no identifying
|
|||
|
information and npm will not attempt to correlate things like IP address
|
|||
|
with the metrics being submitted.
|
|||
|
|
|||
|
Currently we only track number of successful and failed installations. In
|
|||
|
the future we would like to find additional metrics to help us better
|
|||
|
quantify the quality of the `npm` experience.
|
|||
|
|
|||
|
* [`190a658`](https://github.com/npm/npm/commit/190a658c4222f6aa904cbc640fc394a5c875e4db)
|
|||
|
[#15084](https://github.com/npm/npm/pull/15084)
|
|||
|
Add facility for recording and reporting success metrics.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`87afc8b`](https://github.com/npm/npm/commit/87afc8b466f553fb49746c932c259173de48d0a4)
|
|||
|
[npm/npm-registry-client#147](https://github.com/npm/npm-registry-client/pull/148)
|
|||
|
`npm-registry-client@7.4.5`:
|
|||
|
Add support for sending anonymous CLI metrics.
|
|||
|
([@iarna](https://github.com/iarna),
|
|||
|
[@sisidovski](https://github.com/sisidovski))
|
|||
|
|
|||
|
### NPM DOCTOR
|
|||
|
|
|||
|
<pre>
|
|||
|
<u>Check</u> <u>Value</u> <u>Recommendation</u>
|
|||
|
npm ping ok
|
|||
|
npm -v v4.0.5
|
|||
|
node -v v4.6.1 Use node v6.9.2
|
|||
|
npm config get registry https://registry.npmjs.org/
|
|||
|
which git /Users/rebecca/bin/git
|
|||
|
Perms check on cached files ok
|
|||
|
Perms check on global node_modules ok
|
|||
|
Perms check on local node_modules ok
|
|||
|
Checksum cached files ok
|
|||
|
</pre>
|
|||
|
|
|||
|
It's a rare day that we add a new command to `npm`, so I'm excited to
|
|||
|
present to you `npm doctor`. It checks for a number of common problems and
|
|||
|
provides some recommended solutions. It was put together through the hard
|
|||
|
work of [@watilde](https://github.com/watilde).
|
|||
|
|
|||
|
* [`2359505`](https://github.com/npm/npm/commit/23595055669f76c9fe8f5f1cf4a705c2e794f0dc)
|
|||
|
[`0209ee5`](https://github.com/npm/npm/commit/0209ee50448441695fbf9699019d34178b69ba73)
|
|||
|
[#14582](https://github.com/npm/npm/pull/14582)
|
|||
|
Add new `npm doctor` to give your project environment a health check.
|
|||
|
([@watilde](https://github.com/watilde))
|
|||
|
|
|||
|
#### FIX MAJOR SOURCE OF SHASUM ERRORS
|
|||
|
|
|||
|
If you've been getting intermittent shasum errors then you'll be pleased to
|
|||
|
know that we've tracked down at least one source of them, if not THE source
|
|||
|
of them.
|
|||
|
|
|||
|
* [`87afc8b`](https://github.com/npm/npm/commit/87afc8b466f553fb49746c932c259173de48d0a4)
|
|||
|
[#14626](https://github.com/npm/npm/issues/14626)
|
|||
|
[npm/npm-registry-client#148](https://github.com/npm/npm-registry-client/pull/148)
|
|||
|
`npm-registry-client@7.4.5`:
|
|||
|
Fix a bug where an `ECONNRESET` while fetching a package file would result
|
|||
|
in a partial download that would be reported as a "shasum mismatch". It
|
|||
|
now throws away the partial download and retries it.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### FILE URLS AND NODE.JS 7
|
|||
|
|
|||
|
When `npm` was formatting `file` URLs we took advantage of `url.format` to
|
|||
|
construct them. Node.js 7 changed the behavior in such a way that our use of
|
|||
|
`url.format` stopped producing URLs that we could make use of.
|
|||
|
|
|||
|
The reasons for this have to do with the `file` URL specification and how
|
|||
|
invalid (according to the specification) URLs are handled. How this changed
|
|||
|
is most easily explained with a table:
|
|||
|
|
|||
|
<table>
|
|||
|
<tr><th></th><th>URL</th><th>Node.js <= 6</th><th><tt>npm</tt>'s understanding</th><th>Node.js 7</th><th><tt>npm</tt>'s understanding</th></tr>
|
|||
|
<tr><td>VALID</td><td><tt>file:///abc/def</tt></td><td><tt>file:///abc/def</tt></td><td><tt>/abc/def</tt></td><td><tt>file:///abc/def</tt></td><td><tt>/abc/def</tt></td></tr>
|
|||
|
<tr><td>invalid</td><td><tt>file:/abc/def</tt></td><td><tt>file:/abc/def</tt></td><td><tt>/abc/def</tt></td><td><tt>file:///abc/def</tt></td><td><tt>/abc/def</tt></td></tr>
|
|||
|
<tr><td>invalid</td><td><tt>file:abc/def</tt></td><td><tt>file:abc/def</tt></td><td><tt>$CWD/abc/def</tt></td><td><tt>file://abc/def</tt></td><td><tt>/def</tt> on the <tt>abc</tt> host</td></tr>
|
|||
|
<tr><td>invalid</td><td><tt>file:../abc/def</tt></td><td><tt>file:../abc/def</tt></td><td><tt>$CWD/../abc/def</tt></td><td><tt>file://../abc/def</tt></td><td><tt>/abc/def</tt> on the <tt>..</tt> host</td></tr>
|
|||
|
</table>
|
|||
|
|
|||
|
So the result was that passing a `file` URL that npm had received that used
|
|||
|
through Node.js 7's `url.format` changed its meaning as far as `npm` was
|
|||
|
concerned. As those kinds of URLs are, per the specification, invalid, how
|
|||
|
they should be handled is undefined and so the change in Node.js wasn't a
|
|||
|
bug per se.
|
|||
|
|
|||
|
Our solution is to stop using `url.format` when constructing this kind of
|
|||
|
URL.
|
|||
|
|
|||
|
* [`173935b`](https://github.com/npm/npm/commit/173935b4298e09c4fdcb8f3a44b06134d5aff181)
|
|||
|
[#15114](https://github.com/npm/npm/issues/15114)
|
|||
|
Stop using `url.format` for relative local dep paths.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
|
|||
|
#### EXTRANEOUS LIFECYCLE SCRIPT EXECUTION WHEN REMOVING
|
|||
|
|
|||
|
* [`afb1dfd`](https://github.com/npm/npm/commit/afb1dfd944e57add25a05770c0d52d983dc4e96c)
|
|||
|
[#15090](https://github.com/npm/npm/pull/15090)
|
|||
|
Skip top level lifecycles when uninstalling.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### REFACTORING AND INTERNALS
|
|||
|
|
|||
|
* [`c9b279a`](https://github.com/npm/npm/commit/c9b279aca0fcb8d0e483e534c7f9a7250e2a9392)
|
|||
|
[#15205](https://github.com/npm/npm/pull/15205)
|
|||
|
[#15196](https://github.com/npm/npm/pull/15196)
|
|||
|
Only have one function that determines which version of a package to use
|
|||
|
given a specifier and a list of versions.
