1 | ### v3.10.10 (2016-11-04)
|
2 |
|
3 | See the discussion on [#14042](https://github.com/npm/npm/issues/14042) for
|
4 | more context on this release, which is intended to address a serious regression
|
5 | in shrinkwrap behavior in the version of the CLI currently bundled with Node.js
|
6 | 6 LTS "Boron". You should never install this version directly; instead update
|
7 | to `npm@4`, which has everything in this release and more.
|
8 |
|
9 | #### REGRESSION FIX
|
10 |
|
11 | * [`9aebe98`](https://github.com/npm/npm/commit/9aebe982114ea2107f46baa1dcb11713b4aaad04)
|
12 | [#14117](https://github.com/npm/npm/pull/14117)
|
13 | Fixes a bug where installing a shrinkwrapped package would fail if the
|
14 | platform failed to install an optional dependency included in the shrinkwrap.
|
15 | ([@watilde](https://github.com/watilde))
|
16 |
|
17 | #### UPDATE SUPPORT MATRIX
|
18 |
|
19 | With the advent of the second official Node.js LTS release, Node 6.x
|
20 | 'Boron', the Node.js project has now officially dropped versions 0.10
|
21 | and 0.12 out of the maintenance phase of LTS. (Also, Node 5 was never
|
22 | part of LTS, and will see no further support now that Node 7 has been
|
23 | released.) As a small team with limited resources, the npm CLI team is
|
24 | following suit and dropping those versions of Node from its CI test
|
25 | matrix.
|
26 |
|
27 | * [`c82ecfd`](https://github.com/npm/npm/commit/c82ecfdbe0b5f318a175714a8753efe4dfd3e4b3)
|
28 | [#14503](https://github.com/npm/npm/pull/14503)
|
29 | Node 6 is LTS; 5.x, 0.10, and 0.12 are unsupported.
|
30 | ([@othiym23](https://github.com/othiym23))
|
31 |
|
32 | ### v3.10.9 (2016-10-06)
|
33 |
|
34 | Hi everyone! This is the last of our monthly releases. We're going to give
|
35 | an every-two-weeks schedule a try starting with our next release. We'll
|
36 | reevaluate in a quarter, but we suspect that will be what we'll stick with.
|
37 | You might be wondering _why_ we've been fiddling with the release cadence? Well,
|
38 | we've been trying to tune it to to minimize the overhead for our little team.
|
39 |
|
40 | This is ALSO the ULTIMATE release of `npm` version 3. That's right, in
|
41 | just two weeks' time (October 20th for you fans of calendar time), our dear
|
42 | `npm` will be hitting the big 4.0.
|
43 |
|
44 | **DON'T PANIC**
|
45 |
|
46 | This is gonna be a much, MUCH smaller major version than 3.x was. Maybe even
|
47 | smaller than 2.x was. I can't tell you everything that'll be in there just
|
48 | yet, but at the very least it's going to have what's in our
|
49 | [4.x milestone](https://github.com/npm/npm/pulls?q=is%3Aopen+is%3Apr+milestone%3A4.x),
|
50 | PLUS, the first steps in
|
51 | [making `prepublish` work](https://github.com/npm/npm/issues/10074) the way
|
52 | people expect it to.
|
53 |
|
54 | **NOW ABOUT THIS RELEASE**
|
55 |
|
56 | This release sees a whole slew of bug fixes. Notably a bunch of lifecycle
|
57 | fixes and a really important shrinkwrap fix.
|
58 |
|
59 | #### LIFECYCLE FIXES
|
60 |
|
61 | * [`d388f90`](https://github.com/npm/npm/commit/d388f90732981633b3cdb4fc7fb0fababd4e64ab)
|
62 | [#13942](https://github.com/npm/npm/pull/13942)
|
63 | Fix current working directory while running shrinkwrap lifecycle scripts.
|
64 | Previously if you ran a shrinkwrap from another lifecycle script AND
|
65 | `node_modules` existed (and if you're running `npm shrinkwrap` it probably
|
66 | should) then `npm` would run the shrinkwrap lifecycle from the
|
67 | `node_modules` folder instead of the package folder.
|
68 | ([@evocateur](https://github.com/evocateur))
|
69 | ([@iarna](https://github.com/iarna))
|
70 | * [`c3b6cdf`](https://github.com/npm/npm/commit/c3b6cdfedcdb4d9e7712be5245d9b274828d88d1)
|
71 | [#13964](https://github.com/npm/npm/pull/13964)
|
72 | Fix bug where the `uninstall` lifecycles weren't being run when you
|
73 | reinstalled/updated an existing module.
|
74 | ([@iarna](https://github.com/iarna))
|
75 | * [`72bb89c`](https://github.com/npm/npm/commit/72bb89c1aa9811a18cbd766f3da73da76eb920c6)
|
76 | [#13344](https://github.com/npm/npm/pull/13344)
|
77 | When running lifecycles use `TMPDIR` if it's writable and fall back to the
|
78 | current working directory if not. Previously we just assumed `TMPDIR`
|
79 | wouldn't be writable (as we might have been running as `nobody` and
|
80 | `nobody` on some systems can't write to `TMPDIR`).
|
81 | ([@aaronjensen](https://github.com/aaronjensen))
|
82 |
|
83 | #### SHRINKWRAP GIT & TAGGED DEPENDENCY FIX
|
84 |
|
85 | * [`3b5eee0`](https://github.com/npm/npm/commit/3b5eee0d31737d1c2518ed95dcc7aaaaa93c253c)
|
86 | [#13941](https://github.com/npm/npm/pull/13941)
|
87 | Fix git and tagged dependency matching with shrinkwraps. Previously git
|
88 | and tag (ie `foo@latest`) dependencies installed from a shrinkwrap would
|
89 | always be flagged as invalid.
|
90 | ([@iarna](https://github.com/iarna))
|
91 |
|
92 | #### BUG FIXES
|
93 |
|
94 | * [`bf3bd1e`](https://github.com/npm/npm/commit/bf3bd1e4347ee2c5de08d23558c4444749178c8b)
|
95 | [#14143](https://github.com/npm/npm/pull/14143)
|
96 | Fix bug in `npm version` where `npm-shrinkwrap.json` wouldn't be updated
|
97 | if you ran `npm version` from outside of your project root.
|
98 | ([@lholmquist](https://github.com/lholmquist))
|
99 | * [`1089878`](https://github.com/npm/npm/commit/1089878f58977559414c8a9addfc69a9c68905b0)
|
100 | [#13613](https://github.com/npm/npm/pull/13613)
|
101 | Log 'skipping action' as 'verbose' instead of 'warn'. This removes a lot of
|
102 | clutter when there are links in your `node_modules`. The long term plan is
|
103 | to entirely blind `npm` to what's inside links, which will make this code
|
104 | go away entirely.
|
105 | ([@timoxley](https://github.com/timoxley))
|
106 | * [`952f1e1`](https://github.com/npm/npm/commit/952f1e109a070ab4066179f6104ba9394300e342)
|
107 | [#13999](https://github.com/npm/npm/pull/13999)
|
108 | Fix a bug where setting `bin` to `null` in your `package.json` would result
|
109 | in `npm` crashing.
|
110 | ([@IonicaBizau](https://github.com/IonicaBizau))
|
111 | * [`fcf8b11`](https://github.com/npm/npm/commit/fcf8b11fb7fcf8902f6a887c3d5f0aef2897dde0)
|
112 | [#14032](https://github.com/npm/npm/pull/14032)
|
113 | When using `npm view`, if you specified a version that didn't exist it
|
114 | would previously print `undefined` (even if you asked for JSON output). It
|
115 | now prints nothing in this situation. This brings `npm@3`'s behavior in
|
116 | line with `npm@2`.
|
117 | ([@roblg](https://github.com/roblg))
|
118 | * [`93c689f`](https://github.com/npm/npm/commit/93c689ff44c6042a2dcde7fe0d74d2264237d666)
|
119 | [#14032](https://github.com/npm/npm/pull/14032)
|
120 | When using `npm view --json` with a version range that matches multiple
|
121 | versions we now return a list of all of the metadata for all of those
|
122 | versions. Previously we picked one and only returned that. This brings
|
123 | `npm@3`'s behavior in line with `npm@2`.
|
124 | ([@roblg](https://github.com/roblg))
|
125 | * [`2411728`](https://github.com/npm/npm/commit/24117289e09c373b845150c45e4793d98fe7cf4b)
|
126 | [#14045](https://github.com/npm/npm/pull/14045)
|
127 | Fix a Windows-only bug in the `git` tests. The tests had rather particular
|
128 | ideas about what arguments would be passed to `git` and on Windows they
|
129 | got this wrong.
|
130 | ([@watilde](https://github.com/watilde))
|
131 |
|
132 | #### DOCUMENTATION & MISC
|
133 |
|
134 | * [`30772cc`](https://github.com/npm/npm/commit/30772cc5f80923bf21c003fbe53e5fed9d3a5d97)
|
135 | [#13904](https://github.com/npm/npm/pull/13904)
|
136 | Update `package.json` example to include GitHub branches.
|
137 | ([@stevokk](https://github.com/stevokk))
|
138 | * [`f66876f`](https://github.com/npm/npm/commit/f66876f75c204fb78028cf2ff7979f80355bd06c)
|
139 | [#14010](https://github.com/npm/npm/pull/14010)
|
140 | Update the GitHub issue template to reflect Apple's change in name of its
|
141 | desktop operating system.
|
142 | ([@AlexChesters](https://github.com/AlexChesters))
|
143 |
|
144 | #### DEPENDENCY UPDATES
|
145 |
|
146 | * [`b3f9bf1`](https://github.com/npm/npm/commit/b3f9bf1ada3f93e6775f5c232350030db6635d0c)
|
147 | [#13918](https://github.com/npm/npm/issues/13918)
|
148 | `graceful-fs@4.1.9`:
|
149 | Fix the _uid must be an unsigned int_ bug that's been around forever but that
|
150 | `npm` started tickling in v3.10.8.
|
151 | ([@addaleax](https://github.com/addaleax))
|
152 | Also fixes wrapper to `fs.readdir` to actually pass through (rather than
|
153 | drop) optional arguments.
|
154 | ([@isaacs](https://github.com/isaacs))
|
155 | * [`9402ead`](https://github.com/npm/npm/commit/9402ead67e3be9b431ade637fbfac86204ee96fe)
|
156 | [isaacs/node-glob#293](https://github.com/isaacs/node-glob/pull/293)
|
157 | `glob@7.1.0`:
|
158 | Add `absolute` option for `match` event.
|
159 | ([@phated](https://github.com/phated))
|
160 | * [`58b83db`](https://github.com/npm/npm/commit/58b83db327dd87bf7cb5a7d503303537718f2f30)
|
161 | `asap@2.0.5`
|
162 | ([@kriskowal](https://github.com/kriskowal))
|
163 | * [`5707e6e`](https://github.com/npm/npm/commit/5707e6e55b220439c3f83e77daf4c70d72eb46f0)
|
164 | `sorted-object@2.0.1`
|
165 | ([@domenic](https://github.com/domenic))
|
166 | * [`9d20910`](https://github.com/npm/npm/commit/9d209107ce49a7424c50459284280cd2e6e215d1)
|
167 | `request@2.75.0`
|
168 | ([@simov](https://github.com/simov))
|
169 | * [`dea4848`](https://github.com/npm/npm/commit/dea48487a9d03492edc68670d05776d32d9ee8cf)
|
170 | `path-is-inside@1.0.2`
|
171 | ([@domenic](https://github.com/domenic))
|
172 | * [`b3f3db5`](https://github.com/npm/npm/commit/b3f3db52e864d607b6d9b18920e2f58acc4b1616)
|
173 | `opener@1.4.2`
|
174 | ([@dominic](https://github.com/dominic))
|
175 | * [`6bb5f95`](https://github.com/npm/npm/commit/6bb5f953888bbaaeeb624d623c2a9746d1c243a0)
|
176 | `lockfile@1.0.2`
|
177 | ([@isaacs](https://github.com/isaacs))
|
178 | * [`13f7c0a`](https://github.com/npm/npm/commit/13f7c0a73212284b53a2d96882fc298afbf9609c)
|
179 | `config-chain@1.1.11`
|
180 | ([@dominictarr](https://github.com/dominictarr))
|
181 |
|
182 | ### v3.10.8 (2016-09-08)
|
183 |
|
184 | Monthly releases are so big! Just look at all this stuff!
|
185 |
|
186 | Our quarter of monthly releases is almost over. The next one, in October, might
|
187 | very well be our last one as we move to trying something different and learning
|
188 | lessons from our little experiment.
|
189 |
|
190 | You may also want to keep an eye our for `npm@4` next month, since we're
|
191 | planning on finally releasing it then and including a (small) number of breaking
|
192 | changes we've been meaning to do for a long time. Don't worry, though: `npm@3`
|
193 | will still be around for a bit and will keep getting better and better, and is
|
194 | most likely going to be the version that `node@6` uses once it goes to LTS.
|
195 |
|
196 | As some of us have mentioned before, npm is likely to start doing more regular
|
197 | semver-major bumps, while keeping those bumps significantly smaller than the
|
198 | huge effort that was `npm@3` -- we're not very likely to do a world-shaking
|
199 | thing like that for a while, if ever.
|
200 |
|
201 | All that said, let's move on to the patches included in v3.10.8!
|
202 |
|
203 | #### SHRINKWRAP LEVEL UP
|
204 |
|
205 | The most notable part of this release is a series of commits meant to make `npm
|
206 | shrinkwrap` more consistent. By itself, shrinkwrap seems like a fairly
|
207 | straightforward thing to implement, but things get complicated when it starts
|
208 | interacting with `devDependencies`, `optionalDependencies`, and
|
209 | `bundledDependencies`. These commits address some corner cases related to these.
|
210 |
|
211 | * [`a7eca32`](https://github.com/npm/npm/commit/a7eca3246fbbcbb05434cb6677f65d14c945d74f)
|
212 | [#10073](https://github.com/npm/npm/pull/10073)
|
213 | Record if a dependency is only used as a devDependency and exclude it from the
|
214 | shrinkwrap file.
|
215 | ([@bengl](https://github.com/bengl))
|
216 | * [`1eabcd1`](https://github.com/npm/npm/commit/1eabcd16bf2590364ca20831096350073539bf3a)
|
217 | [#10073](https://github.com/npm/npm/pull/10073)
|
218 | Record if a dependency is optional to shrinkwrap.
|
219 | ([@bengl](https://github.com/bengl))
|
220 | * [`03efc89`](https://github.com/npm/npm/commit/03efc89522c99ee0fa37d8f4a99bc3b44255ef98)
|
221 | [#13692](https://github.com/npm/npm/pull/13692/)
|
222 | We were doing a weird thing where we used a `package.json` field `installable`
|
223 | to check to see if we'd checked for platform compatibility, and if not did
|
224 | so. But this was the only place that was ever done so there was no reason to
|
225 | implement it in such an obfuscated manner.
|
226 | Instead it now just directly checks and then records that its done so on the
|
227 | node object with `knownInstallable`. This is useful to know because modules
|
228 | expanded via shrinkwrap don't go through this– `inflateShrinkwrap` does not
|
229 | currently have any rollback semantics and so checking this sort of thing there
|
230 | is unhelpful.
|
231 | ([@iarna](https://github.com/iarna))
|
232 | * [`ff87938`](https://github.com/npm/npm/commit/ff879382fda21dac7216a5f666287b3a7e74a947)
|
233 | [#11735](https://github.com/npm/npm/issues/11735)
|
234 | Running `npm install --save-dev` will now update shrinkwrap file, but only
|
235 | if there already are devDependencies in it.
|
236 | ([@szimek](https://github.com/szimek))
|
237 | * [`c00ca3a`](https://github.com/npm/npm/commit/c00ca3aef836709eeaeade91c5305bc2fbda2e8a)
|
238 | [#13394](https://github.com/npm/npm/issues/13394)
|
239 | Check installability of modules from shrinkwrap, since modules that came into
|
240 | the tree vie shrinkwrap won't already have this information recorded in
|
241 | advance.
|
242 | ([@iarna](https://github.com/iarna))
|
243 |
|
244 | #### INSTALLER ERROR REPORTING LEVEL UP
|
245 |
|
246 | As part of the shrinkwrap push, there were also a lot of error-reporting
|
247 | improvements. Some to add more detail to error objects, others to fix bugs and
|
248 | inconsistencies.
|
249 |
|
250 | * [`2cdd713`](https://github.com/npm/npm/commit/2cdd7132abddcc7f826a355c14348ce9a5897ffe)
|
251 | Consistently set code on `ETARGET` when fetching package metadata if no
|
252 | compatible version is found.
|
253 | ([@iarna](https://github.com/iarna))
|
254 | * [`cabcd17`](https://github.com/npm/npm/commit/cabcd173f2923cb5b77e7be0e42eea2339a24727)
|
255 | [#13692](https://github.com/npm/npm/pull/13692/)
|
256 | Include installer warning details at the `verbose` log level.
|
257 | ([@iarna](https://github.com/iarna))
|
258 | * [`95a4044`](https://github.com/npm/npm/commit/95a4044cbae93d19d0da0f3cd04ea8fa620295d9)
|
259 | [`dbb14c2`](https://github.com/npm/npm/commit/dbb14c241d982596f1cdaee251658f5716989fd2)
|
260 | [`9994383`](https://github.com/npm/npm/commit/9994383959798f80749093301ec43a8403566bb6)
|
261 | [`7417000`](https://github.com/npm/npm/commit/74170003db0c53def9b798cb6fe3fe7fc3e06482)
|
262 | [`f45f85d`](https://github.com/npm/npm/commit/f45f85dac800372d63dfa8653afccbf5bcae7295)
|
263 | [`e79cc1b`](https://github.com/npm/npm/commit/e79cc1b11440f0d122c4744d5eff98def9553f4a)
|
264 | [`146ee39`](https://github.com/npm/npm/commit/146ee394b1f7a33cf409a30b835a85d939acb438)
|
265 | [#13692](https://github.com/npm/npm/pull/13692/)
|
266 | Improve various bits of error reporting, adding more error information and
|
267 | some related refactoring.
|
268 | ([@iarna](https://github.com/iarna))
|
269 |
|
270 | #### MISCELLANEOUS BUGS LEVEL UP
|
271 |
|
272 | * [`116b6c6`](https://github.com/npm/npm/commit/116b6c60a174ea0cc49e4d62717e4e26175b6534)
|
273 | [#13456](https://github.com/npm/npm/issues/13456)
|
274 | In lifecycle scripts, any `node_modules/.bin` existing in the hierarchy
|
275 | should be turned into an entry in the PATH environment variable.
|
276 | However, prior to this commit, it was splitting based on the string
|
277 | `node_modules`, rather than restricting it to only path portions like
|
278 | `/node_modules/` or `\node_modules\`. So, a path containing an entry
|
279 | like `my_node_modules` would be improperly split.
|
280 | ([@isaacs](https://github.com/isaacs))
|
281 | * [`0a28dd0`](https://github.com/npm/npm/commit/0a28dd0104e5b4a8cc0cb038bd213e6a50827fe8)
|
282 | [npm/fstream-npm#23](https://github.com/npm/fstream-npm/pull/23)
|
283 | `fstream-npm@1.2.0`:
|
284 | Always ignore `*.orig` files, which are generated by git when using `git
|
285 | mergetool`, by default.
|
286 | ([@zkat](https://github.com/zkat))
|
287 | * [`a3a2fb9`](https://github.com/npm/npm/commit/a3a2fb97adc87c2aa9b2b8957861b30efafc7ad0)
|
288 | [#13708](https://github.com/npm/npm/pull/13708)
|
289 | Always ignore `*.orig` files, which are generated by git when using `git
|
290 | mergetool`, by default.
|
291 | ([@boneskull](https://github.com/boneskull))
|
292 |
|
293 | #### TOOLING LEVEL UP
|
294 |
|
295 | * [`e1d7e6c`](https://github.com/npm/npm/commit/e1d7e6ce551cbc42026cdcadcb37ea515059c972)
|
296 | Add helper for generating test skeletons.
|
297 | ([@iarna](https://github.com/iarna))
|
298 | * [`4400b35`](https://github.com/npm/npm/commit/4400b356bca9175935edad1469c608c909bc01bf)
|
299 | Fix fixture creation and cleanup in `maketest`.
|
300 | ([@iarna](https://github.com/iarna))
|
301 |
|
302 | #### DOCUMENTATION LEVEL UP
|
303 |
|
304 | * [`8eb9460`](https://github.com/npm/npm/commit/8eb94601fe895b97cbcf8c6134e6b371c5371a1e)
|
305 | [#13717](https://github.com/npm/npm/pull/13717)
|
306 | Document that `npm link` will link the files specified in the `bin` field of
|
307 | `package.json` to `{prefix}/bin/{name}`.
|
308 | ([@legodude17](https://github.com/legodude17))
|
309 | * [`a66e5e9`](https://github.com/npm/npm/commit/a66e5e9c388878fe03fb29014c3b95d28bedd3c1)
|
310 | [#13682](https://github.com/npm/npm/pull/13682)
|
311 | Minor grammar fix in documentation for `npm scripts`.
|
312 | ([@Ajedi32](https://github.com/Ajedi32))
|
313 | * [`74b8043`](https://github.com/npm/npm/commit/74b80437ffdfcf8172f6ed4f39bfb021608dd9dd)
|
314 | [#13655](https://github.com/npm/npm/pull/13655)
|
315 | Document line comment syntax for `.npmrc`.
|
316 | ([@mdjasper](https://github.com/mdjasper))
|
317 | * [`b352a84`](https://github.com/npm/npm/commit/b352a84c2c7ad15e9c669af75f65cdaa964f86c0)
|
318 | [#12438](https://github.com/npm/npm/issues/12438)
|
319 | Remind folks to use `#!/usr/bin/env node` in their `bin` scripts to make files
|
320 | executable directly.
|
321 | ([@mxstbr](https://github.com/mxstbr))
|
322 | * [`b82fd83`](https://github.com/npm/npm/commit/b82fd838edbfff5d2833a62f6d8ae8ea2df5a1f2)
|
323 | [#13493](https://github.com/npm/npm/pull/13493)
|
324 | Document that the user config file can itself be configured either through the
|
325 | `$NPM_CONFIG_USERCONFIG` environment variable, or `--userconfig` command line
|
326 | flag.
|
327 | ([@jasonkarns](https://github.com/jasonkarns))
|
328 | * [`8a02699`](https://github.com/npm/npm/commit/8a026992a03d90e563a97c70e90926862120693b)
|
329 | [#13911](https://github.com/npm/npm/pull/13911)
|
330 | Minor documentation reword and cleanup.
|
331 | ([@othiym23](https://github.com/othiym23))
|
332 |
|
333 | #### DEPENDENCY LEVEL UP
|
334 |
|
335 | * [`2818fb0`](https://github.com/npm/npm/commit/2818fb0f6081d68a91f0905945ad102f26c6cf85)
|
336 | `glob@7.0.6`
|
337 | ([@isaacs](https://github.com/isaacs))
|
338 | * [`d88ec81`](https://github.com/npm/npm/commit/d88ec81ad33eb2268fcd517d35346a561bc59aff)
|
339 | `graceful-fs@4.1.6`
|
340 | ([@francescoinfante](https://github.com/francescoinfante))
|
341 | * [`4727f86`](https://github.com/npm/npm/commit/4727f8646daca7b3e3c1c95860e02acf583b9dae)
|
342 | `lodash.clonedeep@4.5.0`
|
343 | ([@jdalton](https://github.com/jdalton))
|
344 | * [`c347678`](https://github.com/npm/npm/commit/c3476780ef4483425e4ae1d095a5884b46b8db86)
|
345 | `lodash.union@4.6.0`
|
346 | ([@jdalton](https://github.com/jdalton))
|
347 | * [`530bd4d`](https://github.com/npm/npm/commit/530bd4d2ae6f704f624e4f7bf64f911f37e2b7f8)
|
348 | `lodash.uniq@4.5.0`
|
349 | ([@jdalton](https://github.com/jdalton))
|
350 | * [`483d56a`](https://github.com/npm/npm/commit/483d56ae8137eca0c0f7acd5d1c88ca6d5118a6a)
|
351 | `lodash.without@4.4.0`
|
352 | ([@jdalton](https://github.com/jdalton))
|
353 | * [`6c934df`](https://github.com/npm/npm/commit/6c934df6e74bacd0ed40767b319936837a43b586)
|
354 | `inherits@2.0.3`
|
355 | ([@isaacs](https://github.com/isaacs))
|
356 | * [`a65ed7c`](https://github.com/npm/npm/commit/a65ed7cbd3c950383a14461a4b2c87b67ef773b9)
|
357 | `npm-registry-client@7.2.1`:
|
358 | * [npm/npm-registry-client#142](https://github.com/npm/npm-registry-client/pull/142) Fix `EventEmitter` warning spam from error handlers on socket. ([@addaleax](https://github.com/addaleax))
|
359 | * [npm/npm-registry-client#131](https://github.com/npm/npm-registry-client/pull/131) Adds support for streaming request bodies. ([@aredridel](https://github.com/aredridel))
|
360 | * Fixes [#13656](https://github.com/npm/npm/issues/13656).
|
361 | * Dependency updates.
|
362 | * Documentation improvements.
|
363 | ([@othiym23](https://github.com/othiym23))
|
364 | * [`2b88d62`](https://github.com/npm/npm/commit/2b88d62e6a730716b27052c0911c094d01830a60)
|
365 | [npm/npmlog#34](https://github.com/npm/npmlog/pull/34)
|
366 | `npmlog@4.0.0`:
|
367 | Allows creating log levels that are empty strings or 0
|
368 | ([@rwaldron](https://github.com/rwaldron))
|
369 | * [`242babb`](https://github.com/npm/npm/commit/242babbd02274ee2d212ae143992c20f47ef0066)
|
370 | `once@1.4.0`
|
371 | ([@zkochan](https://github.com/zkochan))
|
372 | * [`6d8ba2b`](https://github.com/npm/npm/commit/6d8ba2b4918e2295211130af68ee8a67099139e0)
|
373 | `readable-stream@2.1.5`
|
374 | ([@calvinmetcalf](https://github.com/calvinmetcalf))
|
375 | * [`855c099`](https://github.com/npm/npm/commit/855c099482a8d93b7f0646bd7bcf8a31f81868e0)
|
376 | `retry@0.10.0`
|
377 | ([@tim-kos](https://github.com/tim-kos))
|
378 | * [`80540c5`](https://github.com/npm/npm/commit/80540c52b252615ae8a6271b3df870eabfea935e)
|
379 | `semver@5.3.0`:
|
380 | * Add `minSatisfying`
|
381 | * Add `prerelease(v)`
|
382 | ([@isaacs](https://github.com/isaacs))
|
383 | * [`8aaac52`](https://github.com/npm/npm/commit/8aaac52ffae8e689fae265712913b1e2a36b1aa6)
|
384 | `which@1.2.1`
|
385 | ([@isaacs](https://github.com/isaacs))
|
386 | * [`85108a2`](https://github.com/npm/npm/commit/85108a29108ab0a57997572dc14f87eb706890ba)
|
387 | `write-file-atomic@1.2.0`:
|
388 | Preserve chmod and chown from the overwritten file
|
389 | ([@iarna](https://github.com/iarna))
|
390 | * [`291a377`](https://github.com/npm/npm/commit/291a377f32f5073102a8ede61a27e6a9b37154c2)
|
391 | Update npm documentation to reflect documentation for `semver@5.3.0`.
|
392 | ([@zkat](https://github.com/zkat))
|
393 |
|
394 | ### v3.10.7 (2016-08-11)
|
395 |
|
396 | Hi all, today's our first release coming out of the new monthly release
|
397 | cadence. See below for details. We're all recovered from conferences now
|
398 | and raring to go! We've got some pretty keen bug fixes and a bunch of
|
399 | documentation and dependency updates. It's hard to narrow it down to just a
|
400 | few, but of note are scoped packages in bundled dependencies, the
|
401 | `preinstall` lifecycle fix, the shrinkwrap and Git dependencies fix and the
|
402 | fix to a crasher involving cycles in development dependencies.
|
403 |
|
404 | #### NEW RELEASE CADENCE
|
405 |
|
406 | Releasing npm has been, for the most part, a very prominent part of our
|
407 | weekly process process. As part of our efforts to find the most effective
|
408 | ways to allocate our team's resources, we decided last month that we would
|
409 | try and slow our releases down to a monthly cadence, and see if we found
|
410 | ourselves with as much extra time and attention as we expected to have.
|
411 | Process experiments are useful for finding more effective ways to do our
|
412 | work, and we're at least going to keep doing this for a whole quarter, and
|
413 | then measure how well it worked out. It's entirely likely that we'll switch
|
414 | back to a more frequent cadence, specially if we find that the value that
|
415 | weekly cadence was providing the community is not worth sacrificing for a
|
416 | bit of extra time. Does this affect you significantly? Let us know!
|
417 |
|
418 | #### SCOPED PACKAGES IN BUNDLED DEPENDENCIES
|
419 |
|
420 | Prior to this release and
|
421 | [v2.15.10](https://github.com/npm/npm/releases/v2.15.10), npm had ignored
|
422 | scoped modules found in `bundleDependencies`.
|
423 |
|
424 | * [`29cf56d`](https://github.com/npm/npm/commit/29cf56dbae8e3dd16c24876f998051623842116a)
|
425 | [#8614](https://github.com/npm/npm/issues/8614)
|
426 | Include scoped packages in bundled dependencies.
|
427 | ([@forivall](https://github.com/forivall))
|
428 |
|
429 | #### `preinstall` LIFECYCLE IN CURRENT PROJECT
|
430 |
|
431 | * [`b7f13bc`](https://github.com/npm/npm/commit/b7f13bc80b89b025be0c53d81b90ec8f2cebfab7)
|
432 | [#13259](https://github.com/npm/npm/pull/13259)
|
433 | Run top level preinstall before installing dependencies
|
434 | ([@palmerj3](https://github.com/palmerj3))
|
435 |
|
436 | #### BETTER SHRINKWRAP WITH GIT DEPENDENCIES
|
437 |
|
438 | * [`0f7e319`](https://github.com/npm/npm/commit/0f7e3197bcec7a328b603efdffd3681bbc40f585)
|
439 | [#12718](https://github.com/npm/npm/issues/12718.)
|
440 | Update outdated git dependencies found in shrinkwraps. Previously, if the
|
441 | module version was the same then no update would be completed even if the
|
442 | committish had changed.
|
443 | ([@kossnocorp](https://github.com/kossnocorp))
|
444 |
|
445 |
|
446 | #### CYCLES IN DEVELOPMENT DEPENDENCIES NO LONGER CRASH
|
447 |
|
448 | * [`1691de6`](https://github.com/npm/npm/commit/1691de668d34cd92ab3de08bf3a06085388f2f07)
|
449 | [#13327](https://github.com/npm/npm/issues/13327)
|
450 | Fix bug where cycles found in development dependencies could result in
|
451 | infinite recursion that resulted in crashes.
|
452 | ([@iarna](https://github.com/iarna))
|
453 |
|
454 | #### IMPROVE "NOT UPDATING LINKED MODULE" WARNINGS
|
455 |
|
456 | * [`1619871`](https://github.com/npm/npm/commit/1619871ac0cc8839dc9962c78e736095976c1eb4)
|
457 | [#12893](https://github.com/npm/npm/pull/12893)
|
458 | Only warn about symlink update if version number differs
|
459 | The update-linked action outputs a warning that it needs to update the
|
460 | linked package, but can't, There is no need for the package to be updated if
|
461 | it is already at the correct version. This change does a check before
|
462 | logging the warning.
|
463 | ([@DaveEmmerson](https://github.com/DaveEmmerson))
|
464 |
|
465 | #### MORE BUG FIXES
|
466 |
|
467 | * [`8f8d1b3`](https://github.com/npm/npm/commit/8f8d1b33a78c79aff9de73df362abaa7f05751d2)
|
468 | [#11398](https://github.com/npm/npm/issues/11398)
|
469 | Fix bug where `package.json` files that contained a `type` property could
|
470 | cause crashes. `type` is not a `package.json` property that npm makes use
|
471 | of and having it should be (and now is) harmless.
|
472 | ([@zkat](https://github.com/zkat))
|
473 | * [`e7fa6c6`](https://github.com/npm/npm/commit/e7fa6c6a2c1de2a214479daa8c6901eebb350381)
|
474 | [#13353](https://github.com/npm/npm/issues/13353)
|
475 | Add GIT_EXEC_PATH to Git environment whitelist.
|
476 | ([@mhart](https://github.com/mhart))
|
477 | * [`c23af21`](https://github.com/npm/npm/commit/c23af21d4cedd7fedcb4168672044db76ad054a8)
|
478 | [#13626](https://github.com/npm/npm/pull/13626)
|
479 | Use HTTPS issues URL in the error message for type validation errors.
|
480 | ([@watilde](https://github.com/watilde))
|
481 |
|
482 | #### INCLUDE `npm login` IN COMMAND SUMMARY
|
483 |
|
484 | * [`ab0c4b1`](https://github.com/npm/npm/commit/ab0c4b137b05762e75e0913038b606f087b58aa0)
|
485 | [#13581](https://github.com/npm/npm/issues/13581)
|
486 | The `login` command has long been an alias for `adduser`.
|
487 | At the same time, there is an expectation not just of that
|
488 | particular word being something to look for, but of there being
|
489 | clear symmetry with `logout`.
|
490 | So it was a bit confusing when `login` didn't show up in
|
491 | `npm help` on a technicality. This seems like an acceptable
|
492 | exception to the rule that says "no aliases in `npm help`".
|
493 | ([@zkat](https://github.com/zkat))
|
494 |
|
495 | #### DOCUMENTATION
|
496 |
|
497 | * [`e2d7e78`](https://github.com/npm/npm/commit/e2d7e7820a7875ed96e0382dc1e91b8df4e83746)
|
498 | [#13319](https://github.com/npm/npm/pull/13319)
|
499 | As Node.js 0.8 is no longer supported, remove mention of it from the README.
|
500 | ([@watilde](https://github.com/watilde))
|
501 | * [`c565d89`](https://github.com/npm/npm/commit/c565d893a38efb6006e841450503329c9e58f100)
|
502 | [#13349](https://github.com/npm/npm/pull/13349)
|
503 | Updated the scripts documentation to explain the different between `version` and `preversion`.
|
504 | ([@christophehurpeau](https://github.com/christophehurpeau))
|
505 | * [`fa8f87f`](https://github.com/npm/npm/commit/fa8f87f1ec92e543dd975156c4b184eb3e0b80cb)
|
506 | [#10167](https://github.com/npm/npm/pull/10167)
|
507 | Clarify in scope documentation that npm@2 is required for scoped packages.
|
508 | ([@danpaz](https://github.com/danpaz))
|
509 |
|
510 | #### DEPENDENCIES
|
511 |
|
512 | * [`124427e`](https://github.com/npm/npm/commit/124427eabbfd200aa145114e389e19692559ff1e)
|
513 | [#8614](https://github.com/npm/npm/issues/8614)
|
514 | `fstream-npm@1.1.1`:
|
515 | Fixes bug with inclusion of scoped bundled dependencies.
|
516 | ([@forivall](https://github.com/forivall))
|
517 | * [`7e0cdff`](https://github.com/npm/npm/commit/7e0cdff04714709f6dc056b19422d3f937502f1c)
|
518 | [#13497](https://github.com/npm/npm/pull/13497)
|
519 | `graceful-fs@4.1.5`:
|
520 | `graceful-fs` had a [bug fix](https://github.com/isaacs/node-graceful-fs/pull/71) which
|
521 | fixes a problem ([nodejs/node#7846](https://github.com/nodejs/node/pull/7846)) exposed
|
522 | by recent changes to Node.js.
|
523 | ([@thefourtheye](https://github.com/thefourtheye))
|
524 | * [`9b88cb8`](https://github.com/npm/npm/commit/9b88cb89f138443f324094685f4de073f33ecef0)
|
525 | [#9984](https://github.com/npm/npm/issues/9984)
|
526 | `request@2.74.0`:
|
527 | Update request library to at least 2.73 to fix a bug where `npm install` would crash with
|
528 | _Cannot read property 'emit' of null._
|
529 |
|
530 | Update `request` dependency `tough-cookie` to `2.3.0` to
|
531 | to address [https://nodesecurity.io/advisories/130](https://nodesecurity.io/advisories/130).
|
532 | Versions 0.9.7 through 2.2.2 contain a vulnerable regular expression that,
|
533 | under certain conditions involving long strings of semicolons in the
|
534 | "Set-Cookie" header, causes the event loop to block for excessive amounts of
|
535 | time.
|
536 | ([@zarenner](https://github.com/zarenner))
|
537 | ([@stash-sfdc](https://github.com/stash-sfdc))
|
538 | * [`bf78ce5`](https://github.com/npm/npm/commit/bf78ce5ef5d2d6e95177193cca5362dd27bff968)
|
539 | [#13387](https://github.com/npm/npm/issues/13387)
|
540 | `minimatch@3.0.3`:
|
541 | Handle extremely long and terrible patterns more gracefully.
|
542 | There were some magic numbers that assumed that every extglob pattern starts
|
543 | and ends with a specific number of characters in the regular expression.
|
544 | Since !(||) patterns are a little bit more complicated, this led to creating
|
545 | an invalid regular expression and throwing.
|
546 | ([@isaacs](https://github.com/isaacs))
|
547 | * [`803e538`](https://github.com/npm/npm/commit/803e538efaae4b56a764029742adcf6761e8398b)
|
548 | [isaacs/rimraf#111](https://github.com/isaacs/rimraf/issues/111)
|
549 | `rimraf@2.5.4`: Clarify assertions: cb is required, options are not.
|
550 | ([@isaacs](https://github.com/isaacs))
|
551 | * [`a9f84ef`](https://github.com/npm/npm/commit/a9f84ef61b4c719b646bf9cda00577ef16e3a113)
|
552 | `lodash.without@4.2.0`
|
553 | ([@jdalton](https://github.com/jdalton))
|
554 | * [`f59ff1c`](https://github.com/npm/npm/commit/f59ff1c2701f1bfd21bfdb97b4571823b614f694)
|
555 | `lodash.uniq@4.4.0`
|
556 | ([@jdalton](https://github.com/jdalton))
|
557 | * [`8cc027e`](https://github.com/npm/npm/commit/8cc027e5e81623260a49b31fe406ce483258b203)
|
558 | `lodash.union@4.5.0`
|
559 | ([@jdalton](https://github.com/jdalton))
|
560 | * [`0a6c1e4`](https://github.com/npm/npm/commit/0a6c1e4302a153fb055f495043ed33afd8324193)
|
561 | `lodash.without@4.3.0`
|
562 | ([@jdalton](https://github.com/jdalton))
|
563 | * [`4ab0181`](https://github.com/npm/npm/commit/4ab0181fca2eda18888b865ef691b83d30fb0c33)
|
564 | `lodash.clonedeep@4.4.1`
|
565 | ([@jdalton](https://github.com/jdalton))
|
566 |
|
567 | ### v3.10.6 (2016-07-07)
|
568 |
|
569 | This week we have a bunch of bug fixes for ya! A shrinkwrap regression
|
570 | introduced in 3.10.0, better lifecycle `PATH` behavior, improvements when
|
571 | working with registries other than `registry.npmjs.org` and a fix for
|
572 | hopefully the last _don't print a progress bar over my interactive thingy_
|
573 | bug.
|
574 |
|
575 | #### SHRINKWRAP AND DEV DEPENDENCIES
|
576 |
|
577 | The rewrite in 3.10.0 triggered a bug where dependencies of devDependencies
|
578 | would be included in your shrinkwrap even if you didn't request
|
579 | devDependencies.
|
580 |
|
581 | * [`2484529`](https://github.com/npm/npm/commit/2484529ab56a42e5d6f13c48006f39a596d9e327)
|
582 | [#13308](https://github.com/npm/npm/pull/13308)
|
583 | Fix bug where deps of devDependencies would be incorrectly included in
|
584 | shrinkwraps.
|
585 | ([@iarna](https://github.com/iarna))
|
586 |
|
587 | #### BETTER PATH LIFECYCLE BEHAVIOR
|
588 |
|
589 | We've been around the details on this one a few times in recent months and
|
590 | hopefully this will bring is to where we want to be.
|
591 |
|
592 | * [`81051a9`](https://github.com/npm/npm/commit/81051a90eee66a843f76eb8cccedbb1d0a5c1f47)
|
593 | [#12968](https://github.com/npm/npm/pull/12968)
|
594 | When running lifecycle scripts, only prepend directory containing the node
|
595 | binary to PATH if not already in PATH.
|
596 | ([@segrey](https://github.com/segrey))
|
597 |
|
598 | #### BETTER INTERACTIONS WITH THIRD PARTY REGISTRIES
|
599 |
|
600 | * [`071193c`](https://github.com/npm/npm/commit/071193c8e193767dd1656cb27556cb3751d77a3b)
|
601 | [#10869](https://github.com/npm/npm/pull/10869)
|
602 | If the registry returns a list of versions some of which are invalid, skip
|
603 | those when picking a version to install. This can't happen with
|
604 | registry.npmjs.org as it will normalize versions published with it, but it
|
605 | can happen with other registries.
|
606 | ([@gregersrygg](https://github.com/gregersrygg))
|
607 |
|
608 | #### ONE LAST TOO-MUCH-PROGRESS CORNER
|
609 |
|
610 | * [`1244cc1`](https://github.com/npm/npm/commit/1244cc16dc5a0536acf26816a1deeb8e221d67eb)
|
611 | [#13305](https://github.com/npm/npm/pull/13305)
|
612 | Disable progress bar in `npm edit` and `npm config edit`.
|
613 | ([@watilde](https://github.com/watilde))
|
614 |
|
615 | #### HTML DOCS IMPROVEMENTS
|
616 |
|
617 | * [`58da923`](https://github.com/npm/npm/commit/58da9234ae72a5474b997f890a1155ee9785e6f1)
|
618 | [#13225](https://github.com/npm/npm/issues/13225)
|
619 | Fix HTML character set declaration in generated HTML documentation.
|
620 | ([@KenanY](https://github.com/KenanY))
|
621 | * [`d1f0bf4`](https://github.com/npm/npm/commit/d1f0bf4303566f8690502034f82bbb449850958d)
|
622 | [#13250](https://github.com/npm/npm/pull/13250)
|
623 | Optimize png images using zopflipng.
