Latest tag on npm registry downgraded from v8 to v7

[gom59]

Description

On my dockerized nodejs app, when I do npm outdated

I get :

Package Current Wanted Latest Location Depended by express-jwt 8.4.1 8.4.1 7.7.8 node_modules/express-jwt app

I have been on 8.4.1 for a while... was there a mistake in the last release?

npm info also points to 7.7.8:

npm info express-jwt

express-jwt@7.7.8 | MIT | deps: 3 | versions: 71 JWT authentication middleware. https://github.com/auth0/express-jwt#readme

keywords: auth, authn, authentication, authz, authorization, http, jwt, token, oauth, express

dist .tarball: https://registry.npmjs.org/express-jwt/-/express-jwt-7.7.8.tgz .shasum: b3a7741a89859b198b22bea04d97a96452a68b91 .integrity: sha512-M/n6aX0LhhtX7OEE1OATRTlxzb1OGW4nlx/knL1BZBk1ZyKxannE7TWwGMD+KxoCU9vqolP9+NPCIlgXiQJXTw== .unpackedSize: 25.4 kB

dependencies: @types/jsonwebtoken: ^8.5.8 express-unless: ^2.1.3 jsonwebtoken: ^9.0.2

maintainers:

• woloski matiasw@gmail.com
• rithuc23 rithu.chandrasekar@auth0.com
• jfromaniello jfromaniello@gmail.com
• edgarchirivella-okta edgar.chirivella@okta.com
• sanjay.manikandhan sanjay.manikandhan@okta.com
• ncluer natalie.cluer@gmail.com
• vic-dev vmichellej@gmail.com
• enriquepina enrique.pina@auth0.com
• ece-okta ece.tavasli@auth0.com
• pubalokta pablo.ubal@okta.com
• dougmiller-okta douglas.miller@auth0.com
• zak.nour zak.nour@auth0.com
• stheller stefan.heller@auth0.com
• jamescgarrett-okta james.garrett@auth0.com
• madhuri.rm23 madhuri.ravindramohan@okta.com
• willvedd willvedd@gmail.com
• david.renaud.okta david.renaud@okta.com
• jeff.shuman jeff.shuman@auth0.com
• auth0-oss oss.sdks@auth0.com
• codepete peter.ung@auth0.com
• ziluvatar eduardo.diaz@okta.com
• iaco sebastian.iacomuzzi@gmail.com
• cocojoe martin.walsh@gmail.com
• auth0npm devops+npm@auth0.com
• auth0brokkr support@auth0.com
• hzalaz hernan@auth0.com
• aaguiarz andres.aguiar@gmail.com
• charlesrea charles.rea@auth0.com
• lbalmaceda balmacedaluciano@gmail.com
• julien.wollscheid julien.wollscheid@auth0.com
• cristiandouce cristiandouce@gmail.com
• sambego sambellen@gmail.com
• stevehobbsdev steve.hobbs@auth0.com
• sandrinodimattia sandrino@dimattia.be
• lzychowski les.zychowski@auth0.com
• joshcanhelp josh@joshcanhelp.com
• davidpatrick0 david.patrick@auth0.com
• widcket zeta@widcket.com
• adamjmcgrath adamjmcgrath@gmail.com
• jim.andersoon jim.anderson@auth0.com
• frederikprijck frederik.prijck@gmail.com
• sergii.biienko sergii.biienko@auth0.com
• tomauth0 tom.carter@auth0.com
• jpadilla hello@jpadilla.com
• jessele jesse.le@auth0.com
• rhamzeh_auth0 raghd.hamzeh@auth0.com
• pose albertopose@gmail.com
• jaredhanson jaredhanson@gmail.com
• dschenkelman damian.schenkelman@gmail.com
• heyitsry ryan.wilke@auth0.com

dist-tags: latest: 7.7.8

published 2 days ago by jfromaniello jfromaniello@gmail.com

Environment

I am running in the following Docker environment: FROM node:20.8.1-alpine3.18 AS base RUN npm install -g npm@10.1.0

[mirkonasato]

I'd suggest editing the title of this issue to e.g. "Latest tag on npm registry downgraded from v8 to v7" to make it clearer.

I doubt it was intentional to make v7.x the latest 2 years after v8 was released: https://www.npmjs.com/package/express-jwt?activeTab=versions

[jfromaniello]

@mirkonasato is right, it was not intentionally. I published a patch on the v7 major and forgot that npm automatically set latest now.

Thanks for the heads up. It has been fixed.

[gom59]

Perfect, thank you!