|
|||
|
([@iarna](https://github.com/iarna),
|
|||
|
[@zkat](https://github.com/zkat))
|
|||
|
|
|||
|
* [`981ce63`](https://github.com/npm/npm/commit/981ce6395e7892dde2591b44e484e191f8625431)
|
|||
|
[#15090](https://github.com/npm/npm/pull/15090)
|
|||
|
Rewrite prune to use modern npm plumbing.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
* [`bc4b739`](https://github.com/npm/npm/commit/bc4b73911f58a11b4a2d28b49e24b4dd7365f95b)
|
|||
|
[#15089](https://github.com/npm/npm/pull/15089)
|
|||
|
Rename functions and variables in the module that computes what changes to
|
|||
|
make to your installation.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
* [`2449f74`](https://github.com/npm/npm/commit/2449f74a202b3efdb1b2f5a83356a78ea9ecbe35)
|
|||
|
[#15089](https://github.com/npm/npm/pull/15089)
|
|||
|
When computing changes to make to your installation, use a function to add
|
|||
|
new actions to take instead of just pushing on a list.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### IMPROVED LOGGING
|
|||
|
|
|||
|
* [`335933a`](https://github.com/npm/npm/commit/335933a05396258eead139d27eea3f7668ccdfab)
|
|||
|
[#15089](https://github.com/npm/npm/pull/15089)
|
|||
|
Log when we remove obsolete dependencies in the tree.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### DOCUMENTATION
|
|||
|
|
|||
|
* [`33ca4e6`](https://github.com/npm/npm/commit/33ca4e6db3c1878cbc40d5e862ab49bb0e82cfb2)
|
|||
|
[#15157](https://github.com/npm/npm/pull/15157)
|
|||
|
Update `npm cache` docs to use more consistent language
|
|||
|
([@JonahMoses](https://github.com/JonahMoses))
|
|||
|
|
|||
|
#### DEPENDENCY UPDATES
|
|||
|
|
|||
|
* [`c2d22fa`](https://github.com/npm/npm/commit/c2d22faf916e8260136a1cc95913ca474421c0d3)
|
|||
|
[#15215](https://github.com/npm/npm/pull/15215)
|
|||
|
`nopt@4.0.1`:
|
|||
|
The breaking change is a small tweak to how empty string values are
|
|||
|
handled. See the brand-new
|
|||
|
[CHANGELOG.md for nopt](https://github.com/npm/nopt/blob/v4.0.1/CHANGELOG.md) for further
|
|||
|
details about what's changed in this release!
|
|||
|
([@adius](https://github.com/adius),
|
|||
|
[@samjonester](https://github.com/samjonester),
|
|||
|
[@elidoran](https://github.com/elidoran),
|
|||
|
[@helio](https://github.com/helio),
|
|||
|
[@silkentrance](https://github.com/silkentrance),
|
|||
|
[@othiym23](https://github.com/othiym23))
|
|||
|
* [`54d949b`](https://github.com/npm/npm/commit/54d949b05adefffeb7b5b10229c5fe0ccb929ac3)
|
|||
|
[npm/lockfile#24](https://github.com/npm/lockfile/pull/24)
|
|||
|
`lockfile@1.0.3`:
|
|||
|
Handled case where callback was not passed in by the user.
|
|||
|
([@ORESoftware](https://github.com/ORESoftware))
|
|||
|
* [`54acc03`](https://github.com/npm/npm/commit/54acc0389b39850c0725d0868cb5e61317b57503)
|
|||
|
`npmlog@4.0.2`:
|
|||
|
Documentation update.
|
|||
|
([@helio-frota](https://github.com/helio-frota))
|
|||
|
* [`57f4bc1`](https://github.com/npm/npm/commit/57f4bc1150322294c1ea0a287ad0a8e457c151e6)
|
|||
|
`osenv@0.1.4`:
|
|||
|
Test changes.
|
|||
|
([@isaacs](https://github.com/isaacs))
|
|||
|
* [`bea1a2d`](https://github.com/npm/npm/commit/bea1a2d0db566560e13ecc1d5f42e55811269c88)
|
|||
|
`retry@0.10.1`:
|
|||
|
No changes.
|
|||
|
([@tim-kos](https://github.com/tim-kos))
|
|||
|
* [`6749e39`](https://github.com/npm/npm/commit/6749e395f868109afd97f79d36507e6567dd48fb)
|
|||
|
[kapouer/marked-man#9](https://github.com/kapouer/marked-man/pull/9)
|
|||
|
`marked-man@0.2.0`:
|
|||
|
Add table support.
|
|||
|
([@gholk](https://github.com/gholk))
|
|||
|
|
|||
|
### v4.0.5 (2016-12-01)
|
|||
|
|
|||
|
It's that time of year! December is upon us, which means y'all are just going to
|
|||
|
be doing a lot less, in general, for the next month or so. The "Xmas Chasm", as
|
|||
|
we like to call it, has already begun. So for those of you reading it from the
|
|||
|
other side: Hi! Welcome back!
|
|||
|
|
|||
|
This week's release is a relatively small one, involving just a few bugfixes and
|
|||
|
dependency upgrades. The CLI team has been busy recently with scoping out
|
|||
|
`npm@5`, and starting to do initial spec work for in-scope stuff.
|
|||
|
|
|||
|
#### BUGFIXES
|
|||
|
|
|||
|
On to the actual changes!
|
|||
|
|
|||
|
* [`9776d8f`](https://github.com/npm/npm/commit/9776d8f70a0ea8d921cbbcab7a54e52c15fc455f)
|
|||
|
[#15081](https://github.com/npm/npm/pull/15081)
|
|||
|
`bundledDependencies` are intended to be left untouched by the installer, as
|
|||
|
much as possible -- if they're bundled, we assume that you want to be
|
|||
|
particular about the contents of your bundle.
|
|||
|
|
|||
|
The installer used to have a corner case where existing dependencies that had
|
|||
|
bundledDependencies would get clobbered by as the installer moved stuff
|
|||
|
around, even though the installer already avoided moving deps that were
|
|||
|
themselves bundled. This is now fixed, along with the connected crasher, and
|
|||
|
your bundledDeps should be left even more intact than before!
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`fc61c08`](https://github.com/npm/npm/commit/fc61c082122104031ccfb2a888432c9f809a0e8b)
|
|||
|
[#15082](https://github.com/npm/npm/pull/15082)
|
|||
|
Initialize nodes from bundled dependencies. This should address
|
|||
|
[#14427](https://github.com/npm/npm/issues/14427) and related issues, but it's
|
|||
|
turned out to be a tremendously difficult issue to reproduce in a test. We
|
|||
|
decided to include it even pending tests, because we found the root cause of
|
|||
|
the errors.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`d8471a2`](https://github.com/npm/npm/commit/d8471a294ef848fc893f60e17d6ec6695b975d16)
|
|||
|
[#12811](https://github.com/npm/npm/pull/12811)
|
|||
|
Consider `devDependencies` when deciding whether to hoist a package. This
|
|||
|
should resolve a variety of missing dependency issues some folks were seeing
|
|||
|
when `devDependencies` happened to also be dependencies of your
|
|||
|
`dependencies`. This often manifested as modules going missing, or only being
|
|||
|
installed, after `npm install` was called twice.
|
|||
|
([@schmod](https://github.com/schmod))
|
|||
|
|
|||
|
#### DEPENDENCY UPDATES
|
|||
|
|
|||
|
* [`5978703`](https://github.com/npm/npm/commit/5978703da8669adae464789b1b15ee71d7f8d55d)
|
|||
|
`graceful-fs@4.1.11`:
|
|||
|
`EPERM` errors are Windows are now handled more gracefully. Windows users that
|
|||
|
tended to see these errors due to, say, an antivirus-induced race condition,
|
|||
|
should see them much more rarely, if at all.