|
624 | ([@PeterDaveHello](https://github.com/PeterDaveHello))
|
625 |
|
626 | #### DEPENDENCY UPDATES (THAT MATTER)
|
627 |
|
628 | * [`c7567e5`](https://github.com/npm/npm/commit/c7567e58618b63f97884afa104d2f560c9272dd5)
|
629 | [npm/npm-user-validate#9](https://github.com/npm/npm-user-validate/pull/9)
|
630 | `npm-user-validate@0.1.5`:
|
631 | Lower the username length limits to 214 from 576 to match `registry.npmjs.org`'s limits.
|
632 | ([@aredridel](https://github.com/aredridel))
|
633 | * [`22802c9`](https://github.com/npm/npm/commit/22802c9db3cf990c905e8f61304db9b5571d7964)
|
634 | [#isaacs/rimraf](https://github.com/npm/npm/issues/isaacs/rimraf)
|
635 | `rimraf@2.5.3`:
|
636 | Fixes EPERM errors when running `lstat` on read-only directories.
|
637 | ([@isaacs](https://github.com/isaacs))
|
638 | * [`ce6406f`](https://github.com/npm/npm/commit/ce6406f4b6c4dffbb5cd8a3c049f6663a5665522)
|
639 | `glob@7.0.5`:
|
640 | Forces the use of `minimatch` to 3.0.2, which improved handling of long and
|
641 | complicated patterns.
|
642 | ([@isaacs](https://github.com/isaacs))
|
643 |
|
644 |
|
645 | ### v3.10.5 (2016-07-05)
|
646 |
|
647 | This is a fix to this week's testing release to correct the update of
|
648 | `node-gyp` which somehow got mangled.
|
649 |
|
650 | * [`ca97ce2`](https://github.com/npm/npm/commit/ca97ce2e8d8ba44c445b39ffa40daf397d5601b3)
|
651 | [#13256](https://github.com/npm/npm/issues/13256)
|
652 | Fresh reinstall of `node-gyp@3.4.0`.
|
653 | ([@zkat](https://github.com/zkat))
|
654 |
|
655 | ### v3.10.4 (2016-06-30)
|
656 |
|
657 | Hey y'all! This release includes a bunch of fixes we've been working on as we
|
658 | continue on our `big-bug` push. There's still [a lot of it left to
|
659 | do](https://github.com/npm/npm/labels/big-bug), but once this is done, things
|
660 | should just generally be more stable, installs should be more reliable and
|
661 | correct, and we'll be able to move on to more future work. We'll keep doing our
|
662 | best! 🙌
|
663 |
|
664 | #### RACES AS WACKY AS [REDLINE](https://en.wikipedia.org/wiki/Redline_\(2009_film\))
|
665 |
|
666 | Races are notoriously hard to squash, and tend to be some of the more common
|
667 | recurring bugs we see on the CLI. [@julianduque](https://github.com/julianduque)
|
668 | did some pretty awesome [sleuthing
|
669 | work](https://github.com/npm/npm/issues/12669) to track down a cache race and
|
670 | helpfully submitted a patch. There were some related races in the same area that
|
671 | also got fixed at around the same time, mostly affecting Windows users.
|
672 |
|
673 | * [`2a37c97`](https://github.com/npm/npm/commit/2a37c97121483db2b6f817fe85c2a5a77b76080e)
|
674 | [#12669](https://github.com/npm/npm/issues/12669)
|
675 | [#13023](https://github.com/npm/npm/pull/13023)
|
676 | The CLI is pretty aggressive about correcting permissions across the cache
|
677 | whenever it writes to it. This aggressiveness caused a couple of races where
|
678 | temporary cache files would get picked up by `fs.readdir`, and removed before
|
679 | `chownr` was called on them, causing `ENOENT` errors. While the solution might
|
680 | seem a bit hamfisted, it's actually perfectly safe and appropriate in this
|
681 | case to just ignore those resulting `ENOENT` errors.
|
682 | ([@julianduque](https://github.com/julianduque))
|
683 | * [`ea018b9`](https://github.com/npm/npm/commit/ea018b9e3856d1798d199ae3ebce4ed07eea511b)
|
684 | [#13023](https://github.com/npm/npm/pull/13023)
|
685 | If a user were to have SUDO_UID and SUDO_GID, they'd be able to get into a
|
686 | pretty weird state. This fixes that corner case.
|
687 | ([@zkat](https://github.com/zkat))
|
688 | * [`703ca3a`](https://github.com/npm/npm/commit/703ca3abbf4f1cb4dff08be32acd2142d5493482)
|
689 | [#13023](https://github.com/npm/npm/pull/13023)
|
690 | A missing `return` was causing `chownr` to be called on Windows, even though
|
691 | that's literally pointless, and causing crashes in the process, instead of
|
692 | short-circuiting. This was entirely dependent on which callback happened to be
|
693 | called first, and in some cases, the failing one would win the race. This
|
694 | should prevent this from happening in the future.
|
695 | ([@zkat](https://github.com/zkat))
|
696 | * [`69267f4`](https://github.com/npm/npm/commit/69267f4fbd1467ce576f173909ced361f8fe2a9d)
|
697 | [#13023](https://github.com/npm/npm/pull/13023)
|
698 | Added tests to verify `correct-mkdir` race patch.
|
699 | ([@zkat](https://github.com/zkat))
|
700 | * [`e5f50ea`](https://github.com/npm/npm/commit/e5f50ea9f84fe8cac6978d18f7efdf43834928e7)
|
701 | [#13023](https://github.com/npm/npm/pull/13023)
|
702 | Added tests to verify `addLocal` race patch.
|
703 | ([@zkat](https://github.com/zkat))
|
704 |
|
705 | #### SHRINKWRAP IS COMPLICATED BUT IT'S BETTER NOW
|
706 |
|
707 | [@iarna](https://github.com/iarna) did some heroic hacking to refactor a bunch
|
708 | of `shrinkwrap`-related bits and fixed some resolution and pathing issues that
|
709 | were biting users. The code around that stuff got more readable/maintainable in
|
710 | the process, too!
|
711 |
|
712 | * [`346bba1`](https://github.com/npm/npm/commit/346bba1e1fee9cc814b07c56f598a73be5c21686)
|
713 | [#13214](https://github.com/npm/npm/pull/13214)
|
714 | Resolve local dependencies in `npm-shrinkwrap.json` relative to the top of the
|
715 | tree.
|
716 | ([@iarna](https://github.com/iarna))
|
717 | * [`4a67fdb`](https://github.com/npm/npm/commit/4a67fdbd0f160deb6644a9c4c5b587357db04d2d)
|
718 | [#13213](https://github.com/npm/npm/pull/13213)
|
719 | If you run `npm install modulename` it should, if a `npm-shrinkwrap.json` is
|
720 | present, use the version found there. If not, it'll use the version found in
|
721 | your `package.json`, and failing *that*, use `latest`.
|
722 | This fixes a case where the first check was being bypassed because version
|
723 | resolution was being done prior to loading the shrinkwrap, and so checks to
|
724 | match the shrinkwrap version couldn't succeed.
|
725 | ([@iarna](https://github.com/iarna))
|
726 | * [`afa2133`](https://github.com/npm/npm/commit/afa2133a5d8ac4f6f44cdc6083d89ad7f946f5bb)
|
727 | [#13214](https://github.com/npm/npm/pull/13214)
|
728 | Refactor shrinkwrap specifier lookup into shared function.
|
729 | ([@iarna](https://github.com/iarna))
|
730 | * [`2820b56`](https://github.com/npm/npm/commit/2820b56a43e1cc1e12079a4c886f6c14fe8c4f10)
|
731 | [#13214](https://github.com/npm/npm/pull/13214)
|
732 | Refactor operations in `inflate-shrinkwrap.js` into separate functions for
|
733 | added clarity.
|
734 | ([@iarna](https://github.com/iarna))
|
735 | * [`ee5bfb3`](https://github.com/npm/npm/commit/ee5bfb3e56ee7ae582bec9f741f32b224c279947)
|
736 | Fix Windows path issue in a shrinkwrap test.
|
737 | ([@zkat](https://github.com/zkat))
|
738 |
|
739 | #### OTHER BUGFIXES
|
740 |
|
741 | * [`a11a7b2`](https://github.com/npm/npm/commit/a11a7b2e7df9478ac9101b06eead4a74c41a648d)
|
742 | [#13212](https://github.com/npm/npm/pull/13212)
|
743 | Resolve local paths passed in through the command line relative to current
|
744 | directory, instead of relative to the `package.json`.
|
745 | ([@iarna](https://github.com/iarna))
|
746 |
|
747 | #### DEPENDENCY UPDATES
|
748 |
|
749 | * [`900a5b7`](https://github.com/npm/npm/commit/900a5b7f18b277786397faac05853c030263feb8)
|
750 | [#13199](https://github.com/npm/npm/pull/13199)
|
751 | [`node-gyp@3.4.0`](https://github.com/nodejs/node-gyp/blob/master/CHANGELOG.md):
|
752 | AIX, Visual Studio 2015, and logging improvements. Oh my~!
|
753 | ([@rvagg](https://github.com/rvagg))
|
754 |
|
755 | #### DOCUMENTATION FIXES
|
756 |
|
757 | * [`c6942a7`](https://github.com/npm/npm/commit/c6942a7d6acb2b8c73206353bbec03380a056af4)
|
758 | [#13134](https://github.com/npm/npm/pull/13134)
|
759 | Fixed a few typos in `CHANGELOG.md`.
|
760 | ([@watilde](https://github.com/watilde))
|
761 | * [`e63d913`](https://github.com/npm/npm/commit/e63d913127731ece56dcd69c7c0182af21be58f8)
|
762 | [#13156](https://github.com/npm/npm/pull/13156)
|
763 | Fix old reference to `doc/install` in a source comment.
|
764 | ([@sheerun](https://github.com/sheerun))
|
765 | * [`099d23c`](https://github.com/npm/npm/commit/099d23cc8f38b524dc19a25857b2ebeca13c49d6)
|
766 | [#13113](https://github.com/npm/npm/issues/13113)
|
767 | [#13189](https://github.com/npm/npm/pull/13189)
|
768 | Fixes a link to `npm-tag(3)` that was breaking to instead point to
|
769 | `npm-dist-tag(1)`, as reported by [@SimenB](https://github.com/SimenB)
|
770 | ([@macdonst](https://github.com/macdonst))
|
771 |
|
772 | ### v3.10.3 (2016-06-23)
|
773 |
|
774 | Given that we had not one, but two updates to our RC this past week, it
|
775 | should come as no surprise that this week's full release is a bit
|
776 | lighter. We have some documentation patches and a couple of bug fixes via
|
777 | dependency updates.
|
778 |
|
779 | If you haven't yet checked out last week's release,
|
780 | [v3.10.0](https://github.com/npm/npm/releases/tag/v3.10.0)
|
781 | and the two follow up releases
|
782 | [v3.10.1](https://github.com/npm/npm/releases/tag/v3.10.1)
|
783 | and
|
784 | [v3.10.2](https://github.com/npm/npm/releases/tag/v3.10.2),
|
785 | you really should do so. They're the most important releases we've had in
|
786 | quite a while, fixing a bunch of critical bugs (including an issue
|
787 | impacting publishing with Node.js 6.x) and of course, bringing in the new
|
788 | and improved progress bar.
|
789 |
|
790 | #### BUM SYMLINKS BURN NO MORE
|
791 |
|
792 | There's been a bug lurking where broken symlinks in your `node_modules`
|
793 | folder could cause all manner of mischief, from crashes to empty `npm ls`
|
794 | results. The intrepid [@watilde](https://github.com/watilde) tracked this
|
795 | down for us.
|
796 |
|
797 | This addresses the root cause of the outdated crasher we protected
|
798 | against earlier this week in
|
799 | [#13115](https://github.com/npm/npm/issues/13115).
|
800 |
|
801 | This also fixes [#9564](https://github.com/npm/npm/issues/9564), the
|
802 | problem where a bad symlink in your global modules would result in an
|
803 | empty result when you ran `npm ls -g`.
|
804 |
|
805 | This ALSO likely fixes numerous "Missing argument #1" errors. (But surely
|
806 | not all of them as that's actually just a generic arity and
|
807 | type-validation failure.)
|
808 |
|
809 | * [`ca92ac4`](https://github.com/npm/npm/commit/ca92ac455b841a708dd89262ff88d503b125d717)
|
810 | [npm/read-package-tree#6](https://github.com/npm/read-package-tree/pull/6)
|
811 | `read-package-tree@5.1.5`:
|
812 | Make bad symlinks be non-fatal errors when reading the tree off disk.
|
813 | ([@watilde](https://github.com/watilde))
|
814 |
|
815 | #### BETTER UNICODE DETECTION
|
816 |
|
817 | * [`6c3f7f0`](https://github.com/npm/npm/commit/6c3f7f043f09fc2aa19ffd3f956787635fa6f4d0)
|
818 | `has-unicode@2.0.1`:
|
819 | Fix unicode detection on a number of Linux distributions.
|
820 | ([@Darkhogg](https://github.com/Darkhogg)) ([@gagern](https://github.com/gagern))
|
821 |
|
822 |
|
823 | #### DOCUMENTATION FIXES
|
824 |
|
825 | * [`b9243ee`](https://github.com/npm/npm/commit/b9243ee60a3d60505c2502dc8633811b42c8aaea)
|
826 | [#13127](https://github.com/npm/npm/pull/13127)
|
827 | Remove extra backtick from `npm ls` documentation.
|
828 | ([@shvaikalesh](https://github.com/shvaikalesh))
|
829 | * [`e05c0c2`](https://github.com/npm/npm/commit/e05c0c243cc702f9c392c001f668a90b57eaeb0e)
|
830 | [iarna/has-unicode#3](https://github.com/iarna/has-unicode/pull/3)
|
831 | [iarna/has-unicode#4](https://github.com/iarna/has-unicode/pull/4)
|
832 | [#13084](https://github.com/npm/npm/pull/13084)
|
833 | Correct changelog entry for shrinkwrap lifecycle order.
|
834 | ([@SimenB](https://github.com/SimenB))
|
835 | * [`823994f`](https://github.com/npm/npm/commit/823994f100a0e59e1dd109e312811f971968ec75)
|
836 | [#13080](https://github.com/npm/npm/pull/13080)
|
837 | Describe using `npm pack` to see a dry run of publication results in
|
838 | the `npm publish` documentation.
|
839 | ([@laughinghan](https://github.com/laughinghan))
|
840 |
|
841 | #### DEPENDENCY UPDATES
|
842 |
|
843 | * [`e44d2db`](https://github.com/npm/npm/commit/e44d2db1ad0d860ca08e99c81135bd399fb733b1)
|
844 | `aproba@1.0.4`: Documentation updates and minor refactoring.
|
845 | ([@iarna](https://github.com/iarna))
|
846 |
|
847 | ### v3.10.2 (2016-06-17):
|
848 |
|
849 | This is a quick hotfix release with two small bug fixes. First, there was
|
850 | an issue where the new progress bar would overwrite interactive prompts,
|
851 | that is, those found in `npm login` and `npm init`. Second, if the
|
852 | directory you were running `npm outdated` on was a bad link or otherwise had
|
853 | unrecoverable errors then npm would crash instead of printing the error.
|
854 |
|
855 | * [`fbefb86`](https://github.com/npm/npm/commit/fbefb8675b26320b295f481b4872ce99f0180807)
|
856 | [`7779e9f`](https://github.com/npm/npm/commit/7779e9fb9430f6547532c67f2471864d62bbd5bc)
|
857 | [#13105](https://github.com/npm/npm/issues/13105)
|
858 | Disable progress bar in `adduser` and `init`.
|
859 | * [`6a33b2c`](https://github.com/npm/npm/commit/6a33b2c13f637a41e25cd0339925bc430b50358a)
|
860 | [#13115](https://github.com/npm/npm/issues/13115)
|
861 | Ensure that errors reading the package tree for `outdated` does not result
|
862 | in crashes.
|
863 | ([@iarna](https://github.com/iarna))
|
864 |
|
865 | ### v3.10.1 (2016-06-17):
|
866 |
|
867 | There are two very important bug fixes and one long-awaited (and significant!)
|
868 | deprecation in this hotfix release. [Hold on.](http://butt.holdings/)
|
869 |
|
870 | #### *WHOA*
|
871 |
|
872 | When Node.js 6.0.0 was released, the CLI team noticed an alarming upsurge in
|
873 | bugs related to important files (like `README.md`) not being included in
|
874 | published packages. The new bugs looked much like
|
875 | [#5082](https://github.com/npm/npm/issues/5082), which had been around in one
|
876 | form or another since April, 2014. #5082 used to be a very rare (and obnoxious)
|
877 | bug that the CLI team hadn't had much luck reproducing, and we'd basically
|
878 | marked it down as a race condition that arose on machines using slow and / or
|
879 | rotating-media-based hard drives.
|
880 |
|
881 | Under 6.0.0, the behavior was reliable enough to be nearly deterministic, and
|
882 | made it very difficult for publishers using `.npmignore` files in combination
|
883 | with `"files"` stanzas in `package.json` to get their packages onto the
|
884 | registry without one or more files missing from the packed tarball. The entire
|
885 | saga is contained within [the issue](https://github.com/npm/npm/issues/5082),
|
886 | but the summary is that an improvement to the performance of
|
887 | [`fs.realpath()`](https://nodejs.org/api/fs.html#fs_fs_realpath_path_options_callback)
|
888 | made it much more likely that the packing code would lose the race.
|
889 |
|
890 | Fixing this has proven to be very difficult, in part because the code used by
|
891 | npm to produce package tarballs is more complicated than, strictly speaking, it
|
892 | needs to be. [**@evanlucas**](https://github.com/evanlucas) contributed [a
|
893 | patch](https://github.com/npm/fstream/pull/50) that passed the tests in a
|
894 | [special test suite](https://github.com/othiym23/eliminate-5082) that I
|
895 | ([**@othiym23**](https://github.com/othiym23)) created (with help from
|
896 | [**@addaleax**](https://github.com/addaleax)), but only _after_ we'd released
|
897 | the fixed version of that package did we learn that it actually made the
|
898 | problem _worse_ in other situations in npm proper. Eventually,
|
899 | [**@rvagg**](https://github.com/rvagg) put together a more durable fix that
|
900 | appears to completely address the errant behavior under Node.js 6.0.0. That's
|
901 | the patch included in this release. Everybody should chip in for redback
|
902 | insurance for Rod and his family; he's done the community a huge favor.
|
903 |
|
904 | Does this mean the long (2+ year) saga of #5082 is now over? At this point, I'm
|
905 | going to quote from my latest summary on the issue:
|
906 |
|
907 | > The CLI team (mostly me, with input from the rest of the team) has decided that
|
908 | > the overall complexity of the interaction between `fstream`, `fstream-ignore`,
|
909 | > `fstream-npm`, and `node-tar` has grown more convoluted than the team is
|
910 | > comfortable (maybe even capable of) supporting.
|
911 | >
|
912 | > - While I believe that @rvagg's (very targeted) fix addresses _this_ issue, I
|
913 | > would be shocked if there aren't other race conditions in npm's packing
|
914 | > logic. I've already identified a couple other places in the code that are
|
915 | > most likely race conditions, even if they're harder to trigger than the
|
916 | > current one.
|
917 | > - The way that dependency bundling is integrated leads to a situation in
|
918 | > which a bunch of logic is duplicated between `fstream-npm` and
|
919 | > `lib/utils/tar.js` in npm itself, and the way `fstream`'s extension
|
920 | > mechanism works makes this difficult to clean up. This caused a nasty
|
921 | > regression ([#13088](https://github.com/npm/fstream/pull/50), see below) as
|
922 | > of ~`npm@3.8.7` where the dependencies of `bundledDependencies` were no
|
923 | > longer being included in the built package tarballs.
|
924 | > - The interaction between `.npmignore`, `.gitignore`, and `files` is hopelessly
|
925 | > complicated, scattered in many places throughout the code. We've been
|
926 | > discussing [making the ignores and includes logic clearer and more
|
927 | > predictable](https://github.com/npm/npm/wiki/Files-and-Ignores), and the
|
928 | > current code fights our efforts to clean that up.
|
929 | >
|
930 | > So, our intention is still to replace `fstream`, `fstream-ignore`, and
|
931 | > `fstream-npm` with something much simpler and purpose-built. There's no real
|
932 | > reason to have a stream abstraction here when a simple recursive-descent
|
933 | > filesystem visitor and a synchronous function that can answer whether a given
|
934 | > path should be included in the packed tarball would do the job adequately.
|
935 | >
|
936 | > What's not yet clear is whether we'll need to replace `node-tar` in the
|
937 | > process. `node-tar` is a very robust implementation of tar (it handles, like,
|
938 | > everything), and it also includes some very important tweaks to prevent several
|
939 | > classes of security exploits involving maliciously crafted packages. However,
|
940 | > its packing API involves passing in an `fstream` instance, so we'd either need
|
941 | > to produce something that follows enough of `fstream`'s contract for `node-tar`
|
942 | > to keep working, or swap `node-tar` out for something like `tar-stream` (and
|
943 | > then ensuring that our use of `tar-stream` is secure, which could involve
|
944 | > security patches for either npm or `tar-stream`).
|
945 |
|
946 | The testing and review of `fstream@1.0.10` that the team has done leads us to
|
947 | believe that this bug is fixed, but I'm feeling more than a little paranoid
|
948 | about fstream now, so it's important that people keep a close eye on their
|
949 | publishes for a while and let us know immediately if they notice any
|
950 | irregularities.
|
951 |
|
952 | * [`8802f6c`](https://github.com/npm/npm/commit/8802f6c152ea35cb9e5269c077c3a2f9df411afc)
|
953 | [#5082](https://github.com/npm/npm/issues/5082) `fstream@1.0.10`: Ensure that
|
954 | entries are collected after a paused stream resumes.
|
955 | ([@rvagg](https://github.com/rvagg))
|
956 | * [`c189723`](https://github.com/npm/npm/commit/c189723110497a17dac3b0596f2916deeed93ee7)
|
957 | [#5082](https://github.com/npm/npm/issues/5082) Remove the warning introduced
|
958 | in `npm@3.10.0`, because it should no longer be necessary.
|
959 | ([@othiym23](https://github.com/othiym23))
|
960 |
|
961 | #### *ERK*
|
962 |
|
963 | Because the interaction between `fstream`, `fstream-ignore`, `fsream-npm`, and
|
964 | `node-tar` is so complex, it's proven difficult to add support for npm features
|
965 | like `bundledDependencies` without duplicating some logic within npm's code
|
966 | base. While [fixing a completely unrelated
|
967 | bug](https://github.com/npm/npm/issues/9642), we "cleaned up" some of this
|
968 | seemingly duplicated code, and in the process removed the code that ensured
|
969 | that the dependencies of `bundledDependencies` are themselves bundled. We've
|
970 | brought that code back into the code base (without reopening #9642), and added
|
971 | a test to ensure that this regression can't recur.
|
972 |
|
973 | * [`1b6ceca`](https://github.com/npm/npm/commit/1b6ceca32fc81ca7cc7ac2eb7d11f687e6f87f26)
|
974 | [#13088](https://github.com/npm/npm/issues/13088) Partially restore npm's own
|
975 | version of the `fstream-npm` function `applyIgnores` to ensure that the
|
976 | dependencies of `bundledDependencies` are included in published packages.
|
977 | ([@iarna](https://github.com/iarna))
|
978 |
|
979 | #### GOODBYE, FAITHFUL FRIEND
|
980 |
|
981 | At NodeConf Adventure 2016 (RIP in peace, Mikeal Rogers's NodeConf!), the CLI
|
982 | team had an opportunity to talk to representatives from some of the larger
|
983 | companies that we knew were still using Node.js 0.8 in production. After asking
|
984 | them whether they were still using 0.8, we got back blank stares and questions
|
985 | like, "0.8? You mean, from four years ago?" After establishing that being able
|
986 | to run npm in their legacy environments was no longer necessary, the CLI team
|
987 | made the decision to drop support for 0.8. (Faithful observers of our [team
|
988 | meetings](https://github.com/npm/npm/issues?utf8=%E2%9C%93&q=is%3Aissue+npm+cli+team+meeting+)
|
989 | will have known this was the plan for NodeConf since the beginning of 2016.)
|
990 |
|
991 | In practice, this means only what's in the commit below: we've removed 0.8 from
|
992 | our continuous integration test matrix below, and will no longer be habitually
|
993 | testing changes under Node 0.8. We may also give ourselves permission to use
|
994 | `setImmediate()` in test code. However, since the project still supports
|
995 | Node.js 0.10 and 0.12, it's unlikely that patches that rely on ES 2015
|
996 | functionality will land anytime soon.
|
997 |
|
998 | Looking forward, the team's current plan is to drop support for Node.js 0.10
|
999 | when its LTS maintenance window expires in October, 2016, and 0.12 when its
|
1000 | maintenance / LTS window ends at the end of 2016. We will also drop support for
|
1001 | Node.js 5.x when Node.js 6 becomes LTS and Node.js 7 is released, also in the
|
1002 | October-December 2016 timeframe.
|
1003 |
|
1004 | (Confused about Node.js's LTS policy? [Don't
|
1005 | be!](https://github.com/nodejs/LTS) If you look at [this
|
1006 | diagram](https://github.com/nodejs/LTS/blob/ce364a94b0e0619eba570cd57be396573e1ef889/schedule.png),
|
1007 | it should make all of the preceding clear.)
|
1008 |
|
1009 | If, in practice, this doesn't work with distribution packagers or other
|
1010 | community stakeholders responsible for packaging and distributing Node.js and
|
1011 | npm, please reach out to us. Aligning the npm CLI's LTS policy with Node's
|
1012 | helps everybody minimize the amount of work they need to do, and since all of
|
1013 | our teams are small and very busy, this is somewhere between a necessity and
|
1014 | non-negotiable.
|
1015 |
|
1016 | * [`d6afd5f`](https://github.com/npm/npm/commit/d6afd5ffb1b19e5d94aeee666afcb8adaced58db)
|
1017 | Remove 0.8 from the Node.js testing matrix, and reorder to match real-world
|
1018 | priority, with comments. ([@othiym23](https://github.com/othiym23))
|
1019 |
|
1020 | ### v3.10.0 (2016-06-16):
|
1021 |
|
1022 | Do we have a release for you! We have our first new lifecycle since
|
1023 | `version`, a new progress bar and a bunch of bug fixes.
|
1024 | [I'm](https://github.com/iarna) really excited about this release, let me
|
1025 | tell you!!
|
1026 |
|
1027 | #### DANGER: PUBLISHING ON NODE 6.0.0
|
1028 |
|
1029 | Publishing and packing are buggy under Node versions greater than 6.0.0.
|
1030 | Please use Node.js LTS (4.4.x) to publish packages. See
|
1031 | [#5082](https://github.com/npm/npm/issues/5082) for details and current
|
1032 | status.
|
1033 |
|
1034 | * [`4e52cef`](https://github.com/npm/npm/commit/4e52cef3d4170c8abab98149666ec599f8363233)
|
1035 | [#13077](https://github.com/npm/npm/pull/13077)
|
1036 | Warn when using Node 6+.
|
1037 | ([@othiym23](https://github.com/othiym23))
|
1038 |
|
1039 | #### NEW LIFECYCLE SCRIPT: `shrinkwrap`
|
1040 |
|
1041 | * [`e8c80f2`](https://github.com/npm/npm/commit/e8c80f20bfd5d1618e85dbab41660d6f3e5ce405)
|
1042 | [#10744](https://github.com/npm/npm/issues/10744)
|
1043 | You can now add `preshrinkwrap`, `shrinkwrap` and `postshrinkwrap` to your `package.json`
|
1044 | scripts section. They are run when you run `npm shrinkwrap` or `npm install --save` with
|
1045 | an `npm-shrinkwrap.json` present in your module directory.
|
1046 |
|
1047 | `preshrinkwrap` and `shrinkwrap` is run prior to generating the new `npm-shrinkwrap.json`
|
1048 | and `postshrinkwrap` is run after.
|
1049 | ([@SimenB](https://github.com/SimenB))
|
1050 |
|
1051 | #### NEW PROGRESS BAR
|
1052 |
|
1053 | ![Install with new progress bar](http://shared.by.re-becca.org/misc-images/new-gauge-color.gif)
|
1054 |
|
1055 | We have a new progress bar and a bunch of related improvements!
|
1056 |
|
1057 | ##### BLOCKING BLOCKING
|
1058 |
|
1059 | **!!WARNING!!** As a part of this change we now explicitly set
|
1060 | `process.stdout` and `process.stderr` to be _blocking_ if they are ttys,
|
1061 | using [set-blocking](https://www.npmjs.com/package/set-blocking). This is
|
1062 | necessary to ensure that we can fully erase the progress bar before we start
|
1063 | writing other things out to the console.
|
1064 |
|
1065 | Prior to Node.js 6.0.0, they were already blocking on Windows, and MacOS.
|
1066 | Meanwhile, on Linux they were always non-blocking but had large (64kb)
|
1067 | buffers, which largely made this a non-issue there. Starting with Node.js
|
1068 | 6.0.0 they became non-blocking on MacOS and that caused some unexpected
|
1069 | issues (see [nodejs/node#6456](https://github.com/nodejs/node/issues/6456)).
|
1070 |
|
1071 | If you are a Linux user, it's plausible that this might have a performance
|
1072 | impact if your terminal can't keep up with output rate. If you experience
|
1073 | this, we want to know! Please [file an
|
1074 | issue](https://github.com/npm/npm/issues/new) at our issue tracker.
|
1075 |
|
1076 | ##### BETTER LAYOUT
|
1077 |
|
1078 | Let's start by talking about what goes into the new progress bar:
|
1079 |
|
1080 | ```
|
1081 | ⸨░░░░░░░░░░⠂⠂⠂⠂⠂⠂⠂⠂⸩ ⠹ loadExtraneous: verb afterAdd /Users/rebecca/.npm/null/0.0.0/package/package.json written
|
1082 | ↑‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾ ↑ ‾‾‾‾‾‾‾‾‾↑‾‾‾‾ ‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾↑‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
|
1083 | percent complete spinner current thing we're doing most recent log line
|
1084 | ```
|
1085 |
|
1086 | The _spinner_ is intended as an activity indicator–it moves whenever
|
1087 | npm sends something to its logs. It also spins at a constant speed while
|
1088 | waiting on the network.
|
1089 |
|
1090 | The _current thing we're doing_ relates to how we track how much work has
|
1091 | been done. It's the name of the unit of work we most recently started or
|
1092 | completed some of. Sometimes these names are more obvious than others and
|
1093 | that's something we'll look at improving over time.
|
1094 |
|
1095 | And finally, the _most recent log line_ is exactly that, it's the most
|
1096 | recent line that you would have seen if you were running with
|
1097 | `--loglevel=silly` or were watching the `npm-debug.log`. These are written
|
1098 | to be useful to the npm developers above all else, so they may sometimes be
|
1099 | a little cryptic.
|
1100 |
|
1101 | * [`6789978`](https://github.com/npm/npm/commit/6789978ab0713f67928177a9109fed43953ccbda)
|
1102 | [#13075](https://github.com/npm/npm/pull/13075)
|
1103 | `npmlog@3.1.2`: Update to the latest npmlog, which includes the new and
|
1104 | improved progress bar layout.
|
1105 | ([@iarna](https://github.com/iarna))
|
1106 |
|
1107 | ##### MORE PERFORMANT
|
1108 |
|
1109 | The underlying code for the progress bar was rewritten, in part with
|
1110 | performance in mind. Previously whenever you updated the progress bar it
|
1111 | would check an internal variable for how long it had been since the last
|
1112 | update and if it had been long enough, it would print out what you gave it.
|
1113 | With the new progress bar we do updates at a fixed interval (with
|
1114 | `setInterval`) and "updating" the progress bar just updates some variables
|
1115 | that will be used when the next tick of the progress bar happens. Currently
|
1116 | progress bar updates happen every 50ms, although that's open to tuning.
|
1117 |
|
1118 | ##### WIDE(R) COMPATIBILITY
|
1119 |
|
1120 | I spent a lot of time working our Unicode support. There were a few issues
|
1121 | that plagued us:
|
1122 |
|
1123 | Previously one of the characters we used was _ambiguous width_ which means
|
1124 | that it was possible to configure your terminal to display it as _full
|
1125 | width_. If you did this, the output would be broken because we assumed it
|
1126 | was a _half width_ character. We no longer use any of these characters.
|
1127 |
|
1128 | Previously, we defaulted to using Unicode on Windows. This isn't a safe
|
1129 | assumption, however, as folks in non-US locales often use other code pages
|
1130 | for their terminals. Windows doesn't provide* any facility available to
|
1131 | Node.js for determining the current code page, so we no longer try to use
|
1132 | Unicode on Windows.
|
1133 |
|
1134 | _\* The facilities it does provide are a command line tool and a windows
|
1135 | system call. The former isn't satisfactory for speed reasons and the latter
|
1136 | can't be accessed from a JS-only Node.js program._
|
1137 |
|
1138 | ##### FOR THE FUTURE: THEMES
|
1139 |
|
1140 | The new version of the progress bar library supports plugable themes. Adding
|
1141 | support to npm shouldn't be too difficult. The built in themes are:
|
1142 |
|
1143 | * `ASCII` – The fallback theme which is always available.
|
1144 | * `colorASCII` – Inverts the color of the completed portion of the progress
|
1145 | bar. The default on Windows and usually on Linux. (Color support is
|
1146 | determined by looking at the `TERM` environment variable.)
|
1147 | * `brailleSpinner` – A braille based spinner and other unicode enhancements. MacOS only.
|
1148 | * `colorBrailleSpinner` – The default on MacOS, a combination of the above two.
|
1149 |
|
1150 | ##### LESS GARBLED OUTPUT
|
1151 |
|
1152 | As a part of landing this I've also taken the opportunity to more
|
1153 | systematically disable the progress bar prior to printing to `stdout` or
|
1154 | running external commands (in particular: git). This should ensure that the
|
1155 | progress bar doesn't get left on screen after something else prints
|
1156 | something. We also are now much more zealous about erasing the progress bar
|
1157 | on exit, so if you `Ctrl-C` out of an install we'll still cleanup the
|
1158 | progress bar.
|
1159 |
|
1160 | * [`63f153c`](https://github.com/npm/npm/commit/63f153c743f9354376bfb9dad42bd028a320fd1f)
|
1161 | [#13075](https://github.com/npm/npm/pull/13075)
|
1162 | Consistently make sure that the progress bar is hidden before we try to
|
1163 | write to stdout.
|
1164 | ([@iarna](https://github.com/iarna))
|
1165 | * [`8da79fa`](https://github.com/npm/npm/commit/8da79fa60de4972dca406887623d4e430d1609a1)
|
1166 | [#13075](https://github.com/npm/npm/pull/13075)
|
1167 | Be more methodical about disabling progress bars before running external
|
1168 | commands.
|
1169 | ([@iarna](https://github.com/iarna))
|
1170 |
|
1171 | #### REPLACE `process.nextTick` WITH `asap` ASAP
|
1172 |
|
1173 | * [`5873b56`](https://github.com/npm/npm/commit/5873b56cb315437dfe97e747811c0b9c297bfd38)
|
1174 | [`254ad7e`](https://github.com/npm/npm/commit/254ad7e38f978b81046d242297fe8b122bfb5852)
|
1175 | [#12754](https://github.com/npm/npm/issues/12754)
|
1176 | Use `asap` in preference over `process.nextTick` to avoid recursion warnings.
|
1177 | Under the hood `asap` uses `setImmediate` when available and falls back to
|
1178 | `process.nextTick` when it's not. Versions of node that don't support
|
1179 | `setImmediate` have a version of `process.nextTick` that actually behaves
|
1180 | like the current `setImmediate`.
|
1181 | ([@lxe](https://github.com/lxe))
|
1182 |
|
1183 | #### FIXES AND REFACTORING
|
1184 |
|
1185 | Sometimes the installer would get it into its head that it could move or
|
1186 | remove things that it really shouldn't have. While the reproducers for this were
|
1187 | often a bit complicated (the core reproducer involved five symlinks(!)), it turns
|
1188 | out this is an easy scenario to end up in if your project has a bunch of small
|
1189 | modules and you're linking them while developing them.
|
1190 |
|
1191 | Fixing this ended up involving doing an important and overdue rewrite of how
|
1192 | the installer keeps track of (and interrogates) the relationships between
|
1193 | modules. This likely fixes other related bugs, and in the coming weeks
|
1194 | we'll verify and close them as we find them. There are a whole slew of
|
1195 | commits related to this rewrite, and if you'd like to learn more check
|
1196 | out the PR where I describe what I did in detail: [#12775](https://github.com/npm/npm/pull/12775)
|
1197 |
|
1198 | * [`8f3e111`](https://github.com/npm/npm/commit/8f3e111fdd2ce7824864f77b04e5206bdaf961a1)
|
1199 | [`c0b0ed1`](https://github.com/npm/npm/commit/c0b0ed1e9945c01b2e68bf22af3fe4005aa4bcd4)
|
1200 | [#10800](https://github.com/npm/npm/issues/10800)
|
1201 | Remove install pruning stage–this was obsoleted by making the installer keep
|
1202 | itself up to date as it goes along. This is NOT related to `npm prune`.
|
1203 | ([@iarna](https://github.com/iarna))
|
1204 |
|
1205 | #### MAKE OUTDATED MORE WIDELY LEGIBLE
|
1206 |
|
1207 | * [`21c60e9`](https://github.com/npm/npm/commit/21c60e9bb56d47da17b79681f2142b3dcf4c804b)
|
1208 | [#12843](https://github.com/npm/npm/pull/12843)
|
1209 | In `npm outdated, stop coloring the _Location_ and _Package Type_ columns.
|
1210 | Previously they were colored dark gray, which was hard to read for some
|
1211 | users.
|
1212 | ([@tribou](https://github.com/tribou))
|
1213 |
|
1214 | #### DOCUMENTATION UPDATE
|
1215 |
|
1216 | * [`eb0a72e`](https://github.com/npm/npm/commit/eb0a72eb95862c1d0d41a259d138ab601d538793)
|
1217 | [#12983](https://github.com/npm/npm/pull/12983)
|
1218 | Describe how to run the lifecycle scripts of dependencies. How you do
|
1219 | this changed with `npm` v2.
|
1220 | ([@Tapppi](https://github.com/Tapppi))
|
1221 |
|
1222 | ### DEPENDENCY UPDATES
|
1223 |
|
1224 | * [`da743dc`](https://github.com/npm/npm/commit/da743dc2153fed8baca3dada611b188f53ab5931)
|
1225 | `which@1.2.10`:
|
1226 | Fix bug where unnecessary special case path handling for Windows could
|
1227 | produce unexpected results on Unix systems.
|
1228 | ([@isaacs](https://github.com/isaacs))
|
1229 | * [`4533bd5`](https://github.com/npm/npm/commit/4533bd501d54aeedfec3884f4fd54e8c2edd6020)
|
1230 | `npm-user-validate@0.1.4`:
|
1231 | Validate the length of usernames.
|
1232 | ([@aredridel](https://github.com/aredridel))
|
1233 | * [`4a18922`](https://github.com/npm/npm/commit/4a18922e56f9dc902fbb4daa8f5fafa4a1b89376)
|
1234 | `glob@7.0.4`:
|
1235 | Fixes issues with Node 6 and "long or excessively symlink-looping paths".
|
1236 | ([@isaacs](https://github.com/isaacs))
|
1237 | * [`257fe11`](https://github.com/npm/npm/commit/257fe11052987e5cfec2abdf52392dd95a6c6ef3)
|
1238 | `npm-package-arg@4.2.0`:
|
1239 | Add `escapedName` to the result. It is suitable for passing through to a
|
1240 | registry without further processing.
|
1241 | ([@nexdrew](https://github.com/nexdrew))
|
1242 | * [`dda3ca7`](https://github.com/npm/npm/commit/dda3ca70f74879106589ef29e167c8b91ef5aa4c)
|
1243 | `wrappy@1.0.2`
|
1244 | ([@zkat](https://github.com/zkat))
|
1245 | * [`25f1db5`](https://github.com/npm/npm/commit/25f1db504d0fd8c97211835f0027027fe95e0ef3)
|
1246 | `readable-stream@2.1.4`
|
1247 | ([@calvinmetcalf](https://github.com/calvinmetcalf))
|
1248 | * [`9d64fe6`](https://github.com/npm/npm/commit/9d64fe676ebc6949c687ffb85bd93eca3137fc0d)
|
1249 | `abbrev@1.0.9`
|
1250 | ([@isaacs](https://github.com/isaacs))
|
1251 |
|
1252 | ### v3.9.6 (2016-06-02):
|
1253 |
|
1254 | #### SMALL OUTPUT TWEAK
|
1255 |
|
1256 | * [`0bdc9d1`](https://github.com/npm/npm/commit/0bdc9d13b73df07e63a58470ea001fda490e5869)
|
1257 | [#12879](https://github.com/npm/npm/pull/12879)
|
1258 | The usage output for npm commands was somehow under the impression that
|
1259 | the singular form of `aliases` is `aliase`. This has been corrected to show
|
1260 | `alias` instead.
|
1261 | ([@intelliot](https://github.com/intelliot))
|
1262 |
|
1263 | #### DOC UPDATES
|
1264 |
|
1265 | * [`f771b49`](https://github.com/npm/npm/commit/f771b49f5d65bbef540c231fbfcca71cacdce4db)
|
1266 | [#12933](https://github.com/npm/npm/pull/12933)
|
1267 | Add `config.gypi` to list of files that are always ignored in the
|
1268 | `package.json` manpage.
|
1269 | ([@Jokero](https://github.com/Jokero))
|
1270 |
|
1271 | #### DEPENDENCY UPDATES
|
1272 |
|
1273 | * [`61c1d9c`](https://github.com/npm/npm/commit/61c1d9cd4b2296bd41d55a5c58e35ca5f028b9bc)
|
1274 | [#12926](https://github.com/npm/npm/pull/12926)
|
1275 | Removed unused dependency `lodash.isarray`.
|
1276 | ([@mmalecki](https://github.com/mmalecki))
|
1277 | * [`168ed28`](https://github.com/npm/npm/commit/168ed2834b2c6db8bb39f81baadc0bf275807328)
|
1278 | [#12926](https://github.com/npm/npm/pull/12926)
|
1279 | Removed unused dependency `lodash.keys`.
