9.6.2 (2023-03-14)
9.6.1 (2023-03-08)
e455e3f
#6211 send options with grant/revoke requests (#6211) (@DavidTanner)e4de224
#6220 clean uri from audit error (#6220) (@wraithgar)
cb45b21
#6231 npm update1f60a7e
#6231minipass@4.2.4
- Workspace:
@npmcli/arborist@6.2.5
- Workspace:
libnpmdiff@5.0.13
- Workspace:
libnpmexec@5.0.13
- Workspace:
libnpmfund@4.0.13
- Workspace:
libnpmpack@5.0.13
- Workspace:
libnpmpublish@7.1.1
9.6.0 (2023-03-02)
c4c8754
audit: add signatures to completion (@wraithgar)fc46489
access: only complete once (@wraithgar)b43961a
cmd-list: alias only to real commands (@wraithgar)
71ae406
#6218@npmcli/installed-package-contents@2.0.2
- Workspace:
@npmcli/arborist@6.2.4
- Workspace:
libnpmdiff@5.0.12
- Workspace:
libnpmexec@5.0.12
- Workspace:
libnpmfund@4.0.12
- Workspace:
libnpmpack@5.0.12
9.5.1 (2023-02-22)
7ba3e17
#6189 npm updatef7a5200
pacote@15.1.1
- Workspace:
@npmcli/arborist@6.2.3
- Workspace:
libnpmdiff@5.0.11
- Workspace:
libnpmexec@5.0.11
- Workspace:
libnpmfund@4.0.11
- Workspace:
libnpmpack@5.0.11
9.5.0 (2023-02-14)
79bfd03
#6153 audit signatures verifies attestations (@feelepxyz)5fc6473
add provenance attestation (@bdehamer)
53f75a4
#6158 gracefully fallback from auth-type=web (#6158) (@MylesBorins)ed59aae
#6162 refactor error reporting in audit command (@bdehamer)
fad0473
minipass@4.0.3
678c6bf
minimatch@6.2.0
9b4b366
ci-info@3.8.0
d20ee2a
pacote@15.1.0
- Workspace:
libnpmpublish@7.1.0
- Workspace:
libnpmteam@5.0.3
9.4.2 (2023-02-07)
cb6713d
#6143 rebuild package-lock (#6143)8200f4f
#6133ignore-walk@6.0.1
d43f881
map-workspaces@3.0.2
99457f1
minimatch@6.1.6
f4c8c62
init-package-json@5.0.0
3c6615f
npm-user-validate@2.0.0
10445ca
remove mkdirpab82492
node-gyp@9.3.1
74c5cbb
minipass@4.0.2
1138038
make-fetch-happen@11.0.3
c1ccfa1
glob@8.1.0
3dc17ce
fs-minipass@3.0.1
5c84a99
ci-info@3.7.1
fc5332f
read@2.0.0
- Workspace:
@npmcli/arborist@6.2.2
- Workspace:
@npmcli/config@6.1.3
- Workspace:
libnpmdiff@5.0.10
- Workspace:
libnpmexec@5.0.10
- Workspace:
libnpmfund@4.0.10
- Workspace:
libnpmhook@9.0.3
- Workspace:
libnpmorg@5.0.3
- Workspace:
libnpmpack@5.0.10
- Workspace:
libnpmpublish@7.0.8
9.4.1 (2023-02-01)
721fe3f
#6118read-package-json-fast@3.0.2
6e4a649
pacote@15.0.8
1820afe
cacache@17.0.4
24b2ec4
@npmcli/promise-spawn@6.0.2
4b8046e
@npmcli/name-from-folder@2.0.0
1d4be7a
@npmcli/map-workspaces@3.0.1
a39556f
@npmcli/template-oss@4.11.3
64b06ed
#6115http-cache-semantics@4.1.1
- Workspace:
@npmcli/arborist@6.2.1
- Workspace:
@npmcli/config@6.1.2
- Workspace:
libnpmaccess@7.0.2
- Workspace:
libnpmdiff@5.0.9
- Workspace:
libnpmexec@5.0.9
- Workspace:
libnpmfund@4.0.9
- Workspace:
libnpmhook@9.0.2
- Workspace:
libnpmorg@5.0.2
- Workspace:
libnpmpack@5.0.9
- Workspace:
libnpmpublish@7.0.7
- Workspace:
libnpmsearch@6.0.2
- Workspace:
libnpmteam@5.0.2
- Workspace:
libnpmversion@4.0.2
9.4.0 (2023-01-25)
- Workspace:
@npmcli/arborist@6.2.0
- Workspace:
libnpmdiff@5.0.8
- Workspace:
libnpmexec@5.0.8
- Workspace:
libnpmfund@4.0.8
- Workspace:
libnpmpack@5.0.8
9.3.1 (2023-01-13)
8be672b
#6050 don't try to deprecate nonexistant versions (#6050) (@wraithgar)1c3612c
#6054 use recursive rm in ci command (#6054) (@jamesshaw1987, @burkel24)
9.3.0 (2023-01-12)
cf175fb
#6044 default auth-type to legacy if otp is configured (#6044) (@wraithgar)2383deb
#6037 clean urls from arborist, owner, and ping commands (#6037) (@lukekarrys)69f5ff8
view: convert command to use output instead of console (@lukekarrys)dc52222
init: write package.json workspaces paths with / separators (@lukekarrys)31af1aa
refactorhelp
to use@npmcli/promise-spawn
(@lukekarrys)669ef94
fund: correctly parse and usewhich
config (@lukekarrys)72e6d6f
generate workspace support for docs pages (@lukekarrys)450e50f
evaluate configs in command class (@lukekarrys)28ec922
#5946 replace rimraf with fs.rm (@lukekarrys)
f0038e5
#6048 missing backtick in synopsis of npm init (#5837) (#6048) (@Peallyz)ca8ff00
#6045 update outdated file path to definitions.js (@ericmutta)fe9debd
#6038 fix typos in definitions.js (#6038) (@lukekarrys, @ericmutta)fa27aca
#6018 fix typo in removal.md (@ericmutta)82f69d9
#6026 fix typo in registry.md (@ericmutta)
ec09474
#5945minipass-fetch@3.0.1
- Workspace:
@npmcli/arborist@6.1.6
- Workspace:
@npmcli/config@6.1.1
- Workspace:
libnpmdiff@5.0.7
- Workspace:
libnpmexec@5.0.7
- Workspace:
libnpmfund@4.0.7
- Workspace:
libnpmpack@5.0.7
9.2.0 (2022-12-07)
2f2b146
#5936npm-packlist@7.0.4
(#5936)372d158
#5935minimatch@5.1.1
(#5935)0e6c28b
#5934ci-info@3.7.0
(#5934)0a3fe00
#5933minipass@4.0.0
6b77340
tar@6.1.13
cf0a174
ssri@10.0.1
3da9a1a
pacote@15.0.7
fee9b66
npm-registry-fetch@14.0.3
e940917
cacache@17.0.3
875bd56
npm-package-arg@10.1.0
280b7a4
#5927npm-packlist@7.0.3
- Workspace:
@npmcli/arborist@6.1.5
- Workspace:
libnpmaccess@7.0.1
- Workspace:
libnpmdiff@5.0.6
- Workspace:
libnpmexec@5.0.6
- Workspace:
libnpmfund@4.0.6
- Workspace:
libnpmhook@9.0.1
- Workspace:
libnpmorg@5.0.1
- Workspace:
libnpmpack@5.0.6
- Workspace:
libnpmpublish@7.0.6
- Workspace:
libnpmsearch@6.0.1
- Workspace:
libnpmteam@5.0.1
9.1.3 (2022-11-30)
ffbdea2
#5894 npm pack filename on scoped packages (#5894) (@HenryNguyen5)c26d708
#5884 validate username at get-identity (#5884) (@sosoba, @nlf)
ea948dc
#5881 update description of npm exec (#5881) (@styfle, @wraithgar)40f2c21
#5865 ci-info url (#5865) (@wraithgar)681a45b
#5875 run the comand for directory workspaces (#5875) (@1aron)681a45b
#5875 add workspace directory example (#5875) (@1aron)
- Workspace:
@npmcli/arborist@6.1.4
- Workspace:
libnpmdiff@5.0.5
- Workspace:
libnpmexec@5.0.5
- Workspace:
libnpmfund@4.0.5
- Workspace:
libnpmpack@5.0.5
- Workspace:
libnpmpublish@7.0.5
9.1.2 (2022-11-16)
a351685
#5858 move from @npmcli/ci-detect to ci-info (#5858)- Workspace:
@npmcli/arborist@6.1.3
- Workspace:
libnpmdiff@5.0.4
- Workspace:
libnpmexec@5.0.4
- Workspace:
libnpmfund@4.0.4
- Workspace:
libnpmpack@5.0.4
- Workspace:
libnpmpublish@7.0.4
9.1.1 (2022-11-09)
335c7e4
#5813cacache@17.0.2
878ddfb
@npmcli/fs@3.1.0
- Workspace:
@npmcli/arborist@6.1.2
- Workspace:
libnpmdiff@5.0.3
- Workspace:
libnpmexec@5.0.3
- Workspace:
libnpmfund@4.0.3
- Workspace:
libnpmpack@5.0.3
- Workspace:
libnpmpublish@7.0.3
9.1.0 (2022-11-02)
1f5382d
#5789 don't setstdioString
for any spawn/run-script calls (@lukekarrys)8fd614a
use promiseSpawn.open instead of opener (@nlf)41843ad
use an absolute path to notepad.exe by default, correct docs (@nlf)0c5834e
#5758 use hosted-git-info to parse registry urls (#5758) (@lukekarrys)
b89c19e
#5795cli-table3@0.6.3
6b6dfca
fastest-levenshtein@1.0.16
9972ed1
@npmcli/ci-detect@3.0.1
024e612
abbrev@2.0.0
66f9bcd
nopt@7.0.0
5730d17
tar@6.1.12
2fef570
node-gyp@9.3.0
abfb28b
@npmcli/run-script@6.0.0
205e2fd
pacote@15.0.6
ac25863
remove opener,@npmcli/promise-spawn@6.0.1
,@npmcli/run-script@5.1.1
,@npmcli/git@4.0.3
,pacote@15.0.5
,which@3.0.0
- Workspace:
@npmcli/arborist@6.1.1
- Workspace:
@npmcli/config@6.1.0
- Workspace:
libnpmdiff@5.0.2
- Workspace:
libnpmexec@5.0.2
- Workspace:
libnpmfund@4.0.2
- Workspace:
libnpmpack@5.0.2
- Workspace:
libnpmpublish@7.0.2
- Workspace:
libnpmversion@4.0.1
9.0.1 (2022-10-26)
de6618e
#5757@npmcli/promise-spawn@5.0.0
(#5757)5625274
#5755hosted-git-info@6.1.0
(#5755)32bdd68
#5754npm-packlist@7.0.2
(#5754)- Workspace:
@npmcli/arborist@6.1.0
- Workspace:
libnpmdiff@5.0.1
- Workspace:
libnpmexec@5.0.1
- Workspace:
libnpmfund@4.0.1
- Workspace:
libnpmpack@5.0.1
- Workspace:
libnpmpublish@7.0.1
9.0.0 (2022-10-19)
- Workspace:
@npmcli/arborist@6.0.0
- Workspace:
libnpmaccess@7.0.0
- Workspace:
libnpmdiff@5.0.0
- Workspace:
libnpmexec@5.0.0
- Workspace:
libnpmfund@4.0.0
- Workspace:
libnpmhook@9.0.0
- Workspace:
libnpmorg@5.0.0
- Workspace:
libnpmpack@5.0.0
- Workspace:
libnpmpublish@7.0.0
- Workspace:
libnpmsearch@6.0.0
- Workspace:
libnpmteam@5.0.0
- Workspace:
libnpmversion@4.0.0
9.0.0-pre.6 (2022-10-19)
npm
now outputs some json errors on stdout. Previouslynpm
would output all json formatted errors on stderr, making it difficult to parse as the stderr stream usually has logs already written to it. In the future,npm
will differentiate between errors and crashes. Errors, such asE404
andERESOLVE
, will be handled and will continue to be output on stdout. In the case of a crash,npm
will log the error as usual but will not attempt to display it as json, even in--json
mode. Moving a case from the category of an error to a crash will not be considered a breaking change. For more information see npm/rfcs#482.npm config set
will no longer accept deprecated or invalid config options.timing
andloglevel
changestiming
has been removed as a value for--loglevel
--timing
will show timing information regardless of--loglevel
, except when--silent
- deprecate boolean install flags in favor of
--install-strategy
- deprecate --global-style, --global now sets --install-strategy=shallow
- deprecate --legacy-bundling, now sets --install-strategy=nested
- npm will no longer attempt to modify ownership of files it creates
- this package no longer attempts to change file ownership automatically
- this package no longer attempts to change file ownership automatically
d3543e9
output json formatted errors on stdout (#5716) (@lukekarrys)be642c6
refuse to set deprecated/invalid config (#5719) (@wraithgar)332914b
separate configs for--timing
and--loglevel
(@lukekarrys)f653785
deprecatedkey
,cert
config options and updated registry scoped auth docs (@fritzy)de2d33f
add --install-strategy=hoisted|nested|shallow, deprecate --global-style, --legacy-bundling (#5709) (@fritzy)58065bc
#5704 do not alter file ownership (@nlf)475e9b6
#5703 do not alter file ownership (@nlf)
6ffa5b7