|
|||
|
([@zkatr](https://github.com/zkat))
|
|||
|
* [`85b0174`](https://github.com/npm/npm/commit/85b0174ba9842e8e89f3c33d009e4b4a9e877c7d)
|
|||
|
`request@2.79.0`
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
* [`9664d36`](https://github.com/npm/npm/commit/9664d36653503247737630440bc2ff657de965c3)
|
|||
|
`tap@8.0.1`
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
|
|||
|
#### MISCELLANEOUS
|
|||
|
|
|||
|
* [`f0f7b0f`](https://github.com/npm/npm/commit/f0f7b0fd025daa2b69994130345e6e8fdaaa0304)
|
|||
|
[#15083](https://github.com/npm/npm/pull/15083)
|
|||
|
Removed dead code.
|
|||
|
([@iarna](https://github.com/iarna))
* [`bc32afe`](https://github.com/npm/npm/commit/bc32afe4d12e3760fb5a26466dc9c26a5a2981d5) [`c8a22fe`](https://github.com/npm/npm/commit/c8a22fe5320550e09c978abe560b62ce732686f4) [`db2666d`](https://github.com/npm/npm/commit/db2666d8c078fc69d0c02c6a3de9b31be1e995e9)
|
|||
|
[#15085](https://github.com/npm/npm/pull/15085)
|
|||
|
Change some network tests so they can run offline.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`744a39b`](https://github.com/npm/npm/commit/744a39b836821b388ad8c848bd898c1d006689a9)
|
|||
|
[#15085](https://github.com/npm/npm/pull/15085)
|
|||
|
Make Node.js tests compatible with Windows.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
### v4.0.3 (2016-11-17)
|
|||
|
|
|||
|
Hey you all, we've got a couple of bug fixes for you, a slew of
|
|||
|
documentation improvements and some improvements to our CI environment. I
|
|||
|
know we just got v4 out the door, but the CLI team is already busy planning
|
|||
|
v5. We'll have more for you in early December.
|
|||
|
|
|||
|
#### BUG FIXES
|
|||
|
|
|||
|
* [`45d40d9`](https://github.com/npm/npm/commit/45d40d96d2cd145f1e36702d6ade8cd033f7f332)
|
|||
|
[`ba2adc2`](https://github.com/npm/npm/commit/ba2adc2e822d5e75021c12f13e3f74ea2edbde32)
|
|||
|
[`1dc8908`](https://github.com/npm/npm/commit/1dc890807bd78a1794063688af31287ed25a2f06)
|
|||
|
[`2ba19ee`](https://github.com/npm/npm/commit/2ba19ee643d612d103cdd8f288d313b00d05ee87)
|
|||
|
[#14403](https://github.com/npm/npm/pull/14403)
|
|||
|
Fix a bug where a scoped module could produce crashes when incorrectly
|
|||
|
computing the paths related to their location. This patch reorganizes how path information
|
|||
|
is passed in to eliminate the possibility of this sort of bug.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
([@NatalieWolfe](https://github.com/NatalieWolfe))
|
|||
|
* [`1011ec6`](https://github.com/npm/npm/commit/1011ec61230288c827a1c256735c55cf03d6228f)
|
|||
|
[npm/npmlog#46](https://github.com/npm/npmlog/pull/46)
|
|||
|
`npmlog@4.0.1`: Fix a bug where the progress bar would still display even if
|
|||
|
you passed in `--no-progress`.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### DOCUMENTATION UPDATES
|
|||
|
|
|||
|
* [`c3ac177`](https://github.com/npm/npm/commit/c3ac177236124c80524c5f252ba8f6670f05dcd8)
|
|||
|
[#14406](https://github.com/npm/npm/pull/14406)
|
|||
|
Sync up the dispute policy included with the CLI with the [current official text](https://www.npmjs.com/policies/disputes).
|
|||
|
([@mike-engel](https://github.com/mike-engel))
|
|||
|
* [`9c663b2`](https://github.com/npm/npm/commit/9c663b2dd8552f892dc0205330bbc73a484ecd81)
|
|||
|
[#14627](https://github.com/npm/npm/pull/14627)
|
|||
|
Update build status branch in README.
|
|||
|
([@cameronroe](https://github.com/cameronroe))
|
|||
|
* [`8a8a0a3`](https://github.com/npm/npm/commit/8a8a0a3d490fc767def208f925cdff57e16e565b)
|
|||
|
[#14609](https://github.com/npm/npm/pull/14609)
|
|||
|
Update examples URLs of GitHub repos where those repos have moved to new URLs.
|
|||
|
([@dougwilson](https://github.com/dougwilson))
|
|||
|
* [`7a6425b`](https://github.com/npm/npm/commit/7a6425bcd4decde5d4b0af8b507e98723a07c680)
|
|||
|
[#14472](https://github.com/npm/npm/pull/14472)
|
|||
|
Document `sign-git-tag` in
|
|||
|
[npm-version(1)](https://github.com/npm/npm/blob/release-next/doc/cli/npm-version.md)'s
|
|||
|
configuration section.
|
|||
|
([@strugee](https://github.com/strugee))
|
|||
|
* [`f3087cc`](https://github.com/npm/npm/commit/f3087cc58c903d9a70275be805ebaf0eadbcbe1b)
|
|||
|
[#14546](https://github.com/npm/npm/pull/14546)
|
|||
|
Add a note about the dangers of configuring npm via uppercase env vars.
|
|||
|
([@tuhoojabotti](https://github.com/tuhoojabotti))
|
|||
|
* [`50e51b0`](https://github.com/npm/npm/commit/50e51b04a143959048cf9e1e4c8fe15094f480b0)
|
|||
|
[#14559](https://github.com/npm/npm/pull/14559)
|
|||
|
Remove documentation that incorrectly stated that we check `.npmrc` permissions.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
##### OH UH, HELLO AGAIN NODE.JS 0.12
|
|||
|
|
|||
|
* [`6f0c353`](https://github.com/npm/npm/commit/6f0c353e4e89b0378a4c88c829ccf9a1c5ae829d)
|
|||
|
[`f78bde6`](https://github.com/npm/npm/commit/f78bde6983bdca63d5fcb9c220c87e8f75ffb70e)
|
|||
|
[#14591](https://github.com/npm/npm/pull/14591)
|
|||
|
Reintroduce Node.js 0.12 to our support matrix. We jumped the gun when
|
|||
|
removing it. We won't drop support for it till the Node.js project does
|
|||
|
so at the end of December 2016.
|
|||
|
([@othiym23](https://github.com/othiym23))
|
|||
|
|
|||
|
#### TEST/CI UPDATES
|
|||
|
|
|||
|
* [`aa73d1c`](https://github.com/npm/npm/commit/aa73d1c1cc22608f95382a35b33da252addff38e)
|
|||
|
[`c914e80`](https://github.com/npm/npm/commit/c914e80f5abcb16c572fe756c89cf0bcef4ff991)
|
|||
|
* [`58fe064`](https://github.com/npm/npm/commit/58fe064dcc80bc08c677647832f2adb4a56b538a)
|
|||
|
[#14602](https://github.com/npm/npm/pull/14602)
|
|||
|
When running tests with coverage, use nyc's cache. This provides an 8x speedup!