|
1280 | ([@mmalecki](https://github.com/mmalecki))
|
1281 |
|
1282 | ### v3.9.5 (2016-05-27):
|
1283 |
|
1284 | Just a quick point release. We had an issue where I (Kat) included the
|
1285 | `.nyc_output/` directory in `npm@3.9.3` and `npm@3.9.4`. The issue got reported
|
1286 | right after that second release
|
1287 | ([`#12873`](https://github.com/npm/npm/issues/12873)), and now there's this
|
1288 | small point release that's there to fix the issue sooner.
|
1289 |
|
1290 | * [`f96aea0`](https://github.com/npm/npm/commit/f96aea085be981cdb59bd09f16da40717426f981)
|
1291 | [#12878](https://github.com/npm/npm/pull/12878)
|
1292 | Ignore `.nyc_output` to avoid an accidental publish or commit filled with
|
1293 | code coverage data.
|
1294 | ([@TheAlphaNerd](https://github.com/TheAlphaNerd))
|
1295 |
|
1296 | ### v3.9.4 (2016-05-26):
|
1297 |
|
1298 | Hey all! It's that time again!
|
1299 |
|
1300 | This week continues our current `big-bug` squashing push, although there's none
|
1301 | that are ready to release quite yet -- we're working on it!
|
1302 |
|
1303 | It's also worth noting that we're entering the main part of conference season,
|
1304 | so you can probably expect a bit of a dev slowdown as a lot of us wombats attend
|
1305 | or speak at the various conferences. Remember [npm.camp](npm.camp) is happening
|
1306 | in 2 months and the lineup is looking pretty great! Tickets are still on sale.
|
1307 | Come hang out with us! WOO FUN! 🎉😸
|
1308 |
|
1309 | #### BUGFIX
|
1310 |
|
1311 | * [`cac0038`](https://github.com/npm/npm/commit/cac0038868b18295f9f299e762e20034f32a3e11)
|
1312 | [#12845](https://github.com/npm/npm/pull/12845)
|
1313 | Progress bar during tarball packing now prints `pack:packagename` instead of
|
1314 | `pack:[object Object]`.
|
1315 | ([@iarna](https://github.com/iarna))
|
1316 |
|
1317 | #### DOC UPDATES
|
1318 |
|
1319 | * [`0b81622`](https://github.com/npm/npm/commit/0b816225c743c9203db5d92fb4dd3a9293833298)
|
1320 | [#12840](https://github.com/npm/npm/pull/12840)
|
1321 | Remove sexualized language from comment in code.
|
1322 | ([@geek](https://github.com/geek))
|
1323 | * [`d6dff24`](https://github.com/npm/npm/commit/d6dff2481cb587c392f22afb893ac3136371a64c)
|
1324 | [#12802](https://github.com/npm/npm/pull/12802)
|
1325 | Small grammar fix in `cli/npm.md`.
|
1326 | ([@andresilveira](https://github.com/andresilveira))
|
1327 | * [`cb38e0f`](https://github.com/npm/npm/commit/cb38e0fff82a6c1c110026b95b07a8c32e27ec01)
|
1328 | [#12782](https://github.com/npm/npm/pull/12782)
|
1329 | Documents that `NOTICE` files started getting included after
|
1330 | [npm/fstream-npm#17](https://github.com/npm/fstream-npm/pull/17).
|
1331 | ([@SimenB](https://github.com/SimenB))
|
1332 | * [`70a3ae4`](https://github.com/npm/npm/commit/70a3ae4d4ec76b3ec51f00bf5261f1147829f9fe)
|
1333 | [#12776](https://github.com/npm/npm/pull/12776)
|
1334 | `npm run-script` used to have a `<pkg>` argument that allowed you to target
|
1335 | specific packages' scripts. This was removed as one of the breaking changes
|
1336 | for `npm@2`.
|
1337 | This patch removes a mention of that argument, which really doesn't exist
|
1338 | anymore.
|
1339 | ([@fibo](https://github.com/fibo))
|
1340 |
|
1341 | #### DEP UPDATES
|
1342 |
|
1343 | * [`4a4470d`](https://github.com/npm/npm/commit/4a4470ddd1d9b0b62cb94f3bff5ab6b8e6db527a)
|
1344 | `aproba@1.0.3`
|
1345 | ([@iarna](https://github.com/iarna))
|
1346 |
|
1347 | #### TEST IMPROVEMENTS
|
1348 |
|
1349 | So it turns out, `t.comment` in `tap` is actually pretty nice!
|
1350 | There's also a couple other test improvements by Rebecca landing here.
|
1351 |
|
1352 | * [`9fd04dd`](https://github.com/npm/npm/commit/9fd04dd6be493465d7ac5f14dd9328e66069c1bf)
|
1353 | [#12851](https://github.com/npm/npm/pull/12851)
|
1354 | Rewrite `shrinkwrap-prod-dependency-also` test to use `common.npm`
|
1355 | ([@iarna](https://github.com/iarna))
|
1356 | * [`3bc4a8e`](https://github.com/npm/npm/commit/3bc4a8ee58cb0e0adc84b4f135330f2b1e20d992)
|
1357 | [#12851](https://github.com/npm/npm/pull/12851)
|
1358 | Clean up `rm-linked` test.
|
1359 | ([@iarna](https://github.com/iarna))
|
1360 | * [`bf7f7f2`](https://github.com/npm/npm/commit/bf7f7f273a794f7573bbbc84b1c216fdcd9e0ef9)
|
1361 | [#12851](https://github.com/npm/npm/pull/12851)
|
1362 | Clean up `outdated-symlink` test.
|
1363 | ([@iarna](https://github.com/iarna))
|
1364 | * [`ca0baa4`](https://github.com/npm/npm/commit/ca0baa4dac85b1df4e26ef0c73d39314ca6858ca)
|
1365 | [#12851](https://github.com/npm/npm/pull/12851)
|
1366 | Improve diagnostics for `shrinkwrap-scoped-auth` test.
|
1367 | ([@iarna](https://github.com/iarna))
|
1368 | * [`fbec9fd`](https://github.com/npm/npm/commit/fbec9fd5bb0abce589120d14c1f2b03b58cecce1)
|
1369 | [#12851](https://github.com/npm/npm/pull/12851)
|
1370 | Rewrite `shrinkwrap-dev-dependency` test to use `common.npm`.
|
1371 | ([@iarna](https://github.com/iarna))
|
1372 |
|
1373 | ### v3.9.3 (2016-05-19):
|
1374 |
|
1375 | This week continues our `big-bug` squashing adventure! Things are churning along
|
1376 | nicely, and we've gotten a lot of fantastic contributions from the community.
|
1377 | Please keep it up!
|
1378 |
|
1379 | A quick note on last week's release: We had a small `npm shrinkwrap`-related
|
1380 | crasher in `npm@3.9.1`, so once this release goes out, `v3.9.2` is going to be
|
1381 | `npm@latest`. Please update if you ended up in with that previous version!
|
1382 |
|
1383 | Remember we have a weekly team meeting, and you can [suggest agenda items in the
|
1384 | GitHub issue](https://github.com/npm/npm/issues/12761). Keep an eye out for the
|
1385 | `#npmweekly` tag on Twitter, too, and join the conversation! We'll do our best
|
1386 | to address questions y'all send us. ✌
|
1387 |
|
1388 | #### FIXES
|
1389 |
|
1390 | * [`42d71be`](https://github.com/npm/npm/commit/42d71be2cec674dd9e860ad414f53184f667620d)
|
1391 | [#12685](https://github.com/npm/npm/pull/12685)
|
1392 | When using `npm ls <pkg>` without a semver specifier, `npm ls` would skip
|
1393 | any packages in your tree that matched by name, but had a prerelease version
|
1394 | in their `package.json`. This patch fixes it so `npm ls` does a simple name
|
1395 | match unless you use the `npm ls <pkg>@<version>` format.
|
1396 | ([@zkat](https://github.com/zkat))
|
1397 | * [`c698ae6`](https://github.com/npm/npm/commit/c698ae666afc92fbc0fcba3c082cfa9b34a4420d)
|
1398 | [#12685](https://github.com/npm/npm/pull/12685)
|
1399 | Added some tests for more basic `npm ls` functionality.
|
1400 | ([@zkat](https://github.com/zkat))
|
1401 |
|
1402 | ### NOTABLE DEPENDENCY UPDATES
|
1403 |
|
1404 | * [`3a6fe23`](https://github.com/npm/npm/commit/3a6fe2373c45e80a1f28aaf176d552f6f97cf131)
|
1405 | [npm/fstream-npm#17](https://github.com/npm/fstream-npm/pull/17)
|
1406 | `fstream-npm@1.1.0`:
|
1407 | `fstream-npm` always includes NOTICE files now.
|
1408 | ([@kemitchell](https://github.com/kemitchell))
|
1409 | * [`df04e05`](https://github.com/npm/npm/commit/df04e05af1f257a1903372e1baf334c0969fbdbd)
|
1410 | [#10013](https://github.com/npm/npm/issues/10013)
|
1411 | `read-package-tree@5.1.4`:
|
1412 | Fixes an issue where `npm install` would fail if your `node_modules` was
|
1413 | symlinked.
|
1414 | ([@iarna](https://github.com/iarna))
|
1415 | * [`584676f`](https://github.com/npm/npm/commit/584676f85eaebcb9d6c4d70d2ad320be8a8d6a74)
|
1416 | [npm/init-package-json#62](https://github.com/npm/init-package-json/pull/62)
|
1417 | `init-package-json@1.9.4`:
|
1418 | Stop using `package` for a variable, which defeats some bundlers and linters.
|
1419 | ([@adius](https://github.com/adius))
|
1420 | * [`935a7e3`](https://github.com/npm/npm/commit/935a7e359535e13924934811b77924cbad82619a)
|
1421 | `readable-stream@2.1.3`:
|
1422 | Node 6 build and buffer-related updates.
|
1423 | ([@calvinmetcalf](https://github.com/calvinmetcalf))
|
1424 |
|
1425 | #### OTHER DEPENDENCY UPDATES
|
1426 |
|
1427 | * [`4c4609e`](https://github.com/npm/npm/commit/4c4609ea49e77303f9d72af6757620e6b3a9a6a9)
|
1428 | `inflight@1.0.5`
|
1429 | ([@zkat](https://github.com/zkat))
|
1430 | * [`7a3030d`](https://github.com/npm/npm/commit/7a3030d3d44ea2136425f72950ba22e6efd441d9)
|
1431 | `hosted-git-info@2.1.5`
|
1432 | ([@zkat](https://github.com/zkat))
|
1433 | * [`5ed4b58`](https://github.com/npm/npm/commit/5ed4b58409eeb134bca1c96252682fd7600d9906)
|
1434 | `which@1.2.9`
|
1435 | ([@isaacs](https://github.com/isaacs))
|
1436 |
|
1437 | ### v3.9.2 (2016-05-17)
|
1438 |
|
1439 | This is a quick patch release. The previous release, 3.9.1, introduced a
|
1440 | bug where npm would crash given a combination of specific package tree on
|
1441 | disk and a shrinkwrap.
|
1442 |
|
1443 | * [`cde367f`](https://github.com/npm/npm/commit/cde367fbb6eebc5db68a44b12a5c7bea158d70db)
|
1444 | [#12724](https://github.com/npm/npm/issues/12724)
|
1445 | Fix crasher when inflating shrinkwraps with packages on disk that were
|
1446 | installed by older npm versions.
|
1447 | ([@iarna](https://github.com/iarna))
|
1448 |
|
1449 | ### v3.9.1 (2016-05-12)
|
1450 |
|
1451 | HI all! We have bug fixes to a couple of the hairy corners of `npm`, in the
|
1452 | form of shrinkwraps and bundled dependencies. Plus some documentation improvements
|
1453 | and our lodash deps bot a bump.
|
1454 |
|
1455 | This is our first week really focused on getting the
|
1456 | [big bugs](https://github.com/npm/npm/issues?q=is%3Aopen+is%3Aissue+label:big-bug)
|
1457 | list down. Our work from this week will be landing next week, and I can't
|
1458 | wait to tell you about that! (It's about symlinks!)
|
1459 |
|
1460 | #### SHRINKWRAP FIX
|
1461 |
|
1462 | * [`b894413`](https://github.com/npm/npm/commit/b8944139a935680c4a267468bb2d3c3082b5609f)
|
1463 | [#12372](https://github.com/npm/npm/issues/12372)
|
1464 | Changing a nested dependency in an `npm-shrinkwrap.json` and then running `npm install`
|
1465 | would not get up the updated package. This corrects that.
|
1466 | ([@misterbyrne](https://github.com/misterbyrne))
|
1467 |
|
1468 | #### BUNDLED DEPENDENCIES FIX
|
1469 |
|
1470 | * [`d0c6d19`](https://github.com/npm/npm/commit/d0c6d194471be8ce3e7b41b744b24f63dd1a3f6f)
|
1471 | [#12476](https://github.com/npm/npm/pull/12476)
|
1472 | Protects against a crasher when a bundled dep is missing a package.json.
|
1473 | ([@dflupu](https://github.com/dflupu))
|
1474 |
|
1475 | #### DOCS IMPROVEMENTS
|
1476 |
|
1477 | * [`6699aa5`](https://github.com/npm/npm/commit/6699aa53c0a729cfc921ac1d8107c320e5a5ac95)
|
1478 | [#12585](https://github.com/npm/npm/pull/12585)
|
1479 | Document that engineStrict is quite gone. Not "deprecated" so much as "extirpated".
|
1480 | ([@othiym23](https://github.com/othiym23))
|
1481 | * [`7a41a84`](https://github.com/npm/npm/commit/7a41a84b655be3204d2e80848278a510e42c80e7)
|
1482 | [#12636](https://github.com/npm/npm/pull/12636)
|
1483 | Improve `npm-scripts` documentation regarding when `node-gyp` is used.
|
1484 | ([@reconbot](https://github.com/reconbot))
|
1485 | * [`4c4b4ba`](https://github.com/npm/npm/commit/4c4b4badf09b9b50cdca85314429a0111bb35cb1)
|
1486 | [#12586](https://github.com/npm/npm/pull/12586)
|
1487 | Correct `package.json` documentation as to when `node-gyp rebuild` called.
|
1488 | This now matches https://docs.npmjs.com/misc/scripts#default-values
|
1489 | ([@reconbot](https://github.com/reconbot))
|
1490 |
|
1491 | #### DEPENDENCY UPDATES
|
1492 |
|
1493 | * [`cfa797f`](https://github.com/npm/npm/commit/cfa797fedd34696d45b61e3ae0398407afece880)
|
1494 | `lodash._baseuniq@4.6.0`
|
1495 | ([@jdalton](https://github.com/jdalton))
|
1496 | * [`ab6f180`](https://github.com/npm/npm/commit/ab6f1801971b513f9294b4b8902034ab402af02d)
|
1497 | `lodash.keys@4.0.7`
|
1498 | ([@jdalton](https://github.com/jdalton))
|
1499 | * [`4b8d8b6`](https://github.com/npm/npm/commit/4b8d8b63e760a8aa03e8bffa974495dfafbfcb06)
|
1500 | `lodash.union@4.4.0`
|
1501 | ([@jdalton](https://github.com/jdalton))
|
1502 | * [`46099d3`](https://github.com/npm/npm/commit/46099d34542760098e5d13c7468a405a724ca407)
|
1503 | `lodash.uniq@4.3.0`
|
1504 | ([@jdalton](https://github.com/jdalton))
|
1505 | * [`fff89c6`](https://github.com/npm/npm/commit/fff89c6826c86e9e789adcc9c398385539306042)
|
1506 | `lodash.without@4.2.0`
|
1507 | ([@jdalton](https://github.com/jdalton))
|
1508 |
|
1509 | ### v3.9.0 (2016-05-05)
|
1510 |
|
1511 | Wow! This is a big release week! We've completed the fixes that let the
|
1512 | test suite pass on Windows, plus more general bug fixes we found while
|
1513 | fixing things on Windows. Plus a warning to help folks work around a common
|
1514 | footgun. PLUS an improvement to how npm works with long cache timeouts.
|
1515 |
|
1516 | #### INFINITE CACHE A LITTLE BETTER
|
1517 |
|
1518 | * [`111ae3e`](https://github.com/npm/npm/commit/111ae3ec366ece7ebcf5988f5bc2a7cd70737dfe)
|
1519 | [#8581](https://github.com/npm/npm/issues/8581)
|
1520 | When a package is fetched from the cache which cannot satisfy the version
|
1521 | requirements, an attempt to fetch it from the network is made. This is
|
1522 | helpful for folks using high values for `--cache-min` who are willing to
|
1523 | accept possibly not-the-most-recent modules in return for less network
|
1524 | traffic.
|
1525 | ([@Zirak](https://github.com/Zirak))
|
1526 |
|
1527 | #### WARNING: FOOTGUN
|
1528 |
|
1529 | * [`60b9a05`](https://github.com/npm/npm/commit/60b9a051aa46b8892fe63b3681839a6fd6642bfd)
|
1530 | [#12475](https://github.com/npm/npm/pull/12475)
|
1531 | Options can only start with ASCII dashes. Ordinarily this isn't a problem
|
1532 | but many web documentation tools "helpfully" convert `--` into an emdash
|
1533 | (–), or `-` into an endash (–). If you copy and paste from this documentation
|
1534 | your commands won't work the way you expect. This adds a warning that tries
|
1535 | to be a little more descriptive about why your command is failing.
|
1536 | ([@iarna](https://github.com/iarna))
|
1537 |
|
1538 | #### WINDOWS CI
|
1539 |
|
1540 | We have [Windows CI](https://ci.appveyor.com/project/npm/npm) setup now! We still have to
|
1541 | tweak it a little bit around paths to the git binaries, but it's otherwise ready!
|
1542 |
|
1543 | * [`bb5d6cb`](https://github.com/npm/npm/commit/bb5d6cbf46b2609243d3b384caadd196e665a797)
|
1544 | [#11444](https://github.com/npm/npm/pull/11444)
|
1545 | Add AppVeyor to CI matrix.
|
1546 | ([@othiym23](https://github.com/othiym23))
|
1547 |
|
1548 | #### COVERAGE DATA
|
1549 |
|
1550 | Not only do our tests produce coverage reports after they run now, we also
|
1551 | automatically [update Coveralls](https://coveralls.io/github/npm/npm) with
|
1552 | results from [Travis CI](travis-ci.org/npm/npm) runs.
|
1553 |
|
1554 | * [`044cbab`](https://github.com/npm/npm/commit/044cbab0d49adeeb0d9310c64fee6c9759cc7428)
|
1555 | [#11444](https://github.com/npm/npm/pull/11444)
|
1556 | Enable coverage reporting for every test run.
|
1557 | ([@othiym23](https://github.com/othiym23))
|
1558 |
|
1559 | #### EVERYONE BUGS
|
1560 |
|
1561 | * [`37c6a51`](https://github.com/npm/npm/commit/37c6a51c71b0feec8f639b3199a8a9172e58deec)
|
1562 | [#12150](https://github.com/npm/npm/pull/12150)
|
1563 | Ensure that 'npm cache ls' outputs real filenames. Previously it would
|
1564 | sometimes double up the package name in the path it printed.
|
1565 | ([@isaacs](https://github.com/isaacs))
|
1566 | * [`d3ce0b2`](https://github.com/npm/npm/commit/d3ce0b253eb519375071aee29db4ee129dbcdf5c)
|
1567 | [#11444](https://github.com/npm/npm/pull/11444)
|
1568 | Fix unbuilding bins for scoped modules.
|
1569 | ([@iarna](https://github.com/iarna))
|
1570 | * [`e928a30`](https://github.com/npm/npm/commit/e928a30947477a09245f54e9381f46b97bee32d5)
|
1571 | [#11444](https://github.com/npm/npm/pull/11444)
|
1572 | Make handling of local modules (eg `npm install /path/to/my/module`) more
|
1573 | consistent when saved to a `package.json`. There were bugs previously where
|
1574 | it wouldn't consistently resolve relative paths in the same way.
|
1575 | ([@iarna](https://github.com/iarna))
|
1576 | * [`b820ed4`](https://github.com/npm/npm/commit/b820ed4fc04e21577fa66f7c9482b5ab002e7985)
|
1577 | [#11444](https://github.com/npm/npm/pull/11444)
|
1578 | Under certain circumstances the paths produced for linking, either
|
1579 | relative or absolute, would end up basing off the wrong virtual cwd.
|
1580 | This resulted in failures for `npm link` in this situations.
|
1581 | ([@iarna](https://github.com/iarna))
|
1582 |
|
1583 | #### WINDOWS BUGS
|
1584 |
|
1585 | * [`7380425`](https://github.com/npm/npm/commit/7380425d810fb8bfc69405a9cbbdec19978a7bee)
|
1586 | [#11444](https://github.com/npm/npm/pull/11444)
|
1587 | Scoped module names were not being correctly inferred from the path on Windows.
|
1588 | ([@zkat](https://github.com/zkat))
|
1589 | * [`91fc24f`](https://github.com/npm/npm/commit/91fc24f2763c2e0591093099ffc866c735f27fde)
|
1590 | [#11444](https://github.com/npm/npm/pull/11444)
|
1591 | Explore with a command to run didn't work properly in Windows– it would pop open a new
|
1592 | cmd window and leave it there.
|
1593 | ([@iarna](https://github.com/iarna))
|
1594 |
|
1595 | #### WINDOWS REFACTORING
|
1596 |
|
1597 | * [`f07e643`](https://github.com/npm/npm/commit/f07e6430d4ca02f811138f6140a8bad927607a1f)
|
1598 | [#11444](https://github.com/npm/npm/pull/11444)
|
1599 | Move exec path escaping out to its own function. This turns out to be
|
1600 | tricky to get right because how you escape commands to run on Windows via
|
1601 | cmd is different then how you escape them at other times. Specifically,
|
1602 | you HAVE to quote each directory segment that has a quote in it, that is:
|
1603 | `C:\"Program Files"\MyApp\MyApp.exe` By contrast, if that were an argument
|
1604 | to a command being run, you CAN'T DO quote it that way, instead you have
|
1605 | to wrap the entire path in quotes, like so: `"C:\Program
|
1606 | Files\MyApp\MyApp.exe"`.
|
1607 | ([@iarna](https://github.com/iarna))
|
1608 | * [`2e01d29`](https://github.com/npm/npm/commit/2e01d299f8244134b1aa040cab1b59c72c9df4da)
|
1609 | [#11444](https://github.com/npm/npm/pull/11444)
|
1610 | Create a single function for detecting if we're running on Windows (and
|
1611 | using a Windows shell like cmd) and use this instead of doing it one-off
|
1612 | all over the place.
|
1613 | ([@iarna](https://github.com/iarna))
|
1614 |
|
1615 | #### FIX WINDOWS TESTS
|
1616 |
|
1617 | As I said before, our tests are passing on Windows! 🎉
|
1618 |
|
1619 | * [`ef0dd74`](https://github.com/npm/npm/commit/ef0dd74583be25c72343ed07d1127e4d0cc02df9)
|
1620 | [#11444](https://github.com/npm/npm/pull/11444)
|
1621 | The fruits of many weeks of labor, fix our tests to pass on Windows.
|
1622 | ([@zkat](https://github.com/zkat))
|
1623 | ([@iarna](https://github.com/iarna))
|
1624 |
|
1625 | #### DEPENDENCY UPDATES
|
1626 |
|
1627 | * [`8fccda8`](https://github.com/npm/npm/commit/8fccda8587209659c469ab55c608b0e2d7533530)
|
1628 | [#11444](https://github.com/npm/npm/pull/11444)
|
1629 | `normalize-git-url@3.0.2`:
|
1630 | Fix file URLs on Windows.
|
1631 | ([@zkat](https://github.com/zkat))
|
1632 | * [`f53a154`](https://github.com/npm/npm/commit/f53a154df8e0696623e6a71f33e0a7c11a7555aa)
|
1633 | `readable-stream@2.1.2`:
|
1634 | When readable-stream is disabled, reuse result of `require('stream')`
|
1635 | instead of calling it every time.
|
1636 | ([@calvinmetcalf](https://github.com/calvinmetcalf))
|
1637 | * [`02841cf`](https://github.com/npm/npm/commit/02841cfb81d6ba86f691ab43d9bbdac29aec27e7)
|
1638 | [#11444](https://github.com/npm/npm/pull/11444)
|
1639 | `realize-package-specifier@3.0.2`:
|
1640 | Resolve local package paths relative to package root, not cwd.
|
1641 | ([@zkat](https://github.com/zkat))
|
1642 | ([@iarna](https://github.com/iarna))
|
1643 | * [`247c1c5`](https://github.com/npm/npm/commit/247c1c5ae08c882c9232ca605731039168bae6ed)
|
1644 | [#11444](https://github.com/npm/npm/pull/11444)
|
1645 | `npm-package-arg@4.1.1`:
|
1646 | Fix Windows file URIs with leading slashes.
|
1647 | ([@zkat](https://github.com/zkat))
|
1648 | * [`365c72b`](https://github.com/npm/npm/commit/365c72bc3ecd9e45f9649725dd635d5625219d8c)
|
1649 | `which@1.2.8`
|
1650 | ([@isaacs](https://github.com/isaacs))
|
1651 | * [`e568caa`](https://github.com/npm/npm/commit/e568caabb8390a924ce1cfa51fc914ee6c1637a2)
|
1652 | `graceful-fs@4.1.4`
|
1653 | ([@isaacs](https://github.com/isaacs))
|
1654 | * [`304b974`](https://github.com/npm/npm/commit/304b97434959a58f84383bcccc0357c51a4eb39a)
|
1655 | [#11444](https://github.com/npm/npm/pull/11444)
|
1656 | `standard@6.0.8`
|
1657 | ([@feross](https://github.com/feross))
|
1658 |
|
1659 | ### v3.8.9 (2016-04-28)
|
1660 |
|
1661 | Our biggest news this week is that we got the
|
1662 | [Windows test suite passing](https://github.com/npm/npm/pull/11444)!
|
1663 | It'll take a little longer to get it passing in our
|
1664 | [Windows CI](https://ci.appveyor.com/project/npm/npm/) but that's coming
|
1665 | soon too.
|
1666 |
|
1667 | That means we'll be shifting gears away from tests to fixing
|
1668 | [Big Bugs™](https://github.com/npm/npm/issues?q=is%3Aopen+is%3Aissue+label%3Abig-bug) again.
|
1669 | Join us at our [team meeting](https://github.com/npm/npm/issues/12517) next
|
1670 | Tuesday to learn more about that.
|
1671 |
|
1672 | #### BUG FIXES AND REFACTORING
|
1673 |
|
1674 | * [`60da618`](https://github.com/npm/npm/commit/60da61862885fa904afba7d121860b4282a5b0df)
|
1675 | [#12347](https://github.com/npm/npm/issues/12347)
|
1676 | Fix a bug that could result in shrinkwraps missing the `resolved` field, which is
|
1677 | necessary in producing a fully reproducible build.
|
1678 | ([@sminnee](https://github.com/sminnee))
|
1679 | * [`8597ba4`](https://github.com/npm/npm/commit/8597ba432e91245a1000953b612eb01308178bad)
|
1680 | [#12009](https://github.com/npm/npm/issues/12009)
|
1681 | Fix a bug in `npm view <packagename> versions` that resulted in bad output if you
|
1682 | didn't also pass in `--json`.
|
1683 | ([@watilde](https://github.com/watilde))
|
1684 | * [`20125f1`](https://github.com/npm/npm/commit/20125f19b96fd05af63f8c0bd243ffb25780279a)
|
1685 | [`a53feac`](https://github.com/npm/npm/commit/a53feac2647f7dc4245f1700dfbdd1aba8745672)
|
1686 | [`6cfbae4`](https://github.com/npm/npm/commit/6cfbae403abc3cf690565b09569f71cdd41a8372)
|
1687 | [#12485](https://github.com/npm/npm/pull/12485)
|
1688 | Refactor how the help summaries for commands are produced, such that we only have
|
1689 | one list of command aliases.
|
1690 | ([@watilde](https://github.com/watilde))
|
1691 | * [`2ae210c`](https://github.com/npm/npm/commit/2ae210c76ab6fd15fcf15dc1808b01ca0b94fc9e)
|
1692 | `read-package-json@2.0.4`:
|
1693 | Fix a crash we discovered while fixing up the Windows test suite where if
|
1694 | you had a file in your `node_modules` it would cause a crash on Windows
|
1695 | (but not MacOS/Linux).
|
1696 |
|
1697 | This makes the error code you get on Windows match that from MacOS/Linux
|
1698 | if you try to read a `package.json` from a path that includes a file, not
|
1699 | a folder.
|
1700 | ([@zkat](https://github.com/zkat))
|
1701 |
|
1702 | ### v3.8.8 (2016-04-21)
|
1703 |
|
1704 | Hi all! Long time no see! We've been heads-down working through getting
|
1705 | [our test suite passing on Windows](https://github.com/npm/npm/pull/11444).
|
1706 | Did you know that we have
|
1707 | [Windows CI](https://ci.appveyor.com/project/npm/npm) now running over at
|
1708 | Appveyor? In the meantime, we've got a bunch of dependency updates, some
|
1709 | nice documentation improvements and error messages when your `package.json`
|
1710 | contains invalid JSON. (Yeah, I thought we did that last one before too!)
|
1711 |
|
1712 | #### BAD JSON IS BAD
|
1713 |
|
1714 | * [`769e620`](https://github.com/npm/npm/commit/769e6200722d8060b6769e47354032c51cfa85a1)
|
1715 | [#12406](https://github.com/npm/npm/pull/12406)
|
1716 | Failing to parse the top level `package.json` should be an error.
|
1717 | ([@watilde](https://github.com/watilde))
|
1718 |
|
1719 | #### DOCUMENTATION
|
1720 |
|
1721 | * [`7d64301`](https://github.com/npm/npm/commit/7d643018af5051c920cc73f17bfe32b7ff86e108)
|
1722 | [#12415](https://github.com/npm/npm/pull/12415)
|
1723 | Clarify that when configuring client-side certificates for authenticating
|
1724 | to non-npm registries that `cert` and `key` are not filesystem paths and should
|
1725 | actually include the certificate and key data.
|
1726 | ([@rvedotrc](https://github.com/rvedotrc))
|
1727 | * [`f8539b8`](https://github.com/npm/npm/commit/f8539b8c986e81771ccc8ced7e716718423d3187)
|
1728 | [#12324](https://github.com/npm/npm/pull/12324)
|
1729 | Describe how `npm run` sets `NODE` and `PATH` in more detail.
|
1730 | Note that `npm run` changes `PATH` to include the current node
|
1731 | interpreter’s directory.
|
1732 | ([@addaleax](https://github.com/addaleax))
|
1733 | * [`2b57606`](https://github.com/npm/npm/commit/2b57606852a2c2a03e4c4b7dcda85b807619c2cf)
|
1734 | [#11461](https://github.com/npm/npm/pull/11461)
|
1735 | Clarify the documentation for the package.json homepage field.
|
1736 | ([@stevemao](https://github.com/stevemao))
|
1737 |
|
1738 | #### TESTS
|
1739 |
|
1740 | * [`b5a0fbb`](https://github.com/npm/npm/commit/b5a0fbb9e1a2c4fb003dd748264571aa6e3c9e70)
|
1741 | [#12329](https://github.com/npm/npm/pull/12329)
|
1742 | Fix progress config testing to ignore local user configs.
|
1743 | Previously, _any_ local setting would cause the tests to fail as
|
1744 | they were trying to test what the default values for the progress
|
1745 | bar would be in different environments and any explicit setting
|
1746 | overrides those defaults.
|
1747 | ([@iarna](https://github.com/iarna))
|
1748 | * [`3d195bc`](https://github.com/npm/npm/commit/3d195bc0a72b40df02a5c56e4f3be44152e8222b)
|
1749 | The lifecycle-signal test could crash on v0.8 due to its use of `Number.parseInt`, which
|
1750 | isn't available in that version of node. Fortunately `global.parseInt` _is_, so
|
1751 | we just use that instead.
|
1752 | ([@iarna](https://github.com/iarna))
|
1753 |
|
1754 | #### DEPENDENCY UPDATES
|
1755 |
|
1756 | * [`05a28e3`](https://github.com/npm/npm/commit/05a28e38586082ac4bbf26ee6f863cc8d07054d6)
|
1757 | `npm-package-arg@4.1.1`:
|
1758 | Under some circumstances `file://` URLs on Windows were not handled correctly.
|
1759 |
|
1760 | Also, stop converting local module/tarballs into full paths in this
|
1761 | module. We do already do that in `realize-package-specifier`, which is
|
1762 | more appropriate as it knows what package we're installing relative to.
|
1763 | ([@zkat](https://github.com/zkat))
|
1764 | * [`ada2e93`](https://github.com/npm/npm/commit/ada2e93e8b276000150a9aa93fff69ec366e03d6)
|
1765 | `realize-package-specifier@3.0.3`:
|
1766 | Require the new `npm-package-arg`, plus fix a case where specifiers that were
|
1767 | maybe a tag, maybe a local filename were resolved differently than those that were
|
1768 | definitely a local filename.
|
1769 | ([@zkat](https://github.com/zkat)) ([@iarna](https://github.com/iarna))
|
1770 | * [`adc515b`](https://github.com/npm/npm/commit/adc515b22775871386cd62390079fb4bf8e1714a)
|
1771 | `fs-vacuum@1.2.9`:
|
1772 | A fix for AIX where a non-empty directory can cause `fs.rmDir` to fail with `EEXIST` instead of `ENOTEMPTY`
|
1773 | and three new tests
|
1774 | ([@richardlau](https://github.com/richardlau))
|
1775 |
|
1776 | Code cleanup, CI & dependency updates.
|
1777 | ([@othiym23](https://github.com/othiym23))
|
1778 | * [`ef53a46`](https://github.com/npm/npm/commit/ef53a46906ce872a4541b605dd42a563cc26e614)
|
1779 | `tap@5.7.1`
|
1780 | ([@isaacs](https://github.com/isaacs))
|
1781 | * [`df1f2e4`](https://github.com/npm/npm/commit/df1f2e4838b4d7ea2ea2321a95ae868c0ec0a520)
|
1782 | `request@2.72.0`:
|
1783 | Fix crashes when response headers indicate gzipped content but the body is
|
1784 | empty.
|
1785 | Add support for the deflate content encoding.
|
1786 | ([@simov](https://github.com/simov))
|
1787 | * [`776c599`](https://github.com/npm/npm/commit/776c599b204632aca9d29fd92ea5c4f099fdea9f)
|
1788 | `readable-stream@2.1.0`:
|
1789 | Adds READABLE_STREAM env var that, if set to `disable`, will make
|
1790 | `readable-stream` use the local native node streams instead.
|
1791 | ([@calvinmetcalf](https://github.com/calvinmetcalf))
|
1792 | * [`10d6d55`](https://github.com/npm/npm/commit/10d6d5547354fcf50e930c7932ba4d63c0b6009c)
|
1793 | `normalize-git-url@3.0.2`:
|
1794 | Add support `git+file://` type URLs.
|
1795 | ([@zkat](https://github.com/zkat))
|
1796 | * [`75017ae`](https://github.com/npm/npm/commit/75017aeecec69a1efd546df908aa5befc4467f36)
|
1797 | `lodash.union@4.3.0`
|
1798 | ([@jdalton](https://github.com/jdalton))
|
1799 |
|
1800 | ### v3.8.7 (2016-04-07)
|
1801 |
|
1802 | #### IMPROVED DIAGNOSTICS
|
1803 |
|
1804 | * [`38cf79f`](https://github.com/npm/npm/commit/38cf79ffa564ef5cb6677b476e06d0e45351592a)
|
1805 | [#12083](https://github.com/npm/npm/pull/12083)
|
1806 | If you `ignore-scripts` to disable lifecycles, this makes npm report when it skips running
|
1807 | a script.
|
1808 | ([@bfred-it](https://github.com/bfred-it))
|
1809 |
|
1810 | #### IMPROVE AUTO-INCLUDES
|
1811 |
|
1812 | * [`c615182`](https://github.com/npm/npm/commit/c615182c8b47e418338eb1317b99bb66987cda54)
|
1813 | [#11995](https://github.com/npm/npm/pull/11995)
|
1814 | There were bugs where modules whose names matched the special files that npm always
|
1815 | includes would be included, for example, the `history` package was always included.
|
1816 |
|
1817 | With `npm@3` such extraneously bundled modules would not be ordinarily
|
1818 | used, as things in `node_modules` in packages are ignored entirely if the
|
1819 | package isn't marked as bundling modules.
|
1820 |
|
1821 | Because of this `npm@3` behavior, the `files-and-ignores` test failed to catch this as
|
1822 | it was testing _install output_ not what got packed. That has also been fixed.
|
1823 | ([@glenjamin](https://github.com/glenjamin))
|
1824 |
|
1825 | #### DOCUMENTATION UPDATES
|
1826 |
|
1827 | * [`823d9df`](https://github.com/npm/npm/commit/823d9dfa91d7086a26620f007aee4e3cd77b6153)
|
1828 | [#12107](https://github.com/npm/npm/pull/12107)
|
1829 | In the command summary for `adduser` mention that `login` is an alias.
|
1830 | ([@gnerkus](https://github.com/gnerkus))
|
1831 | * [`7aaf47e`](https://github.com/npm/npm/commit/7aaf47e124c45dde72c961638b770ee535fb2776)
|
1832 | [#12244](https://github.com/npm/npm/pull/12244)
|
1833 | Update the README to suggest npm@3 for Windows users. Also add a reference to
|
1834 | [Microsoft's npm upgrade tool](https://github.com/felixrieseberg/npm-windows-upgrade).
|
1835 | ([@felixrieseberg](https://github.com/felixrieseberg))
|
1836 |
|
1837 | #### DEPENDENCY UPDATES
|
1838 |
|
1839 | * [`486bbc0`](https://github.com/npm/npm/commit/486bbc0e1b101f847e890e6f1925dc8cb253cf3e)
|
1840 | `request@2.70.0`
|
1841 | ([@simov](https://github.com/simov))
|
1842 | * [`b1aff34`](https://github.com/npm/npm/commit/b1aff346fc41f13e3306b437e1831942aacf2f54)
|
1843 | `lodash.keys@4.0.6`
|
1844 | ([@jdalton](https://github.com/jdalton))
|
1845 |
|
1846 | ### v3.8.6 (2016-03-31)
|
1847 |
|
1848 | Heeeeeey y'all.
|
1849 |
|
1850 | Kat here! Rebecca's been schmoozing with folks at [Microsoft
|
1851 | Build](https://build.microsoft.com/), so I'm doing the `npm@3` release this
|
1852 | week.
|
1853 |
|
1854 | Speaking of Build, it looks like Microsoft is doing some bash thing. This might
|
1855 | be really good news for our Windows users once it rolls around. We're keeping an
|
1856 | eye out and feeling hopeful. 🙆
|
1857 |
|
1858 | As far as the release goes: We're really happy to be getting more and more
|
1859 | community contributions! Keep it up! We really appreciate folks trying to help
|
1860 | us, and we'll do our best to help point you in the right direction. Even things
|
1861 | like documentation are a huge help. And remember -- you get socks for it, too!
|
1862 |
|
1863 | #### FIXES
|
1864 |
|
1865 | * [`f8fb4d8`](https://github.com/npm/npm/commit/f8fb4d83923810eb78d075bd200a9376c64c3e3a)
|
1866 | [#12079](https://github.com/npm/npm/pull/12079)
|
1867 | Back in `npm@3.2.2` we included [a patch that made it so `npm install pkg` was
|
1868 | basically `npm install pkg@latest` instead of
|
1869 | `pkg@*`](https://github.com/npm/npm/pull/9170)
|
1870 | This is probably what most users expected, but it also ended up [breaking `npm
|
1871 | deprecate`](https://github.com/npm/npm/pull/9170) when no version was provided
|
1872 | for a package. In that case, we were using `*` to mean "deprecate all
|
1873 | versions" and relying on the `pkg` -> `pkg@*` conversion.
|
1874 | This patch fixes `npm deprecate pkg` to work as it used to by special casing
|
1875 | that particular command's behavior.
|
1876 | ([@polm](https://github.com/polm))
|
1877 | * [`458f773`](https://github.com/npm/npm/commit/458f7734f3376aba0b6ff16d34a25892f7717e40)
|
1878 | [#12146](https://github.com/npm/npm/pull/12146)
|
1879 | Adds `make doc-clean` to `prepublish` script, to clear out previously built
|
1880 | docs before publishing a new npm version
|
1881 | ([@watilde](https://github.com/watilde))
|
1882 | * [`f0d1521`](https://github.com/npm/npm/commit/f0d1521038e956b2197673f36c464684293ce99d)
|
1883 | [#12146](https://github.com/npm/npm/pull/12146)
|
1884 | Adds `doc-clean` phony target to `make publish`.
|
1885 | ([@watilde](https://github.com/watilde))
|
1886 |
|
1887 | #### DOC UPDATES
|
1888 |
|
1889 | * [`ea92ffc`](https://github.com/npm/npm/commit/ea92ffc9dd2a063896353fc52c104e85ec061360)
|
1890 | [#12147](https://github.com/npm/npm/pull/12147)
|
1891 | Document that the current behavior of `engines` is just to warn if the node
|
1892 | platform is incompatible.
|
1893 | ([@reconbot](https://github.com/reconbot))
|
1894 | * [`cd1ba44`](https://github.com/npm/npm/commit/cd1ba4423b3ca889c741141b95b0d9472b9f71ea)
|
1895 | [#12143](https://github.com/npm/npm/pull/12143)
|
1896 | Remove `npm faq` command, since the [FAQ was
|
1897 | removed](https://github.com/npm/npm/pull/10547).
|
1898 | ([@watilde](https://github.com/watilde))
|
1899 | * [`50a12cb`](https://github.com/npm/npm/commit/50a12cb1f5f158af78d6962ad20ff0a98bc18f18)
|
1900 | [#12143](https://github.com/npm/npm/pull/12143)
|
1901 | Remove references to the FAQ from the docs, since [it was
|
1902 | removed](https://github.com/npm/npm/pull/10547).
|
1903 | ([@watilde](https://github.com/watilde))
|
1904 | * [`60051c2`](https://github.com/npm/npm/commit/60051c25e2ab80c667137dfcd04b242eea25980e)
|
1905 | [#12093](https://github.com/npm/npm/pull/12093)
|
1906 | Update `bugs` url in `package.json` to use the `https` URL for Github.
|
1907 | ([@watilde](https://github.com/watilde))
|
1908 | * [`af30c37`](https://github.com/npm/npm/commit/af30c374ef22ed1a1c71b14fced7c4b8350e4e82)
|
1909 | [#12075](https://github.com/npm/npm/pull/12075)
|
1910 | Add the `--ignore-scripts` flag to the `npm install` docs.