npm hook ls
duplicates hook name prefixes (#5295) (@gennadiygashev)1afe5ba
account for new npm-package-arg behavior (@wraithgar)353b5bb
#5710 remove chownr and mkdirp-infer-owner (@nlf)
9e74d3e
update supported engines in readme (#5725) (@lukekarrys)
88137a3
npmlog@7.0.1
2008ea6
npm-package-arg@10.0.0
,pacote@15.0.2
aa01072
#5707 update the following dependencies- Workspace:
@npmcli/arborist@6.0.0-pre.5
- Workspace:
libnpmaccess@7.0.0-pre.2
- Workspace:
libnpmdiff@5.0.0-pre.3
- Workspace:
libnpmexec@5.0.0-pre.5
- Workspace:
libnpmfund@4.0.0-pre.5
- Workspace:
libnpmhook@9.0.0-pre.1
- Workspace:
libnpmorg@5.0.0-pre.1
- Workspace:
libnpmpack@5.0.0-pre.4
- Workspace:
libnpmpublish@7.0.0-pre.4
- Workspace:
libnpmsearch@6.0.0-pre.1
- Workspace:
libnpmteam@5.0.0-pre.1
- Workspace:
libnpmversion@4.0.0-pre.1
9.0.0-pre.5 (2022-10-13)
- the presence of auth related settings that are not scoped to a specific registry found in a config file is no longer supported and will throw errors
- the
node-version
andnpm-version
configs have been removed. - links generated from git urls will now use
HEAD
instead ofmaster
as the default ref
a09e19d
#5696 introduce thenpm config fix
command (@nlf)d2963c6
explicitly validate config within the cli (@nlf)a5fec08
rewrite docs generation (@lukekarrys)
a8532eb
#5661 typo missing parentheses (@hbrls)542efdb
updatefolders
page for modern npm (@shalvah)
cee3fd9
@npmcli/config@5.0.0
2a740b1
#5692hosted-git-info@6.0.0
- Workspace:
libnpmpack@5.0.0-pre.3
- Workspace:
libnpmpublish@7.0.0-pre.3
9.0.0-pre.4 (2022-10-05)
e4e8ae2
libnpmpack: obey foregroundScripts (@winterqt)07fabc9
#5633npm link
should override--install-links
(#5633) (@fritzy)02fcbb6
#5634 ensure Arborist constructor gets passed around everywhere for pacote (#5634) (@nlf)
f37caad
#5606 accurately describe install-links effect on relative paths (#5606) (@lukekarrys)97c32ed
#5637 remove link to cache command (#5637) (@wraithgar)130bc9f
#5626 Remove circular reference (#5626) (@giovanniPepi)
5344d2c
#5644pacote@14.0.0
6a43b31
@npmcli/metavuln-calculator@4.0.0
501f8ca
#5640semver@7.3.8
(#5640)8b072dc
#5639@npmcli/ci-detect@3.0.0
(#5639)1ebbb44
#5638npm-profile@7.0.0
(#5638)- Workspace:
@npmcli/arborist@6.0.0-pre.4
- Workspace:
libnpmdiff@5.0.0-pre.2
- Workspace:
libnpmexec@5.0.0-pre.4
- Workspace:
libnpmfund@4.0.0-pre.4
- Workspace:
libnpmpack@5.0.0-pre.2
- Workspace:
libnpmpublish@7.0.0-pre.2
9.0.0-pre.3 (2022-09-30)
npm pack
now follows a strict order of operations when applying ignore rules. If a files array is present in the package.json, then rules in .gitignore and .npmignore files from the root will be ignored.--timing
file changes:- When run with the
--timing
flag,npm
now writes timing data to a file alongside the debug log data, respecting thelogs-dir
option and falling back to<CACHE>/_logs/
dir, instead of directly inside the cache directory. - The timing file data is no longer newline delimited JSON, and instead
each run will create a uniquely named
<ID>-timing.json
file, with the<ID>
portion being the same as the debug log. - Finally, the data inside the file now has three top level keys,
metadata
,timers, and
unfinishedTimers` instead of everything being a top level key.
- When run with the
3ae796d
implement newnpm-packlist
behavior (@lukekarrys)e64d69a
#5581 write eresolve error files to the logs directory (@lukekarrys)3445da0
timings are now written alongside debug log files (@lukekarrys)
bc21552
#5603npm-package-arg@9.1.2
- Workspace:
@npmcli/arborist@6.0.0-pre.3
- Workspace:
libnpmdiff@5.0.0-pre.1
- Workspace:
libnpmexec@5.0.0-pre.3
- Workspace:
libnpmfund@4.0.0-pre.3
- Workspace:
libnpmpack@5.0.0-pre.1
- Workspace:
libnpmpublish@7.0.0-pre.1
9.0.0-pre.2 (2022-09-23)
- the default
auth-type
config value is nowweb
login
,adduser
, andauth-type
changes- This removes all
auth-type
configs exceptweb
andlegacy
. login
andadduser
are now separate commands that send different data to the registry.auth-type
config valuesweb
andlegacy
only try their respective methods, npm no longer tries them all and waits to see which one doesn't fail.
- This removes all
66ed584
#5551 default auth-type to web (#5551) (@wraithgar)6ee5b32
query: displayqueryContext
in results (@nlf)314311c
#5550 separate login/adduser, remove auth types (#5550) (@wraithgar)
0d90a01
#5480 audit: add a condition to allow third-party registries returning E400 (#5480) (@juanheyns, Juan Heyns)
2d756cb
#5527 add instruction to query objects with npm view (#5527) (@moonith)8743366
#5519 add hash to "tag" config link (#5519) (@mrienstra, @lukekarrys)5645c51
#5521 link mentions of config parameters (#5521) (@mrienstra)19762b4
#5529 modify Misleading doc about bins (@Hafizur046)19762b4
#5529 modify misleading doc about package.json:bin (#5529) (@Hafizur046)8402fd8
#5547 add:outdated
pseudo selector to docs (@nlf)
d030f10
@npmcli/query@2.0.0
- Workspace:
@npmcli/arborist@6.0.0-pre.2
- Workspace:
libnpmexec@5.0.0-pre.2
- Workspace:
libnpmfund@4.0.0-pre.2
9.0.0-pre.1 (2022-09-14)
- renames most of the
npm access
subcommands - the api for libnpmaccess is different now
c3d7549
add tag to publish log message (@wraithgar)
fd0eebe
update registry docs header (@hughlilly)
- Workspace:
@npmcli/arborist@6.0.0-pre.1
- Workspace:
libnpmaccess@7.0.0-pre.1
- Workspace:
libnpmexec@5.0.0-pre.1
- Workspace:
libnpmfund@4.0.0-pre.1
9.0.0-pre.0 (2022-09-08)
- workspaces: all workspace packages are now compatible with the following semver range for node:
^14.17.0 || ^16.13.0 || >=18.0.0
- this removes the
npm birthday
command - this removes
npm set-script
- this changes the default value of
install-links
to true - this removes the
npm bin
command npm
is now compatible with the following semver range for node:^14.17.0 || ^16.13.0 || >=18.0.0
e95017a
#5485 feat(workspaces): update supported node engines in package.json (@lukekarrys)49bbb2f
#5455 feat: removenpm birthday
(@wraithgar)926f0ad
#5456 feat: removenpm set-script
(@wraithgar)2a8c2fc
#5458 feat: defaultinstall-links
to true (@wraithgar)2e92800
#5459 feat: removenpm bin
(@wraithgar)457d388
#5475 feat: update supported node engines in package.json (@wraithgar)
7fc2b6f
#5468 docs: remove duplicate description forprepare
script (@kidonng)285b39f
#5324 docs: add documentation for expanded :semver selector (@nlf)
- The following workspace dependencies were updated
- dependencies
- @npmcli/arborist bumped from ^5.6.1 to ^6.0.0-pre.0
- libnpmaccess bumped from ^6.0.4 to ^7.0.0-pre.0
- libnpmdiff bumped from ^4.0.5 to ^5.0.0-pre.0
- libnpmexec bumped from ^4.0.12 to ^5.0.0-pre.0
- libnpmfund bumped from ^3.0.3 to ^4.0.0-pre.0
- libnpmhook bumped from ^8.0.4 to ^9.0.0-pre.0
- libnpmorg bumped from ^4.0.4 to ^5.0.0-pre.0
- libnpmpack bumped from ^4.1.3 to ^5.0.0-pre.0
- libnpmpublish bumped from ^6.0.5 to ^7.0.0-pre.0
- libnpmsearch bumped from ^5.0.4 to ^6.0.0-pre.0
- libnpmteam bumped from ^4.0.4 to ^5.0.0-pre.0
- libnpmversion bumped from ^3.0.7 to ^4.0.0-pre.0
- dependencies