|
|||
|
([@bcoe](https://github.com/bcoe))
|
|||
|
* [`ba091ce`](https://github.com/npm/npm/commit/ba091ce843af5d694f4540e825b095435b3558d8)
|
|||
|
[#14435](https://github.com/npm/npm/pull/14435)
|
|||
|
Remove an unused zero byte `package.json` found in the test fixtures.
|
|||
|
([@baderbuddy](https://github.com/baderbuddy))
|
|||
|
|
|||
|
#### DEPENDENCY UPDATES
|
|||
|
|
|||
|
* [`442e01e`](https://github.com/npm/npm/commit/442e01e42d8a439809f6726032e3b73ac0d2b2f8)
|
|||
|
`readable-stream@2.2.2`:
|
|||
|
Bring in latest changes from Node.js 7.x.
|
|||
|
([@calvinmetcalf](https://github.com/calvinmetcalf))
|
|||
|
* [`bfc4a1c`](https://github.com/npm/npm/commit/bfc4a1c0c17ef0a00dfaa09beba3389598a46535)
|
|||
|
`which@1.2.12`:
|
|||
|
Remove unused require.
|
|||
|
([@isaacs](https://github.com/isaacs))
|
|||
|
|
|||
|
#### DEV DEPENDENCY UPDATES
|
|||
|
|
|||
|
* [`7075b05`](https://github.com/npm/npm/commit/7075b054d8d2452bb53bee9b170498a48a0dc4e9)
|
|||
|
`marked-man@0.1.6`
|
|||
|
([@kapouer](https://github.com/kapouer))
|
|||
|
* [`3e13fea`](https://github.com/npm/npm/commit/3e13fea907ee1141506a6de7d26cbc91c28fdb80)
|
|||
|
`tap@8.0.0`
|
|||
|
([@isaacs](https://github.com/isaacs))
|
|||
|
|
|||
|
### v4.0.2 (2016-11-03)
|
|||
|
|
|||
|
Hola, amigxs. I know it's been a long time since I rapped at ya, but I
|
|||
|
been spending a lotta time quietly reflecting on all the things going on
|
|||
|
in my life. I was, like, [in Japan for a while](https://gist.github.com/othiym23/c98bd4ef5d9fb3f496835bd481ef40ae),
|
|||
|
and before that my swell colleagues [@zkat](https://github.com/zkat) and
|
|||
|
[@iarna](https://github.com/iarna) have been very capably managing the release
|
|||
|
process for quite a while. But I returned from Japan somewhat refreshed, very
|
|||
|
jetlagged, and filled with a burning urge to get `npm@4` as stable as possible
|
|||
|
before we push it out to the user community at large, so I decided to do this
|
|||
|
release myself. (Also, huge thanks to Kat and Rebecca for putting out `npm@4`
|
|||
|
so capably while I was on vacation! So cool to return to a major release having
|
|||
|
gone so well without my involvement!)
|
|||
|
|
|||
|
That said...
|
|||
|
|
|||
|
#### NEVER TRUST AN X.0.0 RELEASE
|
|||
|
|
|||
|
Even though 4.0.1 came out hard on the heels of 4.0.0 with a couple
|
|||
|
critical fixes, we've found a couple other major issues that we want to
|
|||
|
see fixed before making `npm@4` into `npm@latest`. Some of these are
|
|||
|
arguably breaking changes on their own, so now is the time to get them
|
|||
|
out if we're going to do so before `npm@5`, and all of them are pretty
|
|||
|
significant blockers for a substantial number of users, so now is the
|
|||
|
best time to fix them.
|
|||
|
|
|||
|
##### PREPUBLISHONLY WHOOPS
|
|||
|
|
|||
|
The code running the `publish*` lifecycle events was very confusingly written.
|
|||
|
In fact, we didn't really figure out what it was doing until we added the new
|
|||
|
`prepublishOnly` event and it was running people's scripts from the wrong
|
|||
|
directory. We made it simpler. See the [commit
|
|||
|
message](https://github.com/npm/npm/commit/8b32d67aa277fd7e62edbed886387a855f58387f)
|
|||
|
for details.
|
|||
|
|
|||
|
Because the change is no longer running publish events when publishing prebuilt
|
|||
|
artifacts, it's technically a breaking / semver-major change. In the off chance
|
|||
|
that the new behavior breaks any of y'all's workflows, let us know, and we can
|
|||
|
roll some or all of this change back until `npm@5` (or forever, if that works
|
|||
|
better for you).
|
|||
|
|
|||
|
* [`8b32d67`](https://github.com/npm/npm/commit/8b32d67aa277fd7e62edbed886387a855f58387f)
|
|||
|
[#14502](https://github.com/npm/npm/pull/14502)
|
|||
|
Simplify lifecycle invocation and fix `prepublishOnly`.
|
|||
|
([@othiym23](https://github.com/othiym23))
|
|||
|
|
|||
|
##### G'BYE NODE.JS 0.10, 0.12, and 5.X; HI THERE, NODE 7
|
|||
|
|
|||
|
With the advent of the second official Node.js LTS release, Node 6.x
|
|||
|
'Boron', the Node.js project has now officially dropped versions 0.10
|
|||
|
and 0.12 out of the maintenance phase of LTS. (Also, Node 5 was never
|
|||
|
part of LTS, and will see no further support now that Node 7 has been
|
|||
|
released.) As a small team with limited resources, the npm CLI team is
|
|||
|
following suit and dropping those versions of Node from its CI test
|
|||
|
matrix.
|
|||
|
|
|||
|
What this means:
|
|||
|
|
|||
|
* Your contributions will no longer block on the tests passing on 0.10 and 0.12.
|
|||
|
* We will no longer block dependency upgrades on working with 0.10 and 0.12.
|
|||
|
* Bugs filed on the npm CLI that are due to incompatibilities with 0.10
|
|||
|
or 0.12 (and older versions) will be closed with a strong urging to
|
|||
|
upgrade to a supported version of Node.
|
|||
|
* On the flip side, we'll continue to (happily!) accept patches that
|
|||
|
address regressions seen when running the CLI with Node.js 0.10 and
|
|||
|
0.12.
|
|||
|
|
|||
|
What this doesn't mean:
|
|||
|
|
|||
|
* The CLI is going to start depending on ES2015+ features. npm continues
|
|||
|
to work, in almost all cases, all the way back to Node.js 0.8, and our
|
|||
|
long history of backwards compatibility is a source of pride for the
|
|||
|
team.
|
|||
|
* We aren't concerned about the problems of users who, for whatever
|
|||
|
reason, can't update to newer versions of npm. As mentioned above, we're
|
|||
|
happy to take community patches intended to address regressions.
|
|||
|
|
|||
|
We're not super interested in taking sides on what version of Node.js
|
|||
|
you "should" be running. We're a workflow tool, and we understand that
|
|||
|
you all have a diverse set of operational environments you need to be
|
|||
|
able to support. At the same time, we _are_ a small team, and we need
|
|||
|
to put some limits on what we support. Tracking what's supported by our
|
|||
|
runtime's own team seems most practical, so that's what we're doing.
|
|||
|
|
|||
|
* [`ab630c9`](https://github.com/npm/npm/commit/ab630c9a7a1b40cdd4f1244be976c25ab1525907)
|
|||
|
[#14503](https://github.com/npm/npm/pull/14503)
|
|||
|
Node 6 is LTS; 5.x, 0.10, and 0.12 are unsupported.
