124 KiB
v2.7.3 (2015-03-16):
HAHA WHOOPS LIL SHINKWRAP ISSUE THERE LOL
1549106
#7641 Due to 448efd0, runningnpm shrinkwrap --dev
caused production dependencies to no longer be included innpm-shrinkwrap.json
. Whoopsie! (@othiym23)
v2.7.2 (2015-03-12):
NPM GASTROENTEROLOGY
fb0ac26
#7579 Only block removing files and links when we're sure npm isn't responsible for them. This change is hard to summarize, because if things are working correctly you should never see it, but if you want more context, just go read the commit message, which lays it all out. (@othiym23)051c473
#7552bundledDependencies
are now properly included in the installation context. This is another fantastically hard-to-summarize bug, and once again, I encourage you to read the commit message if you're curious about the details. The snappy takeaway is that this unbreaks many use cases forember-cli
. (@othiym23)
LESS DRAMATIC CHANGES
fcd9247
#7597 Awk varies pretty dramatically from platform to platform, so use Perl to generate the AUTHORS list instead. (@KenanY)721b17a
#7598npm install --save
really isn't experimental anymore. (@RichardLitt)
DEPENDENCY REFRESH
a91f2c7
#7559node-gyp@1.0.3
Switchnode-gyp
to usestdio
instead ofcustomFds
so it stops printing a deprecation warning every time you build a native dependency. (@jeffbski)0c85db7
rimraf@2.3.2
: Globbing now deals with paths containing valid glob metacharacters better. (@isaacs)d14588e
minimatch@2.0.4
: Bug fixes. (@isaacs)aa9952e
graceful-fs@3.0.6
: Bug fixes. (@isaacs)
v2.7.1 (2015-03-05):
GITSANITY
6823807
#7121npm install --save
for Git dependencies saves the URL passed in, instead of the temporary directory used to clone the remote repo. Fixes using Git dependencies when shrinkwwapping. In the process, rewrote the Git dependency caching code. Again. No more single-letter variable names, and a much clearer workflow. (@othiym23)c8258f3
#7486 When installing Git remotes, the caching code was passing in the functiongitEnv
instead of the results of invoking it. (@functino)c618eed
#2556 Make it possible to install Git dependencies when using--link
by not linking just the Git dependencies. (@smikes)
WHY DID THIS TAKE SO LONG.
abdd040
read-package-json@1.3.2
: Provide more helpful error messages when JSON parse errors are encountered by using a more forgiving JSON parser than JSON.parse. (@smikes)
BUGS & TWEAKS
c56cfcd
#7525npm dedupe
handles scoped packages. (@KidkArolis)1b8ba74
#7531npm stars
andnpm whoami
will no longer send the registry the error text saying you need to log in as your username. (@othiym23)6de1e91
#6441 Prevent needless reinstalls by only updating packages when the current version isn't the same as the version returned aswanted
bynpm outdated
. (@othiym23)2abc3ee
Addnpm upgrade
as an alias fornpm update
. (@othiym23)bcd4722
#7508 FreeBSD usesEAI_FAIL
instead ofENOTFOUND
. (@othiym23)21c1ac4
#7507 Update support URL in generic error handler tohttps:
fromhttp:
. (@watilde)b6bd99a
#7492 On install, thepackage.json
engineStrict
deprecation only warns for the current package. (@othiym23)4ef1412
#7075 If you try to tag a release as a valid semver range,npm publish
andnpm tag
will error early instead of proceeding. (@smikes)ad53d0f
Userimraf
in npm build script because Windows doesn't know what rm is. (@othiym23)8885c4d
rimraf@2.3.1
: Better Windows support. (@isaacs)8885c4d
glob@4.4.2
: Handle bad symlinks properly. (@isaacs)
###E TYPSO & CLARFIICATIONS
dId yuo know that submiting fxies for doc tpyos is an exclelent way to get strated contriburting to a new open-saurce porject?
42c605c
Fix typo inCHANGELOG.md
(@adrianblynch)c9bd58d
Add note aboutnode_modules/.bin
being added to the path innpm run-script
. (@quarterto)903bdd1
Matt Ranney confused the world when he renamednode-redis
toredis
. "The world" includes npm's documentation. (@RichardLitt)dea9bb2
Fix typo in contributor link. (@watilde)1226ca9
Properly close code block in npm-install.md. (@olizilla)
v2.7.0 (2015-02-26):
SOMETIMES SEMVER MEANS "SUBJECTIVE-EMPATHETIC VERSIONING"
For a very long time (maybe forever?), the documentation for npm run-script
has said that npm restart
will only call npm stop
and npm start
when
there is no command defined as npm restart
in package.json
. The problem
with this documentation is that npm run-script
was apparently never wired up
to actually work this way.
Until now.
If the patch below were landed on its own, free of context, it would be a
breaking change. But, since the "new" behavior is how the documentation claims
this feature has always worked, I'm classifying it as a patch-level bug fix. I
apologize in advance if this breaks anybody's deployment scripts, and if it
turns out to be a significant regression in practice, we can revert this change
and move it to npm@3
, which is allowed to make breaking changes due to being
a new major version of semver.
2f6a1df
#1999 Only runstop
andstart
scripts (plus their pre- and post- scripts) when there's norestart
script defined. This makes it easier to support graceful restarts of services managed by npm. (@watilde / @scien)
A SMALL FEATURE WITH BIG IMPLICATIONS
145af65
#4887 Replace calls to thenode-gyp
script bundled with npm by passing the--node-gyp=/path/to/node-gyp
option to npm. Swap inpangyp
or a version ofnode-gyp
modified to work better with io.js without having to touch npm's code! (@ackalker)
@WATILDE'S NPM USABILITY CORNER
Following npm@2.6.1
's unexpected fix of many of the issues with npm update -g
simply by making --depth=0
the default for npm outdated
, friend of npm
@watilde has made several modest changes to npm's
behavior that together justify bumping npm's minor version, as well as making
npm significantly more pleasant to use:
448efd0
#2853 Add support for--dev
and--prod
tonpm ls
, so that you can list only the trees of production or development dependencies, as desired. (@watilde)a0a8777
#7463 Split the list printed bynpm run-script
into lifecycle scripts and scripts directly invoked vianpm run-script
. (@watilde)a5edc17
#6749init-package-json@1.3.1
: Support for passing scopes tonpm init
so packages are initialized as part of that scope / organization / team. (@watilde)
SMALLER FEATURES AND FIXES
It turns out that quite a few pull requests had piled up on npm's issue tracker, and they included some nice small features and fixes:
f33e8b8
#7354 Add--if-present
flag to allow e.g. CI systems to call (semi-) standard build tasks defined inpackage.json
, but don't raise an error if no such script is defined. (@jussi-kalliokoski)7bf85cc
#4005 #6248 Globally unlink a package whennpm rm
/npm unlink
is called with no arguments. (@isaacs)a2e04bd
#7294 Ensure that when depending ongit+<proto>
URLs, npm doesn't keep tacking additionalgit+
prefixes onto the front. (@twhid)0f87f5e
#6422 When depending on GitHub private repositories, make sure we construct the Git URLS correctly. (@othiym23)50f461d
#4595 Support finding compressed manpages. It's still up to the system to figure out how to display them, though. (@pshevtsov)44da664
#7465 When calling git, log the full command, with all arguments, on error. (@thriqon)9748d5c
Add parent to error onETARGET
error. (@davglass)37038d7
#4663 Remove hackaround for Linux tests, as it's evidently no longer necessary. (@mmalecki)d7b7853
#2612 Add support for path completion onnpm install
, which narrows completion to only directories containingpackage.json
files. (@deestan)628fcdb
Remove all command completion calls to-/short
, because it's been removed from the primary registry for quite some time, and is generally a poor idea on any registry with more than a few hundred packages. (@othiym23)3f6061d
#6659 Instead of removing zsh completion global, make it a local instead. (@othiym23)
DOCUMENTATION TWEAKS
5bc70e6
#7417 Provide concrete examples of how the newnpm update
defaults work in practice, tied to actual test cases. Everyone interested in usingnpm update -g
now that it's been fixed should read these documents, as should anyone interested in writing documentation for npm. (@smikes)8ac6f21
#6543 Clarifynpm-scripts
warnings to de-emphasize dangers of usinginstall
scripts. (@zeke)ebe3b37
#6711 Note that git tagging of versions can be disabled via--no-git-tag-verson
. (@smikes)2ef5771
#6711 Documentgit-tag-version
configuration option. (@KenanY)95e59b2
Document thatNODE_ENV=production
behaves analogously to--production
onnpm install
. (@stefaneg)687117a
#7463 Document the new script grouping behavior in the man page fornpm run-script
. (@othiym23)536b2b6
Rescue one of the the disabled tests and make it work properly. (@smikes)
DEPENDENCY UPDATES
89fc6a4
which@1.0.9
: Test for being run as root, as well as the current user. (@isaacs)5d0612f
glob@4.4.1
: Better error message to explain why calling sync glob with a callback results in an error. (@isaacs)64b07f6
tap@0.7.1
: More accurate counts of pending & skipped tests. (@rmg)8fda451
semver@4.3.1
: Make official the fact thatnode-semver
has moved from @isaacs's organization to @npm's. (@isaacs)
v2.6.1 (2015-02-19):
8b98f0e
#4471npm outdated
(and onlynpm outdated
) now defaults to--depth=0
. See the docs for--depth
for the mildly confusing details. (@smikes)aa79194
#6565 TweakpeerDependency
deprecation warning to include which peer dependency on which package is going to need to change. (@othiym23)5fa067f
#7171 TweakengineStrict
deprecation warning to include whichpackage.json
is using it. (@othiym23)0fe0caa
glob@4.4.0
: Glob patterns can now ignore matches. (@isaacs)
v2.6.0 (2015-02-12):
A LONG-AWAITED GUEST
38c4825
#5068 Add new logout command, and make it do something useful on both bearer-based and basic-based authed clients. (@othiym23)4bf0f5d
npm-registry-client@6.1.1
: Support newlogout
endpoint to invalidate token for sessions. (@othiym23)
DEPRECATIONS
c8e08e6
#6565 Warn thatpeerDependency
behavior is changing and add a note to the docs. (@othiym23)7c81a5f
#7171 Warn thatengineStrict
inpackage.json
will be going away in the next major version of npm (coming soon!) (@othiym23)
BUG FIXES & TWEAKS
add5890
#4668read-package-json@1.3.1
: Warn when abin
symbolic link is a dangling reference. (@nicks)4b42071
semver@4.3.0
: Add functions to extract parts of the version triple, fix a typo. (@isaacs)a9aff38
Use full path for man pages as the symbolic link source, instead of just the file name. (@bengl)6fd0fbd
#7233 Ensureglobalconfig
path exists before trying to edit it. (@ljharb)a0a2620
ini@1.3.3
: Allow embedded, quoted equals signs in ini field names. (@isaacs)
Also typos and other documentation issues were addressed by @rutsky, @imurchie, @marcin-wosinek, @marr, @amZotti, and @karlhorky. Thank you, everyone!
v2.5.1 (2015-02-06):
This release doesn't look like much, but considerable effort went into ensuring that npm's tests will pass on io.js 1.1.0 and Node 0.11.16 / 0.12.0 on both OS X and Linux.
NOTE: there are no actual changes to npm's code in npm@2.5.1
. Only test
code (and the upgrade of request
to the latest version) has changed.
npm-registry-mock@1.0.0
:
0e8d473
#7281npm-registry-mock@1.0.0
: Clean up API, setconnection: close
. (@robertkowalski)4707bba
Further update tests to work withnpm-registry-mock@1.0.0
. (@othiym23)41a0f89
Got rid of completely gratuitous global config manipulation in tests. (@othiym23)
MINOR DEPENDENCY TWEAK
v2.5.0 (2015-01-29):
SMALL FEATURE I HAVE ALREADY USED TO MAINTAIN NPM ITSELF
BUG FIXES & TWEAKS
fec4c96
Allow--no-proxy
to overrideHTTP_PROXY
setting in environment. (@othiym23)589acb9
Only setaccess
when publshing when it's explicitly set. (@othiym23)1027087
Add script andMakefile
stanza to update AUTHORS. (@KenanY)eeff04d
AddNPMOPTS
to top-level install inMakefile
to overrideuserconfig
. (@aredridel)0d17328
fstream@1.0.4
: Run chown only when necessary. (@silkentrance)9aa4622
columnify@1.4.1
: ES6ified! (@timoxley)51b2fd1
Update default version indocs/npm-config.md
. (@lucthev)
npm-registry-client@6.0.7
:
f9313a0
#7226 Ensure that all request settings are copied onto the agent. (@othiym23)e186f6e
Only setaccess
on publish when it differs from the norm. (@othiym23)f9313a0
Allow overriding request's environment-based proxy handling. (@othiym23)f9313a0
Properly handle retry failures on fetch. (@othiym23)
v2.4.1 (2015-01-23):
Let's accentuate the positive: the dist-tag
endpoints for npm dist-tag {add,rm,ls}
are now live on the public npm registry.
f70272b
npm-registry-client@6.0.3
: Properly escape JSON tag version strings and filter_etag
from CouchDB docs. (@othiym23)
v2.4.0 (2015-01-22):
REGISTRY 2: ACCESS AND DIST-TAGS
NOTE: This week's registry-2 commands are leading the implementation on
registry.npmjs.org a little bit, so some of the following may not work for
another week or so. Also note that npm access
has documentation and
subcommands that are not yet finished, because they depend on incompletely
specified registry API endpoints. Things are coming together very quickly,
though, so expect the missing pieces to be filled in the coming weeks.
c963eb2
#7181 NEWnpm access public
andnpm access restricted
: Toggle visibility of scoped packages. (@othiym23)dc51810
#6243 / #6854 NEWnpm dist-tags
: Directly managedist-tags
on packages. Most notably,dist-tags
can now be deleted. (@othiym23)4c7c132
#7181 / #6854npm-registry-client@6.0.1
: Add newaccess
anddist-tags
endpoints (@othiym23)
NOT EXACTLY SELF-DEPRECATING
BUG FIX AND TINY FEATURE
29a6ef3
#6850 Be smarter about determining base of file deletion when unbuilding. (@phated)4ad01ea
init-package-json@1.2.0
: Support--save-exact
innpm init
. (@gustavnikolaj)
v2.3.0 (2015-01-15):
REGISTRY 2: OH MY STARS! WHO AM I?
e662a60
The newwhoami
endpoint might not return a value. (@othiym23)c2cccd4
npm-registry-client@5.0.0
: Includes the following fine changes (@othiym23):
BETTER REGISTRY METADATA CACHING
98e1e10
#6791 Add caching based on Last-Modified / If-Modified-Since headers. Includes thisnpm-registry-client@5.0.0
change (@lxe):
HOW MUCH IS THAT WINDOWS IN THE DOGGY?
706d49a
#7107getCacheStat
passes a stub stat on Windows. (@rmg)5fce278
#5267 Use%COMSPEC%
when set on Windows. (@edmorley)cc2e099
#7083 Ensure Git cache prefix exists before repo clone on Windows. (@othiym23)
THRILLING BUG FIXES
c6fb430
#4197 Reportumask
as a 0-padded octal literal. (@smikes)209713e
#4197umask@1.1.0
: Properly handleumask
s (i.e. not decimal numbers). (@smikes)9eac0a1
Make the example for bin links non-destructive. (@KevinSheedy)6338bcf
glob@4.3.5
: " -> ', for some reason. (@isaacs)
v2.2.0 (2015-01-08):
88c531d
#7056 version doesn't need a package.json. (@othiym23)2656c19
#7095 Link to npm website instead of registry. (@konklone)c76b801
#7067 Obfuscate secrets, including nerfed URLs. (@smikes)17f66ce
#6849 Explain the tag workflow more clearly. (@smikes)e309df6
#7096 Really,npm update -g
is almost always a terrible idea. (@smikes)acf287d
#6999npm run-script env
: add a new default script that will print out environment values. (@gcb)560c009
#6745 Documentnpm update --dev
. (@smikes)226a677
#7046 We have never been the Node package manager. (@linclark)38eef22
npm-install-checks@1.0.5
: Compatibility with npmlog@^1. (@iarna)
v2.1.18 (2015-01-01):
v2.1.17 (2014-12-25):
merry npm xmas
Working with @phated, I discovered that npm still had some lingering race conditions around how it handles Git dependencies. The following changes were intended to remedy to these issues. Thanks to @phated for all his help getting to the bottom of these.
bdf1c84
#7006 Onlychown
template and top-level Git cache directories. (@othiym23)581a72d
#7006 Map Git remote inflighting to clone paths rather than Git URLs. (@othiym23)1c48d08
#7009normalize-git-url@1.0.0
: Normalize Git URLs while caching. (@othiym23)5423cf0
#7009 Pack tarballs to their final locations atomically. (@othiym23)7f6557f
#7009 Inflight local directory packing, just to be safe. (@othiym23)
Other changes:
1c491e6
#6991npm version
: fix regression in dirty-checking behavior (@rlidwka)55ceb2b
#1991 modify docs to reflect actualnpm restart
behavior (@smikes)fb8e31b
#6982 when doing registry operations, ensure registry URL always ends with/
(@othiym23)5bcba65
pull whitelisted Git environment variables out into a named constant (@othiym23)be04bbd
#7000 No longer install badly-named manpage files, and log an error when trying to uninstall them. (@othiym23)6b7c5ec
#7011 Send auth for tarball fetches for packages innpm-shrinkwrap.json
from private registries. (@othiym23)9b9de06
glob@4.3.2
: Better handling of trailing slashes. (@isaacs)030f3c7
semver@4.2.0
: Diffing between version strings. (@isaacs)
v2.1.16 (2014-12-22):
a4e4e33
#6987read-installed@3.1.5
: fixed a regression where a new / empty package would cause read-installed to throw. (@othiym23 / @pgilad)
v2.1.15 (2014-12-18):
e5a2dee
#6951fs-vacuum@1.2.5
: Usepath-is-inside
for better Windows normalization. (@othiym23)ac6167c
#6955 Callpath.normalize
inlib/utils/gently-rm.js
for better Windows normalization. (@ben-page)c625d71
#6964 Clarify CA configuration docs. (@jeffjo)58b8cb5
#6950 Fix documentation typos. (@martinvd)7c1299d
#6909 Remove confusing mention of rubygems~>
semver operator. (@mjtko)7dfdcc6
#6909semver@4.1.1
: Synchronize documentation with PR #6909 (@othiym23)adfddf3
#6925 Correct typo indoc/api/npm-ls.md
(@oddurs)f5c534b
#6920 Remove recommendation to run as root fromREADME.md
. (@robertkowalski)3ef4459
#6920npm-@googlegroups.com
has gone the way of all things. That means it's gone. (@robertkowalski)
v2.1.14 (2014-12-13):
v2.1.13 (2014-12-11):
cbb890e
#6897 npm is a nice package manager that runs server-side JavaScript. (@othiym23)d9043c3
#6893 Remove erroneous docs about preupdate / update / postupdate lifecycle scripts, which have never existed. (@devTristan)c5df4d0
#6884 Update npmjs.org to npmjs.com in docs. (@linclark)cb6ff8d
#6879 npm version: Update shrinkwrap post-check. (@othiym23)2a340bd
#6868 Use magic numbers instead of regexps to distinguish tarballs from other things. (@daxxog)f1c8bdb
#6861npm-registry-client@4.0.5
: Distinguish between error properties that are part of the response and error strings that should be returned to the user. (@disrvptor)d3a1b63
#6762 Makenpm outdated
ignore private packages. (@KenanY)16d8542
install.sh: Drop support for node < 0.8, remove engines bits. (@isaacs)b9c6046
init-package-json@1.1.3
: (@terinstock) noticed thatinit.license
configuration doesn't stick. Make sure that dashed defaults don't trump dotted parameters. (@othiym23)b6d6acf
which@1.0.8
: No longer use graceful-fs for some reason. (@isaacs)d39f673
request@2.51.0
: Incorporate bug fixes. (@nylen)c7ad727
columnify@1.3.2
: Incorporate bug fixes. (@timoxley)
v2.1.12 (2014-12-04):
e5b1e44
add alias verison=version (@isaacs)5eed7bd
request@2.49.0
(@nylen)e72f81d
glob@4.3.1
/minimatch@2.0.1
(@isaacs)b8dcc36
graceful-fs@3.0.5
(@isaacs)
v2.1.11 (2014-11-27):
4861d28
which@1.0.7
: License update. (@isaacs)30a2ea8
ini@1.3.2
: License update. (@isaacs)6a4ea05
fstream@1.0.3
: Propagate error events to downstream streams. (@gfxmonk)a558695
tar@1.0.3
: Don't extract broken files, propagatedrain
event. (@gfxmonk)989624e
#6767 Actually pass parameters when adding git repo to cach under Windows. (@othiym23)657af73
#6774 When verifying paths on unbuild, resolve both source and target as symlinks. (@hokaccha)fd19c40
#6713realize-package-specifier@1.3.0
: Make it so thatnpm install foo@1
work when a file named1
exists. (@iarna)c8ac37a
npm-registry-client@4.0.4
: Fix regression in failed fetch retries. (@othiym23)
v2.1.10 (2014-11-20):
756f3d4
#6735 Log "already built" messages at info, not error. (@smikes)1b7330d
#6729npm-registry-client@4.0.3
: GitHub won't redirect you through an HTML page to a compressed tarball if you don't tell it you accept JSON responses. (@KenanY)d9c7857
#6506readdir-scoped-modules@1.0.1
: Usegraceful-fs
so the whole dependency tree gets read, even in case ofEMFILE
. (@sakana)3a085be
Grammar fix in docs. (@icylace)3f8e2ff
Did you know that npm has a Code of Conduct? Add a link to it to CONTRIBUTING.md. (@isaacs)319ccf6
glob@4.2.1
: Performance tuning. (@isaacs)835f046
readable-stream@1.0.33
: Bug fixes. (@rvagg)a34c38d
request@2.48.0
: Bug fixes. (@nylen)
v2.1.9 (2014-11-13):
eed9f61
#6542npm owner add / remove
now works properly with scoped packages (@othiym23)cd25973
#6548 using sudo won't leave the cache's git directories with bad permissions (@othiym23)56930ab
fixed irregularnpm cache ls
output (yes, that's a thing) (@othiym23)740f483
legacy tests no longer poison user's own cache (@othiym23)ce37f14
#6169 add terse output similar tonpm publish / unpublish
fornpm owner add / remove
(@KenanY)bf2b8a6
#6680 pass auth credentials to registry when downloading search index (@terinjokes)00ecb61
#6400.npmignore
is respected for git repos on cache / pack / publish (@othiym23)d1b3a9e
#6311npm ls -l --depth=0
no longer prints phantom duplicate children (@othiym23)07c5f34
#6690uid-number@0.0.6
: clarify confusing names in error-handling code (@isaacs)1ac9be9
#6684npm init
: don't report write if canceled (@smikes)7bb207d
#5754 never remove app directories on failed install (@othiym23)705ce60
#5754fs-vacuum@1.2.2
: don't throw when another fs task writes to a directory being vacuumed (@othiym23)1b650f4
#6255 ensure that order credentials are used from.npmrc
doesn't regress (@othiym23)9bb2c34
#6644warn
rather thaninfo
on fetch failure (@othiym23)e34a7b6
#6524npm-registry-client@4.0.2
: proxy viarequest
more transparently (@othiym23)40afd6a
#6524 push proxy settings intorequest
(@tauren)
v2.1.8 (2014-11-06):
063d843
npm version now updates version in npm-shrinkwrap.json (@faiq)3f53cd7
#6559 save local dependencies in npm-shrinkwrap.json (@Torsph)e249262
npm-faq.md: mention scoped pkgs in namespace Q (@smikes)6b06ec4
#6642init-package-json@1.1.2
: Handle bothinit-author-name
andinit.author.name
. (@othiym23)9cb334c
#6409 document commit-ish with GitHub URLs (@smikes)0aefae9
#2959 npm run no longer fails silently (@flipside)e007a2c
#3908 include command in spawn errors (@smikes)
v2.1.7 (2014-10-30):
6750b05
#6398npm-registry-client@4.0.0
: consistent API, handle relative registry paths, use auth more consistently (@othiym23)7719cfd
#6560 use new npm-registry-client API (@othiym23)ed61971
move caching of search metadata fromnpm-registry-client
to npm itself (@othiym23)3457041
handle caching of metadata independently fromnpm-registry-client
(@othiym23)20a331c
#6538 map registry URLs to credentials more safely (@indexzero)4072e97
#6589npm-registry-client@4.0.1
: allow publishing of packages with names identical to built-in Node modules (@feross)254f0e4
tar@1.0.2
: better error-handling (@runk)73ee2aa
request@2.47.0
(@mikeal)
v2.1.6 (2014-10-23):
681b398
#6523 fix defaultlogelevel
doc (@KenanY)80b368f
#6528npm version
should work in a git directory without git (@terinjokes)5f5f9e4
#6483init-package-json@1.1.1
: Properly pick up default values from environment variables. (@othiym23)a114870
perl 5.18.x doesn't like -pi without filenames (@othiym23)de5ba00
request@2.46.0
: Tests and cleanup. (@othiym23)76933f1
fstream-npm@1.0.1
: Always includeLICENSE[.*]
,LICENCE[.*]
,CHANGES[.*]
,CHANGELOG[.*]
, andHISTORY[.*]
. (@jonathanong)
v2.1.5 (2014-10-16):
6a14b23
#6397 Defactor npmconf back into npm. (@othiym23)4000e33
#6323 InstallpeerDependencies
from top. (@othiym23)5d119ae
#6498 Better error messages on malformed.npmrc
properties. (@nicks)ae18efb
#6093 Replace instances of 'hash' with 'object' in documentation. (@zeke)53108b2
#1558 Clarify how local paths should be used. (@KenanY)344fa1a
#6488 Work around bug in marked. (@othiym23)
OUTDATED DEPENDENCY CLEANUP JAMBOREE
60c2942
realize-package-specifier@1.2.0
: Handle names and rawSpecs more consistently. (@iarna)1b5c95f
sha@1.3.0
: Change line endings? (@ForbesLindesay)d7dee3f
request@2.45.0
: Dependency updates, better proxy support, better compressed response handling, lots of 'use strict'. (@mikeal)3d75180
opener@1.4.0
: Added gratuitous return. (@Domenic)8e2703f
retry@0.6.1
/npm-registry-client@3.2.4
: Change of ownership. (@tim-kos)c87b00f
once@1.3.1
: Wrap once with wrappy. (@isaacs)01ec790
npm-user-validate@0.1.1
: Correct repository URL. (@robertkowalski)389e52c
glob@4.0.6
: Now absolutely requiresgraceful-fs
. (@isaacs)e15ab15
ini@1.3.0
: Tighten up whitespace handling. (@isaacs)7610f3e
archy@1.0.0
(@substack)9c13149
semver@4.1.0
: Add support for prerelease identifiers. (@bromanko)f096c25
graceful-fs@3.0.4
: Add a bunch of additional tests, skip the unfortunate complications ofgraceful-fs@3.0.3
. (@isaacs)
v2.1.4 (2014-10-09):
3aeb440
#6442 proxying git needsGIT_SSL_CAINFO
(@wmertens)a8da8d6
#6413 write builtin config on any global npm install (@isaacs)9e4d632
#6343 don't pass run arguments to pre & post scripts (@TheLudd)d831b1f
#6399 race condition: inflight installs, preventpeerDependency
problems (@othiym23)82b775d
#6384 race condition: inflight caching by URL rather than semver range (@othiym23)7bee042
inflight@1.0.4
: callback can take arbitrary number of parameters (@othiym23)3bff494
#5195 fixed regex color regression fornpm search
(@chrismeyersfsu)33ba2d5
#6387 allownpm view global
if package is specified (@evanlucas)99c4cfc
#6388 npm-publish → npm-developers(7) (@kennydude)
TEST CLEANUP EXTRAVAGANZA:
8d6bfcb
tap tests run with no system-wide side effects (@chrismeyersfsu)7a1472f
added npm cache cleanup script (@chrismeyersfsu)0ce6a37
stripped out dead test code (othiym23)- replace spawn with common.npm (@chrismeyersfsu):
v2.1.3 (2014-10-02):
BREAKING CHANGE FOR THE SQRT(i) PEOPLE ACTUALLY USING npm submodule
:
1e64473
rm -rf npm submodule
command, which has been broken since the Carter Administration (@isaacs)
BREAKING CHANGE IF YOU ARE FOR SOME REASON STILL USING NODE 0.6 AND YOU SHOULD NOT BE DOING THAT CAN YOU NOT:
3e431f9
joyent/node#8492 bye bye customFds, hello stdio (@othiym23)
Other changes:
ea607a8
#6372 noisily error (without aborting) on multi-{install,build} (@othiym23)3ee2799
#6372 only make cache creation requests in flight (@othiym23)1a90ec2
#6372 wait to put Git URLs in flight until normalized (@othiym23)664795b
#6372 log what is and isn't in flight (@othiym23)00ef580
inflight@1.0.3
: fix largely theoretical race condition, because we really really hate race conditions (@isaacs)1cde465
#6363realize-package-specifier@1.1.0
: handle local dependencies better (@iarna)86f084c
realize-package-specifier@1.0.2
: dependency realization! in its own module! (@iarna)553d830
npm-package-arg@2.1.3
: simplified semver, better tests (@iarna)bec9b61
readable-stream@1.0.32
: for some reason (@rvagg)ff08ec5
dezalgo@1.0.1
: use wrappy for instrumentability (@isaacs)
v2.1.2 (2014-09-29):
a1aa20e
#6282normalize-package-data@1.0.3
: don't prune bundledDependencies (@isaacs)a1f5fe1
move locks back into cache, now path-aware (@othiym23)a432c4b
convert lib/utils/tar.js to use atomic streams (@othiym23)b8c3c74
fs-write-stream-atomic@1.0.2
: Now works with streams1 fs.WriteStreams. (@isaacs)c7ab76f
logging cleanup (@othiym23)4b2d95d
#6329 efficiently validate tmp tarballs safely (@othiym23)
v2.1.1 (2014-09-26):
563225d
#6318 clean up locking; prefix lockfile with "." (@othiym23)c7f30e4
#6318 remove locking code around tarball packing and unpacking (@othiym23)
v2.1.0 (2014-09-25):
NEW FEATURE:
3635601
#5520 Add'npm view .'
. (@evanlucas)
Other changes:
f24b552
#6294 Lock cache → lock cache target. (@othiym23)ad54450
#6296 Ensure that npm-debug.log file is created when rollbacks are done. (@isaacs)6810071
docs: Default loglevel "http" → "warn". (@othiym23)35ac89a
Skip installation of installed scoped packages. (@timoxley)e468527
Ensure cleanup executes for scripts-whitespace-windows test. (@timoxley)ef9101b
Ensure cleanup executes for packed-scope test. (@timoxley)69b4d18
fs-write-stream-atomic@1.0.1
: Fix a race condition in our race-condition fixer. (@isaacs)26b17ff
#6272npmconf
decides what the default prefix is. (@othiym23)846faca
Fix development dependency is preferred over dependency. (@andersjanmyr)9d1a9db
#3265 Re-apply a71615a. Fixes #3265 again, with a test! (@glasser)1d41db0
marked-man@0.1.4
: Fixes formatting of synopsis blocks in man docs. (@kapouer)a623da0
#5867 Specify dummy git template dir when cloning to prevent copying hooks. (@boneskull)
v2.0.2 (2014-09-19):
42c872b
#5920fs-write-stream-atomic@1.0.0
(@isaacs)6784767
#5920 make all write streams atomic (@isaacs)f6fac00
#5920 barf on 0-length cached tarballs (@isaacs)3b37592
write-file-atomic@1.1.0
: use graceful-fs (@iarna)
v2.0.1 (2014-09-18):
74c5ab0
#6201npmconf@2.1.0
: scope always-auth to registry URI (@othiym23)774b127
#6201npm-registry-client@3.2.2
: use scoped always-auth settings (@othiym23)f2d2190
#6201 support saving--always-auth
when logging in (@othiym23)17c941a
#6163 usewrite-file-atomic
instead offs.writeFile()
(@fiws)fb5724f
#5925npm init -f
: allownpm init
to run without prompting (@michaelnisi)b706d63
#3059 disable prepublish when runningnpm install --production
(@jussi-kalliokoski)119f068
attach the node version used when publishing a package to its registry metadata (@othiym23)8fe0081
seriously, don't usenpm -g update npm
(@thomblake)ea5b3d4
request@2.44.0
(@othiym23)
v2.0.0 (2014-09-12):
BREAKING CHANGES:
4378a17
semver@4.0.0
: prerelease versions no longer show up in ranges;^0.x.y
behaves the way it did insemver@2
rather thansemver@3
; docs have been reorganized for comprehensibility (@isaacs)c6ddb64
npm now assumes that node is newer than 0.6 (@isaacs)
Other changes:
ea515c3
#6043slide@1.1.6
: wait until all callbacks have finished before proceeding (@othiym23)0b0a59d
#6043 defer rollbacks until just before the CLI exits (@isaacs)a11c88b
#6175 pack scoped packages correctly (@othiym23)e4e48e0
#6121read-installed@3.1.2
: don't mark linked dev dependencies as extraneous (@isaacs)d673e41
cmd-shim@2.0.1
: depend ongraceful-fs
directly (@ForbesLindesay)9d54d45
npm-registry-couchapp@2.5.3
: make tests more reliable on Travis (@iarna)673d738
ensure permissions are set correctly in cache when running as root (@isaacs)6e6a5fb
prepare for upgrade tonode-semver@4.0.0
(@isaacs)ab8dd87
swap outronn
formarked-man@0.1.3
(@isaacs)803da54
npm-registry-client@3.2.0
: prepare fornode-semver@4.0.0
and include more error information (@isaacs)4af0e71
make default error display less scary (@isaacs)4fd9e79
npm-registry-client@3.2.1
: handle errors returned by the registry much, much better (@othiym23)ca791e2
restore a long (always?) missing pass for deduping (@othiym23)ca0ef0e
correctly interpret relative paths for local dependencies (@othiym23)5eb8db2
npm-package-arg@2.1.2
: support git+file:// URLs for local bare repos (@othiym23)860a185
tweak docs to no longer advocate checking innode_modules
(@hunterloftis)80e9033
add links to nodejs.org downloads to docs (@meetar)
v1.4.28 (2014-09-12):
f4540b6
#6043 defer rollbacks until just before the CLI exits (@isaacs)1eabfd5
#6043slide@1.1.6
: wait until all callbacks have finished before proceeding (@othiym23)
v2.0.0-beta.3 (2014-09-04):
fa79413
#6119 fall back to registry installs if package.json is missing in a local directory (@iarna)16073e2
npm-package-arg@2.1.0
: support file URIs as local specs (@othiym23)9164acb
github-url-from-username-repo@1.0.2
: don't match strings that are already URIs (@othiym23)4067d6b
#5629 support saving of local packages inpackage.json
(@dylang)1b2ffdf
#6097 document scoped packages (@seldo)0a67d53
#6007request@2.42.0
: properly set headers on proxy requests (@isaacs)9bac6b8
npmconf@2.0.8
: disallow semver ranges in tag configuration (@isaacs)d2d4d7c
#6082 don't allow tagging with a semver range as the tag name (@isaacs)
v1.4.27 (2014-09-04):
4cf3c8f
#6007 request@2.42.0: properly set headers on proxy requests (@isaacs)403cb52
#6055 npmconf@1.1.8: restore case-insensitivity of environmental config (@iarna)
v2.0.0-beta.2 (2014-08-29):
SPECIAL LABOR DAY WEEKEND RELEASE PARTY WOOO
ed207e8
npm-registry-client@3.1.7
: Clean up auth logic and improve logging around auth decisions. Also error on trying to change a user document without writing to it. (@othiym23)66c7423
npmconf@2.0.7
: support -C as an alias for --prefix (@isaacs)0dc6a07
#6059 run commands in prefix, not cwd (@isaacs)65d2179
github-url-from-username-repo@1.0.1
: part 3 handle slashes in branch names (@robertkowalski)e8d75d0
#6057read-installed@3.1.1
: properly handle extraneous dev dependencies of required dependencies (@othiym23)0602f70
#6064 ls: do not show deps of extraneous deps (@isaacs)
v2.0.0-beta.1 (2014-08-28):
78a1fc1
github-url-from-git@1.4.0
: add support for git+https and git+ssh (@stefanbuck)bf247ed
columnify@1.2.1
(@othiym23)4bbe682
cmd-shim@2.0.0
: upgrade to graceful-fs 3 (@ForbesLindesay)ae1d590
npm-package-arg@2.0.4
: accept slashes in branch names (@thealphanerd)b2f51ae
semver@3.0.1
: semver.clean() is cleaner (@isaacs)1d041a8
github-url-from-username-repo@1.0.0
: accept slashes in branch names (@robertkowalski)02c85d5
async-some@1.0.1
(@othiym23)5af493e
ensure lifecycle spawn errors caught properly (@isaacs)60fe012
npmconf@2.0.6
: init.version defaults to 1.0.0 (@isaacs)b4c717b
npm-registry-client@3.1.4
: properly encode % in passwords (@isaacs)7b55f44
doc: Fix 'npm help index' (@isaacs)
v1.4.26 (2014-08-28):
eceea95
github-url-from-git@1.4.0
: add support for git+https and git+ssh (@stefanbuck)e561758
columnify@1.2.1
(@othiym23)0c4fab3
cmd-shim@2.0.0
: upgrade to graceful-fs 3 (@ForbesLindesay)2d69e4d
github-url-from-username-repo@1.0.0
: accept slashes in branch names (@robertkowalski)81f9b2b
ensure lifecycle spawn errors caught properly (@isaacs)bfaab8c
npm-registry-client@2.0.7
: properly encode % in passwords (@isaacs)91cfb58
doc: Fix 'npm help index' (@isaacs)
v2.0.0-beta.0 (2014-08-21):
685f8be
npm-registry-client@3.1.3
: Print the notification header returned by the registry, and make sure status codes are printed without gratuitous quotes around them. (@isaacs / @othiym23)a8cb676
#5900 removenpm
from its ownengines
field inpackage.json
. None of us remember why it was there. (@timoxley)6c47201
#5752, #6013 save git URLs correctly in_resolved
fields (@isaacs)e4e1223
#5936 document the use of tags inpackage.json
(@KenanY)c92b8d4
#6004 manually installed scoped packages are tracked correctly (@dead-horse)21ca0aa
#5945 link scoped packages correctly (@dead-horse)16bead7
#5958 ensure that file streams work in all versions of node (@dead-horse)dbf0cab
you can now pass quoted args tonpm run-script
(@bcoe)0583874
tar@1.0.1
: Add test for removing an extract target immediately after unpacking. (@isaacs)cdf3b04
lockfile@1.0.0
: Fix incorrect interaction betweenwait
,stale
, andretries
options. Part 2 of race condition leading toENOENT
(@isaacs) errors.22d72a8
fstream@1.0.2
: Fix a double-finish call which can result in excess FS operations after theclose
event. Part 1 of race condition leading toENOENT
errors. (@isaacs)
v1.4.25 (2014-08-21):
64c0ec2
npm-registry-client@2.0.6
: Print the notification header returned by the registry, and make sure status codes are printed without gratuitous quotes around them. (@othiym23)a8ed12b
tar@1.0.1
: Add test for removing an extract target immediately after unpacking. (@isaacs)70fd11d
lockfile@1.0.0
: Fix incorrect interaction betweenwait
,stale
, andretries
options. Part 2 of race condition leading toENOENT
errors. (@isaacs)0072c4d
fstream@1.0.2
: Fix a double-finish call which can result in excess FS operations after theclose
event. Part 2 of race condition leading toENOENT
errors. (@isaacs)
v2.0.0-alpha.7 (2014-08-14):
f23f1d8
doc: update version doc to includepre-*
increment args (@isaacs)b6bb746
build: add 'make tag' to tag current release as latest (@isaacs)27c4bb6
build: publish with--tag=v1.4-next
(@isaacs)cff66c3
build: add script to outputv1.4-next
publish tag (@isaacs)22abec8
build: remove outdateddocpublish
make target (@isaacs)1be4de5
build: removeunpublish
step frommake publish
(@isaacs)e429e20
doc: add new changelog (@othiym23)9243d20
lifecycle: test lifecycle path modification (@isaacs)021770b
lifecycle: BREAKING CHANGE do not add the directory containing node executable (@chulkilee)1d5c41d
install: rename .gitignore when unpacking foreign tarballs (@isaacs)9aac267
cache: detect non-gzipped tar files more reliably (@isaacs)3f24755
readdir-scoped-modules@1.0.0
(@isaacs)151cd2f
read-installed@3.1.0
(@isaacs)f5a9434
test: fix Travis timeouts (@dylang)126cafc
npm-registry-couchapp@2.5.0
(@othiym23)
v1.4.24 (2014-08-14):
9344bd9
doc: add new changelog (@othiym23)4be76fd
doc: update version doc to includepre-*
increment args (@isaacs)e4f2620
build: addmake tag
to tag current release aslatest
(@isaacs)ec2596a
build: publish with--tag=v1.4-next
(@isaacs)9ee55f8
build: add script to outputv1.4-next
publish tag (@isaacs)aecb56f
build: remove outdateddocpublish
make target (@isaacs)b57a9b7
build: remove unpublish step frommake publish
(@isaacs)2c6acb9
install: rename.gitignore
when unpacking foreign tarballs (@isaacs)22f3681
cache: detect non-gzipped tar files more reliably (@isaacs)
v2.0.0-alpha.6 (2014-08-07):
BREAKING CHANGE:
Other changes:
d987707
move fetch into npm-registry-client (@othiym23)9b318e2
read-installed@3.0.0
(@isaacs)9d73de7
remove unnecessary mkdirps (@isaacs)33ccd13
Don't squash execute perms in_git-remotes/
dir (@adammeadows)48fd233
npm-package-arg@2.0.1
(@isaacs)
v1.4.23 (2014-07-31):
8dd11d1
update several dependencies to avoid usingsemver
s starting with 0.
v1.4.22 (2014-07-31):
d9a9e84
read-package-json@1.2.4
(@isaacs)86f0340
github-url-from-git@1.2.0
(@isaacs)a94136a
fstream@0.1.29
(@isaacs)bb82d18
glob@4.0.5
(@isaacs)5b6bcf4
cmd-shim@1.1.2
(@isaacs)c2aa8b3
license: Cleaned up legalese with actual lawyer (@isaacs)63fe0ee
init-package-json@1.0.0
(@isaacs)
v2.0.0-alpha-5 (2014-07-22):
This release bumps up to 2.0 because of this breaking change, which could potentially affect how your package's scripts are run:
Other changes:
cd422c9
#5748 link binaries for scoped packages (@othiym23)4c3c778
#5758npm link
includes scope when linking scoped package (@fengmk2)f9f58dd
#5707 document generic pre- / post-commands (@sudodoki)ac7a480
#5406npm cache
displays usage when called without arguments (@michaelnisi)f4554e9
Test fixes for Windows (@isaacs)- update dependencies (@othiym23)
v1.5.0-alpha-4 (2014-07-18):
- fall back to
_auth
config as default auth when using default registry (@isaacs) - support for 'init.version' for those who don't want to deal with semver 0.0.x oddities (@rvagg)
be06213
remove residual support forwin
log level (@aterris)
v1.5.0-alpha-3 (2014-07-17):
a3a85dd
--save
scoped packages correctly (@othiym23)18a3385
npm-registry-client@3.0.2
(@othiym23)375988b
invalid package names are an early error for optional deps (@othiym23)- consistently use
node-package-arg
instead of arbitrary package spec splitting (@othiym23)
v1.4.21 (2014-07-14):
v1.5.0-alpha-2 (2014-07-01):
54cf625
fix handling for 301s innpm-registry-client@3.0.1
(@Raynos)e410861
don't crash if no username set onwhoami
(@isaacs)0353dde
respect--json
for output (@isaacs)b3d112a
outdated: Don't show headings if there's nothing to output (@isaacs)bb4b90c
outdated: Default tolatest
rather than*
for unspecified deps (@isaacs)
v1.4.20 (2014-07-02):
0353dde
respect--json
for output (@isaacs)b3d112a
outdated: Don't show headings if there's nothing to output (@isaacs)bb4b90c
outdated: Default tolatest
rather than*
for unspecified deps (@isaacs)
v1.5.0-alpha-1 (2014-07-01):
v1.5.0-alpha-0 (2014-07-01):
7f55057
install scoped packages (#5239) (@othiym23)0df7e16
publish scoped packages (#5239) (@othiym23)0689ba2
support (and save) --scope=@s config (@othiym23)f34878f
scope credentials to registry (@othiym23)0ac7ca2
capture and store bearer tokens when sent by registry (@othiym23)63c3277
only delete files that are created by npm (@othiym23)4f54043
npm-package-arg@2.0.0
(@othiym23)9e1460e
read-package-json@1.2.3
(@othiym23)719d8ad
fs-vacuum@1.2.1
(@othiym23)9ef8fe4
async-some@1.0.0
(@othiym23)a964f65
npmconf@2.0.1
(@othiym23)113765b
npm-registry-client@3.0.0
(@othiym23)
v1.4.19 (2014-07-01):
f687433
relative URLS for working non-root registry URLS (@othiym23)bea190c
#5591 bump nopt and npmconf (@isaacs)
v1.4.18 (2014-06-29):
- Bump glob dependency from 4.0.2 to 4.0.3. It now uses graceful-fs when available, increasing resilience to various filesystem errors. (@isaacs)
v1.4.17 (2014-06-27):
- replace escape codes with ansicolors (@othiym23)
- Allow to build all the docs OOTB. (@GeJ)
- Use core.longpaths on win32 git - fixes #5525 (@bmeck)
npmconf@1.1.2
(@isaacs)- Consolidate color sniffing in config/log loading process (@isaacs)
- add verbose log when project config file is ignored (@isaacs)
- npmconf: Float patch to remove 'scope' from config defs (@isaacs)
- doc: npm-explore can't handle a version (@robertkowalski)
- Add user-friendly errors for ENOSPC and EROFS. (@voodootikigod)
- bump tar and fstream deps (@isaacs)
- Run the npm-registry-couchapp tests along with npm tests (@isaacs)
v1.2.8000 (2014-06-17):
- Same as v1.4.16, but with the spinner disabled, and a version number that starts with v1.2.
v1.4.16 (2014-06-17):
npm-registry-client@2.0.2
(@isaacs)fstream@0.1.27
(@isaacs)sha@1.2.4
(@isaacs)rimraf@2.2.8
(@isaacs)npmlog@1.0.1
(@isaacs)npm-registry-client@2.0.1
(@isaacs)- removed redundant dependency (@othiym23)
npmconf@1.0.5
(@isaacs)- Properly handle errors that can occur in the config-loading process (@isaacs)
v1.4.15 (2014-06-10):
- cache: atomic de-race-ified package.json writing (@isaacs)
fstream@0.1.26
(@isaacs)graceful-fs@3.0.2
(@isaacs)osenv@0.1.0
(@isaacs)- Only spin the spinner when we're fetching stuff (@isaacs)
- Update
osenv@0.1.0
which removes ~/tmp as possible tmp-folder (@robertkowalski) ini@1.2.1
(@isaacs)graceful-fs@3
(@isaacs)- Update glob and things depending on glob (@isaacs)
- github-url-from-username-repo and read-package-json updates (@isaacs)
editor@0.1.0
(@isaacs)columnify@1.1.0
(@isaacs)- bump ansi and associated deps (@isaacs)
v1.4.14 (2014-06-05):
- char-spinner: update to not bork windows (@isaacs)
v1.4.13 (2014-05-23):
- Fix
npm install
on a tarball. (ed3abf1
, #5330, @othiym23) - Fix an issue with the spinner on Node 0.8.
(
9f00306
, @isaacs) - Re-add
npm.commands.cache.clean
andnpm.commands.cache.read
APIs, and documentnpm.commands.cache.*
as npm-cache(3). (e06799e
, @isaacs)
v1.4.12 (2014-05-23):
- remove normalize-package-data from top level, de-^-ify inflight dep (@isaacs)
- Always sort saved bundleDependencies (@isaacs)
- add inflight to bundledDependencies (@othiym23)
v1.4.11 (2014-05-22):
- fix
npm ls
labeling issue node-gyp@0.13.1
- default repository to https:// instead of git://
- addLocalTarball: Remove extraneous unpack (@isaacs)
- Massive cache folder refactor (@othiym23 and @isaacs)
- Busy Spinner, no http noise (@isaacs)
- Per-project .npmrc file support (@isaacs)
npmconf@1.0.0
, Refactor config/uid/prefix loading process (@isaacs)- Allow once-disallowed characters in passwords (@isaacs)
- Send npm version as 'version' header (@isaacs)
- fix cygwin encoding issue (Karsten Tinnefeld)
- Allow non-github repositories with
npm repo
(@evanlucas) - Allow peer deps to be satisfied by grandparent
- Stop optional deps moving into deps on
update --save
(@timoxley) - Ensure only matching deps update with
update --save*
(@timoxley) - Add support for
prerelease
,preminor
,prepatch
tonpm version
v1.4.10 (2014-05-05):
- Don't set referer if already set
- fetch: Send referer and npm-session headers
run-script
: Support--parseable
and--json
- list runnable scripts (@evanlucas)
- Use marked instead of ronn for html docs
v1.4.9 (2014-05-01):
- Send referer header (with any potentially private stuff redacted)
- Fix critical typo bug in previous npm release
v1.4.8 (2014-05-01):
- Check SHA before using files from cache
- adduser: allow change of the saved password
- Make
npm install
respectconfig.unicode
- Fix lifecycle to pass
Infinity
for config env value - Don't return 0 exit code on invalid command
- cache: Handle 404s and other HTTP errors as errors
- Resolve ~ in path configs to env.HOME
- Include npm version in default user-agent conf
- npm init: Use ISC as default license, use save-prefix for deps
- Many test and doc fixes
v1.4.7 (2014-04-15):
- Add
--save-prefix
option that can be used to override the default of^
when usingnpm install --save
and its counterparts. (64eefdf
, @thlorenz) - Allow
--silent
to silence the echoing of commands that occurs withnpm run
. (c95cf08
, @Raynos) - Some speed improvements to the cache, which should improve install times.
(
cb94310
,3b0870f
,120f5a9
, @isaacs) - Improve ability to retry registry requests when a subset of the registry
servers are down.
(
4a5257d
,7686d02cb0
, @isaacs) - Fix marking of peer dependencies as extraneous.
(
779b164
,6680ba6ef2
, @isaacs) - Fix npm crashing when doing
npm shrinkwrap
in the presence of apackage.json
with no dependencies. (a9d9fa5
, @kislyuk) - Fix error when using
npm view
on packages that have no versions or have been unpublished. (94df2f5
, @juliangruber;2241a09
, @isaacs)
v1.4.6 (2014-03-19):
- Fix extraneous package detection to work in more cases.
(
f671286
, npm/read-installed#20, @LaurentVB)
v1.4.5 (2014-03-18):
- Sort dependencies in
package.json
when doingnpm install --save
and all its variants. (6fd6ff7
, @domenic) - Add
--save-exact
option, usable alongside--save
and its variants, which will write the exact version number intopackage.json
instead of the appropriate semver-compatibility range. (17f07df
, @timoxley) - Accept gzipped content from the registry to speed up downloads and save
bandwidth.
(
a3762de
, npm/npm-registry-client#40, @fengmk2) - Fix
npm ls
's--depth
and--log
options. (1d29b17
, npm/read-installed#13, @zertosh) - Fix "Adding a cache directory to the cache will make the world implode" in
certain cases.
(
9a4b2c4
, domenic/path-is-inside#1, @pmarques) - Fix readmes not being uploaded in certain rare cases.
(
527b72c
, @isaacs)
v1.4.4 (2014-02-20):
- Add
npm t
as an alias fornpm test
(which is itself an alias fornpm run test
, or evennpm run-script test
). We like making running your tests easy. (14e650b
, @isaacs)
v1.4.3 (2014-02-16):
- Add back
npm prune --production
, which was removed in 1.3.24. (acc4d02
, @davglass) - Default
npm install --save
and its counterparts to use the^
version specifier, instead of~
. (0a3151c
, @mikolalysenko) - Make
npm shrinkwrap
output dependencies in a sorted order, so that diffs between shrinkwrap files should be saner now. (059b2bf
, @Raynos) - Fix
npm dedupe
not correctly respecting dependency constraints. (86028e9
, @rafeca) - Fix
npm ls
giving spurious warnings when you used"latest"
as a version specifier. (d2956400e0
, @bajtos) - Fixed a bug where using
npm link
on packages without aname
value could cause npm to delete itself. (401a642
, @isaacs) - Fixed
npm install ./pkg@1.2.3
to actually install the directory atpkg@1.2.3
; before it would try to find version1.2.3
of the package./pkg
in the npm registry. (46d8768
, @rlidwka; see alsof851b79
) - Fix
npm outdated
to respect thecolor
configuration option. (d4f6f3f
, @timoxley) - Fix
npm outdated --parseable
. (9575a23
, @yhpark) - Fix a lockfile-related errors when using certain Git URLs.
(
164b97e
, @nigelzor)
v1.4.2 (2014-02-13):
- Fixed an issue related to mid-publish GET requests made against the registry.
(
acbec48372
, @isaacs)
v1.4.1 (2014-02-13):
- Fix
npm shrinkwrap
forgetting to shrinkwrap dependencies that were also development dependencies. (9c575c5
, @diwu1989) - Fixed publishing of pre-existing packages with uppercase characters in their
name.
(
9345d3b6c3
, @isaacs)
v1.4.0 (2014-02-12):
- Remove
npm publish --force
. See https://github.com/npm/npmjs.org/issues/148. (@isaacs, npm/npm-registry-client@2c8dba990de6a59af6545b75cc00a6dc12777c2a) - Other changes to the registry client related to saved configs and couch logins. (@isaacs; npm/npm-registry-client@25e2b019a1588155e5f87d035c27e79963b75951, npm/npm-registry-client@9e41e9101b68036e0f078398785f618575f3cdde, npm/npm-registry-client@2c8dba990de6a59af6545b75cc00a6dc12777c2a)
- Show an error to the user when doing
npm update
and thepackage.json
specifies a version that does not exist. (@evanlucas,027a33a
) - Fix some issues with cache ownership in certain installation configurations.
(@outcoldman,
a132690
) - Fix issues where GitHub shorthand dependencies
user/repo
were not always treated the same as full Git URLs. (@robertkowalski,005d0b637a
)
v1.3.26 (2014-02-02):
- Fixes and updates to publishing code
(
735427a
andc0ac832
, @isaacs) - Fix
npm bugs
with no arguments. (b99d465
, @Hoops)
v1.3.25 (2014-01-25):
v1.3.24 (2014-01-19):
- Make the search output prettier, with nice truncated columns, and a
--long
option to create wrapping columns. (20439b2
and3a6942d
, @timoxley) - Support multiple packagenames in
npm docs
. (823010b
, @timoxley) - Fix the
npm adduser
bug regarding "Error: default value must be string or number" again. (b9b4248
, @isaacs) - Fix
scripts
entries containing whitespaces on Windows. (80282ed
, @robertkowalski) - Fix
npm update
for Git URLs that have credentials in them (93fc364
, @danielsantiago) - Fix
npm install
overwritingnpm link
-ed dependencies when they are tagged Git dependencies. (af9bbd9
, @evanlucas) - Remove
npm prune --production
since it buggily removed some dependencies that were necessary for production; see #4509. Hopefully it can make its triumphant return, one day. (1101b6a
, @isaacs)
Dependency updates:
909cccf
read-package-json@1.1.6
a3891b6
rimraf@2.2.6
ac6efbc
sha@1.2.3
dd30038
node-gyp@0.12.2
c8c3ebe
npm-registry-client@0.3.3
4315286
npmconf@0.1.12
v1.3.23 (2014-01-03):
- Properly handle installations that contained a certain class of circular
dependencies.
(
5dc93e8
, @substack)
v1.3.22 (2013-12-25):
- Fix a critical bug in
npm adduser
that would manifest in the error message "Error: default value must be string or number." (fba4bd2
, @isaacs) - Allow
npm bugs
in the current directory to open the current package's bugs URL. (d04cf64
, @evanlucas) - Several fixes to various error messages to include more useful or updated
information.
(
1e6f2a7
,ff46366
,8b4bb48
; @rlidwka, @evanlucas)
v1.3.21 (2013-12-17):
- Fix a critical bug that prevented publishing due to incorrect hash
calculation.
(
4ca4a2c
, @dominictarr)
v1.3.20 (2013-12-17):
- Fixes a critical bug in v1.3.19. Thankfully, due to that bug, no one could install npm v1.3.19 :)
v1.3.19 (2013-12-16):
- Adds atomic PUTs for publishing packages, which should result in far fewer requests and less room for replication errors on the server-side.
v1.3.18 (2013-12-16):
- Added an
--ignore-scripts
option, which will preventpackage.json
scripts from being run. Most notably, this will work onnpm install
, so e.g.npm install --ignore-scripts
will not run preinstall and prepublish scripts. (d7e67bf
, @sqs) - Fixed a bug introduced in 1.3.16 that would manifest with certain cache
configurations, by causing spurious errors saying "Adding a cache directory
to the cache will make the world implode."
(
966373f
, @domenic) - Re-fixed the multiple download of URL dependencies, whose fix was reverted in
1.3.17.
(
a362c3f
, @spmason)
v1.3.17 (2013-12-11):
- This release reverts
644c2ff
, which avoided re-downloading URL and shinkwrap dependencies when doingnpm install
. You can see the in-depth reasoning ind8c907e
; the problem was, that the patch changed the behavior ofnpm install -f
to reinstall all dependencies. - A new version of the no-re-downloading fix has been submitted as #4303 and will hopefully be included in the next release.
v1.3.16 (2013-12-11):
- Git URL dependencies are now updated on
npm install
, fixing a two-year old bug (5829ecf
, @robertkowalski). Additional progress on reducing the resulting Git-related I/O is tracked as #4191, but for now, this will be a big improvement. - Added a
--json
mode tonpm outdated
to give a parseable output. (0b6c9b7
, @yyx990803) - Made
npm outdated
much prettier and more useful. It now outputs a color-coded and easy-to-read table. (fd3017f
, @quimcalpe) - Added the
--depth
option tonpm outdated
, so that e.g. you can donpm outdated --depth=0
to show only top-level outdated dependencies. (1d184ef
, @yyx990803) - Added a
--no-git-tag-version
option tonpm version
, for doing the usual job ofnpm version
minus the Git tagging. This could be useful if you need to increase the version in other related files before actually adding the tag. (59ca984
, @evanlucas) - Made
npm repo
andnpm docs
work without any arguments, adding them to the list of npm commands that work on the package in the current directory when invoked without arguments. (bf9048e
, @robertkowalski;07600d0
, @wilmoore). There are a few other commands we still want to implement this for; see #4204. - Pass through the
GIT_SSL_NO_VERIFY
environment variable to Git, if it is set; we currently do this with a few other environment variables, but we missed that one. (c625de9
, @arikon) - Fixed
npm dedupe
on Windows due to incorrect path separators being used (7677de4
, @mcolyer). - Fixed the
npm help
command when multiple words were searched for; it previously gave aReferenceError
. (6a28dd1
, @dereckson) - Stopped re-downloading URL and shrinkwrap dependencies, as demonstrated in
#3463
(
644c2ff
, @spmason). You can use the--force
option to force re-download and installation of all dependencies.