Closed greenkeeper[bot] closed 7 years ago
Your tests are still failing with this version. Compare the changes π¨
Hi all! I'm Kat, and I'm currently sitting in a train traveling at ~300km/h through Spain. So clearly, this release should have something to do with speed. And it does! Heck, with this release, you could say we're really blazing, even.
You might recall if you've been keeping up that one of the reasons for a semver-major bump to npm@4
was an improved CLI search (read: no longer blowing up Node). The work done for that new search system, while still relying on a full metadata download and local search, was also meant to act as groundwork for then-ongoing work on a brand-new, smarter search system for npm. Shortly after npm@4
came out, the bulk of the server-side work was done, and with this release, the npm CLI has integrated use of the new endpoint for high-quality, fast-turnaround searches.
No, seriously, it's fast. And relevant:
Give it a shot! And remember to check out the new website version of the search, too, which uses the same backend as the CLI now.
Incidentally, the backend is a public service, so you can write your own search tools, be they web-based, CLI, or GUI-based. You can read up on the full documentation for the search endpoint, and let us know about the cool things you come up with!
ce3ca51
#15481 Add an internal gunzip-maybe
utility for optional gunzipping. (@zkat)e322932
a53055e
a1f4365
c56618c
#15481 Add support for using the new npm search endpoint for fast, quality search results. Includes a fallback to "classic" search. (@zkat)This is another pretty significant change: Usually, when the npm process crashed, you would get an npm-debug.log
in your current working directory. This debug log would get cleared out as soon as you ran npm again. This was a bit annoying because 1) you would get a random file in your git status
that you might accidentally commit, and 2) if you hit a hard-to-reproduce bug and instinctually tried again, you would no longer have access to the repro npm-debug.log
.
So now, any time a crash happens, we'll save your debug logs to your cache folder, under _logs
(~/.npm
on *nix, by default -- use npm config get cache
to see what your current value is). The cache will now hold a (configurable) number of npm-debug.log
files, which you can access in the future. Hopefully this will help clean stuff up and reduce frustration from missed repros! In the future, this will also be used by npm report
to make it super easy to put up issues about crashes you run into with npm.
04fca22
#11439 Put debug logs in $(npm get cache)/_logs
and store multiple log files. (@KenanY) (@othiym23) (@isaacs) (@iarna)ae8e71c
#15402 Add missing backtick in one of the npm doctor
messages. (@watilde, @charlotteis)821fee6
#15480 Clarify that unscoped packages can depend on scoped packages and vice-versa. (@chocolateboy)2ee45a8
#15515 Update minimum supported Node version number in the README to node@>=4
. (@watilde)af06aa9
#15520 Add section to npm-scope
docs to explain that scope owners will own scoped packages with that scope. That is, user @alice
is not allowed to publish to @bob/my-package
unless explicitly made an owner by user (or org) @bob
. (@hzoo)bc892e6
#15539 Replace http
with https
and fix typos in some docs. (@watilde)1dfe875
#15545 Update Node.js download link to point to the right place. (@watilde)The new version differs by 20 commits .
5933720
4.2.0
819b6a6
update AUTHORS
c64def9
doc: update changelog for npm@4.2.0
81ea3e8
mississippi@1.3.0
b824bfb
ansi-regex@2.1.1
1dfe875
doc: update Node.js download link (#15545)
bc892e6
doc: Fix typo and replace http with https (#15539)
af06aa9
doc: add section about scopes only belonging to user/org (#15520)
2ee45a8
docs: update supported version number of Node.js (#15515)
821fee6
doc: clarify that unscoped packages can depend on scoped packages (#15480)
d75fc03
run-script: keep exit code (#15413)
ae8e71c
doctor: close the message brackets (#15402)
c56618c
doc: documented new searchlimit option
a1f4365
test: tests for new search code
a53055e
config: added config for searchlimit
There are 20 commits in total. See the full diff.
Your tests are still failing with this version. Compare the changes π¨
Yay! Release time! It's a rainy day, and we have another smallish release for y'all. These things are not necessarily related. Or are they
As far as news go, you may have noticed that the CLI team dropped support fornode@0.12
when that version went out of maintenance. Still, we've avoided explicitly breaking it and node@0.10
so far -- but not much longer.
Sometime soon, the CLI team plans on switching over to language features onlyavailable as of node@4 LTS
, and will likely start dropping old versions of node as they go out of maintenance. The new features are exciting! We're really looking forward to using them in the core CLI (and its dependencies) as we keep upwith our current feature work.
And speaking of features, this release is a minor bump due to a small change inhow npm login
works for the sake of supporting OAuth-based login for npmEnterprise users. But we won't leave the rest of y'all out -- we're working on a larger version of this feature. Soon enough, you'll be able to log in to npmwith, say, GitHub -- and use some shiny features that come from the integration. Or turn on 2FA and other such security features. Keep your eyes peeled for newon this in the next few releases and our weekly newsletter!