|
1911 | ([@paulirish](https://github.com/paulirish))
|
1912 | * [`632b214`](https://github.com/npm/npm/commit/632b214b2f2450e844410792e5947e46844612ff)
|
1913 | [#12063](https://github.com/npm/npm/pull/12063)
|
1914 | Various minor fixes to the html docs homepage.
|
1915 | ([@watilde](https://github.com/watilde))
|
1916 |
|
1917 | #### DEP BUMPS
|
1918 |
|
1919 | * [`3da0171`](https://github.com/npm/npm/commit/3da01716a0e41d6b5adee2b4fc70fcaf08c0eb24)
|
1920 | `lodash.without@4.1.2`
|
1921 | ([@jdalton](https://github.com/jdalton))
|
1922 | * [`69ccf6d`](https://github.com/npm/npm/commit/69ccf6dd4caf95cd0628054307487cae1885acd0)
|
1923 | `lodash.uniq@4.2.1`
|
1924 | ([@jdalton](https://github.com/jdalton))
|
1925 | * [`b50c41a`](https://github.com/npm/npm/commit/b50c41a9930dc5353a23c5ae2ff87bb99e11d482)
|
1926 | `lodash.union@4.2.1`
|
1927 | ([@jdalton](https://github.com/jdalton))
|
1928 | * [`59c1ad7`](https://github.com/npm/npm/commit/59c1ad7b6f243d07618ed5703bd11d787732fc57)
|
1929 | `lodash.clonedeep@4.3.2`
|
1930 | ([@jdalton](https://github.com/jdalton))
|
1931 | * [`2b4f797`](https://github.com/npm/npm/commit/2b4f797dba8e7a1376c8335b7223e82d02cd8243)
|
1932 | `lodash._baseuniq@4.5.1`
|
1933 | ([@jdalton](https://github.com/jdalton))
|
1934 |
|
1935 | ### v3.8.5 (2016-03-24)
|
1936 |
|
1937 | Like my esteemed colleague [@zkat](https://github.com/zkat) said in this
|
1938 | week's [LTS release notes](https://github.com/npm/npm/releases/tag/v2.15.2),
|
1939 | this week is another small release but we are continuing to work on our
|
1940 | [Windows efforts](https://github.com/npm/npm/pull/11444).
|
1941 |
|
1942 | You may also be interested in reading the [LTS process and
|
1943 | policy](https://github.com/npm/npm/wiki/LTS) that
|
1944 | [@othiym23](https://github.com/othiym23) put together recently. If you have any
|
1945 | feedback, we would love to hear.
|
1946 |
|
1947 | #### DOCTOR IT HURTS WHEN LINK TO MY LINK
|
1948 |
|
1949 | Well then, don't do that.
|
1950 |
|
1951 | * [`0d4a0b1`](https://github.com/npm/npm/commit/0d4a0b1)
|
1952 | [#11442](https://github.com/npm/npm/pull/11442)
|
1953 | Fail if the user asks us to make a link from a module back on to itself.
|
1954 | ([@antialias](https://github.com/antialias))
|
1955 |
|
1956 | #### ERR MODULE LIST TOO LONG
|
1957 |
|
1958 | * [`b271ed2`](https://github.com/npm/npm/commit/b271ed2)
|
1959 | [#11983](https://github.com/npm/npm/issues/11983)
|
1960 | Exit early if no arguments were provided to search instead of trying to display all the modules,
|
1961 | running out of memory, and then crashing.
|
1962 | ([@SimenB](https://github.com/SimenB))
|
1963 |
|
1964 | #### ELIMINATE UNUSED MODULE
|
1965 |
|
1966 | * [`b8c7cd7`](https://github.com/npm/npm/commit/b8c7cd7)
|
1967 | [#12000](https://github.com/npm/npm/pull/12000)
|
1968 | Stop depending on [`async-some`](https://npmjs.com/package/async-some) as it's no
|
1969 | longer used in npm.
|
1970 | ([@watilde](https://github.com/watilde))
|
1971 |
|
1972 | #### DOCUMENTATION IMPROVEMENTS
|
1973 |
|
1974 | * [`fdd6b28`](https://github.com/npm/npm/commit/fdd6b28)
|
1975 | [#11884](https://github.com/npm/npm/pull/11884)
|
1976 | Include `node_modules` in the list of files and directories that npm won't
|
1977 | include in packages ordinarily. (Modules listed in `bundledDependencies` and things
|
1978 | that those modules rely on, ARE included of course.)
|
1979 | ([@Jameskmonger](https://github.com/Jameskmonger))
|
1980 | * [`aac15eb`](https://github.com/npm/npm/commit/aac15eb)
|
1981 | [#12006](https://github.com/npm/npm/pull/12006)
|
1982 | Fix typo in npm-orgs documentation, where teams docs went to access docs and vice versa.
|
1983 | ([@yaelz](https://github.com/yaelz))
|
1984 |
|
1985 | #### FEWER NETWORK TESTS
|
1986 |
|
1987 | * [`3e41360`](https://github.com/npm/npm/commit/3e41360)
|
1988 | [#11987](https://github.com/npm/npm/pull/11987)
|
1989 | Fix test that was inappropriately hitting the network
|
1990 | ([@yodeyer](https://github.com/yodeyer))
|
1991 |
|
1992 | ### v3.8.4 (2016-03-24)
|
1993 |
|
1994 | Was erroneously released with just a changelog typo correction and was
|
1995 | otherwise the same as 3.8.3.
|
1996 |
|
1997 | ### v3.8.3 (2016-03-17):
|
1998 |
|
1999 | #### SECURITY ADVISORY: BEARER TOKEN DISCLOSURE
|
2000 |
|
2001 | This release includes [the fix for a
|
2002 | vulnerability](https://github.com/npm/npm/commit/f67ecad59e99a03e5aad8e93cd1a086ae087cb29)
|
2003 | that could cause the unintentional leakage of bearer tokens.
|
2004 |
|
2005 | Here are details on this vulnerability and how it affects you.
|
2006 |
|
2007 | ##### DETAILS
|
2008 |
|
2009 | Since 2014, npm’s registry has used HTTP bearer tokens to authenticate requests
|
2010 | from the npm’s command-line interface. A design flaw meant that the CLI was
|
2011 | sending these bearer tokens with _every_ request made by logged-in users,
|
2012 | regardless of the destination of their request. (The bearers only should have
|
2013 | been included for requests made against a registry or registries used for the
|
2014 | current install.)
|
2015 |
|
2016 | An attacker could exploit this flaw by setting up an HTTP server that could
|
2017 | collect authentication information, then use this authentication information to
|
2018 | impersonate the users whose tokens they collected. This impersonation would
|
2019 | allow them to do anything the compromised users could do, including publishing
|
2020 | new versions of packages.
|
2021 |
|
2022 | With the fixes we’ve released, the CLI will only send bearer tokens with
|
2023 | requests made against a registry.
|
2024 |
|
2025 | ##### THINK YOU'RE AT RISK? REGENERATE YOUR TOKENS
|
2026 |
|
2027 | If you believe that your bearer token may have been leaked, [invalidate your
|
2028 | current npm bearer tokens](https://www.npmjs.com/settings/tokens) and rerun
|
2029 | `npm login` to generate new tokens. Keep in mind that this may cause continuous
|
2030 | integration builds in services like Travis to break, in which case you’ll need
|
2031 | to update the tokens in your CI server’s configuration.
|
2032 |
|
2033 | ##### WILL THIS BREAK MY CURRENT SETUP?
|
2034 |
|
2035 | Maybe.
|
2036 |
|
2037 | npm’s CLI team believes that the fix won’t break any existing registry setups.
|
2038 | Due to the large number of registry software suites out in the wild, though,
|
2039 | it’s possible our change will be breaking in some cases.
|
2040 |
|
2041 | If so, please [file an issue](https://github.com/npm/npm/issues/new) describing
|
2042 | the software you’re using and how it broke. Our team will work with you to
|
2043 | mitigate the breakage.
|
2044 |
|
2045 | ##### CREDIT & THANKS
|
2046 |
|
2047 | Thanks to Mitar, Will White & the team at Mapbox, Max Motovilov, and James
|
2048 | Taylor for reporting this vulnerability to npm.
|
2049 |
|
2050 | #### PERFORMANCE IMPROVEMENTS
|
2051 |
|
2052 | The updated [`are-we-there-yet`](https://npmjs.com/package/are-we-there-yet)
|
2053 | changes how it tracks how complete things are to be much more efficient.
|
2054 | The summary is that `are-we-there-yet` was refactored to remove an expensive
|
2055 | tree walk.
|
2056 |
|
2057 | The result for you should be faster installs when working with very large trees.
|
2058 |
|
2059 | Previously `are-we-there-yet` computed this when you asked by passing the request down
|
2060 | its tree of progress indicators, totaling up the results. In doing so, it had to walk the
|
2061 | entire tree of progress indicators.
|
2062 |
|
2063 | By contrast, `are-we-there-yet` now updates a running total when a change
|
2064 | is made, bubbling that up the tree from whatever branch made progress. This
|
2065 | bubbling was already going on so there was nearly no cost associated with taking advantage of it.
|
2066 |
|
2067 | * [`32f2bd0`](https://github.com/npm/npm/commit/32f2bd0e26116db253e619d67c4feae1de3ad2c2)
|
2068 | `npmlog@2.0.3`:
|
2069 | Bring in substantial performance improvements from `are-we-there-yet`.
|
2070 | ([@iarna](https://github.com/iarna))
|
2071 |
|
2072 | #### DUCT TAPE FOR BUGS
|
2073 |
|
2074 | * [`473d324`](https://github.com/npm/npm/commit/473d3244a8ddfd6b260d0aa0d395b119d595bf97)
|
2075 | [#11947](https://github.com/npm/npm/pull/11947)
|
2076 | Guard against bugs that could cause the installer to crash with errors like:
|
2077 |
|
2078 | ```
|
2079 | TypeError: Cannot read property 'target' of null
|
2080 | ```
|
2081 |
|
2082 | This doesn't fix the bugs, but it does at least make the installer less
|
2083 | likely to explode.
|
2084 | ([@thefourtheye](https://github.com/thefourtheye))
|
2085 |
|
2086 | #### DOC FIXES
|
2087 |
|
2088 | * [`ffa428a`](https://github.com/npm/npm/commit/ffa428a4eee482aa620819bc8df994a76fad7b0c)
|
2089 | [#11880](https://github.com/npm/npm/pull/11880)
|
2090 | Fix typo in `npm install` documentation.
|
2091 | ([@watilde](https://github.com/watilde))
|
2092 |
|
2093 | #### DEPENDENCY UPDATES
|
2094 |
|
2095 | * [`7537fe1`](https://github.com/npm/npm/commit/7537fe1748c27e6f1144b279b256cd3376d5c41c)
|
2096 | `sorted-object@2.0.0`:
|
2097 | Create objects with `{}` instead of `Object.create(null)` to make the results
|
2098 | strictly equal to what, say, parsed JSON would provide.
|
2099 | ([@domenic](https://github.com/domenic))
|
2100 | * [`8defb0f`](https://github.com/npm/npm/commit/8defb0f7b3ebdbe15c9ef5036052c10eda7e3161)
|
2101 | `readable-stream@2.0.6`:
|
2102 | Fix sync write issue on 0.10.
|
2103 | ([@calvinmetcalf](https://github.com/calvinmetcalf))
|
2104 |
|
2105 | #### TEST FIXES FOR THE SELF TESTS
|
2106 |
|
2107 | * [`c3edeab`](https://github.com/npm/npm/commit/c3edeabece4400308264e7cf4bc4448bd2729f55)
|
2108 | [#11912](https://github.com/npm/npm/pull/11912)
|
2109 | Change the self installation test to do its work in `/tmp`.
|
2110 | Previously this was installing into a temp subdir in `test/tap`, which
|
2111 | wouldn't catch the case where a module was installed in the local
|
2112 | `node_modules` folder but not in dependencies, as node would look up
|
2113 | the tree and use the copy from the version of npm being tested.
|
2114 | ([@iarna](https://github.com/iarna))
|
2115 |
|
2116 | ### v3.8.2 (2016-03-10):
|
2117 |
|
2118 | #### HAVING TROUBLE INSTALLING C MODULES ON ANDROID?
|
2119 |
|
2120 | This release includes an updated `node-gyp` with fixes for Android.
|
2121 |
|
2122 | * [`634ecba`](https://github.com/npm/npm/commit/634ecba320fb5a3287e8b7debfd8b931827b9e19)
|
2123 | `node-gyp@3.3.1`:
|
2124 | Fix bug in builds for Android.
|
2125 | ([@bnoordhuis](https://github.com/bnoordhuis))
|
2126 |
|
2127 | #### NPM LOGOUT CLEANS UP BETTER
|
2128 |
|
2129 | * [`460ed21`](https://github.com/npm/npm/commit/460ed217876ac78d21477c288f1c06563fb770b4)
|
2130 | [#10529](https://github.com/npm/npm/issues/10529)
|
2131 | If you ran `npm logout` with a scope, while we did invalidate your auth
|
2132 | token, we weren't removing the auth token from your config file. This patch causes
|
2133 | the auth token to be removed.
|
2134 | ([@wyze](https://github.com/wyze))
|
2135 |
|
2136 | #### HELP MORE HELPFUL
|
2137 |
|
2138 | * [`d1d0233`](https://github.com/npm/npm/commit/d1d02335d297da2734b538de44d8967bdcd354cf)
|
2139 | [#11003](https://github.com/npm/npm/issues/11003)
|
2140 | Update help to only show command names and their shortcuts. Previously
|
2141 | some typo corrections were shown, along with various alternate
|
2142 | spellings.
|
2143 | ([@watilde](https://github.com/watilde))
|
2144 | * [`47928cd`](https://github.com/npm/npm/commit/47928cd6264e1d6d0ef67435b71c66d01bea664a)
|
2145 | [#11003](https://github.com/npm/npm/issues/11003)
|
2146 | Remove "verison" typo from the help listing.
|
2147 | ([@doug-wade](https://github.com/doug-wade))
|
2148 |
|
2149 | #### MORE COMPLETE CONFIG LISTINGS
|
2150 |
|
2151 | * [`cf5fd40`](https://github.com/npm/npm/commit/cf5fd401494d96325d74a8bb8c326aa0045a714c)
|
2152 | [#11472](https://github.com/npm/npm/issues/11472)
|
2153 | Make `npm config list` include the per-project `.npmrc` in the output.
|
2154 | ([@mjomble](https://github.com/mjomble))
|
2155 |
|
2156 | #### DEPTH LIMITED PARSEABLE DEP LISTINGS
|
2157 |
|
2158 | * [`611070f`](https://github.com/npm/npm/commit/611070f0f7a1e185c75cadae46179194084b398f)
|
2159 | [#11495](https://github.com/npm/npm/issues/11495)
|
2160 | Made `npm ls --parseable` honor the `--depth=#` option.
|
2161 | ([@zacdoe](https://github.com/zacdoe))
|
2162 |
|
2163 | #### PROGRESS FOR THE (NON) UNICODE REVOLUTION
|
2164 |
|
2165 | * [`ff90382`](https://github.com/npm/npm/commit/ff9038227a1976b5e936442716d9877f43c6c9b4)
|
2166 | [#11781](https://github.com/npm/npm/issues/11781)
|
2167 | Make the progress bars honor the unicode option.
|
2168 | ([@watilde](https://github.com/watilde))
|
2169 |
|
2170 | #### `npm view --json`, NOW ACTUALLY JSON
|
2171 |
|
2172 | * [`24ab70a`](https://github.com/npm/npm/commit/24ab70a4ccfeaa005b80252da313bb589510668e)
|
2173 | [#11808](https://github.com/npm/npm/issues/11808)
|
2174 | Make `npm view` produce valid JSON when requested with `--json`.
|
2175 | Previously `npm view` produced some sort of weird hybrid output, with multiple
|
2176 | JSON docs.
|
2177 | ([@doug-wade](https://github.com/doug-wade))
|
2178 |
|
2179 | #### DOCUMENTATION CHANGES
|
2180 |
|
2181 | * [`6fb0499`](https://github.com/npm/npm/commit/6fb0499bea868fdc637656d210c94f051481ecd4)
|
2182 | [#11726](https://github.com/npm/npm/issues/11726)
|
2183 | Previously we patched the `npm update` docs to suggest using `--depth
|
2184 | Infinity` instead of `--depth 9999`, but that was a mistake. We forgot
|
2185 | that `npm outdated` (on which `npm update` is built) has a special
|
2186 | case where it treats `Infinity` as `0`. This reverts that patch.
|
2187 | ([@GriffinSchneider](https://github.com/GriffinSchneider))
|
2188 | * [`f0bf684`](https://github.com/npm/npm/commit/f0bf684a87ea5eea03432a17f38678fed4960d43)
|
2189 | [#11748](https://github.com/npm/npm/pull/11748)
|
2190 | Document all of the various aliases for commands in the documentation
|
2191 | for those commands.
|
2192 | ([@watilde](https://github.com/watilde))
|
2193 | * [`fe04443`](https://github.com/npm/npm/commit/fe04443d8988e2e41bd4047078e06a26d05d380d)
|
2194 | [#10968](https://github.com/npm/npm/issues/10968)
|
2195 | The `npm-scope` document notes that scopes have been available on the
|
2196 | public registry for a while. This adds that you'll need `npm@2` or later
|
2197 | to use them.
|
2198 | ([@doug-wade](https://github.com/doug-wade))
|
2199 | * [`3db37a5`](https://github.com/npm/npm/commit/3db37a52b2b2e3193ef250ad2cf96dfd2def2777)
|
2200 | [#11820](https://github.com/npm/npm/pull/11820)
|
2201 | The command `npm link` should be linking package from local folder to
|
2202 | global, and `npm link package-name` should be from global to local. The
|
2203 | description in the documentation was reversed and this fixes that.
|
2204 | ([@rhgb](https://github.com/rhgb))
|
2205 |
|
2206 | #### GLOB FOR THE GLOB THRONE
|
2207 |
|
2208 | * [`be55882`](https://github.com/npm/npm/commit/be55882dc4ee5ce0777b4badc9141dab5bf5be4d)
|
2209 | `glob@7.0.3`:
|
2210 | Fix a race condition and some windows edge cases.
|
2211 | ([@isaacs](https://github.com/isaacs))
|
2212 |
|
2213 | ### v3.8.1 (2016-03-03):
|
2214 |
|
2215 | This week the install summary got better, killing your npm process now
|
2216 | also kills the scripts it was running and a rarely used search flag got
|
2217 | documented.
|
2218 |
|
2219 | Our improvements on the test suite on Windows are beginning to pick up
|
2220 | steam, you can follow along by
|
2221 | [watching the PR](https://github.com/npm/npm/pull/11444).
|
2222 |
|
2223 | #### BETTER INSTALL SUMMARIES
|
2224 |
|
2225 | * [`e40d457`](https://github.com/npm/npm/commit/e40d4572cc98db06757df5b8bb6b7dbd0546d3d7)
|
2226 | [#11699](https://github.com/npm/npm/issues/11699)
|
2227 | Ensure that flags like `--production` passed to install don't result in
|
2228 | the summary at the end being incorrectly filtered. That summary is
|
2229 | produced by the same code as `npm ls` and therefore responds to flags
|
2230 | the same way it does. This is undesirable when it's an install summary,
|
2231 | however, as we don't want it to filter anything.
|
2232 |
|
2233 | This fixes an issue where `npm install --production <module>` would
|
2234 | result in npm exiting with an error code. The `--production` flag would
|
2235 | make `npm ls` filter out `<module>` as it wasn't saved to the
|
2236 | `package.json` and thus wasn't a production dependency. The install
|
2237 | report is limited to show just the modules installed, so with that
|
2238 | filtered out nothing is available. With nothing available `npm ls`
|
2239 | would set `npm` to exit with an error code.
|
2240 | ([@ixalon](https://github.com/ixalon))
|
2241 | * [`99337b4`](https://github.com/npm/npm/commit/99337b469163a4b211b9c6ff1aa9712ae0d601d2)
|
2242 | [#11600](https://github.com/npm/npm/pull/11600)
|
2243 | Make the report of installed modules really only show those modules
|
2244 | that were installed. Previously it selected which modules from your
|
2245 | tree to display based on `name@version` which worked great when your
|
2246 | tree was deduped but would list things it hadn't touched when there
|
2247 | were duplicates.
|
2248 | ([@iarna](https://github.com/iarna))
|
2249 |
|
2250 | #### SCRIPTS BETTER FOLLOW THE LEADER
|
2251 |
|
2252 | * [`5454347`](https://github.com/npm/npm/commit/545434766eb3681d3f40b745f9f3187ed63f310a)
|
2253 | [#10868](https://github.com/npm/npm/pull/10868)
|
2254 | When running a lifecycle script, say through `npm start`, killing npm
|
2255 | wouldn't forward that on to the children. It does now.
|
2256 | ([@daniel-pedersen](https://github.com/daniel-pedersen))
|
2257 |
|
2258 | #### SEARCHING SPECIFIC REGISTRIES
|
2259 |
|
2260 | * [`6020447`](https://github.com/npm/npm/commit/60204479f76458a9864aa530cda2b3333f95c2b0)
|
2261 | [#11490](https://github.com/npm/npm/pull/11490)
|
2262 | Add docs for using the `--registry` flag with search.
|
2263 | ([@plumlee](https://github.com/plumlee))
|
2264 |
|
2265 | #### LODASH UPDATES
|
2266 |
|
2267 | * [`bb14204`](https://github.com/npm/npm/commit/bb14204183dad620a6650452a26cdc64111f8136)
|
2268 | `lodash.without@4.1.1`
|
2269 | ([@jdalton](https://github.com/jdalton))
|
2270 | * [`0089059`](https://github.com/npm/npm/commit/0089059c562aee9ad0398e55d2c12c68a6150e79)
|
2271 | `lodash.keys@4.0.5`
|
2272 | ([@jdalton](https://github.com/jdalton))
|
2273 | * [`6ee1de4`](https://github.com/npm/npm/commit/6ee1de4474d9683a1f7023067d440780eeb10311)
|
2274 | `lodash.clonedeep@4.3.1`
|
2275 | ([@jdalton](https://github.com/jdalton))
|
2276 |
|
2277 | ### v3.8.0 (2016-02-25):
|
2278 |
|
2279 | This week brings a quality of life improvement for some Windows users, and
|
2280 | an important knob to be tuned for folks experiencing network problems.
|
2281 |
|
2282 | #### LIMIT CONCURRENT REQUESTS
|
2283 |
|
2284 | We've long known that `npm`'s tendency to try to request all your
|
2285 | dependencies simultaneously upset some network hardware (particular,
|
2286 | consumer grade routers & proxies of all sorts). One of the reasons that we're
|
2287 | planning to write our own npm specific version of `request` is to be able to
|
2288 | more easily control this sort of thing.
|
2289 |
|
2290 | But fortunately, you don't have to wait for that.
|
2291 | [@misterbyrne](https://github.com/misterbyrne) took a look at our existing
|
2292 | code and realized it could be added painlessly TODAY. The new default
|
2293 | maximum is `50`, instead of `Infinity`. If you're having network issues you
|
2294 | can try setting that value down to something lower (if you do, please let us
|
2295 | know... the default is subject to tuning).
|
2296 |
|
2297 | * [`910f9ac`](https://github.com/npm/npm/commit/910f9accf398466b8497952bee9f566ab50ade8c)
|
2298 | [`f7be667`](https://github.com/npm/npm/commit/f7be667548a132ec190ac9d60a31885a7b4fe2b3)
|
2299 | Add a new config option, `maxsockets` and `npm-registry-client@7.1.0` to
|
2300 | take advantage of it.
|
2301 | ([@misterbyrne](https://github.com/misterbyrne))
|
2302 |
|
2303 | #### WINDOWS GIT BASH
|
2304 |
|
2305 | We think it's pretty keen too, we were making it really hard to actually
|
2306 | upgrade if you were using it. NO MORE!
|
2307 |
|
2308 | * [`d60351c`](https://github.com/npm/npm/commit/d60351ccae87d71a5f5eac73e3085c6290b52a69)
|
2309 | [#11524](https://github.com/npm/npm/issues/11524)
|
2310 | Prefer locally installed npm in Git Bash -- previous behavior was to use
|
2311 | the global one. This was done previously for other shells, but not for Git
|
2312 | Bash.
|
2313 | ([@destroyerofbuilds](https://github.com/destroyerofbuilds))
|
2314 |
|
2315 | #### DOCUMENTATION IMPROVEMENTS
|
2316 |
|
2317 | * [`b63de3c`](https://github.com/npm/npm/commit/b63de3c97c4c27078944249a4d5bbe1c502c23bc)
|
2318 | [#11636](https://github.com/npm/npm/issues/11636)
|
2319 | Document `--save-bundle` option in main install page.
|
2320 | ([@datyayu](https://github.com/datyayu))
|
2321 | * [`3d26453`](https://github.com/npm/npm/commit/3d264532d6d9df60420e985334aebb53c668d32b)
|
2322 | [#11644](https://github.com/npm/npm/pull/11644)
|
2323 | Add `directories.test` to the `package.json` documentation.
|
2324 | ([@lewiscowper](https://github.com/lewiscowper))
|
2325 | * [`b64d124`](https://github.com/npm/npm/commit/b64d12432fdad344199b678d700306340d3607eb)
|
2326 | [#11441](https://github.com/npm/npm/pull/11441)
|
2327 | Add a link in documentation to the contribution guidelines.
|
2328 | ([@watilde](https://github.com/watilde))
|
2329 | * [`82fc548`](https://github.com/npm/npm/commit/82fc548b0e2abbdc4f7968c20b118c30cca79a24)
|
2330 | [#11441](https://github.com/npm/npm/pull/11441/commits)
|
2331 | Remove mentions of the long defunct Google group.
|
2332 | ([@watilde](https://github.com/watilde))
|
2333 | * [`c6ad091`](https://github.com/npm/npm/commit/c6ad09131af2e2766d6034257a8fcaa294184121)
|
2334 | [#11474](https://github.com/npm/npm/pull/11474)
|
2335 | Correct invalid JSON in npm-update docs.
|
2336 | ([@robludwig](https://github.com/robludwig))
|
2337 | * [`4906c90`](https://github.com/npm/npm/commit/4906c90ed2668adf59ebee759c7ebb811aa46e57)
|
2338 | Expand on the documentation for `bundlededDependencies`, explaining what they are
|
2339 | and when you might want to use them.
|
2340 | ([@gnerkus](https://github.com/gnerkus))
|
2341 |
|
2342 | #### DEPENDENCY UPDATES
|
2343 |
|
2344 | * [`93cdc25`](https://github.com/npm/npm/commit/93cdc25432b71cbc9c25c54ae316770e18f4b01e)
|
2345 | `strip-ansi@3.0.1`:
|
2346 | Non-user visible tests & maintainer doc updates.
|
2347 | ([@jbnicolai](https://github.com/jbnicolai))
|
2348 | * [`3b2ccef`](https://github.com/npm/npm/commit/3b2ccef30dc2038b99ba93cd1404a1d01dac8790)
|
2349 | `lodash.keys@4.0.4`
|
2350 | ([@jdalton](https://github.com/jdalton))
|
2351 | * [`30e9eb9`](https://github.com/npm/npm/commit/30e9eb97397a8f85081d328ea9aa54c2a7852613)
|
2352 | `lodash._baseuniq@4.5.0`
|
2353 | ([@jdalton](https://github.com/jdalton))
|
2354 |
|
2355 |
|
2356 | ### v3.7.5 (2016-02-22):
|
2357 |
|
2358 | A quick fixup release because when I updated glob, I missed the subdep copies of itself
|
2359 | that it installed deeper in the tree. =/
|
2360 |
|
2361 | This only effected people trying to update to `3.7.4` from `npm@2` or `npm@1`. Updates from
|
2362 | `npm@3` worked fine (as it fixes up the missing subdeps during installation).
|
2363 |
|
2364 | #### OH MY GLOB
|
2365 |
|
2366 | * [`63fa704`](https://github.com/npm/npm/commit/63fa7044569127e6e29510dc499a865189806076)
|
2367 | [#11633](https://github.com/npm/npm/issues/11633)
|
2368 | When updating the top level `npm` to `glob@7`, the subdeps that
|
2369 | still depended on `glob@6` got new versions installed but they
|
2370 | weren't added to the commit. This adds them back in.
|
2371 | ([@iarna](https://github.com/iarna))
|
2372 |
|
2373 | ### v3.7.4 (2016-02-18):
|
2374 |
|
2375 | I'm ([@iarna](https://github.com/iarna)) back from vacation in the frozen
|
2376 | wastes of Maine! This release sees a couple of bug fixes, some
|
2377 | documentation updates, a bunch of dependency updates and improvements to our
|
2378 | test suite.
|
2379 |
|
2380 | #### FIXES FOR `update`, FIXES FOR `ls`
|
2381 |
|
2382 | * [`53cdb96`](https://github.com/npm/npm/commit/53cdb96634fc329378b4ea4e767ba9987986a76e)
|
2383 | [#11362](https://github.com/npm/npm/issues/11362)
|
2384 | Make `npm update` stop trying to update linked packages.
|
2385 | ([@rhendric](https://github.com/rhendric))
|
2386 | * [`8d90d25`](https://github.com/npm/npm/commit/8d90d25b3da086843ce43911329c9572bd109078)
|
2387 | [#11559](https://github.com/npm/npm/issues/11559)
|
2388 | Only list runtime dependencies when doing `npm ls --production`.
|
2389 | ([@yibn2008](https://github.com/yibn2008))
|
2390 |
|
2391 | #### @wyze, DOCUMENTATION HERO OF THE PEOPLE, GETS THEIR OWN HEADER
|
2392 |
|
2393 | * [`b78b301`](https://github.com/npm/npm/commit/b78b30171038ab737eff0b070281277e35af25b4)
|
2394 | [#11416](https://github.com/npm/npm/pull/11416)
|
2395 | Logout docs were using a section copy-pasted from the adduser docs.
|
2396 | ([@wyze](https://github.com/wyze))
|
2397 | * [`649e28f`](https://github.com/npm/npm/commit/649e28f50aa323e75202eeedb824434535a0a4a0)
|
2398 | [#11414](https://github.com/npm/npm/pull/11414)
|
2399 | Add colon for consistency.
|
2400 | ([@wyze](https://github.com/wyze))
|
2401 |
|
2402 | #### WHITTLING AWAY AT PATH LENGTHS
|
2403 |
|
2404 | So for all of you who don't know -- Node.js does, in fact, support long Windows
|
2405 | paths. Unfortunately, depending on the tool and the Windows version, a lot of
|
2406 | external tooling does not. This means, for example, that some (all?) versions of
|
2407 | Windows Explorer *can literally never delete npm from their system entirely
|
2408 | because of deeply-nested npm dependencies*. Which is pretty gnarly.
|
2409 |
|
2410 | Incidentally, if you run into that in particularly, you can use
|
2411 | [rimraf](npm.im/rimraf) to remove such files 💁.
|
2412 |
|
2413 | The latest victim of this issue was the Node.js CI setup for testing on Windows,
|
2414 | which uses some tooling or another that croaks on the usual path length limit
|
2415 | for that OS: 255 characters.
|
2416 |
|
2417 | This isn't ordinarily an issue with `npm@3` as it produces mostly flat
|
2418 | trees, but you may be surprised to learn that `npm`'s own distribution isn't
|
2419 | flat, due to needing to be compatible with `npm@1.2`, which ships with
|
2420 | `node@0.8`!
|
2421 |
|
2422 | We've taken another baby step towards alleviating this in this release by
|
2423 | updating a couple of dependencies that were preventing `npmlog` from deduping,
|
2424 | and then doing a dedupe on that and `gauge`. Hopefully it helps.
|
2425 |
|
2426 | * [`f3c32bc`](https://github.com/npm/npm/commit/f3c32bc3127301741d2fa3a26be6f5f127a35908)
|
2427 | [#11528](https://github.com/npm/npm/pull/11528)
|
2428 | `node-gyp@3.3.0`:
|
2429 | Update to a more recent version that uses a version of npmlog compatible
|
2430 | with npm itself. Also adds: AIX support, new `gyp`, `--cafile` command
|
2431 | line option, and allows configuration of Node.js and io.js mirrors.
|
2432 | ([@rvagg](https://github.com/rvagg))
|
2433 |
|
2434 | #### INTERNAL TEST IMPROVEMENTS
|
2435 |
|
2436 | The `npm` core team's time recently has been sunk into `npm`'s many years of
|
2437 | tech debt. Specifically, we've been working on improving the test suite.
|
2438 | This isn't user visible, but in future should mean a more stable, easier to
|
2439 | contribute to `npm`. Ordinarily we don't report these kinds of changes in
|
2440 | the change log, but I thought I might share this week as this chunk is
|
2441 | bigger than usual.
|
2442 |
|
2443 | * [`07f020a`](https://github.com/npm/npm/commit/07f020a09e94ae393c67526985444e128ef6f83c)
|
2444 | [#11292](https://github.com/npm/npm/pull/11292)
|
2445 | `tacks@1.0.9`:
|
2446 | Add a package that provides a tool to generate fixtures from folders and, relatedly,
|
2447 | a module that an create and tear down filesystem fixtures easily.
|
2448 | ([@iarna](https://github.com/iarna))
|
2449 | * [`0837346`](https://github.com/npm/npm/commit/083734631f9b11b17c08bca8ba8cb736a7b1e3fb)
|
2450 | [#11292](https://github.com/npm/npm/pull/11292)
|
2451 | Remove all the relatively cryptic legacy tests and creates new tap tests
|
2452 | that check the same functionality. The *legacy* tests were tests that
|
2453 | were originally a shell script that was ported to javascript early in
|
2454 | `npm`'s history.
|
2455 | ([@iarna](https://github.com/iarna))
|
2456 | ([@zkat](https://github.com/zkat))
|
2457 | * [`5a701e7`](https://github.com/npm/npm/commit/5a701e71a0130787fb98450f9de92117b4ef88e1)
|
2458 | [#11292](https://github.com/npm/npm/pull/11292)
|
2459 | Test that we don't leak auth info into the environment.
|
2460 | ([@zkat](https://github.com/zkat))
|
2461 | * [`502d7d0`](https://github.com/npm/npm/commit/502d7d0628f08b09d8d13538ebccc63de8b3edf5)
|
2462 | [#11292](https://github.com/npm/npm/pull/11292)
|
2463 | Test that env vars properly passed into scripts.
|
2464 | ([@zkat](https://github.com/zkat))
|
2465 | * [`420f267`](https://github.com/npm/npm/commit/420f2672ee8c909f18bee10b1fc7d4ad91cf328b)
|
2466 | [#11292](https://github.com/npm/npm/pull/11292)
|
2467 | Test that npm's distribution binary is complete and can be installed and used.
|
2468 | ([@iarna](https://github.com/iarna))
|
2469 | * [`b7e99be`](https://github.com/npm/npm/commit/b7e99be1b1086f2d6098c653c1e20791269c9177)
|
2470 | [#11292](https://github.com/npm/npm/pull/11292)
|
2471 | Test that the `package.json` `files` section and `.npmignore` do what
|
2472 | they're supposed to.
|
2473 | ([@zkat](https://github.com/zkat))
|
2474 |
|
2475 | #### DEPENDENCY UPDATES
|
2476 |
|
2477 | * [`4611098`](https://github.com/npm/npm/commit/4611098fd8c65d61a0645deb05bf38c81300ffca)
|
2478 | `rimraf@2.5.2`:
|
2479 | Use `glob@7.0.0`.
|
2480 | ([@isaacs](https://github.com/isaacs))
|
2481 | * [`41b2772`](https://github.com/npm/npm/commit/41b2772cb83627f3b5b926cf81e150e7148cb124)
|
2482 | `glob@7.0.0`:
|
2483 | Raise error if `options.cwd` is specified, and not a directory.
|
2484 | ([@isaacs](https://github.com/isaacs))
|
2485 | * [`c14e74a`](https://github.com/npm/npm/commit/c14e74ab5d17c764f3aa37123a9632fa965f8760)
|
2486 | `gauge@1.2.7`: Update to newer lodash versions, for a smaller tree.
|
2487 | ([@iarna](https://github.com/iarna))
|
2488 | * [`d629363`](https://github.com/npm/npm/commit/d6293630ddc25bfa26d19b6be4fd2685976d7358)
|
2489 | `lodash.without@4.1.0`
|
2490 | ([@jdalton](https://github.com/jdalton))
|
2491 | * [`3ea4c80`](https://github.com/npm/npm/commit/3ea4c8049ca8df9f64426b1db8a29b9579950134)
|
2492 | `lodash.uniq@4.2.0`
|
2493 | ([@jdalton](https://github.com/jdalton))
|
2494 | * [`8ddcc8d`](https://github.com/npm/npm/commit/8ddcc8deb554660a3f7f474fae9758c967d94552)
|
2495 | `lodash.union@4.2.0`
|
2496 | ([@jdalton](https://github.com/jdalton))
|
2497 | * [`2b656a6`](https://github.com/npm/npm/commit/2b656a672d351f32ee2af24dcee528356dcd64f4)
|
2498 | `lodash.keys@4.0.3`
|
2499 | ([@jdalton](https://github.com/jdalton))
|
2500 | * [`ac171f8`](https://github.com/npm/npm/commit/ac171f8f0318a7dd3c515f3b83502dfa9e87adb8)
|
2501 | `lodash.isarguments@3.0.7`
|
2502 | ([@jdalton](https://github.com/jdalton))
|
2503 | * [`bcccd90`](https://github.com/npm/npm/commit/bcccd9057b75d800c799ab15f00924f700415d3e)
|
2504 | `lodash.clonedeep@4.3.0`
|
2505 | ([@jdalton](https://github.com/jdalton))
|
2506 | * [`8165bca`](https://github.com/npm/npm/commit/8165bca537d86305a3d08f080f86223a26615aa8)
|
2507 | `lodash._baseuniq@4.4.0`
|
2508 | ([@jdalton](https://github.com/jdalton))
|
2509 |
|
2510 | ### v3.7.3 (2016-02-11):
|
2511 |
|
2512 | Hey all! We've got a pretty small release this week -- just documentation
|
2513 | updates and a couple of dependencies. This release also includes a particular
|
2514 | dependency upgrade that makes it so we're exclusively using the latest version
|
2515 | of `graceful-fs`, which'll make it so things keep working with future Node.js
|
2516 | releases.
|
2517 |
|
2518 | A certain internal Node.js API was deprecated and slated for future removal from
|
2519 | Node Core. This API was critical for versions of `graceful-fs@<4`, before a
|
2520 | different approach was used to achieve similar ends. By upgrading this library,
|
2521 | and making sure all our dependencies are also updated, we've ensured npm will
|
2522 | continue to work once the API is finally removed. Older versions of npm, on the
|
2523 | other hand, will simply not work on future versions of Node.js.
|
2524 |
|
2525 | #### DEPENDENCY UPGRADES
|
2526 |
|
2527 | * [`29536f4`](https://github.com/npm/npm/commit/29536f42da6c06091c9acbc8952f72daa8a9412c)
|
2528 | `cmd-shim@2.0.2`:
|
2529 | Final straggler using `graceful-fs@<4`.
|
2530 | ([@ForbesLindesay](https://github.com/ForbesLindesay))
|
2531 | * [`5f59e74`](https://github.com/npm/npm/commit/5f59e748ef4c066756bb204a452cecd0543c7a2f)
|
2532 | `lodash.uniq@4.1.0`
|
2533 | ([@jdalton](https://github.com/jdalton))
|
2534 | * [`987cabe`](https://github.com/npm/npm/commit/987cabe8a18abcb5a685685958bf74c7258a979c)
|
2535 | `lodash.union@4.1.0`
|
2536 | ([@jdalton](https://github.com/jdalton))
|
2537 | * [`5c641f0`](https://github.com/npm/npm/commit/5c641f05fdc153c6bb06a89c46fe2a345ce413db)
|
2538 | `lodash.clonedeep@4.1.0`
|
2539 | ([@jdalton](https://github.com/jdalton))
|
2540 |
|
2541 | #### EVERYONE GETTING SOCKS LIKE IT'S OPRAH'S SHOW
|
2542 |
|
2543 | * [`9ea5658`](https://github.com/npm/npm/commit/9ea56582ca4d0991dbed44f992c88f08a643cb4b)
|
2544 | [#11410](https://github.com/npm/npm/pull/11410)
|
2545 | Fixed a small spelling error in `npm-config.md`.
|
2546 | ([@pra85](https://github.com/pra85))
|
2547 | * [`2a11e56`](https://github.com/npm/npm/commit/2a11e562a14bce18b6ddca6c20d17f97b6a8ec2f)
|
2548 | [#11403](https://github.com/npm/npm/pull/11403)
|
2549 | Removes `--depth Infinity` warning from documentation -- this operation should
|
2550 | actually be totally safe as of `npm@3`. (The warning remains for `npm@2`.)
|
2551 | ([@Aourin](https://github.com/Aourin))
|
2552 | * [`42a4727`](https://github.com/npm/npm/commit/42a4727bfb1e21c890b8e2babda55e06ac2bda29)
|
2553 | [#11391](https://github.com/npm/npm/pull/11391)
|
2554 | Fixed versions of `shrinkwrap.json` in examples in documentation for `npm
|
2555 | shrinkwrap`, which did not quite match up.
|
2556 | ([@xcatliu](https://github.com/xcatliu))
|
2557 |
|
2558 | ### v3.7.2 (2016-02-04):
|
2559 |
|
2560 | This week, the CLI team has been busy working on rewriting tests to support
|
2561 | getting coverage reports going and running all of our tests on Windows.
|
2562 | Meanwhile, we've got a bunch of dependency updates and one or two other
|
2563 | things.
|
2564 |
|
2565 | #### TESTS WENT INTO HIDING
|
2566 |
|
2567 | Last week we took a patch from [@substack](https://github.com/substack) to
|
2568 | stop the installer from reordering arrays in an installed module's
|
2569 | `package.json`... but somehow I dropped the test when I was rebasing.
|
2570 |
|
2571 | * [`21b9271`](https://github.com/npm/npm/commit/21b927182514a0ff6d9f34480bfc39f72e3e9f8c)
|
2572 | [#10063](https://github.com/npm/npm/issues/10063)
|
2573 | Restore test that verifies that we don't re-order arrays in a module's
|
2574 | `package.json` on install.
|
2575 | ([@substack](https://github.com/substack))
|
2576 |
|
2577 | #### DOCUMENTATION FIXES
|
2578 |
|
2579 | * [`c67521d`](https://github.com/npm/npm/commit/c67521dc6c1e41d39d02c74105e41442851d23bb)
|
2580 | [#11348](https://github.com/npm/npm/pull/11348)
|
2581 | Improve the documentation around which files are ALWAYS included in published packages
|
2582 | and which are ALWAYS excluded.
|
2583 | ([@jscissr](https://github.com/jscissr))
|
2584 | * [`7ef6793`](https://github.com/npm/npm/commit/7ef6793cd191cc8d88340f7e1ce9c9e3d6f0b2f4)
|
2585 | [#11348](https://github.com/npm/npm/pull/11348)
|
2586 | The release date on the 3.7.0 changelog entry was wrong. I honestly don't
|
2587 | know how I keep doing this. =D
|
2588 | ([@rafek](https://github.com/rafek))
|
2589 |
|
2590 | #### DEPENDENCY UPDATES
|
2591 |
|
2592 | * [`8a3c80c`](https://github.com/npm/npm/commit/8a3c80c4fd3d82fe937f30bc7cbd3dee51a8a893)
|
2593 | `graceful-fs@4.1.3`:
|
2594 | Fix a bug where close wasn't getting made graceful.
|
2595 | ([@isaacs](https://github.com/isaacs))
|
2596 |
|
2597 | `lodash` saw updates across most of its modules this week with browser
|
2598 | campatibility fixes that don't really impact us.
|
2599 |
|
2600 | * [`2df342b`](https://github.com/npm/npm/commit/2df342bf30efa99b98016acc8a5dc03e00b58b9c)
|
2601 | `lodash.without@4.0.2`
|
2602 | ([@jdalton](https://github.com/jdalton))
|
2603 | * [`86aa91d`](https://github.com/npm/npm/commit/86aa91dce60f6b6a92bb3ba2bf6e6be1f6afc750)
|
2604 | `lodash.uniq@4.0.2`
|
2605 | ([@jdalton](https://github.com/jdalton))
|
2606 | * [`0a94bf6`](https://github.com/npm/npm/commit/0a94bf6af0ebd38d080f92257e0cd9bae40b31ff)
|
2607 | `lodash.union@4.0.2`
|
2608 | ([@jdalton](https://github.com/jdalton))
|
2609 | * [`b4c9582`](https://github.com/npm/npm/commit/b4c9582b4ef5991f3d155e0c6142ed1c631860af)
|
2610 | `lodash.isarguments@3.0.6`
|
2611 | ([@jdalton](https://github.com/jdalton))
|
2612 | * [`efe766c`](https://github.com/npm/npm/commit/efe766c63c0948a4ae4c0d12f2b834629ab86e92)
|
2613 | `lodash.keys@4.0.2`: Minor code cleanup and the above.
|
2614 | ([@jdalton](https://github.com/jdalton))
|
2615 | * [`36abb24`](https://github.com/npm/npm/commit/36abb24ef31017adbf325e7f833d5d4b0f03f5d4)
|
2616 | `lodash.clonedeep@4.0.4`:
|
2617 | Add support for cloning prototype objects and the above.
|
2618 | ([@jdalton](https://github.com/jdalton))
|
2619 |
|
2620 | ### v3.7.1 (2016-02-01):
|
2621 |
|
2622 | Super quick Monday patch on last week's release.
|
2623 |
|
2624 | If you ever wondered why we release things to the `npm@next` tag for a week
|
2625 | before promoting them to `npm@latest`, this is it!
|
2626 |
|
2627 | #### RELEASE TRAIN VINDICATED (again)
|
2628 |
|
2629 | * [`adcaf04`](adcaf047811dcc475ab1984fc93fe34540fc03d7)
|
2630 | [#11349](https://github.com/npm/npm/issues/11349)
|
2631 | Revert last weeks change to use JSON clone instead of `lodash.cloneDeep`.
|
2632 | ([@iarna](https://github.com/iarna))
|
2633 |
|
2634 | ### v3.7.0 (2016-01-29):
|
2635 |
|
2636 | Hi all! This week brings us some important performance improvements,
|
2637 | support for git submodules(!) and a bunch of bug fixes.
|
2638 |
|
2639 | #### PERFORMANCE
|
2640 |
|
2641 | `gauge`, the module responsible for drawing `npm`'s progress bars, had an
|
2642 | embarrassing bug in its debounce implementation that resulted in it, on many
|
2643 | systems, actually being _slower_ than if it hadn't been debouncing. This was
|
2644 | due to it destroying and then creating a timer object any time it got an
|
2645 | update while waiting on its minimum update period to elapse. This only was
|
2646 | a measurable slowdown when sending thousands of updates a second, but
|
2647 | unfortunately parts of `npm`'s logging do exactly that. This has been patched
|
2648 | to eliminate that churn, and our testing shows the progress bar as being
|
2649 | eliminated as a source of slow down.
|
2650 |
|
2651 | Meanwhile, `are-we-there-yet` is the module that tracks just how complete
|
2652 | our big asynchronous install process is. [@STRML](https://github.com/STRML)
|
2653 | spent some time auditing its source and made a few smaller performance
|
2654 | improvements to it. Most impactful was eliminating a bizarre bit of code
|
2655 | that was both binding to AND closing over the current object. I don't have
|
2656 | any explanation for how that crept in. =D
|
2657 |
|
2658 | * [`c680fa9`](https://github.com/npm/npm/commit/c680fa9f8135759eb5512f4b86e47fa265733f79)
|
2659 | `npmlog@2.0.2`: New `are-we-there-yet` with performance patches from
|
2660 | [@STRML](https://github.com/STRML). New `gauge` with timer churn
|
2661 | performance patch.
|
2662 | ([@iarna](https://github.com/iarna))
|
2663 |
|
2664 | We were also using `lodash`'s `cloneDeep` on `package.json` data which is
|
2665 | definitely overkill, seeing as `package.json` data has all the restrictions
|
2666 | of being `json`. The fix for this is just swapping that out for something
|
2667 | that does a pair of `JSON.stringify`/`JSON.parse`, which is distinctly more
|
2668 | speedy.
|
2669 |
|
2670 | * [`1d1ea7e`](https://github.com/npm/npm/commit/1d1ea7eeb958034878eb6573149aeecc686888d3)
|
2671 | [#11306](https://github.com/npm/npm/pull/11306)
|
2672 | Use JSON clone instead of `lodash.cloneDeep`.
|
2673 | ([@STRML](https://github.com/STRML))
|
2674 |
|
2675 | #### NEW FEATURE: GIT SUBMODULE SUPPORT
|
2676 |
|
2677 | Long, long requested– the referenced issue is from 2011– we're finally
|
2678 | getting rudimentary git submodule support.
|
2679 |
|
2680 | * [`39dea9c`](https://github.com/npm/npm/commit/39dea9ca4216c6ea628f5ca47d2b34a4b251a1ed)
|
2681 | [#1876](https://github.com/npm/npm/issues/1876)
|
2682 | Add support for git submodules in git remotes. This is a fairly simple
|
2683 | approach, which does not leverage the git caching mechanism to cache
|
2684 | submodules. It also doesn't provide a means to disable automatic
|
2685 | initialization, e.g. via a setting in the `.gitmodules` file.
|
2686 | ([@gagern](https://github.com/gagern))
|
2687 |
|
2688 | #### ROBUSTNESS
|
2689 |
|
2690 | * [`5dec02a`](https://github.com/npm/npm/commit/5dec02a3d0e82202c021e27aff9d006283fdc25a)
|
2691 | [#10347](https://github.com/npm/npm/issues/10347)
|
2692 | There is an obscure feature that lets you monkey-patch npm when it starts
|
2693 | up. If the module being required with this feature failed, it would
|
2694 | previously just make `npm` error out– this reduces that to a warning.
|
2695 | ([@evanlucas](https://github.com/evanlucas))
|
2696 |
|
2697 | #### BUG FIXES
|
2698 |
|
2699 | * [`9ab8b8d`](https://github.com/npm/npm/commit/9ab8b8d047792612ae7f9a6079745d51d5283a53)
|
2700 | [#10820](https://github.com/npm/npm/issues/10820)
|
2701 | Fix a bug with `npm ls` where if you asked for ONLY production dependencies in output
|
2702 | it would exclude dependencies that were BOTH production AND development dependencies.
|
2703 | ([@davidvgalbraith](https://github.com/davidvgalbraith))
|
2704 | * [`6803fed`](https://github.com/npm/npm/commit/6803fedadb8f9b36cd85f7338ecf75d1d183c833)
|
2705 | [#8982](https://github.com/npm/npm/issues/8982)
|
2706 | Fix a bug where, under some circumstances, if you had a path that
|
2707 | contained the name of a package being installed somewhere in it, `npm`
|
2708 | would incorrectly refuse to run lifecycle scripts.
|
2709 | ([@elvanja](https://github.com/elvanja))
|
2710 | * [`3eae40b`](https://github.com/npm/npm/commit/3eae40b7a681aa067dfe4fea8c9a76da5b508b48)
|
2711 | [#9253](https://github.com/npm/npm/issues/9253)
|
2712 | Fix a bug where, when running lifecycle scripts, if the Node.js binary you ran
|
2713 | `npm` with wasn't in your `PATH`, `npm` wouldn't use it to run your scripts.
|
2714 | ([@segrey](https://github.com/segrey))
|
2715 | * [`61daa6a`](https://github.com/npm/npm/commit/61daa6ae8cbc041d3a0d8a6f8f268b47dd8176eb)
|
2716 | [#11014](https://github.com/npm/npm/issues/11014)
|
2717 | Fix a bug where running `rimraf node_modules/<package>` followed by `npm
|
2718 | rm --save <package>` would fail. `npm` now correctly removes the module
|
2719 | from your `package.json` even though it doesn't exist on disk.
|
2720 | ([@davidvgalbraith](https://github.com/davidvgalbraith))
|
2721 | * [`a605586`](https://github.com/npm/npm/commit/a605586df134ee97c95f89c4b4bd6bc73f7aa439)
|
2722 | [#9679](https://github.com/npm/npm/issues/9679)
|
2723 | Fix a bug where `npm install --save git+https://…` would save a `https://`
|
2724 | url to your `package.json` which was a problem because `npm` wouldn't then
|
2725 | know that it was a git repo.
|
2726 | ([@gagern](https://github.com/gagern))
|
2727 | * [`bbdc700`](https://github.com/npm/npm/commit/bbdc70024467c365cc4e06b8410947c04b6f145b)
|
2728 | [#10063](https://github.com/npm/npm/issues/10063)
|
2729 | Fix a bug where `npm` would change the order of array properties in the
|
2730 | `package.json` files of dependencies. `npm` adds a bunch of stuff to
|
2731 | `package.json` files in your `node_modules` folder for debugging and
|
2732 | bookkeeping purposes. As a part of this process it sorts the object to
|
2733 | reduce file churn when it does updates. This fixes a bug where the arrays
|
2734 | in the object were also getting sorted. This wasn't a problem for
|
2735 | properties that `npm` itself maintains, but _is_ a problem for properties
|
2736 | used by other packages.
|
2737 | ([@substack](https://github.com/substack))
|
2738 |
|
2739 | #### DOCS IMPROVEMENTS
|
2740 |
|
2741 | * [`2609a29`](https://github.com/npm/npm/commit/2609a2950704f577ac888668e81ba514568fab44)
|
2742 | [#11273](https://github.com/npm/npm/pull/11273)
|
2743 | Include an example of viewing package version history in the `npm view` documentation.
|
2744 | ([@vedatmahir](https://github.com/vedatmahir))
|
2745 | * [`719ea9c`](https://github.com/npm/npm/commit/719ea9c45a5c3233f3afde043b89824aad2df0a7)
|
2746 | [#11272](https://github.com/npm/npm/pull/11272)
|
2747 | Fix typographical issue in `npm update` documentation.
|
2748 | ([@jonathanp](https://github.com/jonathanp))
|
2749 | * [`cb9df5a`](https://github.com/npm/npm/commit/cb9df5a37091e06071d8704b629e7ebaa41c37fe)
|
2750 | [#11215](https://github.com/npm/npm/pull/11215)
|
2751 | Do not call `SEE LICENSE IN <filename>` an _SPDX expression_, as it's not.
|
2752 | ([@kemitchell](https://github.com/kemitchell))
|
2753 | * [`f427934`](https://github.com/npm/npm/commit/f4279346c368da4bca09385f773e8eed1d389e5e)
|
2754 | [#11196](https://github.com/npm/npm/pull/11196)
|
2755 | Correct the `package.json` examples in the `npm update` documentation to actually be
|
2756 | valid JSON and not just JavaScript object literals.
|
2757 | ([@s100](https://github.com/s100))
|
2758 |
|
2759 | #### DEPENDENCY UPDATES
|
2760 |
|
2761 | * [`a7b2407`](https://github.com/npm/npm/commit/a7b24074cb59a1ab17c0d8eff1498047e6a123e5)
|
2762 | `retry@0.9.0`: New features and interface agnostic refactoring.
|
2763 | ([@tim-kos](https://github.com/tim-kos))
|
2764 | * [`220fc77`](https://github.com/npm/npm/commit/220fc7702ae3e5d601dfefd3e95c14e9b32327de)
|
2765 | `request@2.69.0`:
|
2766 | A bunch of small bug fixes and module updates.
|
2767 | ([@simov](https://github.com/simov))
|
2768 | * [`9e5c84f`](https://github.com/npm/npm/commit/9e5c84f1903748897e54f8ff099729ff744eab0f)
|
2769 | `which@1.2.4`:
|
2770 | Update `isexe` and fix bug in `pathExt`, in which files without extensions
|
2771 | would sometimes be preferred to files with extensions on Windows, even though
|
2772 | those without extensions aren't executable.
|
2773 | `pathExt` is a list of extensions that are considered executable (exe, cmd,
|
2774 | bat, com on Windows).
|
2775 | ([@isaacs](https://github.com/isaacs))
|
2776 | * [`375b9c4`](https://github.com/npm/npm/commit/375b9c42fe0c6de47ac2f92527354b2ea79b7968)
|
2777 | `rimraf@2.5.1`: Minor doc formatting fixes.
|
2778 | ([@isaacs](https://github.com/isaacs))
|
2779 | * [`ef1971e`](https://github.com/npm/npm/commit/ef1971e6270c2bc72e6392b51a8b84f52708f7e7)
|
2780 | `lodash.clonedeep@4.0.2`:
|
2781 | Misc minor code cleanup. No functional changes.
|
2782 | ([@jdalton](https://github.com/jdalton))
|
2783 |
|
2784 | ### v3.6.0 (2016-01-20):
|
2785 |
|
2786 | Hi all! This is a bigger release, in part 'cause we didn't have one last
|
2787 | week. The most important thing you need to know is that when `npm@3.6.0` replaces
|
2788 | `npm@3.5.4` as `next`, `npm@3.5.4` WILL NOT be moved on to `latest`. This is due to
|
2789 | a packaging error that tickles bugs in some earlier releases and makes upgrades to it
|
2790 | from those versions break the install.
|
2791 |
|
2792 | #### NEW FEATURES‼
|
2793 |
|
2794 | * [`ff504d4`](https://github.com/npm/npm/commit/ff504d449ea1fa996cbb02c8078964643c51e5f6)
|
2795 | [#8752](https://github.com/npm/npm/issues/8752)
|
2796 | In `npm outdated`, report symlinked packages as having a wanted & latest
|
2797 | version of `linked`.
|
2798 | ([@halhenke](https://github.com/halhenke))
|
2799 | * [`f44d8c9`](https://github.com/npm/npm/commit/f44d8c9a3940f7041f8136f8754a54b13f1f9d60)
|
2800 | [#10775](https://github.com/npm/npm/issues/10775)
|
2801 | Add a success message to `adduser` / `login`.
|
2802 | ([@ekmartin](https://github.com/ekmartin))
|
2803 | * [`3109303`](https://github.com/npm/npm/commit/310930395c9bf1577cf085b9742210bfc71bb019)
|
2804 | [#10043](https://github.com/npm/npm/pull/10043)
|
2805 | Warn if you try to use `npm run x` if you don't have a `node_modules` folder, since
|
2806 | whatever you're trying to do _probably_ won't work.
|
2807 | ([@timkrins](https://github.com/timkrins))
|
2808 |
|
2809 | * [`9ed2849`](https://github.com/npm/npm/commit/9ed2849cd7e8cc97111dca42a940905284afe55d)
|
2810 | [`e9f1ad8`](https://github.com/npm/npm/commit/e9f1ad88ce58ecd111811e11afa52ac19fc8696e)
|
2811 | [`f10d300`](https://github.com/npm/npm/commit/f10d300e5effa7a5756c8d461eef284c283a41d1)
|
2812 | [`8b593d8`](https://github.com/npm/npm/commit/8b593d8d187d6ac85d2a59cbe647afb5516c1b94)
|
2813 | [#10717](https://github.com/npm/npm/pull/10717)
|
2814 | `npm version` can now take a `from-git` argument, which instructs `npm` to read the
|
2815 | version from git and update your `package.json` to what it finds. This is in contrast
|
2816 | to its normal use where `npm` _tells_ git about your new version.
|
2817 | ([@ekmartin](https://github.com/ekmartin))
|
2818 |
|
2819 | #### 3.5.4 WAS NOT SO GREAT
|
2820 |
|
2821 | The `npm@3.5.4` package was missing some dependencies. Specifically, `glob`
|
2822 | and `has-unicode` had major release updates which meant that subdeps that
|
2823 | relied on older major versions couldn't use the npm supplied versions any
|
2824 | more, and so they needed their own copies.
|
2825 |
|
2826 | This went undetected because the actions necessary to run the tests (which
|
2827 | check for this sort of thing) resolved the missing modules.
|
2828 |
|
2829 | Further, it didn't have symptoms when upgrading from _most_ versions of npm.
|
2830 | Unfortunately, some versions had bugs that were tickled by this and resulted
|
2831 | in broken upgrades, most notably, `npm@3.3.12`, the version that's been in
|
2832 | Node.js 5.
|
2833 |
|
2834 | * [`1d3325c`](https://github.com/npm/npm/commit/1d3325c040621a4792db80fb232f4994b9d5c5f2)
|
2835 | [`02611c6`](https://github.com/npm/npm/commit/02611c673a4d2bbe8fcef8d48407768da31c90d2)
|
2836 | [`39d5fea`](https://github.com/npm/npm/commit/39d5feadefdde38d75a18f23343bc6ec37153638)
|
2837 | [`7d0e830`](https://github.com/npm/npm/commit/7d0e830f26c73b9d9277b29949227ba9cca27fd9)
|
2838 | [#11129](https://github.com/npm/npm/pull/11129)
|
2839 | Update the underlying dependencies to allow use for the new versions of
|
2840 | `glob` and `has-unicode`.
|
2841 | ([@iarna](https://github.com/iarna))
|
2842 |
|
2843 | #### WHEN MISSING PATHS ARE OK
|
2844 |
|
2845 | * [`bb638fa`](https://github.com/npm/npm/commit/bb638fa4f48d24d2c9935861d5d751c5621eea49)
|
2846 | [#11212](https://github.com/npm/npm/pull/11212)
|
2847 | When trying to determine if a file was controlled by npm before going to
|
2848 | remove it, we check to see if it is inside any of a list of paths that npm
|
2849 | considers to be under its control. Not all of those paths always exist
|
2850 | (and that's ok!) Previously we were calling it a failure to match if ANY
|
2851 | of them didn't exist. We now only do so if NONE of them exist. If some
|
2852 | do, then we do our usual checks on them.
|
2853 |
|
2854 | This showed up as an error where you would see something like:
|
2855 | ```
|
2856 | npm warn gentlyRm not removing /path/to/thing as it wasn't installed by /path/to/other/thing
|
2857 | ```
|
2858 | But it totally was installed by it.
|
2859 | ([@iarna](https://github.com/iarna))
|
2860 |
|
2861 | #### BETTER NODE PRE-RELEASE SUPPORT
|
2862 |
|
2863 | Historically, if you used a pre-release version of Node.js, you would get
|
2864 | dozens and dozens of warnings when EVERY engine check failed across all of
|
2865 | your modules, because `>= 0.10.0` doesn't match prereleases.
|
2866 |
|
2867 | You might find this stream of redundent warnings undesirable. I do.
|
2868 |
|
2869 | We've moved this into a SINGLE warning you'll get about using a pre-release
|
2870 | version of Node.js and now suppress those other warnings.
|
2871 |
|
2872 | * [`6952f79`](https://github.com/npm/npm/commit/6952f7981e451a2d599a4f513573af208bdfe103)
|
2873 | [#11212](https://github.com/npm/npm/pull/11212)
|
2874 | Engine check warnings are now issued along with any other warnings about
|
2875 | your tree, instead of emitting in the middle of your install (and then
|
2876 | disappearing behind the giant tree of stuff installed).
|
2877 | ([@iarna](https://github.com/iarna))
|
2878 | * [`ee2ebe9`](https://github.com/npm/npm/commit/ee2ebe96fb3d105787835b72085bbd2eee66a629)
|
2879 | [#11212](https://github.com/npm/npm/pull/11212)
|
2880 | Suppress engine verification warnings about pre-release versions of Node.js.
|
2881 | ([@iarna](https://github.com/iarna))
|
2882 | * [`135b7e0`](https://github.com/npm/npm/commit/135b7e078311e8b4e2c8e2b662eed9ba6c2e2537)
|
2883 | [#11212](https://github.com/npm/npm/pull/11212)
|
2884 | Explicitly warn, in only one place, if you are using a pre-release version
|
2885 | of Node.js.
|
2886 | ([@iarna](https://github.com/iarna))
|
2887 |
|
2888 | #### BUG FIXES
|
2889 |
|
2890 | * [`ea331c8`](https://github.com/npm/npm/commit/ea331c82157c65f7643cd4b49fd24031c84bf601)
|
2891 | [#10938](https://github.com/npm/npm/issues/10938)
|
2892 | When removing a package, sometimes the `node_modules/.bin` wouldn't be
|
2893 | cleaned up entirely. This would result in package folders that contained
|
2894 | only a `node_modules/.bin` directory. In turn, this would result in `npm
|
2895 | ls` and other tools complaining about these broken directories.
|
2896 | To fix this, the `unbuild` step now explicitly deletes the
|
2897 | `node_modules/.bin` folder as its final step.
|
2898 | ([@chrisirhc](https://github.com/chrisirhc))
|
2899 | * [`00720db`](https://github.com/npm/npm/commit/00720db2c326cf8f968c662444a4575ae8c3020a)
|
2900 | [#11158](https://github.com/npm/npm/pull/11158)
|
2901 | On Windows, the `node-gyp` wrapper would fail if your path to `node-gyp`
|
2902 | contained spaces. This fixes that problem by quoting use of that path.
|
2903 | ([@orangemocha](https://github.com/orangemocha))
|
2904 | * [`69ac933`](https://github.com/npm/npm/commit/69ac9333506752bf2e5af70b3b3e03c6181de3e7)
|
2905 | [#11142](https://github.com/npm/npm/pull/11142)
|
2906 | Fix a race condition when making directories in the cache, which could
|
2907 | lead to `ENOENT` failures.
|
2908 | ([@Jimbly](https://github.com/Jimbly))
|
2909 | * [`e982858`](https://github.com/npm/npm/commit/e982858d9bed65cede9cbb12df9216a4bb9e6fc9)
|
2910 | [#9696](https://github.com/npm/npm/issues/9696)
|
2911 | When replacing the `package.json` in the cache you sometimes see `EPERM` errors on
|
2912 | Windows that you wouldn't on Unix-like operating systems. This ignores those errors
|
2913 | and allows Windows to continue. Longer term, we'll be adding something to retry
|
2914 | these errors, but ultimately fail if there really is an ongoing permissions issue.
|
2915 | ([@orangemocha](https://github.com/orangemocha))
|
2916 |
|
2917 | #### DOC CHANGES
|
2918 |
|
2919 | * [`3666081`](https://github.com/npm/npm/commit/3666081abd02184ba97a7cdb6ae238085d640b4b)
|
2920 | [#11188](https://github.com/npm/npm/pull/11188)
|
2921 | Add brief description to publish documentation of what's included in
|
2922 | published tarballs.
|
2923 | ([@beaugunderson](https://github.com/beaugunderson))
|
2924 | * [`b463e34`](https://github.com/npm/npm/commit/b463e3424b296cfc4bd384fc8bfe0e2329649164)
|
2925 | [#11150](https://github.com/npm/npm/pull/11150)
|
2926 | In npm update docs, advise use of `--depth Infinity` instead of `--depth
|
2927 | 9999`.
|
2928 | ([@halhenke](https://github.com/halhenke))
|
2929 | * [`382e71a`](https://github.com/npm/npm/commit/382e71a7ee5d1ca3dba55c1e753d529eb8ae6895)
|
2930 | [#11128](https://github.com/npm/npm/pull/11128)
|
2931 | In the `package.json` docs, make the reference to the "Local Paths" section
|
2932 | a link to it as well.
|
2933 | ([@orangejulius](https://github.com/orangejulius))
|
2934 | * [`5277e7f`](https://github.com/npm/npm/commit/5277e7f236e8cb40d7f4a1054506f2d3d159716e)
|
2935 | [#11090](https://github.com/npm/npm/pull/11090)
|
2936 | Fix the 3.5.4 release date in CHANGELOG.md.
|
2937 | ([@ashleygwilliams](https://github.com/ashleygwilliams))
|
2938 | * [`e6d238a`](https://github.com/npm/npm/commit/e6d238a3d90beeb0af23fa75a9b5e50671d6e4c5)
|
2939 | [#11130](https://github.com/npm/npm/pull/11130)
|
2940 | Eliminate the "using npm programmatically" section from the README. The
|
2941 | documentation for this was removed a while ago and is unsupported.
|
2942 | ([@ljharb](https://github.com/ljharb))
|
2943 |
|
2944 | #### DEPENDENCY UPDATES
|
2945 |
|
2946 | * [`b0dde5c`](https://github.com/npm/npm/commit/b0dde5c3407b58d78969d3da01af2629fcba1c73)
|
2947 | `config-chain@1.1.10`: Update tests for most recent version of `ini`.
|
2948 | ([@dominictarr](https://github.com/dominictarr))
|
2949 | * [`c62f414`](https://github.com/npm/npm/commit/c62f414534971761a48ce3cbc3e25214fb09e494)
|
2950 | `glob@6.0.4`: Eliminated use of `util._extend`.
|
2951 | ([@isaacs](https://github.com/isaacs))
|
2952 | * [`98a6779`](https://github.com/npm/npm/commit/98a67797978ed7ce534e16b705d3a2a9ca0e6cc1)
|
2953 | `lodash.clonedeep@4.0.1`: Bug fixes, including the non-linear performance
|
2954 | that was biting npm a while back.
|
2955 | ([@jdalton](https://github.com/jdalton))
|
2956 | * [`0e8c4ce`](https://github.com/npm/npm/commit/0e8c4cebddaefbf5eca0abaad512db266c6722c9)
|
2957 | `lodash.without@4.0.1`
|
2958 | ([@jdalton](https://github.com/jdalton))
|
2959 | * [`1fd19f5`](https://github.com/npm/npm/commit/1fd19f57a3551d7d30a6b8a9ce967ef50e0ff0ba)
|
2960 | `lodash.uniq@4.0.1`
|
2961 | ([@jdalton](https://github.com/jdalton))
|
2962 | * [`b7486c5`](https://github.com/npm/npm/commit/b7486c550f3391f733d1e1907652be95fddf4368)
|
2963 | `lodash.union@4.0.1`
|
2964 | ([@jdalton](https://github.com/jdalton))
|
2965 | * [`54bb591`](https://github.com/npm/npm/commit/54bb5911e18f8fb86eb94159f34b13f0c0aa2e30)
|
2966 | `lodash.keys@4.0.0`
|
2967 | ([@jdalton](https://github.com/jdalton))
|
2968 | * [`26f7a7a`](https://github.com/npm/npm/commit/26f7a7aaae0575a85deba2241ee69b433dd1ba98)
|
2969 | `lodash.isarray@4.0.0`
|
2970 | ([@jdalton](https://github.com/jdalton))
|
2971 | * [`ed38bd3`](https://github.com/npm/npm/commit/ed38bd3baf544dfc0630fd321d279f137700bd4d)
|
2972 | `lodash.isarguments@3.0.5`
|
2973 | ([@jdalton](https://github.com/jdalton))
|
2974 |
|
2975 | ### v3.5.4 (2016-01-07):
|
2976 |
|
2977 | I hope you all had fantastic winter holidays, if it's winter where you are
|
2978 | and if there are holidays‼ We went a few weeks without releases because
|
2979 | staff was taking time away from work here and there. A new year has come
|
2980 | and we're back now, and refreshed and ready to dig in!
|
2981 |
|
2982 | This week brings us a bunch of documentation improvements and some module
|
2983 | updates. The core team's focus continues to be on improving tests,
|
2984 | particularly with Windows, so there's not too much to call out here.
|
2985 |
|
2986 | #### DOCUMENTATION IMPROVEMENTS
|
2987 |
|
2988 | * [`6b0031e`](https://github.com/npm/npm/commit/6b0031e28c0b10fb2622fdadde41f5cd294348e8)
|
2989 | [#11044](https://github.com/npm/npm/pull/11044)
|
2990 | Correct documentation regarding the defaults for the `color` config option.
|
2991 | ([@scottaddie](https://github.com/scottaddie))
|
2992 | * [`c6ce69e`](https://github.com/npm/npm/commit/c6ce69eaed7f17b5f1876ac13ecfae3d14a72f24)
|
2993 | [#10990](https://github.com/npm/npm/pull/10990)
|
2994 | Drop mentions in documentation of `process.installPrefix`, as it hasn't
|
2995 | been a thing since Node.js 0.6 and we don't support that.
|
2996 | ([@jeffmcmahan](https://github.com/jeffmcmahan))
|
2997 | * [`dee92d1`](https://github.com/npm/npm/commit/dee92d1f78608a10becf57aae86d5d495f2272bd)
|
2998 | [#11037](https://github.com/npm/npm/pull/11037)
|
2999 | Clarify the documentation on the max length of the `name` property in
|
3000 | `package.json` files.
|
3001 | ([@scottaddie](https://github.com/scottaddie))
|
3002 | * [`4b9d7bb`](https://github.com/npm/npm/commit/4b9d7bb1a4fc3f1edcf563379abfd2273af10881)
|
3003 | [#10787](https://github.com/npm/npm/pull/10787)
|
3004 | Make the formatting in the documentation for `npm dist-tag` more
|
3005 | consistent with other docs.
|
3006 | ([@cvrebert](https://github.com/cvrebert))
|
3007 | * [`7f77a80`](https://github.com/npm/npm/commit/7f77a80d561ee4b2b8c0aba1226fe89dfe339bcd)
|
3008 | [#10787](https://github.com/npm/npm/pull/10787)
|
3009 | Add documentation to the `npm dist-tag` docs that explains in greater
|
3010 | detail how `latest` is different than other tags. Further, improve the
|
3011 | documentation with better examples. Add a discussion of common practice
|
3012 | for using dist tags to manage alpha's and beta's.
|
3013 | ([@cvrebert](https://github.com/cvrebert))
|
3014 | * [`6db58dd`](https://github.com/npm/npm/commit/6db58dd0d7719c4675a239d43164edc066842b14)
|
3015 | [`2ee6371`](https://github.com/npm/npm/commit/2ee6371911bd3a4d566c5d7bc8734facc60cb27c)
|
3016 | [#10788](https://github.com/npm/npm/pull/10788)
|
3017 | [#10789](https://github.com/npm/npm/pull/10789)
|
3018 | Improve documentation cross referencing.
|
3019 | ([@cvrebert](https://github.com/cvrebert))
|
3020 | * [`7ba629a`](https://github.com/npm/npm/commit/7ba629a2ad3eaf736529e053b533cabe3a0d7123)
|
3021 | [#10790](https://github.com/npm/npm/pull/10790)
|
3022 | Document more clearly that `npm install foo` means `npm install
|
3023 | foo@latest`.
|
3024 | ([@cvrebert](https://github.com/cvrebert))
|
3025 |
|
3026 | #### A FEW MODULE UPDATES
|
3027 |
|
3028 | * [`fc2e8d5`](https://github.com/npm/npm/commit/fc2e8d58a91728cb06936eea686efaa4fdec3f06)
|
3029 | `glob@6.0.3`: Remove deprecated features and fix a bunch of bugs.
|
3030 | ([@isaacs](https://github.com/isaacs))
|
3031 | * [`5b820c4`](https://github.com/npm/npm/commit/5b820c4e17c907fa8c23771c0cd8e74dd5fdaa51)
|
3032 | `has-unicode@2.0.0`: Change the default on Windows to be false, as
|
3033 | international Windows installs often install to non-unicode codepages and
|
3034 | there's no way to detect this short of a system call or a call to a
|
3035 | command line program.
|
3036 | ([@iarna](https://github.com/iarna))
|
3037 | * [`238fe84`](https://github.com/npm/npm/commit/238fe84ac61297f1d71701d80368afaa40463305)
|
3038 | `which@1.2.1`: Fixed bugs with uid/gid checks and with quoted Windows PATH
|
3039 | parts.
|
3040 | ([@isaacs](https://github.com/isaacs))
|
3041 | * [`5e510e1`](https://github.com/npm/npm/commit/5e510e13d022a22d58742b126482d3b38a14cc83)
|
3042 | `rimraf@2.5.0`: Add ability to disable glob support / pass in options.
|
3043 | ([@isaacs](https://github.com/isaacs))
|
3044 | * [`7558215`](https://github.com/npm/npm/commit/755821569466b7be0883f4b0573eeb83c24109eb)
|
3045 | `readable-stream@2.0.5`: Minor performance improvements.
|
3046 | ([@calvinmetcalf](https://github.com/calvinmetcalf))
|
3047 | * [`64e8499`](https://github.com/npm/npm/commit/64e84992c812a73d590be443c09a6977d0ae9040)
|
3048 | `fs-write-stream-atomic@1.0.8`: Rewrite to use modern streams even on 0.8
|
3049 | plus a bunch of tests.
|
3050 | ([@iarna](https://github.com/iarna))
|
3051 | * [`74d92a0`](https://github.com/npm/npm/commit/74d92a08d72ce3603244de4bb3e3706d2b928cef)
|
3052 | `columnify@1.5.4`: Some bug fixes around large inputs.
|
3053 | ([@timoxley](https://github.com/timoxley))
|
3054 |
|
3055 | #### FIX NPM'S TESTS ON 0.8
|
3056 |
|
3057 | This doesn't impact you as a user of npm, and ordinarily that means we
|
3058 | wouldn't call it out here, but if you've ever wanted to contribute, having
|
3059 | that green travis badge makes it a lot easier to do so with confidence!
|
3060 |
|
3061 | * [`b14cdbb`](https://github.com/npm/npm/commit/b14cdbb6002b04bfbefaff70cc45810c20d5a366)
|
3062 | [#10872](https://github.com/npm/npm/pull/10872)
|
3063 | Rewrite tests using nock to use other alternatives.
|
3064 | ([@zkat](https://github.com/zkat))
|
3065 | * [`59ed01a`](https://github.com/npm/npm/commit/59ed01a8ea7960b1467aed52164fc36a03c77770)
|
3066 | [#10872](https://github.com/npm/npm/pull/10872)
|
3067 | Work around Node.js 0.8 http back-pressure bug.
|
3068 |
|
3069 | 0.8 http streams have a bug, where if they're paused with data in their
|
3070 | buffers when the socket closes, they call `end` before emptying those
|
3071 | buffers, which results in the entire pipeline ending and thus the point
|
3072 | that applied backpressure never being able to trigger a `resume`.
|
3073 |
|
3074 | We work around this by piping into a pass through stream that has
|
3075 | unlimited buffering. The pass through stream is from readable-stream and
|
3076 | is thus a current streams3 implementation that is free of these bugs even
|
3077 | on 0.8.
|
3078 | ([@iarna](https://github.com/iarna))
|
3079 |
|
3080 | ### v3.5.3 (2015-12-10):
|
3081 |
|
3082 | Did you know that Bob Ross reached the rank of master sergeant in the US Air
|
3083 | Force before becoming perhaps the most soothing painter of all time?
|
3084 |
|
3085 | #### TWO HAPPY LITTLE BUG FIXES
|
3086 |
|
3087 | * [`71c9590`](https://github.com/npm/npm/commit/71c9590be61b6a7b7fa8b6dc19baa588cda26a27)
|
3088 | [#10505](https://github.com/npm/npm/issues/10505) `npm ls --json --depth=0`
|
3089 | now respects the depth parameter, when it is zero and when it is not zero.
|
3090 | ([@MarkReeder](https://github.com/MarkReeder))
|
3091 | * [`954fa67`](https://github.com/npm/npm/commit/954fa67f1ca3739992abd244e217a0aaf8465660)
|
3092 | [#9099](https://github.com/npm/npm/issues/9099) I had always thought you
|
3093 | could run `npm version` from subdirectories in your project, which is great,
|
3094 | because now you can. I guess I was just ahead of my time.
|
3095 | ([@ekmartin](https://github.com/ekmartin))
|
3096 |
|
3097 | #### NOW PAINT IN SOME NICE DOCS CHANGES
|
3098 |
|
3099 | * [`b88c37c`](https://github.com/npm/npm/commit/b88c37c1cced40e9e41402cc54a5efc3c33cd13e)
|
3100 | [#10546](https://github.com/npm/npm/issues/10546) Goodbye, FAQ! You were
|
3101 | cheeky and fun until you weren't! Don't worry: npm still loves everyone,
|
3102 | especially you! ([@ashleygwilliams](https://github.com/ashleygwilliams))
|
3103 | * [`2d3afe9`](https://github.com/npm/npm/commit/2d3afe9644ba69681a36721e79c45d27def71939)
|
3104 | [#10570](https://github.com/npm/npm/issues/10570) Update documentation URLs
|
3105 | to be HTTPS everywhere sensible. No HTTP shall be spared!
|
3106 | ([@rsp](https://github.com/rsp))
|
3107 | * [`6abd0e0`](https://github.com/npm/npm/commit/6abd0e0626d0f642ce0dae0e128ced80433f15a1)
|
3108 | [#10650](https://github.com/npm/npm/issues/10650) Correctly note that there
|
3109 | are two lifecycle scripts run by an install phase in an example, instead of
|
3110 | three. ([@eymengunay](https://github.com/eymengunay))
|
3111 | * [`a5e8df5`](https://github.com/npm/npm/commit/a5e8df53b8d6d75398cb6a55a44dcf374b0f1661)
|
3112 | [#10687](https://github.com/npm/npm/issues/10687) `npm outdated`'s output can
|
3113 | be a little puzzling sometimes. I've attempted to make it clearer, with some
|
3114 | examples, of what's going on with "wanted" and "latest" in more cases.
|
3115 | ([@othiym23](https://github.com/othiym23))
|
3116 | * [`8f52833`](https://github.com/npm/npm/commit/8f52833f5d15c4f94467234607d40e75198af1aa)
|
3117 | [#10700](https://github.com/npm/npm/issues/10700) Hey, do you remember when
|
3118 | `search.npmjs.org` was a thing? I think I do? The last time I used it was in
|
3119 | like 2012, and it's gone now, so remove it from the docs.
|
3120 | ([@gagern](https://github.com/gagern))
|
3121 | * [`b6a53b8`](https://github.com/npm/npm/commit/b6a53b889c948053dcbf6d7aab9ad1cd4226dc32)
|
3122 | [npm/docs#477](https://github.com/npm/docs/issues/477) Continue to airbrush
|
3123 | the CLI API docs out of history. ([@verpixelt](https://github.com/verpixelt))
|
3124 | * [`b835b72`](https://github.com/npm/npm/commit/b835b72d1dd23b0a17321a85d8d395322d18005d)
|
3125 | `semver@5.1.0`: Include BNF for SemVer expression grammar (which is also now
|
3126 | included in `npm help semver`). ([@isaacs](https://github.com/isaacs))
|
3127 |
|
3128 | #### LAND YOUR DEPENDENCY UPGRADES IN PAIRS SO EVERYONE HAS A FRIEND
|
3129 |
|
3130 | * [`95e99fa`](https://github.com/npm/npm/commit/95e99faadcdc85a16210dd79c0e7d83add1b9f3e)
|
3131 | `request@2.67.0` ([@simov](https://github.com/simov))
|
3132 | * [`b49199a`](https://github.com/npm/npm/commit/b49199ac96dfb1afe5719286621a318576dd69ae)
|
3133 | [isaacs/rimraf#89](https://github.com/isaacs/rimraf/pull/89) `rimraf@2.4.4`
|
3134 | ([@zerok](https://github.com/zerok))
|
3135 | * [`6632418`](https://github.com/npm/npm/commit/66324189a734a1665e1b78a06ba44089d9c3a11c)
|
3136 | [npm/nopt#51](https://github.com/npm/nopt/pull/51) `nopt@3.0.6`
|
3137 | ([@wbecker](https://github.com/wbecker))
|
3138 | * [`f0a3b3e`](https://github.com/npm/npm/commit/f0a3b3e0dbbdaf11ec55dccd59cc21bfa05f9240)
|
3139 | [isaacs/once#7](https://github.com/isaacs/once/pull/7) `once@1.3.3`
|
3140 | ([@floatdrop](https://github.com/floatdrop))
|
3141 |
|
3142 | ### v3.5.2 (2015-12-03):
|
3143 |
|
3144 | Weeeelcome to another npm release! The short version is that we fixed
|
3145 | some `ENOENT` and some modules that resulted in modules going missing. We
|
3146 | also eliminated the use of MD5 in our code base to help folks using
|
3147 | Node.js in FIPS mode. And we fixed a bad URL in our license file.
|
3148 |
|
3149 | #### FIX URL IN LICENSE
|
3150 |
|
3151 | The license incorrectly identified the registry URL as
|
3152 | `registry.npmjs.com` and this has been corrected to `registry.npmjs.org`.
|
3153 |
|
3154 | * [`cb6d81b`](https://github.com/npm/npm/commit/cb6d81bd611f68c6126a90127a9dfe5604d46c8c)
|
3155 | [#10685](https://github.com/npm/npm/pull/10685)
|
3156 | Fix npm public registry URL in notices.
|
3157 | ([@kemitchell](https://github.com/kemitchell))
|
3158 |
|
3159 | #### ENOENT? MORE LIKE ENOMOREBUGS
|
3160 |
|
3161 | The headliner this week was uncovered by the fixes to bundled dependency
|
3162 | handling over the past few releases. What had been a frustratingly
|
3163 | intermittent and hard to reproduce bug became something that happened
|
3164 | every time in Travis. This fixes another whole bunch of errors where you
|
3165 | would, while running an install have it crash with an `ENOENT` on
|
3166 | `rename`, or the install would finish but some modules would be
|
3167 | mysteriously missing and you'd have to install a second time.
|
3168 |
|
3169 | What's going on was a bit involved, so bear with me:
|
3170 |
|
3171 | `npm@3` generates a list of actions to take against the tree on disk.
|
3172 | With the exception of lifecycle scripts, it expects these all to be able
|
3173 | to act independently without interfering with each other.
|
3174 |
|
3175 | This means, for instance, that one should be able to upgrade `b` in
|
3176 | `a→b→c` without having npm reinstall `c`.
|
3177 |
|
3178 | That works fine by the way.
|
3179 |
|
3180 | But it also means that the move action should be able to move `b` in
|
3181 | `a→b→c@1.0.1` to `a→d→b→c@1.0.2` without moving or removing `c@1.0.1` and
|
3182 | while leaving `c@1.0.2` in place if it was already installed.
|
3183 |
|
3184 | That is, the `move` action moves an individual node, replacing itself
|
3185 | with an empty spot if it had children. This is not, as it might first
|
3186 | appear, something where you move an entire branch to another location on
|
3187 | the tree.
|
3188 |
|
3189 | When moving `b` we already took care to leave `c@1.0.1` in place so that
|
3190 | other moves (or removes) could handle it, but we were stomping on the
|
3191 | destination and so `c@1.0.2` was being removed.
|
3192 |
|
3193 | * [`f4385d8`](https://github.com/npm/npm/commit/f4385d8e7678349e75c80fae8a1f8f366f197937)
|
3194 | [#10655](https://github.com/npm/npm/pull/10655)
|
3195 | Preserve destination `node_modules` when moving.
|
3196 | ([@iarna](https://github.com/iarna))
|
3197 |
|
3198 | There was also a bug with `remove` where it was pruning the entire tree
|
3199 | at the remove point, prior to running moves and adds.
|
3200 |
|
3201 | This was fine most of the time, but if we were moving one of the deps out
|
3202 | from inside it, kaboom.
|
3203 |
|
3204 | * [`19c626d`](https://github.com/npm/npm/commit/19c626d69888f0cdc6e960254b3fdf523ec4b52c)
|
3205 | [#10655](https://github.com/npm/npm/pull/10655)
|
3206 | Get rid of the remove commit phase– we could have it prune _just_ the
|
3207 | module being removed, but that isn't gaining us anything.
|
3208 | ([@iarna](https://github.com/iarna))
|
3209 |
|
3210 | After all that, we shouldn't be upgrading the `add` of a bundled package
|
3211 | to a `move`. Moves save us from having to extract the package, but with a
|
3212 | bundled dependency it's included in another package already so that
|
3213 | doesn't gain us anything.
|
3214 |
|
3215 | * [`641a93b`](https://github.com/npm/npm/commit/641a93bd66a6aa4edf2d6167344b50d1a2afb593)
|
3216 | [#10655](https://github.com/npm/npm/pull/10655)
|
3217 | Don't convert adds to moves with bundled deps.
|
3218 | ([@iarna](https://github.com/iarna))
|
3219 |
|
3220 | While I was in there, I also took some time to improve diagnostics to
|
3221 | make this sort of thing easier to track down in the future:
|
3222 |
|
3223 | * [`a04ec04`](https://github.com/npm/npm/commit/a04ec04804e562b511cd31afe89c8ba94aa37ff2)
|
3224 | [#10655](https://github.com/npm/ npm/pull/10655)
|
3225 | Wrap rename so errors have stack traces.
|
3226 | ([@iarna](https://github.com/iarna))
|
3227 | * [`8ea142f`](https://github.com/npm/npm/commit/8ea142f896a2764290ca5472442b27b047ab7a1a)
|
3228 | [#10655](https://github.com/npm/npm/pull/10655)
|
3229 | Add silly logging so function is debuggable
|
3230 | ([@iarna](https://github.com/iarna))
|
3231 |
|
3232 | #### NO MORE MD5
|
3233 |
|
3234 | We updated modules that had been using MD5 for non-security purposes.
|
3235 | While this is perfectly safe, if you compile Node in FIPS-compliance mode
|
3236 | it will explode if you try to use MD5. We've replaced MD5 with Murmur,
|
3237 | which conveys our intent better and is faster to boot.
|
3238 |
|
3239 | * [`f068b26`](https://github.com/npm/npm/commit/f068b2661a8d0269c184867e003cd08cb6c56cf2)
|
3240 | [#10629](https://github.com/npm/npm/issues/10629)
|
3241 | `unique-filename@1.1.0`
|
3242 | ([@iarna](https://github.com/iarna))
|
3243 | * [`dba1b24`](https://github.com/npm/npm/commit/dba1b2402aaa2beceec798d3bd22d00650e01069)
|
3244 | [#10629](https://github.com/npm/npm/issues/10629)
|
3245 | `write-file-atomic@1.1.4`
|
3246 | ([@othiym23](https://github.com/othiym23))
|
3247 | * [`8347a30`](https://github.com/npm/npm/commit/8347a308ef0d2cf0f58f96bba3635af642ec611f)
|
3248 | [#10629](https://github.com/npm/npm/issues/10629)
|
3249 | `fs-write-stream-atomic@1.0.5`
|
3250 | ([@othiym23](https://github.com/othiym23))
|
3251 |
|
3252 | #### DEPENDENCY UPDATES
|
3253 |
|
3254 | * [`9e2a2bb`](https://github.com/npm/npm/commit/9e2a2bb5bc71a0ab3b3637e8eec212aa22d5c99f)
|
3255 | [nodejs/node-gyp#831](https://github.com/nodejs/node-gyp/pull/831)
|
3256 | `node-gyp@3.2.1`:
|
3257 | Improved \*BSD support.
|
3258 | ([@bnoordhuis](https://github.com/bnoordhuis))
|
3259 |
|
3260 | ### v3.5.1 (2015-11-25):
|
3261 |
|
3262 | #### THE npm CLI !== THE npm REGISTRY !== npm, INC.
|
3263 |
|
3264 | npm-the-CLI is licensed under the terms of the [Artistic License
|
3265 | 2.0](https://github.com/npm/npm/blob/8d79c1a39dae908f27eaa37ff6b23515d505ef29/LICENSE),
|
3266 | which is a liberal open-source license that allows you to take this code and do
|
3267 | pretty much whatever you like with it (that is, of course, not legal language,
|
3268 | and if you're doing anything with npm that leaves you in doubt about your legal
|
3269 | rights, please seek the review of qualified counsel, which is to say, not
|
3270 | members of the CLI team, none of whom have passed the bar, to my knowledge). At
|
3271 | the same time the primary registry the CLI uses when looking up and downloading
|
3272 | packages is a commercial service run by npm, Inc., and it has its own [Terms of
|
3273 | Use](https://www.npmjs.com/policies/terms).
|
3274 |
|
3275 | Aside from clarifying the terms of use (and trying to make sure they're more
|
3276 | widely known), the only recent changes to npm's licenses have been making the
|
3277 | split between the CLI and registry clearer. You are still free to do whatever
|
3278 | you like with the CLI's source, and you are free to view, download, and publish
|
3279 | packages to and from `registry.npmjs.org`, but now the existing terms under
|
3280 | which you can do so are more clearly documented. Aside from the two commits
|
3281 | below, see also [the release notes for
|
3282 | `npm@3.4.1`](https://github.com/npm/npm/releases/tag/v3.4.1), which is where
|
3283 | the split between the CLI's code and the terms of use for the registry was
|
3284 | first made more clear.
|
3285 |
|
3286 | * [`35a5dd5`](https://github.com/npm/npm/commit/35a5dd5abbfeec4f98a2b4534ec4ef5d16760581)
|
3287 | [#10532](https://github.com/npm/npm/issues/10532) Clarify that
|
3288 | `registry.npmjs.org` is the default, but that you're free to use the npm CLI
|
3289 | with whatever registry you wish. ([@kemitchell](https://github.com/kemitchell))
|
3290 | * [`fa6b013`](https://github.com/npm/npm/commit/fa6b0136a0e4a19d8979b2013622e5ff3f0446f8)
|
3291 | [#10532](https://github.com/npm/npm/issues/10532) Having semi-duplicate
|
3292 | release information in `README.md` was confusing and potentially inaccurate,
|
3293 | so remove it. ([@kemitchell](https://github.com/kemitchell))
|
3294 |
|
3295 | #### EASE UP ON WINDOWS BASH USERS
|
3296 |
|
3297 | It turns out that a fair number of us use bash on Windows (through MINGW or
|
3298 | bundled with Git, plz – Cygwin is still a bridge too far, for both npm and
|
3299 | Node.js). [@jakub-g](https://github.com/jakub-g) did us all a favor and relaxed
|
3300 | the check for npm completion to support MINGW bash. Thanks, Jakub!
|
3301 |
|
3302 | * [`09498e4`](https://github.com/npm/npm/commit/09498e45c5c9e683f092ab1372670f81db4762b6)
|
3303 | [#10156](https://github.com/npm/npm/issues/10156) completion: enable on
|
3304 | Windows in git bash ([@jakub-g](https://github.com/jakub-g))
|
3305 |
|
3306 | #### THE ONGOING SAGA OF BUNDLED DEPENDENCIES
|
3307 |
|
3308 | `npm@3.5.0` fixed up a serious issue with how `npm@3.4.1` (and potentially
|
3309 | `npm@3.4.0` and `npm@3.3.12`) handled the case in which dependencies bundled
|
3310 | into a package tarball are handled improperly when one or more of their own
|
3311 | dependencies are older than what's latest on the registry. Unfortunately, in
|
3312 | fixing that (quite severe) regression (see [`npm@3.5.0`'s release notes' for
|
3313 | details](https://github.com/npm/npm/releases/tag/v3.5.0)), we introduced a new
|
3314 | (small, and fortunately cosmetic) issue where npm superfluously warns you about
|
3315 | bundled dependencies being stale. We have now fixed that, and hope that we
|
3316 | haven't introduced any _other_ regressions in the process. :D
|
3317 |
|
3318 | * [`20824a7`](https://github.com/npm/npm/commit/20824a75bf7639fb0951a588e3c017a370ae6ec2)
|
3319 | [#10501](https://github.com/npm/npm/issues/10501) Only warn about replacing
|
3320 | bundled dependencies when actually doing so. ([@iarna](https://github.com/iarna))
|
3321 |
|
3322 | #### MAKE NODE-GYP A LITTLE BLUER
|
3323 |
|
3324 | * [`1d14d88`](https://github.com/npm/npm/commit/1d14d882c3b5af0a7fee46e8e0e343d07e4c38cb)
|
3325 | `node-gyp@3.2.0`: Support AIX, use `which` to find Python, updated to a newer
|
3326 | version of `gyp`, and more! ([@bnoordhuis](https://github.com/bnoordhuis))
|
3327 |
|
3328 | #### A BOUNTEOUS THANKSGIVING CORNUCOPIA OF DOC TWEAKS
|
3329 |
|
3330 | These are great! Keep them coming! Sorry for letting them pile up so deep,
|
3331 | everybody. Also, a belated Thanksgiving to our Canadian friends, and a happy
|
3332 | Thanksgiving to all our friends in the USA.
|
3333 |
|
3334 | * [`4659f1c`](https://github.com/npm/npm/commit/4659f1c5ad617c46a5e89b48abf0b1c4e6f04307)
|
3335 | [#10244](https://github.com/npm/npm/issues/10244) In `npm@3`, `npm dedupe`
|
3336 | doesn't take any arguments, so update documentation to reflect that.
|
3337 | ([@bengotow](https://github.com/bengotow))
|
3338 | * [`625a7ee`](https://github.com/npm/npm/commit/625a7ee6b4391e90cb28a95f20a73fd794e1eebe)
|
3339 | [#10250](https://github.com/npm/npm/issues/10250) Correct order of `org:team`
|
3340 | in `npm team` documentation. ([@louislarry](https://github.com/louislarry))
|
3341 | * [`bea7f87`](https://github.com/npm/npm/commit/bea7f87399d784e3a6d3393afcca658a61a40d77)
|
3342 | [#10371](https://github.com/npm/npm/issues/10371) Remove broken / duplicate
|
3343 | link to tag. ([@WickyNilliams](https://github.com/WickyNilliams))
|
3344 | * [`0a25e29`](https://github.com/npm/npm/commit/0a25e2956e9ddd4065d6bd929559321afc512fde)
|
3345 | [#10419](https://github.com/npm/npm/issues/10419) Remove references to
|
3346 | nonexistent `npm-rm(1)` documentation. ([@KenanY](https://github.com/KenanY))
|
3347 | * [`19b94e1`](https://github.com/npm/npm/commit/19b94e1e6781fe2f98ada0a3f49a1bda25e3e32d)
|
3348 | [#10474](https://github.com/npm/npm/issues/10474) Clarify that install finds
|
3349 | dependencies in `package.json`. ([@sleekweasel](https://github.com/sleekweasel))
|
3350 | * [`b25efc8`](https://github.com/npm/npm/commit/b25efc88067c843ffdda86ea0f50f95d136a638e)
|
3351 | [#9948](https://github.com/npm/npm/issues/9948) Encourage users to file an
|
3352 | issue, rather than emailing authors. ([@trodrigues](https://github.com/trodrigues))
|
3353 | * [`24f4ced`](https://github.com/npm/npm/commit/24f4cedc83b10061f26362bf2f005ab935e0cbfe)
|
3354 | [#10497](https://github.com/npm/npm/issues/10497) Clarify what a package is
|
3355 | slightly. ([@aredridel](https://github.com/aredridel))
|
3356 | * [`e8168d4`](https://github.com/npm/npm/commit/e8168d40caae00b2914ea09dbe4bd1b09ba3dcd5)
|
3357 | [#10539](https://github.com/npm/npm/issues/10539) Remove an extra, spuriously
|
3358 | capitalized letter. ([@alexlukin-softgrad](https://github.com/alexlukin-softgrad))
|
3359 |
|
3360 | ### v3.5.0 (2015-11-19):
|
3361 |
|
3362 | #### TEEN ORCS AT THE GATES
|
3363 |
|
3364 | This week heralds the general release of the primary npm registry's [new
|
3365 | support for private packages for
|
3366 | organizations](http://blog.npmjs.org/post/133542170540/private-packages-for-organizations).
|
3367 | For many potential users, it's the missing piece needed to make it easy for you
|
3368 | to move your organization's private work onto npm. And now it's here! The
|
3369 | functionality to support it has been in place in the CLI for a while now,
|
3370 | thanks to [@zkat](https://github.com/zkat)'s hard work.
|
3371 |
|
3372 | During our final testing before the release, our ace support team member
|
3373 | [@snopeks](https://github.com/snopeks) noticed that there had been some drift
|
3374 | between the CLI team's implementation and what npm was actually preparing to
|
3375 | ship. In the interests of everyone having a smooth experience with this
|
3376 | _extremely useful_ new feature, we quickly made a few changes to square up the
|
3377 | CLI and the web site experiences.
|
3378 |
|
3379 | * [`d7fb92d`](https://github.com/npm/npm/commit/d7fb92d1c53ba5196ad6dd2101a06792a4c0412b)
|
3380 | [#9327](https://github.com/npm/npm/issues/9327) `npm access` no longer has
|
3381 | problems when run in a directory that doesn't contain a `package.json`.
|
3382 | ([@othiym23](https://github.com/othiym23))
|
3383 | * [`17df3b5`](https://github.com/npm/npm/commit/17df3b5d5dffb2e9c223b9cfa2d5fd78c39492a4)
|
3384 | [npm/npm-registry-client#126](https://github.com/npm/npm-registry-client/issues/126)
|
3385 | `npm-registry-client@7.0.8`: Allow the CLI to grant, revoke, and list
|
3386 | permissions on unscoped (public) packages on the primary registry.
|
3387 | ([@othiym23](https://github.com/othiym23))
|
3388 |
|
3389 | #### NON-OPTIONAL INSTALLS, DEFINITELY NON-OPTIONAL
|
3390 |
|
3391 | * [`180263b`](https://github.com/npm/npm/commit/180263b)
|
3392 | [#10465](https://github.com/npm/npm/pull/10465)
|
3393 | When a non-optional dep fails, we check to see if it's only required by
|
3394 | ONLY optional dependencies. If it is, we make it fail all the deps in
|
3395 | that chain (and roll them back). If it isn't then we give an error.
|
3396 |
|
3397 | We do this by walking up through all of our ancestors until we either hit an
|
3398 | optional dependency or the top of the tree. If we hit the top, we know to
|
3399 | give the error.
|
3400 |
|
3401 | If you installed a module by hand but didn't `--save` it, your module
|
3402 | won't have the top of the tree as an anscestor and so this code was
|
3403 | failing to abort the install with an error
|
3404 |
|
3405 | This updates the logic so that hitting the top OR a module that was
|
3406 | requested by the user will trigger the error message.
|
3407 | ([@iarna](https://github.com/iarna))
|
3408 |
|
3409 | * [`b726a0e`](https://github.com/npm/npm/commit/b726a0e)
|
3410 | [#9204](https://github.com/npm/npm/issues/9204)
|
3411 | Ideally we would like warnings about your install to come AFTER the
|
3412 | output from your compile steps or the giant tree of installed modules.
|
3413 |
|
3414 | To that end, we've moved warnings about failed optional deps to the show
|
3415 | after your install completes.
|
3416 | ([@iarna](https://github.com/iarna))
|
3417 |
|
3418 | #### OVERRIDING BUNDLING
|
3419 |
|
3420 | * [`aed71fb`](https://github.com/npm/npm/commit/aed71fb)
|
3421 | [#10482](https://github.com/npm/npm/issues/10482)
|
3422 | We've been in our bundled modules code a lot lately, and our last go at
|
3423 | this introduced a new bug, where if you had a module `a` that bundled
|
3424 | a module `b`, which in turn required `c`, and the version of `c` that
|
3425 | got bundled wasn't compatible with `b`'s `package.json`, we would then
|
3426 | install a compatible version of `c`, but also erase `b` at the same time.
|
3427 |
|
3428 | This fixes that. It also reworks our bundled module support to be much
|
3429 | closer to being in line with how we handle non-bundled modules and we're
|
3430 | hopeful this will reduce any future errors around them. The new structure
|
3431 | is hopefully much easier to reason about anyway.
|
3432 | ([@iarna](https://github.com/iarna))
|
3433 |
|
3434 | #### A BRIEF NOTE ON NPM'S BACKWARDS COMPATIBILITY
|
3435 |
|
3436 | We don't often have much to say about the changes we make to our internal
|
3437 | testing and tooling, but I'm going to take this opportunity to reiterate that
|
3438 | npm tries hard to maintain compatibility with a wide variety of Node versions.
|
3439 | As this change shows, we want to ensure that npm works the same across:
|
3440 |
|
3441 | * Node.js 0.8
|
3442 | * Node.js 0.10
|
3443 | * Node.js 0.12
|
3444 | * the latest io.js release
|
3445 | * Node.js 4 LTS
|
3446 | * Node.js 5
|
3447 |
|
3448 | Contributors who send us pull requests often notice that it's very rare that
|
3449 | our tests pass across all of those versions (ironically, almost entirely due to
|
3450 | the packages we use for testing instead of any issues within npm itself). We're
|
3451 | currently beginning an effort, lasting the rest of 2015, to clean up our test
|
3452 | suite, and not only get it passing on all of the above versions of Node.js, but
|
3453 | working solidly on Windows as well. This is a compounding form of technical
|
3454 | debt that we're finally paying down, and our hope is that cleaning up the tests
|
3455 | will produce a more robust CLI that's a lot easier to write patches for.
|
3456 |
|
3457 | * [`791ec6b`](https://github.com/npm/npm/commit/791ec6b1bac0d1df59f5ebb4ccd16a29a5dc73f0)
|
3458 | [#10233](https://github.com/npm/npm/issues/10233) Update Node.js versions
|
3459 | that Travis uses to test npm. ([@iarna](https://github.com/iarna))
|
3460 |
|
3461 | #### 0.8 + npm <1.4 COMPATIBLE? SURE WHY NOT
|
3462 |
|
3463 | Hey, you found the feature we added!
|
3464 |
|
3465 | * [`231c58a`](https://github.com/npm/npm/commit/231c58a)
|
3466 | [#10337](https://github.com/npm/npm/pull/10337)
|
3467 | Add two new flags, first `--legacy-bundling` which installs your
|
3468 | dependencies such that if you bundle those dependencies, npm versions
|
3469 | prior to `1.4` can still install them. This eliminates all automatic
|
3470 | deduping.
|
3471 |
|
3472 | Second, `--global-style` which will install modules in your `node_modules`
|
3473 | folder with the same layout as global modules. Only your direct
|
3474 | dependencies will show in `node_modules` and everything they depend on
|
3475 | will be flattened in their `node_modules` folders. This obviously will
|
3476 | elminate some deduping.
|
3477 | ([@iarna](https://github.com/iarna))
|
3478 |
|
3479 | #### TYPOS IN THE LICENSE, OH MY
|
3480 |
|
3481 | * [`8d79c1a`](https://github.com/npm/npm/commit/8d79c1a39dae908f27eaa37ff6b23515d505ef29)
|
3482 | [#10478](https://github.com/npm/npm/issues/10478) Correct two typos in npm's
|
3483 | LICENSE. ([@jorrit](https://github.com/jorrit))
|
3484 |
|
3485 | ### v3.4.1 (2015-11-12):
|
3486 |
|
3487 | #### ASK FOR NOTHING, GET LATEST
|
3488 |
|
3489 | When you run `npm install foo`, you probably expect that you'll get the
|
3490 | `latest` version of `foo`, whatever that is. And good news! That's what
|
3491 | this change makes it do.
|
3492 |
|
3493 | We _think_ this is what everyone wants, but if this causes problems for
|
3494 | you, we want to know! If it proves problematic for people we will consider
|
3495 | reverting it (preferrably before this becomes `npm@latest`).
|
3496 |
|
3497 | Previously, when you ran `npm install foo` we would act as if you typed
|
3498 | `npm install foo@*`. Now, like any range-type specifier, in addition to
|
3499 | matching the range, it would also have to be `<=` the value of the
|
3500 | `latest` dist-tag. Further, it would exclude prerelease versions from the
|
3501 | list of versions considered for a match.
|
3502 |
|
3503 | This worked as expected most of the time, unless your `latest` was a
|
3504 | prerelease version, in which case that version wouldn't be used, to
|
3505 | everyone's surprise. Worse, if all your versions were prerelease versions
|
3506 | it would just refuse to install anything. (We fixed that in
|
3507 | [`npm@3.2.2`](https://github.com/npm/npm/releases/tag/v3.2.2) with
|
3508 | [`e4a38080`](https://github.com/npm/npm/commit/e4a38080).)
|
3509 |
|
3510 | * [`1e834c2`](https://github.com/npm/npm/commit/1e834c2)
|
3511 | [#10189](https://github.com/npm/npm/issues/10189)
|
3512 | `npm-package-arg@4.1.0` Change the default version from `*` to `latest`.
|
3513 | ([@zkat](https://github.com/zkat))
|
3514 |
|
3515 | #### BUGS
|
3516 |
|
3517 | * [`bec4a84`](https://github.com/npm/npm/commit/bec4a84)
|
3518 | [#10338](https://github.com/npm/npm/pull/10338)
|
3519 | Failed installs could result in more rollback (removal of just installed
|
3520 | packages) than we intended. This bug was first introduced by
|
3521 | [`83975520`](https://github.com/npm/npm/commit/83975520).
|
3522 | ([@iarna](https://github.com/iarna))
|
3523 | * [`06c732f`](https://github.com/npm/npm/commit/06c732f)
|
3524 | [#10338](https://github.com/npm/npm/pull/10338)
|
3525 | Updating a module could result in the module stealing some of its
|
3526 | dependencies from the top level, potentially breaking other modules or
|
3527 | resulting in many redundent installations. This bug was first introduced
|
3528 | by [`971fd47a`](https://github.com/npm/npm/commit/971fd47a).
|
3529 | ([@iarna](https://github.com/iarna))
|
3530 | * [`5653366`](https://github.com/npm/npm/commit/5653366)
|
3531 | [#9980](https://github.com/npm/npm/issues/9980)
|
3532 | npm, when removing a module, would refuse to remove the symlinked
|
3533 | binaries if the module itself was symlinked as well. npm goes to some
|
3534 | effort to ensure that it doesn't remove things that aren't is, and this
|
3535 | code was being too conservative. This code has been rewritten to be
|
3536 | easier to follow and to be unit-testable.
|
3537 | ([@iarna](https://github.com/iarna))
|
3538 |
|
3539 | #### LICENSE CLARIFICATION
|
3540 |
|
3541 | * [`80acf20`](https://github.com/npm/npm/commit/80acf20)
|
3542 | [#10326](https://github.com/npm/npm/pull/10326)
|
3543 | Update npm's licensing to more completely cover all of the various
|
3544 | things that are npm.
|
3545 | ([@kemitchell](https://github.com/kemitchell))
|
3546 |
|
3547 | #### CLOSER TO GREEN TRAVIS
|
3548 |
|
3549 | * [`fc12da9`](https://github.com/npm/npm/commit/fc12da9)
|
3550 | [#10232](https://github.com/npm/npm/pull/10232)
|
3551 | `nock@1.9.0`
|
3552 | Downgrade nock to a version that doesn't depend on streams2 in core so
|
3553 | that more of our tests can pass in 0.8.
|
3554 | ([@iarna](https://github.com/iarna))
|
3555 |
|
3556 | ### v3.4.0 (2015-11-05):
|
3557 |
|
3558 | #### A NEW FEATURE
|
3559 |
|
3560 | This was a group effort, with [@isaacs](https://github.com/isaacs)
|
3561 | dropping the implementation in back in August. Then, a few days ago,
|
3562 | [@ashleygwilliams](https://github.com/ashleygwilliams) wrote up docs and
|
3563 | just today [@othiym23](https://github.com/othiym23) wrote a test.
|
3564 |
|
3565 | It's a handy shortcut to update a dependency and then make sure tests
|
3566 | still pass.
|
3567 |
|
3568 | This new command:
|
3569 |
|
3570 | ```
|
3571 | npm install-test x
|
3572 | ```
|
3573 |
|
3574 | is the equivalent of running:
|
3575 |
|
3576 | ```
|
3577 | npm install x && npm test
|
3578 | ```
|
3579 |
|
3580 | * [`1ac3e08`](https://github.com/npm/npm/commit/1ac3e08)
|
3581 | [`bcb04f6`](https://github.com/npm/npm/commit/bcb04f6)
|
3582 | [`b6c17dd`](https://github.com/npm/npm/commit/b6c17dd)
|
3583 | [#9443](https://github.com/npm/npm/pull/9443)
|
3584 | Add `npm install-test` command, alias `npm it`.
|
3585 | ([@isaacs](https://github.com/isaacs),
|
3586 | [@ashleygwilliams](https://github.com/ashleygwilliams),
|
3587 | [@othiym23](https://github.com/othiym23))
|
3588 |
|
3589 | #### BUG FIXES VIA DEPENDENCY UPDATES
|
3590 |
|
3591 | * [`31c0080`](https://github.com/npm/npm/commit/31c0080)
|
3592 | [#8640](https://github.com/npm/npm/issues/8640)
|
3593 | [npm/normalize-package-data#69](https://github.com/npm/normalize-package-data/pull/69)
|
3594 | `normalize-package-data@2.3.5`:
|
3595 | Fix a bug where if you didn't specify the name of a scoped module's
|
3596 | binary, it would install it such that it was impossible to call it.
|
3597 | ([@iarna](https://github.com/iarna))
|
3598 | * [`02b37bc`](https://github.com/npm/npm/commit/02b37bc)
|
3599 | [npm/fstream-npm#14](https://github.com/npm/fstream-npm/pull/14)
|
3600 | `fstream-npm@1.0.7`:
|
3601 | Only filter `config.gypi` when it's in the build directory.
|
3602 | ([@mscdex](https://github.com/mscdex))
|
3603 | * [`accb9d2`](https://github.com/npm/npm/commit/accb9d2)
|
3604 | [npm/fstream-npm#15](https://github.com/npm/fstream-npm/pull/15)
|
3605 | `fstream-npm@1.0.6`:
|
3606 | Stop including directories that happened to have names matching whitelisted
|
3607 | npm files in npm module tarballs. The most common cause was that if you had
|
3608 | a README directory then everything in it would be included if wanted it
|
3609 | or not.
|
3610 | ([@taion](https://github.com/taion))
|
3611 |
|
3612 | #### DOCUMENTATION FIXES
|
3613 |
|
3614 | * [`7cf6366`](https://github.com/npm/npm/commit/7cf6366)
|
3615 | [#10036](https://github.com/npm/npm/pull/10036)
|
3616 | Fix typo / over-abbreviation.
|
3617 | ([@ifdattic](https://github.com/ifdattic))
|
3618 | * [`d0ad8f4`](https://github.com/npm/npm/commit/d0ad8f4)
|
3619 | [#10176](https://github.com/npm/npm/pull/10176)
|
3620 | Fix broken link, scopes => scope.
|
3621 | ([@ashleygwilliams](https://github.com/ashleygwilliams))
|
3622 | * [`d623783`](https://github.com/npm/npm/commit/d623783)
|
3623 | [#9460](https://github.com/npm/npm/issue/9460)
|
3624 | Specifying the default command run by "npm start" and the
|
3625 | fact that you can pass it arguments.
|
3626 | ([@JuanCaicedo](https://github.com/JuanCaicedo))
|
3627 |
|
3628 | #### DEPENDENCY UPDATES FOR THEIR OWN SAKE
|
3629 |
|
3630 | * [`0a4c29e`](https://github.com/npm/npm/commit/0a4c29e)
|
3631 | [npm/npmlog#19](https://github.com/npm/npmlog/pull/19)
|
3632 | `npmlog@2.0.0`: Make it possible to emit log messages with `error` as the
|
3633 | prefix.
|
3634 | ([@bengl](https://github.com/bengl))
|
3635 | * [`9463ce9`](https://github.com/npm/npm/commit/9463ce9)
|
3636 | `read-package-json@2.0.2`:
|
3637 | Minor cleanups.
|
3638 | ([@KenanY](https://github.com/KenanY))
|
3639 |
|
3640 | ### v3.3.12 (2015-11-02):
|
3641 |
|
3642 | Hi, a little hot-fix release for a bug introduced in 3.3.11. The ENOENT fix
|
3643 | last week ([`f0e2088`](https://github.com/npm/npm/commit/f0e2088)) broke
|
3644 | upgrades of modules that have bundled dependencies (like `npm`, augh!)
|
3645 |
|
3646 | * [`aedf7cf`](https://github.com/npm/npm/commit/aedf7cf)
|
3647 | [#10192](//github.com/npm/npm/pull/10192)
|
3648 | If a bundled module is going to be replacing a module that's currently on
|
3649 | disk (for instance, when you upgrade a module that includes bundled
|
3650 | dependencies) we want to select the version from the bundle in preference
|
3651 | over the one that was there previously.
|
3652 | ([@iarna](https://github.com/iarna))
|
3653 |
|
3654 | ### v3.3.11 (2015-10-29):
|
3655 |
|
3656 | This is a dependency update week, so that means no PRs from our lovely
|
3657 | users. Look for those next week. As it happens, the dependencies updated
|
3658 | were just devdeps, so nothing for you all to worry about.
|
3659 |
|
3660 | But the bug fixes, oh geez, I tracked down some really long standing stuff
|
3661 | this week!! The headliner is those intermittent `ENOENT` errors that no one
|
3662 | could reproduce consistently? I think they're nailed! But also pretty
|
3663 | important, the bug where `hapi` would install w/ a dep missing? Squashed!
|
3664 |
|
3665 | #### EEEEEEENOENT
|
3666 |
|
3667 | * [`f0e2088`](https://github.com/npm/npm/commit/f0e2088)
|
3668 | [#10026](https://github.com/npm/npm/issues/10026)
|
3669 | Eliminate some, if not many, of the `ENOENT` errors `npm@3` has seen over
|
3670 | the past few months. This was happening when npm would, in its own mind,
|
3671 | correct a bundled dependency, due to a `package.json` specifying an
|
3672 | incompatible version. Then, when npm extracted the bundled version, what
|
3673 | was on disk didn't match its mind and… well, when it tried to act on what
|
3674 | was in its mind, we got an `ENOENT` because it didn't actually exist on
|
3675 | disk.
|
3676 | ([@iarna](https://github.com/iarna))
|
3677 |
|
3678 | #### PARTIAL SHRINKWRAPS, NO LONGER A BAD DAY
|
3679 |
|
3680 | * [`712fd9c`](https://github.com/npm/npm/commit/712fd9c)
|
3681 | [#10153](https://github.com/npm/npm/pull/10153)
|
3682 | Imagine that you have a module, let's call it `fun-time`, and it depends
|
3683 | on two dependencies, `need-fun@1` and `need-time`. Further, `need-time`
|
3684 | requires `need-fun@2`. So after install the logical tree will look like
|
3685 | this:
|
3686 |
|
3687 | ```
|
3688 | fun-time
|
3689 | ├── need-fun@1
|
3690 | └── need-time
|
3691 | └── need-fun@2
|
3692 | ```
|
3693 |
|
3694 | Now, the `fun-time` author also distributes a shrinkwrap, but it only includes
|
3695 | the `need-fun@1` in it.
|
3696 |
|
3697 | Resolving dependencies would look something like this:
|
3698 |
|
3699 | 1. Require `need-fun@1`: Use version from shrinkwrap (ignoring version)
|
3700 | 2. Require `need-time`: User version in package.json
|
3701 | 1. Require `need-fun@2`: Use version from shrinkwrap, which oh hey, is
|
3702 | already installed at the top level, so no further action is needed.
|
3703 |
|
3704 | Which results in this tree:
|
3705 |
|
3706 | ```
|
3707 | fun-time
|
3708 | ├── need-fun@1
|
3709 | └── need-time
|
3710 | ```
|
3711 |
|
3712 | We're ignoring the version check on things specified in the shrinkwrap
|
3713 | so that you can override the version that will be installed. This is
|
3714 | because you may want to use a different version than is specified
|
3715 | by your dependencies' dependencies' `package.json` files.
|
3716 |
|
3717 | To fix this, we now only allow overrides of a dependency version when
|
3718 | that dependency is a child (in the tree) of the thing that requires it.
|
3719 | This means that when we're looking for `need-fun@2` we'll see `need-fun@1`
|
3720 | and reject it because, although it's from a shrinkwrap, it's parent is
|
3721 | `fun-time` and the package doing the requiring is `need-time`.
|
3722 |
|
3723 | ([@iarna](https://github.com/iarna))
|
3724 |
|
3725 | #### STRING `package.bin` AND NON-NPMJS REGISTRIES
|
3726 |
|
3727 | * [`3de1463`](https://github.com/npm/npm/commit/3de1463)
|
3728 | [#9187](https://github.com/npm/npm/issues/9187)
|
3729 | If you were using a module with the `bin` field in your `package.json` set
|
3730 | to a string on a non-npmjs registry then npm would crash, due to the our
|
3731 | expectation that the `bin` field would be an object. We now pass all
|
3732 | `package.json` data through a routine that normalizes the format,
|
3733 | including the `bin` field. (This is the same routine that your
|
3734 | `package.json` is passed through when read off of disk or sent to the
|
3735 | registry for publication.) Doing this also ensures that older modules on
|
3736 | npm's own registry will be treated exactly the same as new ones. (In the
|
3737 | past we weren't always super careful about scrubbing `package.json` data
|
3738 | on publish. And even when we were, those rules have subtly changed over
|
3739 | time.)
|
3740 | ([@iarna](https://github.com/iarna))
|
3741 |
|
3742 | ### v3.3.10 (2015-10-22):
|
3743 |
|
3744 | Hey you all! Welcome to a busy bug fix and PR week. We've got changes
|
3745 | to how `npm install` replaces dependencies during updates, improvements
|
3746 | to shrinkwrap behavior, and all sorts of doc updates.
|
3747 |
|
3748 | In other news, `npm@3` landed in node master in preparation for `node@5`
|
3749 | with [`41923c0`](https://github.com/nodejs/node/commit/41923c0).
|
3750 |
|
3751 | #### UPDATED DEPS NOW MAKE MORE SENSE
|
3752 |
|
3753 | * [`971fd47`](https://github.com/npm/npm/commit/971fd47)
|
3754 | [#9929](https://github.com/npm/npm/pull/9929)
|
3755 | Make the tree more consistent by doing updates in place. This means
|
3756 | that trees after a dependency version update will more often look
|
3757 | the same as after a fresh install.
|
3758 | ([@iarna](https://github.com/iarna))
|
3759 |
|
3760 | #### SHRINKWRAP + DEV DEPS NOW RESPECTED
|
3761 |
|
3762 | * [`eb28a8c`](https://github.com/npm/npm/commit/eb28a8c)
|
3763 | [#9647](https://github.com/npm/npm/issues/9647)
|
3764 | If a shrinkwrap already has dev deps, don't throw them away when
|
3765 | someone later runs `npm install --save`.
|
3766 | ([@iarna](https://github.com/iarna))
|
3767 |
|
3768 | #### FANTASTIC DOCUMENTATION UPDATES
|
3769 |
|
3770 | * [`291162c`](https://github.com/npm/npm/commit/291162c)
|
3771 | [#10021](https://github.com/npm/npm/pull/10021)
|
3772 | Improve wording in the FAQ to be more empathetic and less jokey.
|
3773 | ([@TaMe3971](https://github.com/TaMe3971))
|
3774 | * [`9a28c54`](https://github.com/npm/npm/commit/9a28c54)
|
3775 | [#10020](https://github.com/npm/npm/pull/10020)
|
3776 | Document the command to see the list of config defaults in the section
|
3777 | on config defaults.
|
3778 | ([@lady3bean](https://github.com/lady3bean))
|
3779 | * [`8770b0a`](https://github.com/npm/npm/commit/8770b0a)
|
3780 | [#7600](https://github.com/npm/npm/issues/7600)
|
3781 | Add shortcuts to all command documentation.
|
3782 | ([@RichardLitt](https://github.com/RichardLitt))
|
3783 | * [`e9b7d0d`](https://github.com/npm/npm/commit/e9b7d0d)
|
3784 | [#9950](https://github.com/npm/npm/pull/9950)
|
3785 | On errors that can be caused by outdated node & npm, suggest updating
|
3786 | as a part of the error message.
|
3787 | ([@ForbesLindesay](https://github.com/ForbesLindesay))
|
3788 |
|
3789 | #### NEW STANDARD HAS ALWAYS BEEN STANDARD
|
3790 |
|
3791 | * [`40c1b0f`](https://github.com/npm/npm/commit/40c1b0f)
|
3792 | [#9954](https://github.com/npm/npm/pull/9954)
|
3793 | Update to `standard@5` and reformat the source to work with it.
|
3794 | ([@cbas](https://github.com/cbas))
|
3795 |
|
3796 | ### v3.3.9 (2015-10-15):
|
3797 |
|
3798 | This week sees a few small changes ready to land:
|
3799 |
|
3800 | #### TRAVIS NODE 0.8 BUILDS REJOICE
|
3801 |
|
3802 | * [`25a234b`](https://github.com/npm/npm/commit/25a234b)
|
3803 | [#9668](https://github.com/npm/npm/issues/9668)
|
3804 | Install `npm@3`'s bundled dependencies with `npm@2`, so that the ancient npm
|
3805 | that ships with node 0.8 can install `npm@3` directly.
|
3806 | ([@othiym23](https://github.com/othiym23))
|
3807 |
|
3808 | #### SMALL ERROR MESSAGE IMPROVEMENT
|
3809 |
|
3810 | * [`a332f61`](https://github.com/npm/npm/commit/a332f61)
|
3811 | [#9927](https://github.com/npm/npm/pull/9927)
|
3812 | Update error messages where we report a list of versions that you could
|
3813 | have installed to show this as a comma separated list instead of as JSON.
|
3814 | ([@iarna](https://github.com/iarna))
|
3815 |
|
3816 | #### DEPENDENCY UPDATES
|
3817 |
|
3818 | * [`4cd74b0`](https://github.com/npm/npm/commit/4cd74b0)
|
3819 | `nock@2.15.0`
|
3820 | ([@pgte](https://github.com/pgte))
|
3821 | * [`9360976`](https://github.com/npm/npm/commit/9360976)
|
3822 | `tap@2.1.1`
|
3823 | ([@isaacs](https://github.com/isaacs))
|
3824 | * [`1ead0a4`](https://github.com/npm/npm/commit/1ead0a4)
|
3825 | `which@1.2.0`
|
3826 | ([@isaacs](https://github.com/isaacs))
|
3827 | * [`759f88a`](https://github.com/npm/npm/commit/759f88a)
|
3828 | `has-unicode@1.0.1`
|
3829 | ([@iarna](https://github.com/iarna))
|
3830 |
|
3831 | ### v3.3.8 (2015-10-12):
|
3832 |
|
3833 | This is a small update release, we're reverting
|
3834 | [`22a3af0`](https://github.com/npm/npm/commit/22a3af0) from last week's
|
3835 | release, as it is resulting in crashes. We'll revisit this PR during this
|
3836 | week.
|
3837 |
|
3838 | * [`ddde1d5`](https://github.com/npm/npm/commit/ddde1d5)
|
3839 | Revert "lifecycle: Swap out custom logic with add-to-path module"
|
3840 | ([@iarna](https://github.com/iarna))
|
3841 |
|
3842 | ### v3.3.7 (2015-10-08):
|
3843 |
|
3844 | So, as Kat mentioned in last week's 2.x release, we're now swapping weeks
|
3845 | between accepting PRs and doing dependency updates, in an effort to keep
|
3846 | release management work from taking over our lives. This week is a PR week,
|
3847 | so we've got a bunch of goodies for you.
|
3848 |
|
3849 | Relatedly, this week means 3.3.6 is now `latest` and it is WAY faster than
|
3850 | previous 3.x releases. Give it or this a look!
|
3851 |
|
3852 | #### OPTIONAL DEPS, MORE OPTIONAL
|
3853 |
|
3854 | * [`2289234`](https://github.com/npm/npm/commit/2289234)
|
3855 | [#9643](https://github.com/npm/npm/issues/9643)
|
3856 | [#9664](https://github.com/npm/npm/issues/9664)
|
3857 | `npm@3` was triggering `npm@2`'s build mechanics when it was linking bin files
|
3858 | into the tree. This was originally intended to trigger rebuilds of
|
3859 | bundled modules, but `npm@3`'s flat module structure confused it. This
|
3860 | caused two seemingly unrelated issues. First, failing optional
|
3861 | dependencies could under some circumstances (if they were built during
|
3862 | this phase) trigger a full build failure. And second, rebuilds were being
|
3863 | triggered of already installed modules, again, in some circumstances.
|
3864 | Both of these are fixed by disabling the `npm@2` mechanics and adding a
|
3865 | special rebuild phase for the initial installation of bundled modules.
|
3866 | ([@iarna](https://github.com/iarna))
|
3867 |
|
3868 | #### BAD NAME, NO CRASH
|
3869 |
|
3870 | * [`b78fec9`](https://github.com/npm/npm/commit/b78fec9)
|
3871 | [#9766](https://github.com/npm/npm/issues/9766)
|
3872 | Refactor all attempts to read the module name or package name to go via a
|
3873 | single function, with appropriate guards unusual circumstances where they
|
3874 | aren't where we expect them. This ultimately will ensure we don't see any
|
3875 | more recurrences of the `localeCompare` error and related crashers.
|
3876 | ([@iarna](https://github.com/iarna))
|
3877 |
|
3878 | #### MISCELLANEOUS BUG FIXES
|
3879 |
|
3880 | * [`22a3af0`](https://github.com/npm/npm/commit/22a3af0)
|
3881 | [#9553](https://github.com/npm/npm/pull/9553)
|
3882 | Factor the lifecycle code to manage paths out into its own module and use that.
|
3883 | ([@kentcdodds](https://github.com/kentcdodds))
|
3884 | * [`6a29fe3`](https://github.com/npm/npm/commit/6a29fe3)
|
3885 | [#9677](https://github.com/npm/npm/pull/9677)
|
3886 | Start testing our stuff in node 4 on travis
|
3887 | ([@fscherwi](https://github.com/fscherwi))
|
3888 | * [`508c6a4`](https://github.com/npm/npm/commit/508c6a4)
|
3889 | [#9669](https://github.com/npm/npm/issues/9669)
|
3890 | Make `recalculateMetadata` more resilient to unexpectedly bogus dependency specifiers.
|
3891 | ([@tmct](https://github.com/tmct))
|
3892 | * [`3c44763`](https://github.com/npm/npm/commit/3c44763)
|
3893 | [#9643](https://github.com/npm/npm/issues/9463)
|
3894 | Update `install --only` to ignore the `NODE_ENV` var and _just_ use the only
|
3895 | value, if specified.
|
3896 | ([@watilde](https://github.com/watilde))
|
3897 | * [`87336c3`](https://github.com/npm/npm/commit/87336c3)
|
3898 | [#9879](https://github.com/npm/npm/pull/9879)
|
3899 | `npm@3`'s shrinkwrap was refusing to shrinkwrap if an optional dependency
|
3900 | was missing– patch it to allow this.
|
3901 | ([@mantoni](https://github.com/mantoni))
|
3902 |
|
3903 | #### DOCUMENTATION UPDATES
|
3904 |
|
3905 | * [`82659fd`](https://github.com/npm/npm/commit/82659fd)
|
3906 | [#9208](https://github.com/npm/npm/issues/9208)
|
3907 | Correct the npm style guide around quote usage
|
3908 | ([@aaroncrows](https://github.com/aaroncrows))
|
3909 | * [`a69c83a`](https://github.com/npm/npm/commit/a69c83a)
|
3910 | [#9645](https://github.com/npm/npm/pull/9645)
|
3911 | Fix spelling error in README
|
3912 | ([@dkoleary88](https://github.com/dkoleary88))
|
3913 | * [`f2cf054`](https://github.com/npm/npm/commit/f2cf054)
|
3914 | [#9714](https://github.com/npm/npm/pull/9714)
|
3915 | Fix typos in our documentation
|
3916 | ([@reggi](https://github.com/reggi))
|
3917 | * [`7224bef`](https://github.com/npm/npm/commit/7224bef)
|
3918 | [#9759](https://github.com/npm/npm/pull/9759)
|
3919 | Fix typo in npm-team docs
|
3920 | ([@zkat](https://github.com/zkat))
|
3921 | * [`7e6e007`](https://github.com/npm/npm/commit/7e6e007)
|
3922 | [#9820](https://github.com/npm/npm/pull/9820)
|
3923 | Correct documentation as to `binding.gyp`
|
3924 | ([@KenanY](https://github.com/KenanY))
|
3925 |
|
3926 | ### v3.3.6 (2015-09-30):
|
3927 |
|
3928 | I have the most exciting news for you this week. YOU HAVE NO IDEA. Well,
|
3929 | ok, maybe you do if you follow my twitter.
|
3930 |
|
3931 | Performance just got 5 bazillion times better (under some circumstances,
|
3932 | ymmv, etc). So– my test scenario is our very own website. In `npm@2`, on my
|
3933 | macbook running `npm ls` takes about 5 seconds. Personally it's more than
|
3934 | I'd like, but it's entire workable. In `npm@3` it has been taking _50_ seconds,
|
3935 | which is appalling. But after doing some work on Monday isolating the performance
|
3936 | issues I've been able to reduce `npm@3`'s run time back down to 5 seconds.
|
3937 |
|
3938 | Other scenarios were even worse, there was one that until now in `npm@3` that
|
3939 | took almost 6 minutes, and has been reduced to 14 seconds.
|
3940 |
|
3941 | * [`7bc0d4c`](https://github.com/npm/npm/commit/7bc0d4c)
|
3942 | [`cf42217`](https://github.com/npm/npm/commit/cf42217)
|
3943 | [#8826](https://github.com/npm/npm/issues/8826)
|
3944 | Stop using deepclone on super big datastructures. Avoid cloning
|
3945 | all-together even when that means mutating things, when possible.
|
3946 | Otherwise use a custom written tree-copying function that understands
|
3947 | the underlying datastructure well enough to only copy what we absolutely
|
3948 | need to.
|
3949 | ([@iarna](https://github.com/iarna))
|
3950 |
|
3951 | In other news, look for us this Friday and Saturday at the amazing
|
3952 | [Open Source and Feelings](https://osfeels.com) conference, where something like a
|
3953 | third of the company will be attending.
|
3954 |
|
3955 | #### And finally a dependency update
|
3956 |
|
3957 | * [`a6a4437`](https://github.com/npm/npm/commit/a6a4437)
|
3958 | `glob@5.0.15`
|
3959 | ([@isaacs](https://github.com/isaacs))
|
3960 |
|
3961 | #### And some subdep updates
|
3962 |
|
3963 | * [`cc5e6a0`](https://github.com/npm/npm/commit/cc5e6a0)
|
3964 | `hoek@2.16.3`
|
3965 | ([@nlf](https://github.com/nlf))
|
3966 | * [`912a516`](https://github.com/npm/npm/commit/912a516)
|
3967 | `boom@2.9.0`
|
3968 | ([@arb](https://github.com/arb))
|
3969 | * [`63944e9`](https://github.com/npm/npm/commit/63944e9)
|
3970 | `bluebird@2.10.1`
|
3971 | ([@petkaantonov](https://github.com/petkaantonov))
|
3972 | * [`ef16003`](https://github.com/npm/npm/commit/ef16003)
|
3973 | `mime-types@2.1.7` & `mime-db@1.19.0`
|
3974 | ([@dougwilson](https://github.com/dougwilson))
|
3975 | * [`2b8c0dd`](https://github.com/npm/npm/commit/2b8c0dd)
|
3976 | `request@2.64.0`
|
3977 | ([@simov](https://github.com/simov))
|
3978 | * [`8139124`](https://github.com/npm/npm/commit/8139124)
|
3979 | `brace-expansion@1.1.1`
|
3980 | ([@juliangruber](https://github.com/juliangruber))
|
3981 |
|
3982 | ### v3.3.5 (2015-09-24):
|
3983 |
|
3984 | Some of you all may not be aware, but npm is ALSO a company. I tell you this
|
3985 | 'cause npm-the-company had an all-staff get together this week, flying in
|
3986 | our remote folks from around the world. That was great, but it also
|
3987 | basically eliminated normal work on Monday and Tuesday.
|
3988 |
|
3989 | Still, we've got a couple of really important bug fixes this week. Plus a
|
3990 | lil bit from the [now LTS 2.x branch](https://github.com/npm/npm/releases/tag/v2.14.6).
|
3991 |
|
3992 | #### ATTENTION WINDOWS USERS
|
3993 |
|
3994 | If you previously updated to npm 3 and you try to update again, you may get
|
3995 | an error messaging telling you that npm won't install npm into itself. Until you
|
3996 | are at 3.3.5 or greater, you can get around this with `npm install -f -g npm`.
|
3997 |
|
3998 | * [`bef06f5`](https://github.com/npm/npm/commit/bef06f5)
|
3999 | [#9741](https://github.com/npm/npm/pull/9741) Uh... so... er... it
|
4000 | seems that since `npm@3.2.0` on Windows with a default configuration, it's
|
4001 | been impossible to update npm. Well, that's not actually true, there's a
|
4002 | work around (see above), but it shouldn't be complaining in the first
|
4003 | place.
|
4004 | ([@iarna](https://github.com/iarna))
|
4005 |
|
4006 | #### STACK OVERFLOWS ON PUBLISH
|
4007 |
|
4008 | * [`330b496`](https://github.com/npm/npm/commit/330b496)
|
4009 | [#9667](https://github.com/npm/npm/pull/9667)
|
4010 | We were keeping track of metadata about your project while packing the
|
4011 | tree in a way that resulted in this data being written to packed tar files
|
4012 | headers. When this metadata included cycles, it resulted in the the tar
|
4013 | file entering an infinite recursive loop and eventually crashing with a
|
4014 | stack overflow.
|
4015 |
|
4016 | I've patched this by keeping track of your metadata by closing over the
|
4017 | variables in question instead, and I've further restricted gathering and
|
4018 | tracking the metadata to times when it's actually needed. (Which is only
|
4019 | if you need bundled modules.)
|
4020 | ([@iarna](https://github.com/iarna))
|
4021 |
|
4022 | #### LESS CRASHY ERROR MESSAGES ON BAD PACKAGES
|
4023 |
|
4024 | * [`829921f`](https://github.com/npm/npm/commit/829921f)
|
4025 | [#9741](https://github.com/npm/npm/pull/9741)
|
4026 | Packages with invalid names or versions were crashing the installer. These
|
4027 | are now captured and warned as was originally intended.
|
4028 | ([@iarna](https://github.com/iarna))
|
4029 |
|
4030 | #### ONE DEPENDENCY UPDATE
|
4031 |
|
4032 | * [`963295c`](https://github.com/npm/npm/commit/963295c)
|
4033 | `npm-install-checks@2.0.1`
|
4034 | ([@iarna](https://github.com/iarna))
|
4035 |
|
4036 | #### AND ONE SUBDEPENDENCY
|
4037 |
|
4038 | * [`448737d`](https://github.com/npm/npm/commit/448737d)
|
4039 | `request@2.63.0`
|
4040 | ([@simov](https://github.com/simov))
|
4041 |
|
4042 | ### v3.3.4 (2015-09-17):
|
4043 |
|
4044 | This is a relatively quiet release, bringing a few bug fixes and
|
4045 | some module updates, plus via the
|
4046 | [2.14.5 release](https://github.com/npm/npm/releases/tag/v2.14.5)
|
4047 | some forward compatibility fixes with versions of Node that
|
4048 | aren't yet released.
|
4049 |
|
4050 | #### NO BETA NOTICE THIS TIME!!
|
4051 |
|
4052 | But, EXCITING NEWS FRIENDS, this week marks the exit of `npm@3`
|
4053 | from beta. This means that the week of this release,
|
4054 | [v3.3.3](https://github.com/npm/npm/releases/tag/v3.3.3) will
|
4055 | become `latest` and this version (v3.3.4) will become `next`!!
|
4056 |
|
4057 | #### CRUFT FOR THE CRUFT GODS
|
4058 |
|
4059 | What I call "cruft", by which I mean, files sitting around in
|
4060 | your `node_modules` folder, will no longer produce warnings in
|
4061 | `npm ls` nor during `npm install`. This brings `npm@3`'s behavior
|
4062 | in line with `npm@2`.
|
4063 |
|
4064 | * [`a127801`](https://github.com/npm/npm/commit/a127801)
|
4065 | [#9285](https://github.com/npm/npm/pull/9586)
|
4066 | Stop warning about cruft in module directories.
|
4067 | ([@iarna](https://github.com/iarna))
|
4068 |
|
4069 | #### BETTER ERROR MESSAGE
|
4070 |
|
4071 | * [`95ee92c`](https://github.com/npm/npm/commit/95ee92c)
|
4072 | [#9433](https://github.com/npm/npm/issues/9433)
|
4073 | Give better error messages for invalid URLs in the dependecy
|
4074 | list.
|
4075 | ([@jamietre](https://github.com/jamietre))
|
4076 |
|
4077 | #### MODULE UPDATES
|
4078 |
|
4079 | * [`ebb92ca`](https://github.com/npm/npm/commit/ebb92ca)
|
4080 | `retry@0.8.0` ([@tim-kos](https://github.com/tim-kos))
|
4081 | * [`55f1285`](https://github.com/npm/npm/commit/55f1285)
|
4082 | `normalize-package-data@2.3.4` ([@zkat](https://github.com/zkat))
|
4083 | * [`6d4ebff`](https://github.com/npm/npm/commit/6d4ebff)
|
4084 | `sha@2.0.1` ([@ForbesLindesay](https://github.com/ForbesLindesay))
|
4085 | * [`09a9c7a`](https://github.com/npm/npm/commit/09a9c7a)
|
4086 | `semver@5.0.3` ([@isaacs](https://github.com/isaacs))
|
4087 | * [`745000f`](https://github.com/npm/npm/commit/745000f)
|
4088 | `node-gyp@3.0.3` ([@rvagg](https://github.com/rvagg))
|
4089 |
|
4090 | #### SUB DEP MODULE UPDATES
|
4091 |
|
4092 | * [`578ca25`](https://github.com/npm/npm/commit/578ca25)
|
4093 | `request@2.62.0` ([@simov](https://github.com/simov))
|
4094 | * [`1d8996e`](https://github.com/npm/npm/commit/1d8996e)
|
4095 | `jju@1.2.1` ([@rlidwka](https://github.com/rlidwka))
|
4096 | * [`6da1ba4`](https://github.com/npm/npm/commit/6da1ba4)
|
4097 | `hoek@2.16.2` ([@nlf](https://github.com/nlf))
|
4098 |
|
4099 | ### v3.3.3 (2015-09-10):
|
4100 |
|
4101 | This short week brought us brings us a few small bug fixes, a
|
4102 | doc change and a whole lotta dependency updates.
|
4103 |
|
4104 | Plus, as usual, this includes a forward port of everything in
|
4105 | [`npm@2.14.4`](https://github.com/npm/npm/releases/tag/v2.14.4).
|
4106 |
|
4107 | #### BETA BUT NOT FOREVER
|
4108 |
|
4109 | **_THIS IS BETA SOFTWARE_**. `npm@3` will remain in beta until
|
4110 | we're confident that it's stable and have assessed the effect of
|
4111 | the breaking changes on the community. During that time we will
|
4112 | still be doing `npm@2` releases, with `npm@2` tagged as `latest`
|
4113 | and `next`. We'll _also_ be publishing new releases of `npm@3`
|
4114 | as `npm@v3.x-next` and `npm@v3.x-latest` alongside those
|
4115 | versions until we're ready to switch everyone over to `npm@3`.
|
4116 | We need your help to find and fix its remaining bugs. It's a
|
4117 | significant rewrite, so we are _sure_ there still significant
|
4118 | bugs remaining. So do us a solid and deploy it in non-critical
|
4119 | CI environments and for day-to-day use, but maybe don't use it
|
4120 | for production maintenance or frontline continuous deployment
|
4121 | just yet.
|
4122 |
|
4123 | #### REMOVE INSTALLED BINARIES ON WINDOWS
|
4124 |
|
4125 | So waaaay back at the start of August, I fixed a bug with
|
4126 | [#9198](https://github.com/npm/npm/pull/9198). That fix made it
|
4127 | so that if you had two modules installed that both installed the
|
4128 | same binary (eg `gulp` & `gulp-cli`), that removing one wouldn't
|
4129 | remove the binary if it was owned by the other.
|
4130 |
|
4131 | It did this by doing some hocus-pocus that, turns out, was
|
4132 | Unix-specific, so on Windows it just threw up its hands and
|
4133 | stopped removing installed binaries at all. Not great.
|
4134 |
|
4135 | So today we're fixing that– it let us maintain the same safety
|
4136 | that we added in #9198, but ALSO works with Windows.
|
4137 |
|
4138 | * [`25fbaed`](https://github.com/npm/npm/commit/25fbaed)
|
4139 | [#9394](https://github.com/npm/npm/issues/9394)
|
4140 | Treat cmd-shims the same way we treat symlinks
|
4141 | ([@iarna](https://github.com/iarna))
|
4142 |
|
4143 | #### API DOCUMENTATION HAS BEEN SACRIFICED THE API GOD
|
4144 |
|
4145 | The documentation of the internal APIs of npm is going away,
|
4146 | because it would lead people into thinking they should integrate
|
4147 | with npm by using it. Please don't do that! In the future, we'd
|
4148 | like to give you a suite of stand alone modules that provide
|
4149 | better, more stand alone APIs for your applications to build on.
|
4150 | But for now, call the npm binary with `process.exec` or
|
4151 | `process.spawn` instead.
|
4152 |
|
4153 | * [`2fb60bf`](https://github.com/npm/npm/commit/2fb60bf)
|
4154 | Remove misleading API documentation
|
4155 | ([@othiym23](https://github.com/othiym23))
|
4156 |
|
4157 | #### ALLOW `npm link` ON WINDOWS W/ PRERELEASE VERSIONS OF NODE
|
4158 |
|
4159 | We never meant to have this be a restriction in the first place
|
4160 | and it was only just discovered with the recent node 4.0.0
|
4161 | release candidate.
|
4162 |
|
4163 | * [`6665e54`](https://github.com/npm/npm/commit/6665e54)
|
4164 | [#9505](https://github.com/npm/npm/pull/9505)
|
4165 | Allow npm link to run on Windows with prerelease versions of
|
4166 | node
|
4167 | ([@jon-hall](https://github.com/jon-hall))
|
4168 |
|
4169 | #### graceful-fs update
|
4170 |
|
4171 | We're updating all of npm's deps to use the most recent
|
4172 | `graceful-fs`. This turns out to be important for future not yet
|
4173 | released versions of node, because older versions monkey-patch
|
4174 | `fs` in ways that will break in the future. Plus it ALSO makes
|
4175 | use of `process.binding` which is an internal API that npm
|
4176 | definitely shouldn't have been using. We're not done yet, but
|
4177 | this is the bulk of them.
|
4178 |
|
4179 | * [`e7bc98e`](https://github.com/npm/npm/commit/e7bc98e)
|
4180 | `write-file-atomic@1.1.3`
|
4181 | ([@iarna](https://github.com/iarna))
|
4182 | * [`7417600`](https://github.com/npm/npm/commit/7417600)
|
4183 | `tar@2.2.1`
|
4184 | ([@zkat](https://github.com/zkat))
|
4185 | * [`e4e9d40`](https://github.com/npm/npm/commit/e4e9d40)
|
4186 | `read-package-json@2.0.1`
|
4187 | ([@zkat](https://github.com/zkat))
|
4188 | * [`481611d`](https://github.com/npm/npm/commit/481611d)
|
4189 | `read-installed@4.0.3`
|
4190 | ([@zkat](https://github.com/zkat))
|
4191 | * [`0dabbda`](https://github.com/npm/npm/commit/0dabbda)
|
4192 | `npm-registry-client@7.0.4`
|
4193 | ([@zkat](https://github.com/zkat))
|
4194 | * [`c075a91`](https://github.com/npm/npm/commit/c075a91)
|
4195 | `fstream@1.0.8`
|
4196 | ([@zkat](https://github.com/zkat))
|
4197 | * [`2e4341a`](https://github.com/npm/npm/commit/2e4341a)
|
4198 | `fs-write-stream-atomic@1.0.4`
|
4199 | ([@zkat](https://github.com/zkat))
|
4200 | * [`18ad16e`](https://github.com/npm/npm/commit/18ad16e)
|
4201 | `fs-vacuum@1.2.7`
|
4202 | ([@zkat](https://github.com/zkat))
|
4203 |
|
4204 | #### DEPENDENCY UPDATES
|
4205 |
|
4206 | * [`9d6666b`](https://github.com/npm/npm/commit/9d6666b)
|
4207 | `node-gyp@3.0.1`
|
4208 | ([@rvagg](https://github.com/rvagg))
|
4209 | * [`349c4df`](https://github.com/npm/npm/commit/349c4df)
|
4210 | `retry@0.7.0`
|
4211 | ([@tim-kos](https://github.com/tim-kos))
|
4212 | * [`f507551`](https://github.com/npm/npm/commit/f507551)
|
4213 | `which@1.1.2`
|
4214 | ([@isaacs](https://github.com/isaacs))
|
4215 | * [`e5b6743`](https://github.com/npm/npm/commit/e5b6743)
|
4216 | `nopt@3.0.4`
|
4217 | ([@zkat](https://github.com/zkat))
|
4218 |
|
4219 | #### THE DEPENDENCIES OF OUR DEPENDENCIES ARE OUR DEPENDENCIES UPDATES
|
4220 |
|
4221 | * [`316382d`](https://github.com/npm/npm/commit/316382d)
|
4222 | `mime-types@2.1.6` & `mime-db@1.18.0`
|
4223 | * [`64b741e`](https://github.com/npm/npm/commit/64b741e)
|
4224 | `spdx-correct@1.0.1`
|
4225 | * [`fff62ac`](https://github.com/npm/npm/commit/fff62ac)
|
4226 | `process-nextick-args@1.0.3`
|
4227 | * [`9d6488c`](https://github.com/npm/npm/commit/9d6488c)
|
4228 | `cryptiles@2.0.5`
|
4229 | * [`1912012`](https://github.com/npm/npm/commit/1912012)
|
4230 | `bluebird@2.10.0`
|
4231 | * [`4d09402`](https://github.com/npm/npm/commit/4d09402)
|
4232 | `readdir-scoped-modules@1.0.2`
|
4233 |
|
4234 | ### v3.3.2 (2015-09-04):
|
4235 |
|
4236 | #### PLEASE HOLD FOR THE NEXT AVAILABLE MAINTAINER
|
4237 |
|
4238 | This is a tiny little maintenance release, both to update dependencies and to
|
4239 | keep `npm@3` up to date with changes made to `npm@2`.
|
4240 | [@othiym23](https://github.com/othiym23) is putting out this release (again) as
|
4241 | his esteemed colleague [@iarna](https://github.com/iarna) finishes relocating
|
4242 | herself, her family, and her sizable anime collection all the way across North
|
4243 | America. It contains [all the goodies in
|
4244 | `npm@2.14.3`](https://github.com/npm/npm/releases/tag/v2.14.3) and one other
|
4245 | dependency update.
|
4246 |
|
4247 | #### BETA WARNINGS FOR FUN AND PROFIT
|
4248 |
|
4249 | **_THIS IS BETA SOFTWARE_**. `npm@3` will remain in beta until we're
|
4250 | confident that it's stable and have assessed the effect of the breaking
|
4251 | changes on the community. During that time we will still be doing `npm@2`
|
4252 | releases, with `npm@2` tagged as `latest` and `next`. We'll _also_ be
|
4253 | publishing new releases of `npm@3` as `npm@v3.x-next` and `npm@v3.x-latest`
|
4254 | alongside those versions until we're ready to switch everyone over to
|
4255 | `npm@3`. We need your help to find and fix its remaining bugs. It's a
|
4256 | significant rewrite, so we are _sure_ there still significant bugs
|
4257 | remaining. So do us a solid and deploy it in non-critical CI environments
|
4258 | and for day-to-day use, but maybe don't use it for production maintenance or
|
4259 | frontline continuous deployment just yet.
|
4260 |
|
4261 | That said, it's getting there! It will be leaving beta very soon!
|
4262 |
|
4263 | #### ONE OTHER DEPENDENCY UPDATE
|
4264 |
|
4265 | * [`bb5de34`](https://github.com/npm/npm/commit/bb5de3493531228df0bd3f0742d5493c826be6dd)
|
4266 | `is-my-json-valid@2.12.2`: Upgrade to a new, modernized version of
|
4267 | `json-pointer`. ([@mafintosh](https://github.com/mafintosh))
|
4268 |
|
4269 | ### v3.3.1 (2015-08-27):
|
4270 |
|
4271 | Hi all, this `npm@3` update brings you another round of bug fixes. The
|
4272 | headliner here is that `npm update` works again. We're running down the
|
4273 | clock on blocker 3.x issues! Shortly after that hits zero we'll be
|
4274 | promoting 3.x to latest!!
|
4275 |
|
4276 | And of course, we have changes that were brought forward from 2.x. Check out
|
4277 | the release notes for
|
4278 | [2.14.1](https://github.com/npm/npm/releases/tag/v2.14.1) and
|
4279 | [2.14.2](https://github.com/npm/npm/releases/tag/v2.14.2).
|
4280 |
|
4281 | #### BETA WARNINGS FOR FUN AND PROFIT
|
4282 |
|
4283 | **_THIS IS BETA SOFTWARE_**. `npm@3` will remain in beta until we're
|
4284 | confident that it's stable and have assessed the effect of the breaking
|
4285 | changes on the community. During that time we will still be doing `npm@2`
|
4286 | releases, with `npm@2` tagged as `latest` and `next`. We'll _also_ be
|
4287 | publishing new releases of `npm@3` as `npm@v3.x-next` and `npm@v3.x-latest`
|
4288 | alongside those versions until we're ready to switch everyone over to
|
4289 | `npm@3`. We need your help to find and fix its remaining bugs. It's a
|
4290 | significant rewrite, so we are _sure_ there still significant bugs
|
4291 | remaining. So do us a solid and deploy it in non-critical CI environments
|
4292 | and for day-to-day use, but maybe don't use it for production maintenance or
|
4293 | frontline continuous deployment just yet.
|
4294 |
|
4295 | #### NPM UPDATE, NOW AGAIN YOUR FRIEND
|
4296 |
|
4297 | * [`f130a00`](https://github.com/npm/npm/commit/f130a00)
|
4298 | [#9095](https://github.com/npm/npm/issues/9095)
|
4299 | `npm update` once again works! Previously, after selecting packages
|
4300 | to update, it would then pick the wrong location to run the install
|
4301 | from. ([@iarna](https://github.com/iarna))
|
4302 |
|
4303 | #### MORE VERBOSING FOR YOUR VERBOSE LIFECYCLES
|
4304 |
|
4305 | * [`d088b7d`](https://github.com/npm/npm/commit/d088b7d)
|
4306 | [#9227](https://github.com/npm/npm/pull/9227)
|
4307 | Add some additional logging at the verbose and silly levels
|
4308 | when running lifecycle scripts. Hopefully this will make
|
4309 | debugging issues with them a bit easier!
|
4310 | ([@saper](https://github.com/saper))
|
4311 |
|
4312 | #### AND SOME OTHER BUG FIXES…
|
4313 |
|
4314 | * [`f4a5784`](https://github.com/npm/npm/commit/f4a5784)
|
4315 | [#9308](https://github.com/npm/npm/issues/9308)
|
4316 | Make fetching metadata for local modules faster! This ALSO means
|
4317 | that doing things like running `npm repo` won't build your
|
4318 | module and maybe run `prepublish`.
|
4319 | ([@iarna](https://github.com/iarna))
|
4320 |
|
4321 | * [`4468c92`](https://github.com/npm/npm/commit/4468c92)
|
4322 | [#9205](https://github.com/npm/npm/issues/9205)
|
4323 | Fix a bug where local modules would sometimes not resolve relative
|
4324 | links using the correct base path.
|
4325 | ([@iarna](https://github.com/iarna))
|
4326 |
|
4327 | * [`d395a6b`](https://github.com/npm/npm/commit/d395a6b)
|
4328 | [#8995](https://github.com/npm/npm/issues/8995)
|
4329 | Certain combinations of packages could result in different install orders for their
|
4330 | initial installation than for reinstalls run on the same folder.
|
4331 | ([@iarna](https://github.com/iarna))
|
4332 |
|
4333 | * [`d119ea6`](https://github.com/npm/npm/commit/d119ea6)
|
4334 | [#9113](https://github.com/npm/npm/issues/9113)
|
4335 | Make extraneous packages _always_ up in `npm ls`. Previously, if an
|
4336 | extraneous package had a dependency that depended back on the original
|
4337 | package this would result in the package not showing up in `ls`.
|
4338 | ([@iarna](https://github.com/iarna))
|
4339 |
|
4340 | * [`02420dc`](https://github.com/npm/npm/commit/02420dc)
|
4341 | [#9113](https://github.com/npm/npm/issues/9113)
|
4342 | Stop warning about missing top level package.json files. Errors in said
|
4343 | files will still be reported.
|
4344 | ([@iarna](https://github.com/iarna))
|
4345 |
|
4346 | #### SOME DEP UPDATES
|
4347 |
|
4348 | * [`1ed1364`](https://github.com/npm/npm/commit/1ed1364) `rimraf@2.4.3`
|
4349 | ([@isaacs](https://github.com/isaacs)) Added EPERM to delay/retry loop
|
4350 | * [`e7b8315`](https://github.com/npm/npm/commit/e7b8315) `read@1.0.7`
|
4351 | Smaller distribution package, better metadata
|
4352 | ([@isaacs](https://github.com/isaacs))
|
4353 |
|
4354 | #### SOME DEPS OF DEPS UPDATES
|
4355 |
|
4356 | * [`b273bcc`](https://github.com/npm/npm/commit/b273bcc) `mime-types@2.1.5`
|
4357 | * [`df6e225`](https://github.com/npm/npm/commit/df6e225) `mime-db@1.17.0`
|
4358 | * [`785f2ad`](https://github.com/npm/npm/commit/785f2ad) `is-my-json-valid@2.12.1`
|
4359 | * [`88170dd`](https://github.com/npm/npm/commit/88170dd) `form-data@1.0.0-rc3`
|
4360 | * [`af5357b`](https://github.com/npm/npm/commit/af5357b) `request@2.61.0`
|
4361 | * [`337f96a`](https://github.com/npm/npm/commit/337f96a) `chalk@1.1.1`
|
4362 | * [`3dfd74d`](https://github.com/npm/npm/commit/3dfd74d) `async@1.4.2`
|
4363 |
|
4364 | ### v3.3.0 (2015-08-13):
|
4365 |
|
4366 | This is a pretty EXCITING week. But I may be a little excitable– or
|
4367 | possibly sleep deprived, it's sometimes hard to tell them apart. =D So
|
4368 | [Kat](https://github.com/zkat) really went the extra mile this week and got
|
4369 | the client side support for teams and orgs out in this week's 2.x release.
|
4370 | You can't use that just yet, 'cause we have to turn on some server side
|
4371 | stuff too, but this way it'll be there for you all the moment we do! Check
|
4372 | out the details over in the [2.14.0 release
|
4373 | notes](https://github.com/npm/npm/releases/tag/v2.14.0)!
|
4374 |
|
4375 | But we over here in 3.x ALSO got a new feature this week, check out the new
|
4376 | `--only` and `--also` flags for better control over when dev and production
|
4377 | dependencies are used by various npm commands.
|
4378 |
|
4379 | That, and some important bug fixes round out this week. Enjoy everyone!
|
4380 |
|
4381 | #### NEVER SHALL NOT BETA THE BETA
|
4382 |
|
4383 | **_THIS IS BETA SOFTWARE_**. EXCITING NEW BETA WARNING!!! Ok, I fibbed,
|
4384 | EXACTLY THE SAME BETA WARNINGS: `npm@3` will remain in beta until we're
|
4385 | confident that it's stable and have assessed the effect of the breaking
|
4386 | changes on the community. During that time we will still be doing `npm@2`
|
4387 | releases, with `npm@2` tagged as `latest` and `next`. We'll _also_ be
|
4388 | publishing new releases of `npm@3` as `npm@v3.x-next` and `npm@v3.x-latest`
|
4389 | alongside those versions until we're ready to switch everyone over to
|
4390 | `npm@3`. We need your help to find and fix its remaining bugs. It's a
|
4391 | significant rewrite, so we are _sure_ there still significant bugs
|
4392 | remaining. So do us a solid and deploy it in non-critical CI environments
|
4393 | and for day-to-day use, but maybe don't use it for production maintenance or
|
4394 | frontline continuous deployment just yet.
|
4395 |
|
4396 | #### ONLY ALSO DEV
|
4397 |
|
4398 | Hey we've got a SUPER cool new feature for you all, thanks to the fantastic
|
4399 | work of [@davglass](https://github.com/davglass) and
|
4400 | [@bengl](https://github.com/bengl) we have `--only=prod`,
|
4401 | `--only=dev`, `--also=prod` and `--also=dev` options. These apply in
|
4402 | various ways to: `npm install`, `npm ls`, `npm outdated` and `npm update`.
|
4403 |
|
4404 | So for instance:
|
4405 |
|
4406 | ```
|
4407 | npm install --only=dev
|
4408 | ```
|
4409 |
|
4410 | Only installs dev dependencies. By contrast:
|
4411 |
|
4412 | ```
|
4413 | npm install --only=prod
|
4414 | ```
|
4415 |
|
4416 | Will only install prod dependencies and is very similar to `--production`
|
4417 | but differs in that it doesn't set the environment variables that
|
4418 | `--production` does.
|
4419 |
|
4420 | The related new flag, `--also` is most useful with things like:
|
4421 |
|
4422 | ```
|
4423 | npm shrinkwrap --also=dev
|
4424 | ```
|
4425 |
|
4426 | As shrinkwraps don't include dev deps by default. This replaces passing in
|
4427 | `--dev` in that scenario.
|
4428 |
|
4429 | And that leads into the fact that this deprecates `--dev` as its semantics
|
4430 | across commands were inconsistent and confusing.
|
4431 |
|
4432 | * [`3ab1eea`](https://github.com/npm/npm/commit/3ab1eea)
|
4433 | [#9024](https://github.com/npm/npm/pull/9024)
|
4434 | Add support for `--only`, `--also` and deprecate `--dev`
|
4435 | ([@bengl](https://github.com/bengl))
|
4436 |
|
4437 | #### DON'T TOUCH! THAT'S NOT YOUR BIN
|
4438 |
|
4439 | * [`b31812e`](https://github.com/npm/npm/commit/b31812e)
|
4440 | [#8996](https://github.com/npm/npm/pull/8996)
|
4441 | When removing a module that has bin files, if one that we're going to
|
4442 | remove is a symlink to a DIFFERENT module, leave it alone. This only happens
|
4443 | when you have two modules that try to provide the same bin.
|
4444 | ([@iarna](https://github.com/iarna))
|
4445 |
|
4446 | #### THERE'S AN END IN SIGHT
|
4447 |
|
4448 | * [`d2178a9`](https://github.com/npm/npm/commit/d2178a9)
|
4449 | [#9223](https://github.com/npm/npm/pull/9223)
|
4450 | Close a bunch of infinite loops that could show up with symlink cycles in your dependencies.
|
4451 | ([@iarna](https://github.com/iarna))
|
4452 |
|
4453 | #### OOPS DIDN'T MEAN TO FIX THAT
|
4454 |
|
4455 | Well, not _just_ yet. This was scheduled for next week, but it snuck into
|
4456 | 2.x this week.
|
4457 |
|
4458 | * [`139dd92`](https://github.com/npm/npm/commit/139dd92)
|
4459 | [#8716](https://github.com/npm/npm/pull/8716)
|
4460 | `npm init` will now only pick up the modules you install, not everything
|
4461 | else that got flattened with them.
|
4462 | ([@iarna](https://github.com/iarna))
|
4463 |
|
4464 | ### v3.2.2 (2015-08-08):
|
4465 |
|
4466 | Lot's of lovely bug fixes for `npm@3`. I'm also suuuuper excited that I
|
4467 | think we have a handle on stack explosions that effect a small portion of
|
4468 | our users. We also have some tantalizing clues as to where some low hanging
|
4469 | fruit may be for performance issues.
|
4470 |
|
4471 | And of course, in addition to the `npm@3` specific bug fixes, there are some
|
4472 | great one's coming in from `npm@2`! [@othiym23](https://github.com/othiym23)
|
4473 | put together that release this week– check out its
|
4474 | [release notes](https://github.com/npm/npm/releases/tag/v2.13.4) for the deets.
|
4475 |
|
4476 | #### AS ALWAYS STILL BETA
|
4477 |
|
4478 | **_THIS IS BETA SOFTWARE_**. Just like the airline safety announcements,
|
4479 | we're not taking this plane off till we finish telling you: `npm@3` will
|
4480 | remain in beta until we're confident that it's stable and have assessed the
|
4481 | effect of the breaking changes on the community. During that time we will
|
4482 | still be doing `npm@2` releases, with `npm@2` tagged as `latest` and `next`.
|
4483 | We'll _also_ be publishing new releases of `npm@3` as `npm@v3.x-next` and
|
4484 | `npm@v3.x-latest` alongside those versions until we're ready to switch
|
4485 | everyone over to `npm@3`. We need your help to find and fix its remaining
|
4486 | bugs. It's a significant rewrite, so we are _sure_ there still significant
|
4487 | bugs remaining. So do us a solid and deploy it in non-critical CI
|
4488 | environments and for day-to-day use, but maybe don't use it for production
|
4489 | maintenance or frontline continuous deployment just yet.
|
4490 |
|
4491 | #### BUG FIXES
|
4492 |
|
4493 | * [`a8c8a13`](https://github.com/npm/npm/commit/a8c8a13)
|
4494 | [#9050](https://github.com/npm/npm/issues/9050)
|
4495 | Resolve peer deps relative to the parent of the requirer
|
4496 | ([@iarna](http://github.com/iarna))
|
4497 | * [`05f0226`](https://github.com/npm/npm/commit/05f0226)
|
4498 | [#9077](https://github.com/npm/npm/issues/9077)
|
4499 | Fix crash when saving `git+ssh` urls
|
4500 | ([@iarna](http://github.com/iarna))
|
4501 | * [`e4a3808`](https://github.com/npm/npm/commit/e4a3808)
|
4502 | [#8951](https://github.com/npm/npm/issues/8951)
|
4503 | Extend our patch to allow `*` to match something when a package only has
|
4504 | prerelease versions to everything and not just the cache.
|
4505 | ([@iarna](http://github.com/iarna))
|
4506 | * [`d135abf`](https://github.com/npm/npm/commit/d135abf)
|
4507 | [#8871](https://github.com/npm/npm/issues/8871)
|
4508 | Don't warn about a missing `package.json` or missing fields in the global
|
4509 | install directory.
|
4510 | ([@iarna](http://github.com/iarna))
|
4511 |
|
4512 | #### DEP VERSION BUMPS
|
4513 |
|
4514 | * [`990ee4f`](https://github.com/npm/npm/commit/990ee4f)
|
4515 | `path-is-inside@1.0.1` ([@domenic](https://github.com/domenic))
|
4516 | * [`1f71ec0`](https://github.com/npm/npm/commit/1f71ec0)
|
4517 | `lodash.clonedeep@3.0.2` ([@jdalton](https://github.com/jdalton))
|
4518 | * [`a091354`](https://github.com/npm/npm/commit/a091354)
|
4519 | `marked@0.3.5` ([@chjj](https://github.com/chjj))
|
4520 | * [`fc51f28`](https://github.com/npm/npm/commit/fc51f28)
|
4521 | `tap@1.3.2` ([@isaacs](https://github.com/isaacs))
|
4522 | * [`3569ec0`](https://github.com/npm/npm/commit/3569ec0)
|
4523 | `nock@2.10.0` ([@pgte](https://github.com/pgte))
|
4524 | * [`ad5f6fd`](https://github.com/npm/npm/commit/ad5f6fd)
|
4525 | `npm-registry-mock@1.0.1` ([@isaacs](https://github.com/isaacs))
|
4526 |
|
4527 | ### v3.2.1 (2015-07-31):
|
4528 |
|
4529 | #### AN EXTRA QUIET RELEASE
|
4530 |
|
4531 | A bunch of stuff got deferred for various reasons, which just means more
|
4532 | branches to land next week!
|
4533 |
|
4534 | Don't forget to check out [Kat's 2.x release](https://github.com/npm/npm/releases/tag/v2.13.4) for other quiet goodies.
|
4535 |
|
4536 | #### AS ALWAYS STILL BETA
|
4537 |
|
4538 | **_THIS IS BETA SOFTWARE_**. Yes, we're still reminding you of this. No,
|
4539 | you can't be excused. `npm@3` will remain in beta until we're confident
|
4540 | that it's stable and have assessed the effect of the breaking changes on the
|
4541 | community. During that time we will still be doing `npm@2` releases, with
|
4542 | `npm@2` tagged as `latest` and `next`. We'll _also_ be publishing new
|
4543 | releases of `npm@3` as `npm@v3.x-next` and `npm@v3.x-latest` alongside those
|
4544 | versions until we're ready to switch everyone over to `npm@3`. We need your
|
4545 | help to find and fix its remaining bugs. It's a significant rewrite, so we
|
4546 | are _sure_ there still significant bugs remaining. So do us a solid and
|
4547 | deploy it in non-critical CI environments and for day-to-day use, but maybe
|
4548 | don't use it for production maintenance or frontline continuous deployment
|
4549 | just yet.
|
4550 |
|
4551 |
|
4552 | #### MAKING OUR TESTS TEST THE THING THEY TEST
|
4553 |
|
4554 | * [`6e53c3d`](https://github.com/npm/npm/commit/6e53c3d)
|
4555 | [#8985](https://github.com/npm/npm/pull/8985)
|
4556 | Many thanks to @bengl for noticing that one of our tests wasn't testing
|
4557 | what it claimed it was testing! ([@bengl](https://github.com/bengl))
|
4558 |
|
4559 | #### MY PACKAGE.JSON WAS ALREADY IN THE RIGHT ORDER
|
4560 |
|
4561 | * [`eb2c7aa`](https://github.com/npm/npm/commit/d00d0f)
|
4562 | [#9068](https://github.com/npm/npm/pull/9079)
|
4563 | Stop sorting keys in the `package.json` that we haven't edited. Many
|
4564 | thanks to [@Qix-](https://github.com/Qix-) for bringing this up and
|
4565 | providing a first pass at a patch for this.