|
|||
|
([@othiym23](https://github.com/othiym23))
|
|||
|
* [`731ae52`](https://github.com/npm/npm/commit/731ae526fb6e9951c43d82a26ccd357b63cc56c2)
|
|||
|
[#14503](https://github.com/npm/npm/pull/14503)
|
|||
|
Update supported version expression.
|
|||
|
([@othiym23](https://github.com/othiym23))
|
|||
|
|
|||
|
##### DISENTANGLING SCOPE
|
|||
|
|
|||
|
The new `Npm-Scope` header was previously reusing the `scope`
|
|||
|
configuration option to pass the current scope back to your current
|
|||
|
registry (which, as [described
|
|||
|
previously](https://github.com/npm/npm/blob/release-next/CHANGELOG.md#send-extra-headers-to-registry), is meant to set up some upcoming
|
|||
|
registry features). It turns out that had some [seriously weird
|
|||
|
consequences](https://github.com/npm/npm/issues/14412) in the case where
|
|||
|
you were already configuring `scope` in your own environment. The CLI
|
|||
|
now uses separate configuration for this.
|
|||
|
|
|||
|
* [`39358f7`](https://github.com/npm/npm/commit/39358f732ded4aa46d86d593393a0d6bca5dc12a)
|
|||
|
[#14477](https://github.com/npm/npm/pull/14477)
|
|||
|
Differentiate registry scope from project scope in configuration.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
|
|||
|
#### SMALLER CHANGES
|
|||
|
|
|||
|
* [`7f41295`](https://github.com/npm/npm/commit/7f41295775f28b958a926f9cb371cb37b05771dd)
|
|||
|
[#14519](https://github.com/npm/npm/pull/14519)
|
|||
|
Document that as of `npm@4.0.1`, `npm shrinkwrap` now includes `devDependencies` unless
|
|||
|
instructed otherwise.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`bdc2f9e`](https://github.com/npm/npm/commit/bdc2f9e255ddf1a47fd13ec8749d17ed41638b2c)
|
|||
|
[#14501](https://github.com/npm/npm/pull/14501)
|
|||
|
The `ENOSELF` error message is tricky to word. It's also an error that
|
|||
|
normally bites new users. Clean it up in an effort to make it easier
|
|||
|
to understand what's going on.
|
|||
|
([@snopeks](https://github.com/snopeks), [@zkat](https://github.com/zkat))
|
|||
|
|
|||
|
#### DEPENDENCY UPGRADES
|
|||
|
|
|||
|
* [`a52d0f0`](https://github.com/npm/npm/commit/a52d0f0c9cf2de5caef77e12eabd7dca9e89b49c)
|
|||
|
`glob@7.1.1`:
|
|||
|
- Handle files without associated perms on Windows.
|
|||
|
- Fix failing case with `absolute` option.
|
|||
|
([@isaacs](https://github.com/isaacs), [@phated](https://github.com/phated))
|
|||
|
* [`afda66d`](https://github.com/npm/npm/commit/afda66d9afcdcbae1d148f589287583c4182d124)
|
|||
|
[isaacs/node-graceful-fs#97](https://github.com/isaacs/node-graceful-fs/pull/97)
|
|||
|
`graceful-fs@4.1.10`: Better backoff for EPERM on Windows.
|
|||
|
([@sam-github](https://github.com/sam-github))
|
|||
|
* [`e0023c0`](https://github.com/npm/npm/commit/e0023c089ded9161fbcbe544f12b07e12e3e5729)
|
|||
|
[npm/inflight#3](https://github.com/npm/inflight/pull/3)
|
|||
|
`inflight@1.0.6`: Clean up even if / when a callback throws.
|
|||
|
([@phated](https://github.com/phated))
|
|||
|
* [`1d91594`](https://github.com/npm/npm/commit/1d9159440364d2fe21e8bc15e08e284aaa118347)
|
|||
|
`request@2.78.0`
|
|||
|
([@othiym23](https://github.com/othiym23))
|
|||
|
|
|||
|
### v4.0.1 (2016-10-24)
|
|||
|
|
|||
|
Ayyyy~ 🌊
|
|||
|
|
|||
|
So thanks to folks who were running on `npm@next`, we managed to find a few
|
|||
|
issues of notes in that preview version, and we're rolling out a small patch
|
|||
|
change to fix them. Most notably, anyone who was using a symlinked `node` binary
|
|||
|
(for example, if they installed Node.js through `homebrew`), was getting a very
|
|||
|
loud warning every time they ran scripts. Y'all should get warnings in a more
|
|||
|
useful way, now that we're resolving those path symlinks.
|
|||
|
|
|||
|
Another fairly big change that we decided to slap into this version, since
|
|||
|
`npm@4.0.0` is never going to be `latest`, is to make it so `devDependencies`
|
|||
|
are included in `npm-shrinkwrap.json` by default -- if you do not want this, use
|
|||
|
`--production` with `npm shrinkwrap`.
|
|||
|
|
|||
|
#### BIG FIXES/CHANGES
|
|||
|
|
|||
|
* [`eff46dd`](https://github.com/npm/npm/commit/eff46dd498ed007bfa77ab7782040a3a828b852d)
|
|||
|
[#14374](https://github.com/npm/npm/pull/14374)
|
|||
|
Fully resolve the path for `node` executables in both `$PATH` and
|
|||
|
`process.execPath` to avoid issues with symlinked `node`.
|
|||
|
([@addaleax](https://github.com/addaleax))
|
|||
|
* [`964f2d3`](https://github.com/npm/npm/commit/964f2d3a0675584267e6ece95b0115a53c6ca6a9)
|
|||
|
[#14375](https://github.com/npm/npm/pull/14375)
|
|||
|
Make including `devDependencies` in `npm-shrinkwrap.json` the default. This
|
|||
|
should help make the transition to `npm@5` smoother in the future.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### BUGFIXES
|
|||
|
|
|||
|
* [`a5b0a8d`](https://github.com/npm/npm/commit/a5b0a8db561916086fc7dbd6eb2836c952a42a7e)
|
|||
|
[#14400](https://github.com/npm/npm/pull/14400)
|
|||
|
Recently, we've had some consistent timeout failures while running the test
|
|||
|
suite under Travis. This tweak to tests should take care of those issues and
|
|||
|
Travis should go back to being reliably green.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### DOC PATCHES
|
|||
|
|
|||
|
* [`c5907b2`](https://github.com/npm/npm/commit/c5907b2fc1a82ec919afe3b370ecd34d8895c7a2)
|
|||
|
[#14251](https://github.com/npm/npm/pull/14251)
|
|||
|
Update links to Node.js downloads. They previously pointed to 404 pages.😬
|
|||
|
([@ArtskydJ](https://github.com/ArtskydJ))
|
|||
|
* [`0c122f2`](https://github.com/npm/npm/commit/0c122f24ff1d4d400975edda2b7262aaaf6f7d69)
|
|||
|
[#14380](https://github.com/npm/npm/pull/14380)
|
|||
|
Add note and clarification on when `prepare` script is run. Make it more
|
|||
|
consistent with surrounding descriptions.
|
|||
|
([@SimenB](https://github.com/SimenB))
|
|||
|
* [`51a62ab`](https://github.com/npm/npm/commit/51a62abd88324ba3dad18e18ca5e741f1d60883c)
|
|||
|
[#14359](https://github.com/npm/npm/pull/14359)
|
|||
|
Fixes typo in `npm@4` changelog.
|
|||
|
([@kimroen](https://github.com/kimroen))
|
|||
|
|
|||
|
### v4.0.0 (2016-10-20)
|
|||
|
|
|||
|
Welcome to `npm@4`, friends!
|
|||
|
|
|||
|
This is our first semver major release since the release of `npm@3` just over a
|
|||
|
year ago. Back then, `@3` turned out to be a bit of a ground-shaking release,
|
|||
|
with a brand-new installer with significant structural changes to how npm set up
|
|||
|
your tree. This is the end of an era, in a way. `npm@4` also marks the release
|
|||
|
when we move *both* `npm@2` and `npm@3` into maintenance: We will no longer be
|
|||
|
updating those release branches with anything except critical bugfixes and
|
|||
|
security patches.
|
|||
|
|
|||
|
While its predecessor had some pretty serious impaact, `npm@4` is expected to
|
|||
|
have a much smaller effect on your day-to-day use of npm. Over the past year,
|
|||
|
we've collected a handful of breaking changes that we wanted to get in which are
|
|||
|
only breaking under a strict semver interpretation (which we follow). Some of
|
|||
|
these are simple usability improvements, while others fix crashes and serious
|
|||
|
issues that required a major release to include.
|
|||
|
|
|||
|
We hope this release sees you well, and you can look forward to an accelerated
|
|||
|
release pace now that the CLI team is done focusing on sustaining work -- our
|
|||
|
Windows fixing and big bugs pushes -- and we can start focusing again on
|
|||
|
usability, features, and performance. Keep an eye out for `npm@5` in Q1 2017,
|
|||
|
too: We're planning a major overhaul of `shrinkwrap` as well as various speed
|
|||
|
and usability fixes for that release. It's gonna be a fun ride. I promise. 😘
|
|||
|
|
|||
|
#### BRIEF OVERVIEW OF **BREAKING** CHANGES
|
|||
|
|
|||
|
The following breaking changes are included in this release:
|
|||
|
|
|||
|
* `npm search` rewritten to stream results, and no longer supports sorting.
|
|||
|
* `npm scripts` no longer prepend the path of the node executable used to run
|
|||
|
npm before running scripts. A `--scripts-prepend-node-path` option has been
|
|||
|
added to configure this behavior.
|
|||
|
* `npat` has been removed.
|
|||
|
* `prepublish` has been deprecated, replaced by `prepare`. A `prepublishOnly`
|
|||
|
script has been temporarily added, which will *only* run on `npm publish`.
|
|||
|
* `npm outdated` exits with exit code `1` if it finds any outdated packages.
|
|||
|
* `npm tag` has been removed after a deprecation cycle. Use `npm dist-tag`.
|
|||
|
* Partial shrinkwraps are no longer supported. `npm-shrinkwrap.json` is
|
|||
|
considered a complete installation manifest except for `devDependencies`.
|
|||
|
* npm's default git branch is no longer `master`. We'll be using `latest` from
|
|||
|
now on.
|
|||
|
|
|||
|
#### SEARCH REWRITE (**BREAKING**)
|
|||
|
|
|||
|
Let's face it -- `npm search` simply doesn't work anymore. Apart from the fact
|
|||
|
that it grew slower over the years, it's reached a point where we can no longer
|
|||
|
fit the entire registry metadata in memory, and anyone who tries to use the
|
|||
|
command now sees a really awful memory overflow crash from node.
|
|||
|
|
|||
|
It's still going to be some time before the CLI, registry, and web team are able
|
|||
|
to overhaul `npm search` altogether, but until then, we've rewritten the
|
|||
|
previous `npm search` implementation to *stream* results on the fly, from both
|
|||
|
the search endpoint and a local cache. In absolute terms, you won't see a
|
|||
|
performance increase and this patch *does* come at the cost of sorting
|
|||
|
capabilities, but what it does do is start outputting results as it finds them.
|
|||
|
This should make the experience much better, overall, and we believe this is an
|
|||
|
acceptable band-aid until we have that search endpoint in place.
|
|||
|
|
|||
|
Incidentally, if you want a really nice search experience, we recommend checking
|
|||
|
out [npms.io](http://npms.io), which includes a handy-dandy
|
|||
|
[`npms-cli`](https://npm.im/npms-cli) for command-line usage -- it's an npm
|
|||
|
search site that returns high-quality results quickly and is operated by members
|
|||
|
of the npm community.
|
|||
|
|
|||
|
* [`cfd43b4`](https://github.com/npm/npm/commit/cfd43b49aed36d0e8ea6c35b07ed8b303b69be61) [`2b8057b`](https://github.com/npm/npm/commit/2b8057be2e1b51e97b1f8f38d7f58edf3ce2c145)
|
|||
|
[#13746](https://github.com/npm/npm/pull/13746)
|
|||
|
Stream search process end-to-end.
|
|||
|
([@zkat](https://github.com/zkat) and [@aredridel](https://github.com/aredridel))
|
|||
|
* [`50f4ec8`](https://github.com/npm/npm/commit/50f4ec8e8ce642aa6a58cb046b2b770ccf0029db) [`70b4bc2`](https://github.com/npm/npm/commit/70b4bc22ec8e81cd33b9448f5b45afd1a50d50ba) [`8fb470f`](https://github.com/npm/npm/commit/8fb470fe755c4ad3295cb75d7b4266f8e67f8d38) [`ac3a6e0`](https://github.com/npm/npm/commit/ac3a6e0eba61fb40099b1370c74ad1598777def4) [`bad54dd`](https://github.com/npm/npm/commit/bad54dd9f1119fe900a8d065f8537c6f1968b589) [`87d504e`](https://github.com/npm/npm/commit/87d504e0a61bccf09f5e975007d018de3a1c5f50)
|
|||
|
[#13746](https://github.com/npm/npm/pull/13746)
|
|||
|
Updated search-related tests.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
* [`3596de8`](https://github.com/npm/npm/commit/3596de88598c69eb5bae108703c8e74ca198b20c)
|
|||
|
[#13746](https://github.com/npm/npm/pull/13746)
|
|||
|
`JSONStream@1.2.1`
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
* [`4b09209`](https://github.com/npm/npm/commit/4b09209bb605f547243065032a8b37772669745f)
|
|||
|
[#13746](https://github.com/npm/npm/pull/13746)
|
|||
|
`mississippi@1.2.0`
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
* [`b650b39`](https://github.com/npm/npm/commit/b650b39d42654abb9eed1c7cd463b1c595ca2ef9)
|
|||
|
[#13746](https://github.com/npm/npm/pull/13746)
|
|||
|
`sorted-union-stream@2.1.3`
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
|
|||
|
#### SCRIPT NODE PATH (**BREAKING**)
|
|||
|
|
|||
|
Thanks to some great work by [@addaleax](https://github.com/addaleax), we've
|
|||
|
addressed a fairly tricky issue involving the node process used by `npm
|
|||
|
scripts`.
|
|||
|
|
|||
|
Previously, npm would prefix the path of the node executable to the script's
|
|||
|
`PATH`. This had the benefit of making sure that the node process would be the
|
|||
|
same for both npm and `scripts` unless you had something like
|
|||
|
[`node-bin`](https://npm.im/node-bin) in your `node_modules`. And it turns out
|
|||
|
lots of people relied on this behavior being this way!
