Fails to install with older versions of npm

[amudukutore]

The '^' specifier used in package.json is not available on versions of the semver module (used by npm) bundled with older versions of node (for example, 0.8.3). This will cause npm installs to fail with the following error: npm ERR! Error: No compatible version found: assert-plus@'^0.1.5'

[pfmooney]

Versions of npm which are unable to handle the '^ver' notation are likely malfunction in other ways as well. Considering that, I would suggest either upgrading npm or locking the version to 0.10.0.

[amudukutore]

Perhaps the 'engines' specifier should be changed to have "node": ">=0.10" post https://github.com/joyent/node-http-signature/commit/9dd73730d478bd114cdf3b161d5163eff26f9432

[dwlf]

@mudukutore you are correct. Do you want to submit the pull request?

[pfmooney]

@mudukutore Engine requirements have not changed since the code should run on v0.8.x. The issue lies with npm version parsing.

[dwlf]

Closing as won't fix. @pfmooney has convinced me otherwise. http-signature should run and be supported on node 0.8 with a newer version of npm.

[amudukutore]

Per the npm docs, you can also use the "engines" field to specify which versions of npm are capable of properly installing your program. Support for the caret operator was first included as part of semver v2.1.0 which was listed as an npm dependency in npm v1.3.7. Therefore, adding something along the lines of the following would seem appropriate: { "engines" : { "npm" : ">= 1.3.7" } }

[dwlf]

@mudukutore that sounds good. Are you able to test and submit a pull request?

[amudukutore]

Yes, will do.