|
4566 | ([@iarna](https://github.com/iarna))
|
4567 |
|
4568 | #### DEV DEP UPDATE
|
4569 |
|
4570 | * [`555f60c`](https://github.com/npm/npm/commit/555f60c) `marked@0.3.4`
|
4571 |
|
4572 | ### v3.2.0 (2015-07-24):
|
4573 |
|
4574 | #### MORE CONFIG, BETTER WINDOWS AND A BUG FIX
|
4575 |
|
4576 | This is a smallish release with a new config option and some bug fixes. And
|
4577 | lots of module updates.
|
4578 |
|
4579 | #### BETA BETAS ON
|
4580 |
|
4581 | **_THIS IS BETA SOFTWARE_**. Yes, we're still reminding you of this. No,
|
4582 | you can't be excused. `npm@3` will remain in beta until we're confident
|
4583 | that it's stable and have assessed the effect of the breaking changes on the
|
4584 | community. During that time we will still be doing `npm@2` releases, with
|
4585 | `npm@2` tagged as `latest` and `next`. We'll _also_ be publishing new
|
4586 | releases of `npm@3` as `npm@v3.x-next` and `npm@v3.x-latest` alongside those
|
4587 | versions until we're ready to switch everyone over to `npm@3`. We need your
|
4588 | help to find and fix its remaining bugs. It's a significant rewrite, so we
|
4589 | are _sure_ there still significant bugs remaining. So do us a solid and
|
4590 | deploy it in non-critical CI environments and for day-to-day use, but maybe
|
4591 | don't use it for production maintenance or frontline continuous deployment
|
4592 | just yet.
|
4593 |
|
4594 |
|
4595 | #### NEW CONFIGS, LESS PROGRESS
|
4596 |
|
4597 | * [`423d8f7`](https://github.com/npm/npm/commit/423d8f7)
|
4598 | [#8704](https://github.com/npm/npm/issues/8704)
|
4599 | Add the ability to disable the new progress bar with `--no-progress`
|
4600 | ([@iarna](https://github.com/iarna))
|
4601 |
|
4602 | #### AND BUG FIXES
|
4603 |
|
4604 | * [`b3ee452`](https://github.com/npm/npm/commit/b3ee452)
|
4605 | [#9038](https://github.com/npm/npm/pull/9038)
|
4606 | We previously disabled the use of the new `fs.access` API on Windows, but
|
4607 | the bug we were seeing is fixed in `io.js@1.5.0` so we now use `fs.access`
|
4608 | if you're using that version or greater.
|
4609 | ([@iarna](https://github.com/iarna))
|
4610 |
|
4611 | * [`b181fa3`](https://github.com/npm/npm/commit/b181fa3)
|
4612 | [#8921](https://github.com/npm/npm/issues/8921)
|
4613 | [#8637](https://github.com/npm/npm/issues/8637)
|
4614 | Rejigger how we validate modules for install. This allow is to fix
|
4615 | a problem where arch/os checking wasn't being done at all.
|
4616 | It also made it easy to add back in a check that declines to
|
4617 | install a module in itself unless you force it.
|
4618 | ([@iarna](https://github.com/iarna))
|
4619 |
|
4620 | #### AND A WHOLE BUNCH OF SUBDEP VERSIONS
|
4621 |
|
4622 | These are all development dependencies and semver-compatible subdep
|
4623 | upgrades, so they should not have visible impact on users.
|
4624 |
|
4625 | * [`6b3f6d9`](https://github.com/npm/npm/commit/6b3f6d9) `standard@4.3.3`
|
4626 | * [`f4e22e5`](https://github.com/npm/npm/commit/f4e22e5) `readable-stream@2.0.2` (inside concat-stream)
|
4627 | * [`f130bfc`](https://github.com/npm/npm/commit/f130bfc) `minimatch@2.0.10` (inside node-gyp's copy of glob)
|
4628 | * [`36c6a0d`](https://github.com/npm/npm/commit/36c6a0d) `caseless@0.11.0`
|
4629 | * [`80df59c`](https://github.com/npm/npm/commit/80df59c) `chalk@1.1.0`
|
4630 | * [`ea935d9`](https://github.com/npm/npm/commit/ea935d9) `bluebird@2.9.34`
|
4631 | * [`3588a0c`](https://github.com/npm/npm/commit/3588a0c) `extend@3.0.0`
|
4632 | * [`c6a8450`](https://github.com/npm/npm/commit/c6a8450) `form-data@1.0.0-rc2`
|
4633 | * [`a04925b`](https://github.com/npm/npm/commit/a04925b) `har-validator@1.8.0`
|
4634 | * [`ee7c095`](https://github.com/npm/npm/commit/ee7c095) `has-ansi@2.0.0`
|
4635 | * [`944fc34`](https://github.com/npm/npm/commit/944fc34) `hawk@3.1.0`
|
4636 | * [`783dc7b`](https://github.com/npm/npm/commit/783dc7b) `lodash._basecallback@3.3.1`
|
4637 | * [`acef0fe`](https://github.com/npm/npm/commit/acef0fe) `lodash._baseclone@3.3.0`
|
4638 | * [`dfe959a`](https://github.com/npm/npm/commit/dfe959a) `lodash._basedifference@3.0.3`
|
4639 | * [`a03bc76`](https://github.com/npm/npm/commit/a03bc76) `lodash._baseflatten@3.1.4`
|
4640 | * [`8a07d50`](https://github.com/npm/npm/commit/8a07d50) `lodash._basetostring@3.0.1`
|
4641 | * [`7785e3f`](https://github.com/npm/npm/commit/7785e3f) `lodash._baseuniq@3.0.3`
|
4642 | * [`826fb35`](https://github.com/npm/npm/commit/826fb35) `lodash._createcache@3.1.2`
|
4643 | * [`76030b3`](https://github.com/npm/npm/commit/76030b3) `lodash._createpadding@3.6.1`
|
4644 | * [`1a49ec6`](https://github.com/npm/npm/commit/1a49ec6) `lodash._getnative@3.9.1`
|
4645 | * [`eebe47f`](https://github.com/npm/npm/commit/eebe47f) `lodash.isarguments@3.0.4`
|
4646 | * [`09994d4`](https://github.com/npm/npm/commit/09994d4) `lodash.isarray@3.0.4`
|
4647 | * [`b6f8dbf`](https://github.com/npm/npm/commit/b6f8dbf) `lodash.keys@3.1.2`
|
4648 | * [`c67dd6b`](https://github.com/npm/npm/commit/c67dd6b) `lodash.pad@3.1.1`
|
4649 | * [`4add042`](https://github.com/npm/npm/commit/4add042) `lodash.repeat@3.0.1`
|
4650 | * [`e04993c`](https://github.com/npm/npm/commit/e04993c) `lru-cache@2.6.5`
|
4651 | * [`2ed7da4`](https://github.com/npm/npm/commit/2ed7da4) `mime-db@1.15.0`
|
4652 | * [`ae08244`](https://github.com/npm/npm/commit/ae08244) `mime-types@2.1.3`
|
4653 | * [`e71410e`](https://github.com/npm/npm/commit/e71410e) `os-homedir@1.0.1`
|
4654 | * [`67c13e0`](https://github.com/npm/npm/commit/67c13e0) `process-nextick-args@1.0.2`
|
4655 | * [`12ee041`](https://github.com/npm/npm/commit/12ee041) `qs@4.0.0`
|
4656 | * [`15564a6`](https://github.com/npm/npm/commit/15564a6) `spdx-license-ids@1.0.2`
|
4657 | * [`8733bff`](https://github.com/npm/npm/commit/8733bff) `supports-color@2.0.0`
|
4658 | * [`230943c`](https://github.com/npm/npm/commit/230943c) `tunnel-agent@0.4.1`
|
4659 | * [`26a4653`](https://github.com/npm/npm/commit/26a4653) `ansi-styles@2.1.0`
|
4660 | * [`3d27081`](https://github.com/npm/npm/commit/3d27081) `bl@1.0.0`
|
4661 | * [`9efa110`](https://github.com/npm/npm/commit/9efa110) `async@1.4.0`
|
4662 |
|
4663 | #### MERGED FORWARD
|
4664 |
|
4665 | * As usual, we've ported all the `npm@2` goodies in this week's
|
4666 | [v2.13.3](https://github.com/npm/npm/releases/tag/v2.13.3)
|
4667 | release.
|
4668 |
|
4669 | ### v3.1.3 (2015-07-17):
|
4670 |
|
4671 | Rebecca: So Kat, I hear this week's other release uses a dialog between us to
|
4672 | explain what changed?
|
4673 |
|
4674 | Kat: Well, you could say that…
|
4675 |
|
4676 | Rebecca: I would! This week I fixed more `npm@3` bugs!
|
4677 |
|
4678 | Kat: That sounds familiar.
|
4679 |
|
4680 | Rebecca: Eheheheh, well, before we look at those, a word from our sponsor…
|
4681 |
|
4682 | #### BETA IS AS BETA DOES
|
4683 |
|
4684 | **_THIS IS BETA SOFTWARE_**. Yes, we're still reminding you of this. No,
|
4685 | you can't be excused. `npm@3` will remain in beta until we're confident
|
4686 | that it's stable and have assessed the effect of the breaking changes on the
|
4687 | community. During that time we will still be doing `npm@2` releases, with
|
4688 | `npm@2` tagged as `latest` and `next`. We'll _also_ be publishing new
|
4689 | releases of `npm@3` as `npm@v3.x-next` and `npm@v3.x-latest` alongside those
|
4690 | versions until we're ready to switch everyone over to `npm@3`. We need your
|
4691 | help to find and fix its remaining bugs. It's a significant rewrite, so we
|
4692 | are _sure_ there still significant bugs remaining. So do us a solid and
|
4693 | deploy it in non-critical CI environments and for day-to-day use, but maybe
|
4694 | don't use it for production maintenance or frontline continuous deployment
|
4695 | just yet.
|
4696 |
|
4697 | Rebecca: Ok, enough of the dialoguing, that's Kat's schtick. But do remember
|
4698 | kids, betas hide in dark hallways waiting to break your stuff, stuff like…
|
4699 |
|
4700 | #### SO MANY LINKS YOU COULD MAKE A CHAIN
|
4701 |
|
4702 | * [`6d69ec9`](https://github.com/npm/npm/6d69ec9)
|
4703 | [#8967](https://github.com/npm/npm/issues/8967)
|
4704 | Removing a module linked into your globals would result in having
|
4705 | all of its subdeps removed. Since the npm release process does
|
4706 | exactly this, it burned me -every- -single- -week-. =D
|
4707 | While we're here, we also removed extraneous warns that used to
|
4708 | spill out when you'd remove a symlink.
|
4709 | ([@iarna](https://github.com/iarna))
|
4710 |
|
4711 | * [`fdb360f`](https://github.com/npm/npm/fdb360f)
|
4712 | [#8874](https://github.com/npm/npm/issues/8874)
|
4713 | Linking scoped modules was failing outright, but this fixes that
|
4714 | and updates our tests so we don't do it again.
|
4715 | ([@iarna](https://github.com/iarna))
|
4716 |
|
4717 | #### WE'LL TRY NOT TO CRACK YOUR WINDOWS
|
4718 |
|
4719 | * [`9fafb18`](https://github.com/npm/npm/9fafb18)
|
4720 | [#8701](https://github.com/npm/npm/issues/8701)
|
4721 | `npm@3` introduced permissions checks that run before it actually tries to
|
4722 | do something. This saves you from having an install fail half way
|
4723 | through. We did this using the shiny new `fs.access` function available
|
4724 | in `node 0.12` and `io.js`, with fallback options for older nodes. Unfortunately
|
4725 | the way we implemented the fallback caused racey problems for Windows systems.
|
4726 | This fixes that by ensuring we only ever run any one check on a directory once.
|
4727 | BUT it turns out there are bugs in `fs.access` on Windows. So this ALSO just disables
|
4728 | the use of `fs.access` on Windows entirely until that settles out.
|
4729 | ([@iarna](https://github.com/iarna))
|
4730 |
|
4731 | #### ZOOM ZOOM, DEP UPDATES
|
4732 |
|
4733 | * [`5656baa`](https://github.com/npm/npm/5656baa)
|
4734 | `gauge@1.2.2`: Better handle terminal resizes while printing the progress bar
|
4735 | ([@iarna](https://github.com/iarna))
|
4736 |
|
4737 | #### MERGED FORWARD
|
4738 |
|
4739 | * Check out Kat's [super-fresh release notes for v2.13.2](https://github.com/npm/npm/releases/tag/v2.13.2)
|
4740 | and see all the changes we ported from `npm@2`.
|
4741 |
|
4742 | ### v3.1.2
|
4743 |
|
4744 | #### SO VERY BETA RELEASE
|
4745 |
|
4746 | So, `v3.1.1` managed to actually break installing local modules. And then
|
4747 | immediately after I drove to an island for the weekend. 😁 So let's get
|
4748 | this fixed outside the usual release train!
|
4749 |
|
4750 | Fortunately it didn't break installing _global_ modules and so you could
|
4751 | swap it out for another version at least.
|
4752 |
|
4753 | #### DISCLAIMER MEANS WHAT IT SAYS
|
4754 |
|
4755 | **_THIS IS BETA SOFTWARE_**. Yes, we're still reminding you of this. No,
|
4756 | you can't be excused. `npm@3` will remain in beta until we're confident
|
4757 | that it's stable and have assessed the effect of the breaking changes on the
|
4758 | community. During that time we will still be doing `npm@2` releases, with
|
4759 | `npm@2` tagged as `latest` and `next`. We'll _also_ be publishing new
|
4760 | releases of `npm@3` as `npm@v3.x-next` and `npm@v3.x-latest` alongside those
|
4761 | versions until we're ready to switch everyone over to `npm@3`. We need your
|
4762 | help to find and fix its remaining bugs. It's a significant rewrite, so we
|
4763 | are _sure_ there still significant bugs remaining. So do us a solid and
|
4764 | deploy it in non-critical CI environments and for day-to-day use, but maybe
|
4765 | don't use it for production maintenance or frontline continuous deployment
|
4766 | just yet.
|
4767 |
|
4768 | #### THIS IS IT, THE REASON
|
4769 |
|
4770 | * [`f5e19df`](https://github.com/npm/npm/commit/f5e19df)
|
4771 | [#8893](https://github.com/npm/npm/issues/8893)
|
4772 | Fix crash when installing local modules introduced by the fix for
|
4773 | [#8608](https://github.com/npm/npm/issues/8608)
|
4774 | ([@iarna](https://github.com/iarna)
|
4775 |
|
4776 | ### v3.1.1
|
4777 |
|
4778 | #### RED EYE RELEASE
|
4779 |
|
4780 | Rebecca's up too late writing tests, so you can have `npm@3` bug fixes! Lots
|
4781 | of great new issues from you all! ❤️️ Keep it up!
|
4782 |
|
4783 | #### YUP STILL BETA, PLEASE PAY ATTENTION
|
4784 |
|
4785 | **_THIS IS BETA SOFTWARE_**. Yes, we're still reminding you of this. No,
|
4786 | you can't be excused. `npm@3` will remain in beta until we're confident
|
4787 | that it's stable and have assessed the effect of the breaking changes on the
|
4788 | community. During that time we will still be doing `npm@2` releases, with
|
4789 | `npm@2` tagged as `latest` and `next`. We'll _also_ be publishing new
|
4790 | releases of `npm@3` as `npm@v3.x-next` and `npm@v3.x-latest` alongside those
|
4791 | versions until we're ready to switch everyone over to `npm@3`. We need your
|
4792 | help to find and fix its remaining bugs. It's a significant rewrite, so we
|
4793 | are _sure_ there still significant bugs remaining. So do us a solid and
|
4794 | deploy it in non-critical CI environments and for day-to-day use, but maybe
|
4795 | don't use it for production maintenance or frontline continuous deployment
|
4796 | just yet.
|
4797 |
|
4798 | #### BOOGS
|
4799 |
|
4800 | * [`9badfd6`](https://github.com/npm/npm/commit/9babfd63f19f2d80b2d2624e0963b0bdb0d76ef4)
|
4801 | [#8608](https://github.com/npm/npm/issues/8608)
|
4802 | Make global installs and uninstalls MUCH faster by only reading the directories of
|
4803 | modules referred to by arguments.
|
4804 | ([@iarna](https://github.com/iarna)
|
4805 | * [`075a5f0`](https://github.com/npm/npm/commit/075a5f046ab6837f489b08d44cb601e9fdb369b7)
|
4806 | [#8660](https://github.com/npm/npm/issues/8660)
|
4807 | Failed optional deps would still result in the optional deps own
|
4808 | dependencies being installed. We now find them and fail them out of the
|
4809 | tree.
|
4810 | ([@iarna](https://github.com/iarna)
|
4811 | * [`c9fbbb5`](https://github.com/npm/npm/commit/c9fbbb540083396ea58fd179d81131d959d8e049)
|
4812 | [#8863](https://github.com/npm/npm/issues/8863)
|
4813 | The "no compatible version found" error message was including only the
|
4814 | version requested, not the name of the package we wanted. Ooops!
|
4815 | ([@iarna](https://github.com/iarna)
|
4816 | * [`32e6bbd`](https://github.com/npm/npm/commit/32e6bbd21744dcbe8c0720ab53f60caa7f2a0588)
|
4817 | [#8806](https://github.com/npm/npm/issues/8806)
|
4818 | The "uninstall" lifecycle was being run after all of a module's dependencies has been
|
4819 | removed. This reverses that order-- this means "uninstall" lifecycles can make use
|
4820 | of the package's dependencies.
|
4821 | ([@iarna](https://github.com/iarna)
|
4822 |
|
4823 | #### MERGED FORWARD
|
4824 |
|
4825 | * Check out the [v2.13.1 release notes](https://github.com/npm/npm/releases/tag/v2.13.1)
|
4826 | and see all the changes we ported from `npm@2`.
|
4827 |
|
4828 | ### v3.1.0 (2015-07-02):
|
4829 |
|
4830 | This has been a brief week of bug fixes, plus some fun stuff merged forward
|
4831 | from this weeks 2.x release. See the
|
4832 | [2.13.0 release notes](https://github.com/npm/npm/releases/tag/v2.13.0)
|
4833 | for details on that.
|
4834 |
|
4835 | You all have been AWESOME with
|
4836 | [all](https://github.com/npm/npm/milestones/3.x)
|
4837 | [the](https://github.com/npm/npm/milestones/3.2.0)
|
4838 | `npm@3` bug reports! Thank you and keep up the great work!
|
4839 |
|
4840 | #### NEW PLACE, SAME CODE
|
4841 |
|
4842 | Remember how last week we said `npm@3` would go to `3.0-next` and latest
|
4843 | tags? Yeaaah, no, please use `npm@v3.x-next` and `npm@v3.x-latest` going forward.
|
4844 |
|
4845 | I dunno why we said "suuure, we'll never do a feature release till we're out
|
4846 | of beta" when we're still forward porting `npm@2.x` features. `¯\_(ツ)_/¯`
|
4847 |
|
4848 | If you do accidentally use the old tag names, I'll be maintaining them
|
4849 | for a few releases, but they won't be around forever.
|
4850 |
|
4851 | #### YUP STILL BETA, PLEASE PAY ATTENTION
|
4852 |
|
4853 | **_THIS IS BETA SOFTWARE_**. `npm@3` will remain in beta until we're
|
4854 | confident that it's stable and have assessed the effect of the breaking
|
4855 | changes on the community. During that time we will still be doing `npm@2`
|
4856 | releases, with `npm@2` tagged as `latest` and `next`. We'll _also_ be
|
4857 | publishing new releases of `npm@3` as `npm@v3.x-next` and `npm@v3.x-latest`
|
4858 | alongside those versions until we're ready to switch everyone over to
|
4859 | `npm@3`. We need your help to find and fix its remaining bugs. It's a
|
4860 | significant rewrite, so we are _sure_ there still significant bugs
|
4861 | remaining. So do us a solid and deploy it in non-critical CI environments
|
4862 | and for day-to-day use, but maybe don't use it for production maintenance
|
4863 | or frontline continuous deployment just yet.
|
4864 |
|
4865 | #### BUGS ON THE WINDOWS
|
4866 |
|
4867 | * [`0030ade`](https://github.com/npm/npm/commit/0030ade)
|
4868 | [#8685](https://github.com/npm/npm/issues/8685)
|
4869 | Windows would hang when trying to clone git repos
|
4870 | ([@euprogramador](https://github.com/npm/npm/pull/8777))
|
4871 | * [`b259bcc`](https://github.com/npm/npm/commit/b259bcc)
|
4872 | [#8786](https://github.com/npm/npm/pull/8786)
|
4873 | Windows permissions checks would cause installations to fail under some
|
4874 | circumstances. We're disabling the checks entirely for this release.
|
4875 | I'm hoping to check back with this next week to get a Windows friendly
|
4876 | fix in.
|
4877 | ([@iarna](https://github.com/iarna))
|
4878 |
|
4879 | #### SO MANY BUGS SQUASHED, JUST CALL US RAID
|
4880 |
|
4881 | * [`0848698`](https://github.com/npm/npm/commit/0848698)
|
4882 | [#8686](https://github.com/npm/npm/pull/8686)
|
4883 | Stop leaving progress bar cruft on the screen during publication
|
4884 | ([@ajcrites](https://github.com/ajcrites))
|
4885 | * [`57c3cea`](https://github.com/npm/npm/commit/57c3cea)
|
4886 | [#8695](https://github.com/npm/npm/pull/8695)
|
4887 | Remote packages with shrinkwraps made npm cause node + iojs to explode
|
4888 | and catch fire. NO MORE.
|
4889 | ([@iarna](https://github.com/iarna))
|
4890 | * [`2875ba3`](https://github.com/npm/npm/commit/2875ba3)
|
4891 | [#8723](https://github.com/npm/npm/pull/8723)
|
4892 | I uh, told you that engineStrict checking had gone away last week.
|
4893 | TURNS OUT I LIED. So this is making that actually be true.
|
4894 | ([@iarna](https://github.com/iarna))
|
4895 | * [`28064e5`](https://github.com/npm/npm/commit/28064e5)
|
4896 | [#3358](https://github.com/npm/npm/issues/3358)
|
4897 | Consistently allow Unicode BOMs at the start of package.json files.
|
4898 | Previously this was allowed some of time, like when you were installing
|
4899 | modules, but not others, like running npm version or installing w/
|
4900 | `--save`.
|
4901 | ([@iarna](https://github.com/iarna))
|
4902 | * [`3cb6ad2`](https://github.com/npm/npm/commit/3cb6ad2)
|
4903 | [#8736](https://github.com/npm/npm/issues/8766)
|
4904 | `npm@3` wasn't running the "install" lifecycle in your current (toplevel)
|
4905 | module. This broke modules that relied on C compilation. BOO.
|
4906 | ([@iarna](https://github.com/iarna))
|
4907 | * [`68da583`](https://github.com/npm/npm/commit/68da583)
|
4908 | [#8766](https://github.com/npm/npm/issues/8766)
|
4909 | To my great shame, `npm link package` wasn't working AT ALL if you
|
4910 | didn't have `package` already installed.
|
4911 | ([@iarna](https://github.com/iarna))
|
4912 | * [`edd7448`](https://github.com/npm/npm/commit/edd7448)
|
4913 | `read-package-tree@5.0.0`: This update makes read-package-tree not explode
|
4914 | when there's bad data in your node_modules folder. `npm@2` silently
|
4915 | ignores this sort of thing.
|
4916 | ([@iarna](https://github.com/iarna))
|
4917 | * [`0bb08c8`](https://github.com/npm/npm/commit/0bb08c8)
|
4918 | [#8778](https://github.com/npm/npm/pull/8778)
|
4919 | RELATEDLY, we now show any errors from your node_modules folder after
|
4920 | your installation completes as warnings. We're also reporting these in
|
4921 | `npm ls` now.
|
4922 | ([@iarna](https://github.com/iarna))
|
4923 | * [`6c248ff`](https://github.com/npm/npm/commit/6c248ff)
|
4924 | [#8779](https://github.com/npm/npm/pull/8779)
|
4925 | Hey, you know how we used to complain if your `package.json` was
|
4926 | missing stuff? Well guess what, we are again. I know, I know, you can
|
4927 | thank me later.
|
4928 | ([@iarna](https://github.com/iarna))
|
4929 | * [`d6f7c98`](https://github.com/npm/npm/commit/d6f7c98)
|
4930 | So, when we were rolling back after errors we had untested code that
|
4931 | tried to undo moves. Being untested it turns out it was very broken.
|
4932 | I've removed it until we have time to do this right.
|
4933 | ([@iarna](https://github.com/iarna))
|
4934 |
|
4935 | #### NEW VERSION
|
4936 |
|
4937 | Just the one. Others came in via the 2.x release. Do check out its
|
4938 | changelog, immediately following this message.
|
4939 |
|
4940 | * [`4e602c5`](https://github.com/npm/npm/commit/4e602c5) `lodash@3.2.2`
|
4941 |
|
4942 | ### v3.0.0 (2015-06-25):
|
4943 |
|
4944 | Wow, it's finally here! This has been a long time coming. We are all
|
4945 | delighted and proud to be getting this out into the world, and are looking
|
4946 | forward to working with the npm user community to get it production-ready
|
4947 | as quickly as possible.
|
4948 |
|
4949 | `npm@3` constitutes a nearly complete rewrite of npm's installer to be
|
4950 | easier to maintain, and to bring a bunch of valuable new features and
|
4951 | design improvements to you all.
|
4952 |
|
4953 | [@othiym23](https://github.com/othiym23) and
|
4954 | [@isaacs](https://github.com/isaacs) have been
|
4955 | [talking about the changes](http://blog.npmjs.org/post/91303926460/npm-cli-roadmap-a-periodic-update)
|
4956 | in this release for well over a year, and it's been the primary focus of
|
4957 | [@iarna](https://github.com/iarna) since she joined the team.
|
4958 |
|
4959 | Given that this is a near-total rewrite, all changes listed here are
|
4960 | [@iarna](https://github.com/iarna)'s work unless otherwise specified.
|
4961 |
|
4962 | #### NO, REALLY, READ THIS PARAGRAPH. IT'S THE IMPORTANT ONE.
|
4963 |
|
4964 | **_THIS IS BETA SOFTWARE_**. `npm@3` will remain in beta until we're
|
4965 | confident that it's stable and have assessed the effect of the breaking
|
4966 | changes on the community. During that time we will still be doing `npm@2`
|
4967 | releases, with `npm@2` tagged as `latest` and `next`. We'll _also_ be
|
4968 | publishing new releases of `npm@3` as `npm@3.0-next` and `npm@3.0-latest`
|
4969 | alongside those versions until we're ready to switch everyone over to
|
4970 | `npm@3`. We need your help to find and fix its remaining bugs. It's a
|
4971 | significant rewrite, so we are _sure_ there still significant bugs
|
4972 | remaining. So do us a solid and deploy it in non-critical CI environments
|
4973 | and for day-to-day use, but maybe don't use it for production maintenance
|
4974 | or frontline continuous deployment just yet.
|
4975 |
|
4976 | #### BREAKING CHANGES
|
4977 |
|
4978 | ##### `peerDependencies`
|
4979 |
|
4980 | `grunt`, `gulp`, and `broccoli` plugin maintainers take note! You will be
|
4981 | affected by this change!
|
4982 |
|
4983 | * [#6930](https://github.com/npm/npm/issues/6930)
|
4984 | ([#6565](https://github.com/npm/npm/issues/6565))
|
4985 | `peerDependencies` no longer cause _anything_ to be implicitly installed.
|
4986 | Instead, npm will now warn if a packages `peerDependencies` are missing,
|
4987 | but it's up to the consumer of the module (i.e. you) to ensure the peers
|
4988 | get installed / are included in `package.json` as direct `dependencies`
|
4989 | or `devDependencies` of your package.
|
4990 | * [#3803](https://github.com/npm/npm/issues/3803)
|
4991 | npm also no longer checks `peerDependencies` until after it has fully
|
4992 | resolved the tree.
|
4993 |
|
4994 | This shifts the responsibility for fulfilling peer dependencies from library
|
4995 | / framework / plugin maintainers to application authors, and is intended to
|
4996 | get users out of the dependency hell caused by conflicting `peerDependency`
|
4997 | constraints. npm's job is to keep you _out_ of dependency hell, not put you
|
4998 | in it.
|
4999 |
|
5000 | ##### `engineStrict`
|
5001 |
|
5002 | * [#6931](https://github.com/npm/npm/issues/6931) The rarely-used
|
5003 | `package.json` option `engineStrict` has been deprecated for several
|
5004 | months, producing warnings when it was used. Starting with `npm@3`, the
|
5005 | value of the field is ignored, and engine violations will only produce
|
5006 | warnings. If you, as a user, want strict `engines` field enforcement,
|
5007 | just run `npm config set engine-strict true`.
|
5008 |
|
5009 | As with the peer dependencies change, this is about shifting control from
|
5010 | module authors to application authors. It turns out `engineStrict` was very
|
5011 | difficult to understand even harder to use correctly, and more often than
|
5012 | not just made modules using it difficult to deploy.
|
5013 |
|
5014 | ##### `npm view`
|
5015 |
|
5016 | * [`77f1aec`](https://github.com/npm/npm/commit/77f1aec) With `npm view` (aka
|
5017 | `npm info`), always return arrays for versions, maintainers, etc. Previously
|
5018 | npm would return a plain value if there was only one, and multiple values if
|
5019 | there were more. ([@KenanY](https://github.com/KenanY))
|
5020 |
|
5021 | #### KNOWN BUGS
|
5022 |
|
5023 | Again, this is a _**BETA RELEASE**_, so not everything is working just yet.
|
5024 | Here are the issues that we already know about. If you run into something
|
5025 | that isn't on this list,
|
5026 | [let us know](https://github.com/npm/npm/issues/new)!
|
5027 |
|
5028 | * [#8575](https://github.com/npm/npm/issues/8575)
|
5029 | Circular deps will never be removed by the prune-on-uninstall code.
|
5030 | * [#8588](https://github.com/npm/npm/issues/8588)
|
5031 | Local deps where the dep name and the name in the package.json differ
|
5032 | don't result in an error.
|
5033 | * [#8637](https://github.com/npm/npm/issues/8637)
|
5034 | Modules can install themselves as direct dependencies. `npm@2` declined to
|
5035 | do this.
|
5036 | * [#8660](https://github.com/npm/npm/issues/8660)
|
5037 | Dependencies of failed optional dependencies aren't rolled back when the
|
5038 | optional dependency is, and then are reported as extraneous thereafter.
|
5039 |
|
5040 | #### NEW FEATURES
|
5041 |
|
5042 | ##### The multi-stage installer!
|
5043 |
|
5044 | * [#5919](https://github.com/npm/npm/issues/5919)
|
5045 | Previously the installer had a set of steps it executed for each package
|
5046 | and it would immediately start executing them as soon as it decided to
|
5047 | act on a package.
|
5048 |
|
5049 | But now it executes each of those steps at the same time for all
|
5050 | packages, waiting for all of one stage to complete before moving on. This
|
5051 | eliminates many race conditions and makes the code easier to reason
|
5052 | about.
|
5053 |
|
5054 | This fixes, for instance:
|
5055 |
|
5056 | * [#6926](https://github.com/npm/npm/issues/6926)
|
5057 | ([#5001](https://github.com/npm/npm/issues/5001),
|
5058 | [#6170](https://github.com/npm/npm/issues/6170))
|
5059 | `install` and `postinstall` lifecycle scripts now only execute `after`
|
5060 | all the module with the script's dependencies are installed.
|
5061 |
|
5062 | ##### Install: it looks different!
|
5063 |
|
5064 | You'll now get a tree much like the one produced by `npm ls` that
|
5065 | highlights in orange the packages that were installed. Similarly, any
|
5066 | removed packages will have their names prefixed by a `-`.
|
5067 |
|
5068 | Also, `npm outdated` used to include the name of the module in the
|
5069 | `Location` field:
|
5070 |
|
5071 | ```
|
5072 | Package Current Wanted Latest Location
|
5073 | deep-equal MISSING 1.0.0 1.0.0 deep-equal
|
5074 | glob 4.5.3 4.5.3 5.0.10 rimraf > glob
|
5075 | ```
|
5076 |
|
5077 | Now it shows the module that required it as the final point in the
|
5078 | `Location` field:
|
5079 |
|
5080 | ```
|
5081 | Package Current Wanted Latest Location
|
5082 | deep-equal MISSING 1.0.0 1.0.0 npm
|
5083 | glob 4.5.3 4.5.3 5.0.10 npm > rimraf
|
5084 | ```
|
5085 |
|
5086 | Previously the `Location` field was telling you where the module was on
|
5087 | disk. Now it tells you what requires the module. When more than one thing
|
5088 | requires the module you'll see it listed once for each thing requiring it.
|
5089 |
|
5090 | ##### Install: it works different!
|
5091 |
|
5092 | * [#6928](https://github.com/npm/npm/issues/6928)
|
5093 | ([#2931](https://github.com/npm/npm/issues/2931)
|
5094 | [#2950](https://github.com/npm/npm/issues/2950))
|
5095 | `npm install` when you have an `npm-shrinkwrap.json` will ensure you have
|
5096 | the modules specified in it are installed in exactly the shape specified
|
5097 | no matter what you had when you started.
|
5098 | * [#6913](https://github.com/npm/npm/issues/6913)
|
5099 | ([#1341](https://github.com/npm/npm/issues/1341)
|
5100 | [#3124](https://github.com/npm/npm/issues/3124)
|
5101 | [#4956](https://github.com/npm/npm/issues/4956)
|
5102 | [#6349](https://github.com/npm/npm/issues/6349)
|
5103 | [#5465](https://github.com/npm/npm/issues/5465))
|
5104 | `npm install` when some of your dependencies are missing sub-dependencies
|
5105 | will result in those sub-dependencies being installed. That is, `npm
|
5106 | install` now knows how to fix broken installs, most of the time.
|
5107 | * [#5465](https://github.com/npm/npm/issues/5465)
|
5108 | If you directly `npm install` a module that's already a subdep of
|
5109 | something else and your new version is incompatible, it will now install
|
5110 | the previous version nested in the things that need it.
|
5111 | * [`a2b50cf`](https://github.com/npm/npm/commit/a2b50cf)
|
5112 | [#5693](https://github.com/npm/npm/issues/5693)
|
5113 | When installing a new module, if it's mentioned in your
|
5114 | `npm-shrinkwrap.json` or your `package.json` use the version specifier
|
5115 | from there if you didn't specify one yourself.
|
5116 |
|
5117 | ##### Flat, flat, flat!
|
5118 |
|
5119 | Your dependencies will now be installed *maximally flat*. Insofar as is
|
5120 | possible, all of your dependencies, and their dependencies, and THEIR
|
5121 | dependencies will be installed in your project's `node_modules` folder with no
|
5122 | nesting. You'll only see modules nested underneath one another when two (or
|
5123 | more) modules have conflicting dependencies.
|
5124 |
|
5125 | * [#3697](https://github.com/npm/npm/issues/3697)
|
5126 | This will hopefully eliminate most cases where Windows users ended up
|
5127 | with paths that were too long for Explorer and other standard tools to
|
5128 | deal with.
|
5129 | * [#6912](https://github.com/npm/npm/issues/6912)
|
5130 | ([#4761](https://github.com/npm/npm/issues/4761)
|
5131 | [#4037](https://github.com/npm/npm/issues/4037))
|
5132 | This also means that your installs will be deduped from the start.
|
5133 | * [#5827](https://github.com/npm/npm/issues/5827)
|
5134 | This deduping even extends to git deps.
|
5135 | * [#6936](https://github.com/npm/npm/issues/6936)
|
5136 | ([#5698](https://github.com/npm/npm/issues/5698))
|
5137 | Various commands are dedupe aware now.
|
5138 |
|
5139 | This has some implications for the behavior of other commands:
|
5140 |
|
5141 | * `npm uninstall` removes any dependencies of the module that you specified
|
5142 | that aren't required by any other module. Previously, it would only
|
5143 | remove those that happened to be installed under it, resulting in left
|
5144 | over cruft if you'd ever deduped.
|
5145 | * `npm ls` now shows you your dependency tree organized around what
|
5146 | requires what, rather than where those modules are on disk.
|
5147 | * [#6937](https://github.com/npm/npm/issues/6937)
|
5148 | `npm dedupe` now flattens the tree in addition to deduping.
|
5149 |
|
5150 | And bundling of dependencies when packing or publishing changes too:
|
5151 |
|
5152 | * [#2442](https://github.com/npm/npm/issues/2442)
|
5153 | bundledDependencies no longer requires that you specify deduped sub deps.
|
5154 | npm can now see that a dependency is required by something bundled and
|
5155 | automatically include it. To put that another way, bundledDependencies
|
5156 | should ONLY include things that you included in dependencies,
|
5157 | optionalDependencies or devDependencies.
|
5158 | * [#5437](https://github.com/npm/npm/issues/5437)
|
5159 | When bundling a dependency that's both a `devDependency` and the child of
|
5160 | a regular `dependency`, npm bundles the child dependency.
|
5161 |
|
5162 | As a demonstration of our confidence in our own work, npm's own
|
5163 | dependencies are now flattened, deduped, and bundled in the `npm@3` style.
|
5164 | This means that `npm@3` can't be packed or published by `npm@2`, which is
|
5165 | something to be aware of if you're hacking on npm.
|
5166 |
|
5167 | ##### Shrinkwraps: they are a-changin'!
|
5168 |
|
5169 | First of all, they should be idempotent now
|
5170 | ([#5779](https://github.com/npm/npm/issues/5779)). No more differences
|
5171 | because the first time you install (without `npm-shrinkwrap.json`) and the
|
5172 | second time (with `npm-shrinkwrap.json`).
|
5173 |
|
5174 | * [#6781](https://github.com/npm/npm/issues/6781)
|
5175 | Second, if you save your changes to `package.json` and you have
|
5176 | `npm-shrinkwrap.json`, then it will be updated as well. This applies to
|
5177 | all of the commands that update your tree:
|
5178 | * `npm install --save`
|
5179 | * `npm update --save`
|
5180 | * `npm dedupe --save` ([#6410](https://github.com/npm/npm/issues/6410))
|
5181 | * `npm uninstall --save`
|
5182 | * [#4944](https://github.com/npm/npm/issues/4944)
|
5183 | ([#5161](https://github.com/npm/npm/issues/5161)
|
5184 | [#5448](https://github.com/npm/npm/issues/5448))
|
5185 | Third, because `node_modules` folders are now deduped and flat,
|
5186 | shrinkwrap has to also be smart enough to handle this.
|
5187 |
|
5188 | And finally, enjoy this shrinkwrap bug fix:
|
5189 |
|
5190 | * [#3675](https://github.com/npm/npm/issues/3675)
|
5191 | When shrinkwrapping a dependency that's both a `devDependency` and the
|
5192 | child of a regular `dependency`, npm now correctly includes the child.
|
5193 |
|
5194 | ##### The Age of Progress (Bars)!
|
5195 |
|
5196 | * [#6911](https://github.com/npm/npm/issues/6911)
|
5197 | ([#1257](https://github.com/npm/npm/issues/1257)
|
5198 | [#5340](https://github.com/npm/npm/issues/5340)
|
5199 | [#6420](https://github.com/npm/npm/issues/6420))
|
5200 | The spinner is gone (yay? boo? will you miss it?), and in its place npm
|
5201 | has _progress bars_, so you actually have some sense of how long installs
|
5202 | will take. It's provided in Unicode and non-Unicode variants, and Unicode
|
5203 | support is automatically detected from your environment.
|
5204 |
|
5205 | #### TINY JEWELS
|
5206 |
|
5207 | The bottom is where we usually hide the less interesting bits of each
|
5208 | release, but each of these are small but incredibly useful bits of this
|
5209 | release, and very much worth checking out:
|
5210 |
|
5211 | * [`9ebe312`](https://github.com/npm/npm/commit/9ebe312)
|
5212 | Build system maintainers, rejoice: npm does a better job of cleaning up
|
5213 | after itself in your temporary folder.
|
5214 | * [#6942](https://github.com/npm/npm/issues/6942)
|
5215 | Check for permissions issues prior to actually trying to install
|
5216 | anything.
|
5217 | * Emit warnings at the end of the installation when possible, so that
|
5218 | they'll be on your screen when npm stops.
|
5219 | * [#3505](https://github.com/npm/npm/issues/3505)
|
5220 | `npm --dry-run`: You can now ask that npm only report what it _would have
|
5221 | done_ with the new `--dry-run` flag. This can be passed to any of the
|
5222 | commands that change your `node_modules` folder: `install`, `uninstall`,
|
5223 | `update` and `dedupe`.
|
5224 | * [`81b46fb`](https://github.com/npm/npm/commit/81b46fb)
|
5225 | npm now knows the correct URLs for `npm bugs` and `npm repo` for
|
5226 | repositories hosted on Bitbucket and GitLab, just like it does for GitHub
|
5227 | (and GitHub support now extends to projects hosted as gists as well as
|
5228 | traditional repositories).
|
5229 | * [`5be4008a`](https://github.com/npm/npm/commit/5be4008a09730cfa3891d9f145e4ec7f2accd144)
|
5230 | npm has been cleaned up to pass the [`standard`](http://npm.im/standard)
|
5231 | style checker. Forrest and Rebecca both feel this makes it easier to read
|
5232 | and understand the code, and should also make it easier for new
|
5233 | contributors to put merge-ready patches.
|
5234 | ([@othiym23](https://github.com/othiym23))
|
5235 |
|
5236 | #### ZARRO BOOGS
|
5237 |
|
5238 | * [`6401643`](https://github.com/npm/npm/commit/6401643)
|
5239 | Make sure the global install directory exists before installing to it.
|
5240 | ([@thefourtheye](https://github.com/thefourtheye))
|
5241 | * [#6158](https://github.com/npm/npm/issues/6158)
|
5242 | When we remove modules we do so inside-out running unbuild for each one.
|
5243 | * [`960a765`](https://github.com/npm/npm/commit/960a765)
|
5244 | The short usage information for each subcommand has been brought in sync
|
5245 | with the documentation. ([@smikes](https://github.com/smikes))
|
5246 |
|
\ | No newline at end of file |