There's a new command line option: --auth-type
, which can be used to log in toa supporting registry with OAuth2 or SAML. The current implementation is mainly meant to support npmE customers, so if you're one of those: ask us about using it! If not, just hold off cause we'll have a much more complete version of this feature out soon.
ac8595e
bcf2dd8
9298d20
66b61bc
dc85de7
#13389 Implement single-sign-on support with --auth-type
option. (@zkat)request
is pretty heavy. And it loads a bunch of things. It's actually a pretty big chunk of npm's load time. This small patch by Rebecca will make it so npm only loads that module when we're actually intending to make network requests. Those of you who use npm commands that run offline might see a small speedup in startup time.
4ad9247
#15630 Fix formatting/rendering for root npm README. (@ungoldman)The new version differs by 13 commits .
892f531
4.3.0
788834e
update AUTHORS
87db3f0
doc: update changelog for npm@4.3.0
87f366d
aproba@1.1.1
a1d85be
hosted-git-info@2.2.0
3be0168
npm-registry-mock@1.1.0
d8ee340
test: add tests for oauth and saml support
77a0719
doc: document new auth options
483770d
config: added new auth-related configs
95f5157
adduser: add oauth and saml support
36541ec
adduser: refactor legacy login into its own module
d85d58d
npm: Lazy load caching-registry-client (#15631)
6faa462
doc: fix readme formatting (#15630)
See the full diff.
Your tests are still failing with this version. Compare the changes π¨
This is a quick little patch release to forgo the update notification checker if you're on an unsuported (but not otherwise broken) version of Node.js. Right now that means 0.10 or 0.12.
56ac249
#15864 Only use update-notifier
on supported versions. (@legodude17)The new version differs by 28 commits .
d460152
4.4.1
ec05913
update AUTHORS
83bf13c
doc: Changelog for 4.4.1
56ac249
cli: only use update-notifier
on supported versions
a08189f
transitive: validate-npm-package-name
27ae2d7
4.4.0
20a6530
update AUTHORS
d841f73
doc: update changelog for 4.4.0
8ea0de9
error-handler: Write logs for cb() never called
e544124
error-handler: Make error output less verbose
166bda9
error-message: Stop encouraging users to always visit the issue tracker.
426b180
metrics: Default reporting metrics to default registry
f4c3f48
config: change apply to call
53412eb
validate-tree: Warn on deps in both dependencies and devDependencies
148ee66
npm-cli: add update-notifier & use it
There are 28 commits in total. See the full diff.
Your tests are still failing with this version. Compare the changes π¨
next
release for ya today. So, yes! With v4.4.3 we fixed the bug that made bundled scoped modules uninstallable. But somehow I overlooked the fact that we: A) were using these and B) that made upgrading to v4.4.3 impossible.
So I've renamed those two scoped modules to no longer use scopes and we now have a shiny new test to ensure that scoped modules don't creep into our transitive deps and make it impossible to upgrade to npm
.
(None of our woes applies to most of you all because most of you all don't use bundled dependencies. npm
does because we want the published artifact to be installable without having to already have npm
.)
2a7409fcb
#16066 Ensure we aren't using any scoped modules. Because npm
s prior 4.4.3 can't install dependencies that have bundled scoped modules. This didn't show up sooner because they ALSO had a bug that caused bundled scoped modules to not be included in the bundle. (@iarna)eb4c70796
#16066 Switch to move-concurrently to remove scoped dependency (@iarna)The new version differs by 49 commits .
63468a6
4.4.4
f19e594
doc: Changelog for 4.4.4
eb4c707
deps: Switch to move-concurrently to remove scoped dependency
2a7409f
test: Ensure we aren't using any scoped modules
a339311
actions: Remove npat vestigals
b4a8a50
doc: Fix year in changelog!
d24aa3b
4.4.3
4846fe9
doc: update changelog for npm@4.4.3
2bdd6ee
scripts: Allow longer short-committishes when generating changelogs
6754dab
deps: Flatten out @npmcorp/move's deps for backwards compatibility reasons
a96eaf7
bundles: Keep track of which module is providing which bundles
722fbf0
extract: Rewrite for greater clarity
d6cde98
error-message: Stop printing ENOENT errors more than once
13c7fdc
extract: Fix bug where bundled scoped deps weren't extracted properly
1af85ca
pack: Bundle dependencies inside bundled scope deps
There are 49 commits in total. See the full diff.
Your tests are passing again with this version. Explicitly upgrade to this version π
Welcome a wrinkle on npm's registry API!
Codename: Corgi
This release has some bug fixes, but it's mostly about bringing support for MUCH smaller package metadata. How much smaller? Well, for npm itself it reduces 416K of gzip compressed JSON to 24K.
As a user, all you have to do is update to get to use the new API. If you're interested in the details we've documented the changes in detail.
