-
Notifications
You must be signed in to change notification settings - Fork 30k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
deps: upgrade npm to 4.0.2 #9848
Conversation
I guess this supersedes #9284 so I’ll be closing that one. :) |
@addaleax Oh! Yes indeed, thank you for that! =) |
Tests pass, I suppose this is fine to land on |
PR needs to be rebased and updated to resolve conflicts |
@nodejs/ctc be warned: this is going to a vote at next week's meeting so we can resolve it without going in circles. It's going to be merged into master so the question is whether it goes into v7. We held back v3 because of the large delta and high chance of breaking users' workflows. This change set is much smaller and contains less risk for tripping up users. It also contains changes (prepublish deprecation) that are going through a deprecation cycle which we may want to hand off to users in preparation for npm@5. So @nodejs/ctc, please look over the breaking changes listed in OP and try and form an opinion about whether to consider this a breaking change for Node or not. Please drop your vote in here unless you're sure you'll be at next week's meeting |
I'm +1 on this change landing on Master. |
/cc @nodejs/npm for all of the above (and if you have any strong opinions, it’s probably the right time to voice them) Barring any shocking new insights I’d be +1 on landing on master and v7.x. |
....how are there any conflicts on this? Unless folks have been messing with That said, y'all can merge this, but |
@zkat I think the diff for this commit was built off a version of master that didn't have the latest v3.x Likely that is where conflicts come from |
For those who were wondering if the prepublish deprecation prints something, the answer is yes. Here is the output:
I think that if we decide not to land npm 4 in node 7, npm 3 should be updated to support |
@zkat I merged the npm@3 update to |
I’m closing this and moving the |
Checklist
make -j8 test
(UNIX), orvcbuild test nosign
(Windows) passesAffected core subsystem(s)
deps
Description of change
Breaking changes:
npm-shrinkwrap.json
isconsidered a complete installation manifest except for
devDependencies
.npm shrinkwrap
includes development dependencies by default. You can avoid doing this withnpm shrinkwrap --only=prod
. Likewise if your shrinkwrap contains dev dependencies you can avoid installing them withnpm install --only=prod
or settingNODE_ENV
toproduction
.prepublish
has been deprecated, replaced byprepare
. AprepublishOnly
script has been temporarily added, which will only run on
npm publish
.npm search
rewritten to stream results, and no longer supports sorting.npm scripts
no longer prepend the path of the node executable used to runnpm before running scripts. A
--scripts-prepend-node-path
option has beenadded to configure this behavior.
npat
has been removed.npm outdated
exits with exit code1
if it finds any outdated packages.npm tag
has been removed after a deprecation cycle. Usenpm dist-tag
.Other notable changes:
Npm-In-CI
andNpm-Scope
headers to registries when fetching modules. The former will allow registries to more accurately distinguish between CI and user traffic. The latter will allow registries to implement features on the basis of the scope of the project (rather than the module actually being installed).Changelogs
r: @jasnell
r: @Fishrock123