|
|||
|
|
|||
|
It turns out that this had some unintended consequences: it broke systems like
|
|||
|
[`nyc`](https://npm.im/nyc), but also completely broke/defeated things like
|
|||
|
[`rvm`](https://rvm.io/) and
|
|||
|
[`virtualenv`](https://virtualenv.pypa.io/en/stable/) by often causing things
|
|||
|
that relied on them to fall back to the global system versions of ruby and
|
|||
|
python.
|
|||
|
|
|||
|
In the face of two perfectly valid, and used alternatives, we decided that the
|
|||
|
second case was much more surprising for users, and that we should err on the
|
|||
|
side of doing what those users expect. Anna put some hard work in and managed to
|
|||
|
put together a patch that changes npm's behavior such that we no longer prepend
|
|||
|
the node executable's path *by default*, and adds a new option,
|
|||
|
`--scripts-prepend-node-path`, to allow users who rely on this behavior to have
|
|||
|
it add the node path for them.
|
|||
|
|
|||
|
This patch also makes it so this feature is discoverable by people who might run
|
|||
|
into the first case above, by warning if the node executable is either missing
|
|||
|
or shadowed by another one in `PATH`. This warning can also be disabled with the
|
|||
|
`--scripts-prepend-node-path` option as needed.
|
|||
|
|
|||
|
* [`3fb1eb3`](https://github.com/npm/npm/commit/3fb1eb3e00b5daf37f14e437d2818e9b65a43392) [`6a7d375`](https://github.com/npm/npm/commit/6a7d375d779ba5416fd5df154c6da673dd745d9d) [`378ae08`](https://github.com/npm/npm/commit/378ae08851882d6d2bc9b631b16b8c875d0b9704)
|
|||
|
[#13409](https://github.com/npm/npm/pull/13409)
|
|||
|
Add a `--scripts-prepend-node-path` option to configure whether npm prepends
|
|||
|
the current node executable's path to `PATH`.
|
|||
|
([@addaleax](https://github.com/addaleax))
|
|||
|
* [`70b352c`](https://github.com/npm/npm/commit/70b352c6db41533b9a4bfaa9d91f7a2a1178f74e)
|
|||
|
[#13409](https://github.com/npm/npm/pull/13409)
|
|||
|
Change the default behaviour of npm to never prepending the current node
|
|||
|
executable’s directory to `PATH` but printing a warning in the cases in which
|
|||
|
it previously did.
|
|||
|
([@addaleax](https://github.com/addaleax))
|
|||
|
|
|||
|
#### REMOVE `npat` (**BREAKING**)
|
|||
|
|
|||
|
Let's be real here -- almost no one knows this feature ever existed, and it's a
|
|||
|
vestigial feature of the days when the ideal for npm was to distribute full
|
|||
|
packages that could be directly developed on, even from the registry.
|
|||
|
|
|||
|
It turns out the npm community decided to go a different way: primarily
|
|||
|
publishing packages in a production-ready format, with no tests, build tools,
|
|||
|
etc. And so, we say goodbye to `npat`.
|
|||
|
|
|||
|
* [`e16c14a`](https://github.com/npm/npm/commit/e16c14afb6f52cb8b7adf60b2b26427f76773f2e)
|
|||
|
[#14329](https://github.com/npm/npm/pull/14329)
|
|||
|
Remove the npat feature.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### NEW `prepare` SCRIPT. `prepublish` DEPRECATED (**BREAKING**)
|
|||
|
|
|||
|
If there's anything that really seemed to confuse users, it's that the
|
|||
|
`prepublish` script ran when invoking `npm install` without any arguments.
|
|||
|
|
|||
|
Turns out many, many people really expected that it would only run on `npm
|
|||
|
publish`, even if it actually did what most people expected: prepare the package
|
|||
|
for publishing on the registry.
|
|||
|
|
|||
|
And so, we've added a `prepare` command that runs in the exact same cases where
|
|||
|
`prepublish` ran, and we've begun a deprecation cycle for `prepublish` itself
|
|||
|
**only when run by `npm install`**, which will now include a warning any time
|
|||
|
you use it that way.
|
|||
|
|
|||
|
We've also added a `prepublishOnly` script which will execute **only** when `npm
|
|||
|
publish` is invoked. Eventually, `prepublish` will stop executing on `npm
|
|||
|
install`, and `prepublishOnly` will be removed, leaving `prepare` and
|
|||
|
`prepublish` as two distinct lifecycles.
|
|||
|
|
|||
|
* [`9b4a227`](https://github.com/npm/npm/commit/9b4a2278cee0a410a107c8ea4d11614731e0a943) [`bc32078`](https://github.com/npm/npm/commit/bc32078fa798acef0e036414cb448645f135b570)
|
|||
|
[#14290](https://github.com/npm/npm/pull/14290)
|
|||
|
Add `prepare` and `prepublishOnly` lifecycle events.
|
|||
|
([@othiym23](https://github.com/othiym23))
|
|||
|
* [`52fdefd`](https://github.com/npm/npm/commit/52fdefddb48f0c39c6e8eb4c118eb306c9436117)
|
|||
|
[#14290](https://github.com/npm/npm/pull/14290)
|
|||
|
Warn when running `prepublish` on `npm pack`.
|
|||
|
([@othiym23](https://github.com/othiym23))
|
|||
|
* [`4c2a948`](https://github.com/npm/npm/commit/4c2a9481b564cae3df3f4643766db4b987018a7b) [`a55bd65`](https://github.com/npm/npm/commit/a55bd651284552b93f7d972a2e944f65c1aa6c35)
|
|||
|
[#14290](https://github.com/npm/npm/pull/14290)
|
|||
|
Added `prepublish` warnings to `npm install`.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
* [`c27412b`](https://github.com/npm/npm/commit/c27412bb9fc7b09f7707c7d9ad23128959ae1abc)
|
|||
|
[#14290](https://github.com/npm/npm/pull/14290)
|
|||
|
Replace `prepublish` with `prepare` in `npm help package.json` documentation.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
|
|||
|
#### NO MORE PARTIAL SHRINKWRAPS (**BREAKING**)
|
|||
|
|
|||
|
That's right. No more partial shrinkwraps. That means that if you have an
|
|||
|
`npm-shrinkwrap.json` in your project, npm will no longer install anything that
|
|||
|
isn't explicitly listed there, unless it's a `devDependency`. This will open
|
|||
|
doors to some nice optimizations and make use of `npm shrinkwrap` just generally
|
|||
|
smoother by removing some awful corner cases. We will also skip `devDependency`
|
|||
|
installation from `package.json` if you added `devDependencies` to your
|
|||
|
shrinkwrap by using `npm shrinkwrap --dev`.
|
|||
|
|
|||
|
* [`b7dfae8`](https://github.com/npm/npm/commit/b7dfae8fd4dc0456605f7a921d20a829afd50864)
|
|||
|
[#14327](https://github.com/npm/npm/pull/14327)
|
|||
|
Use `readShrinkwrap` to read top level shrinkwrap. There's no reason for npm
|
|||
|
to be doing its own bespoke heirloom-grade artisanal thing here.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`0ae1f4b`](https://github.com/npm/npm/commit/0ae1f4b9d83af2d093974beb33f26d77fcc95bb9) [`4a54997`](https://github.com/npm/npm/commit/4a549970dc818d78b6de97728af08a1edb5ae7f0) [`f22a1ae`](https://github.com/npm/npm/commit/f22a1ae54b5d47f1a056a6e70868013ebaf66b79) [`3f61189`](https://github.com/npm/npm/commit/3f61189cb3843fee9f54288fefa95ade9cace066)
|
|||
|
[#14327](https://github.com/npm/npm/pull/14327)
|
|||
|
Treat shrinkwrap as canonical. That is, don't try to fill in for partial
|
|||
|
shrinkwraps. Partial shrinkwraps should produce partial installs. If your
|
|||
|
shrinkwrap contains NO `devDependencies` then we'll still try to install them
|
|||
|
from your `package.json` instead of assuming you NEVER want `devDependencies`.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### `npm tag` REMOVED (**BREAKING**)
|
|||
|
|
|||
|
* [`94255da`](https://github.com/npm/npm/commit/94255da8ffc2d9ed6a0434001a643c1ad82fa483)
|
|||
|
[#14328](https://github.com/npm/npm/pull/14328)
|
|||
|
Remove deprecated tag command. Folks must use the `dist-tag` command from now
|
|||
|
on.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### NON-ZERO EXIT CODE ON OUTDATED DEPENDENCIES (**BREAKING**)
|
|||
|
|
|||
|
* [`40a04d8`](https://github.com/npm/npm/commit/40a04d888d10a5952d5ca4080f2f5d2339d2038a) [`e2fa18d`](https://github.com/npm/npm/commit/e2fa18d9f7904eb048db7280b40787cb2cdf87b3) [`3ee3948`](https://github.com/npm/npm/commit/3ee39488b74c7d35fbb5c14295e33b5a77578104) [`3fa25d0`](https://github.com/npm/npm/commit/3fa25d02a8ff07c42c595f84ae4821bc9ee908df)
|
|||
|
[#14013](https://github.com/npm/npm/pull/14013)
|
|||
|
Do `exit 1` if any outdated dependencies are found by `npm outdated`.
|
|||
|
([@watilde](https://github.com/watilde))
|
|||
|
* [`c81838a`](https://github.com/npm/npm/commit/c81838ae96b253f4b1ac66af619317a3a9da418e)
|
|||
|
[#14013](https://github.com/npm/npm/pull/14013)
|
|||
|
Log non-zero exit codes at `verbose` level -- this isn't something command
|
|||
|
line tools tend to do. It's generally the shell's job to display, if at all.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
|
|||
|
#### SEND EXTRA HEADERS TO REGISTRY
|
|||
|
|
|||
|
For the purposes of supporting shiny new registry features, we've started
|
|||
|
sending `Npm-Scope` and `Npm-In-CI` headers in outgoing requests.
|
|||
|
|
|||
|
* [`846f61c`](https://github.com/npm/npm/commit/846f61c1dd4a033f77aa736ab01c27ae6724fe1c)
|
|||
|
[npm/npm-registry-client#145](https://github.com/npm/npm-registry-client/pull/145)
|
|||
|
[npm/npm-registry-client#147](https://github.com/npm/npm-registry-client/pull/147)
|
|||
|
`npm-registry-client@7.3.0`:
|
|||
|
* Allow npm to add headers to outgoing requests.
|
|||
|
* Add `Npm-In-CI` header that reports whether we're running in CI.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`6b6bb08`](https://github.com/npm/npm/commit/6b6bb08af661221224a81df8adb0b72019ca3e11)
|
|||
|
[#14129](https://github.com/npm/npm/pull/14129)
|
|||
|
Send `Npm-Scope` header along with requests to registry. `Npm-Scope` is set to
|
|||
|
the `@scope` of the current top level project. This will allow registries to
|
|||
|
implement user/scope-aware features and services.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
* [`506de80`](https://github.com/npm/npm/commit/506de80dc0a0576ec2aab0ed8dc3eef3c1dabc23)
|
|||
|
[#14129](https://github.com/npm/npm/pull/14129)
|
|||
|
Add test to ensure `Npm-In-CI` header is being sent when CI is set in env.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### BUGFIXES
|
|||
|
|
|||
|
* [`bc84012`](https://github.com/npm/npm/commit/bc84012c2c615024b08868acbd8df53a7ca8d146)
|
|||
|
[#14117](https://github.com/npm/npm/pull/14117)
|
|||
|
Fixes a bug where installing a shrinkwrapped package would fail if the
|
|||
|
platform failed to install an optional dependency included in the shrinkwrap.
|
|||
|
([@watilde](https://github.com/watilde))
|
|||
|
* [`a40b32d`](https://github.com/npm/npm/commit/a40b32dc7fe18f007a672219a12d6fecef800f9d)
|
|||
|
[#13519](https://github.com/npm/npm/pull/13519)
|
|||
|
If a package has malformed metadata, `node.requiredBy` is sometimes missing.
|
|||
|
Stop crashing when that happens.
|
|||
|
([@creationix](https://github.com/creationix))
|
|||
|
|
|||
|
#### OTHER PATCHES
|
|||
|
|
|||
|
* [`643dae2`](https://github.com/npm/npm/commit/643dae2197c56f1c725ecc6539786bf82962d0fe)
|
|||
|
[#14244](https://github.com/npm/npm/pull/14244)
|
|||
|
Remove some ancient aliases that we'd rather not have around.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
* [`bdeac3e`](https://github.com/npm/npm/commit/bdeac3e0fb226e4777d4be5cd3c3bec8231c8044)
|
|||
|
[#14230](https://github.com/npm/npm/pull/14230)
|
|||
|
Detect unsupported Node.js versions and warn about it. Also error on really
|
|||
|
old versions where we know we can't work.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### DOC UPDATES
|
|||
|
|
|||
|
* [`9ca18ad`](https://github.com/npm/npm/commit/9ca18ada7cc1c10b2d32bbb59d5a99dd1c743109)
|
|||
|
[#13746](https://github.com/npm/npm/pull/13746)
|
|||
|
Updated docs for `npm search` options.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
* [`e02a47f`](https://github.com/npm/npm/commit/e02a47f9698ff082488dc2b1738afabb0912793e)
|
|||
|
Move the `npm@3` changelog into the archived changelogs directory.
|
|||
|
([@zkat](https://github.com/zkat))
|
|||
|
* [`c12bbf8`](https://github.com/npm/npm/commit/c12bbf8c5a5dff24a191b66ac638f552bfb76601)
|
|||
|
[#14290](https://github.com/npm/npm/pull/14290)
|
|||
|
Document prepublish-on-install deprecation.
|
|||
|
([@othiym23](https://github.com/othiym23))
|
|||
|
* [`c246a75`](https://github.com/npm/npm/commit/c246a75ac8697f4ca11d316b7e7db5f24af7972b)
|
|||
|
[#14129](https://github.com/npm/npm/pull/14129)
|
|||
|
Document headers added by npm to outgoing registry requests.
|
|||
|
([@iarna](https://github.com/iarna))
|
|||
|
|
|||
|
#### DEPENDENCIES
|
|||
|
|
|||
|
* [`cb20c73`](https://github.com/npm/npm/commit/cb20c7373a32daaccba2c1ad32d0b7e1fc01a681)
|
|||
|
[#13953](https://github.com/npm/npm/pull/13953)
|
|||
|
`signal-exit@3.0.1`
|
|||
|
([@benjamincoe](https://github.com/benjamincoe))
|