Package metadata: now smaller. This means a smaller cache and less to download.
86dad0d74
Add support for filtered package metadata. (@iarna)41789cffa
npm-registry-client@8.1.0
(@iarna)Previously we needed to extract every package's tarball to look for an npm-shrinkwrap.json
before we could begin working through what its dependencies were. This was one of the things stopping npm's network accesses from happening more concurrently. The new filtered package metadata provides a new key, _hasShrinkwrap
. When that's set to false
then we know we don't have to look for one.
4f5060eb3
#15969 Add support for skipping npm-shrinkwrap.json
extraction when the registry can affirm that one doesn't exist. (@iarna)878aceb25
#16129 Better handle Ctrl-C while running scripts. npm
will now no longer exit until the script it is running has exited. If you press Ctrl-C a second time it kill the script rather than just forwarding the Ctrl-C. (@jaridmargolin)def75eebf
hosted-git-info@2.4.1
: Preserve case of the user name part of shortcut specifiers, previously they were lowercased. (@iarna)eb3789fd1
node-gyp@3.6.0
: Add support for VS2017 and Chakracore improvements. (@refack) (@kunalspathak)245e25315
readable-stream@2.2.6
(@mcollina)30357ebc5
which@1.2.14
(@isaacs)The new version differs by 14 commits .
5d17fc9
4.5.0
3f88cb8
update AUTHORS
cac64b7
doc: Fix release dates in changelog
c97980b
doc: update Changelog for 4.5.0
bd624bf
npm: Replace http: URL in npm-shrinkwrap with https:
878aceb
lifecycle: On SIGINT, ensure process stays alive until child exits
86dad0d
extract: support minified packuments
95d4fc8
fetch-package-metadata: Support the _hasShrinkwrap registry metadata
6400d3a
script: fix lint error
30357eb
which@1.2.14
245e253
readable-stream@2.2.6
eb3789f
node-gyp@3.6.0
def75ee
hosted-git-info@2.4.1
41789cf
npm-registry-client@8.1.0
See the full diff.
Version 4.1.2 of npm just got published.
This version is covered by your current version range and after updating it in your project the build failed.
As npm is a direct dependency of this project this is very likely breaking your project right now. If other packages depend on you itβs very likely also breaking them. I recommend you give this issue a very high priority. Iβm sure you can resolve this :muscle:
Status Details
- β **continuous-integration/travis-ci/push** The Travis CI build failed [Details](https://travis-ci.org/shellscape/npm-version-tree/builds/195520565)Release Notes
v4.1.2v4.1.2 (2017-01-12)
We have a twee little release this week as we come back from the holidays.
0.12 IS UNSUPPORTED NOW (really)
After jumping the gun a little, we can now officially remove 0.12 from our supported versions list. The Node.js project has now officially ended even maintenance support for 0.12 and thus, so will we. To reiterate from the last time we did this:
What this means:
What this doesn't mean:
We're not super interested in taking sides on what version of Node.js you "should" be running. We're a workflow tool, and we understand that you all have a diverse set of operational environments you need to be able to support. At the same time, we are a small team, and we need to put some limits on what we support. Tracking what's supported by our runtime's own team seems most practical, so that's what we're doing.
c7bbba8
Remove 0.12 from our supported versions list. (@iarna)WRITING TO SYMLINKED
package.json
(AND OTHER FILES)If your
package.json
,npm-shrinkwrap.json
or.npmrc
were a symlink and you used annpm
command that modified one of these (egnpm config set
ornpm install --save
) then previously we would have removed your symlink and replaced it with an ordinary file. While making these files symlinks is pretty uncommon, this was still surprising behavior. With this fix we now overwrite the destination of the symlink and preserve the symlink itself.a583983
write-file-atomic#5 #10223write-file-atomic@1.3.1
: When the target is a symlink, write-file-atomic now overwrites the destination of the symlink, instead of replacing the symlink itself. This makes it's behavior matchfs.writeFile
.Fixed a bug where it would ALWAYS fs.stat to look up default mode and chown values even if you'd passed them in. (It still used the values you passed in, but did a needless stat.) (@iarna)
DEPENDENCY UPDATES
521f230
node-gyp@3.5.0
: Improvements to how Python is located. New--devdir
flag. (@bnoordhuis) (@mhart)ccd83e8
JSONStream@1.3.0
: Add new emitPath option. (@nathanwills)TEST IMPROVEMENTS
d76e084
Disable metric reporting for test suite even if the user has it enabled. (@iarna)Commits
The new version differs by 0 commits (ahead by 0, behind by 20).
See the full diff.
Not sure how things should work exactly?
There is a collection of [frequently asked questions](https://greenkeeper.io/faq.html) and of course you may always [ask my humans](https://github.com/greenkeeperio/greenkeeper/issues/new).Your Greenkeeper Bot :palm_tree: