-
Notifications
You must be signed in to change notification settings - Fork 29.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
deps: upgrade npm to 9.0.1 #45273
Closed
Closed
deps: upgrade npm to 9.0.1 #45273
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lukekarrys
added
npm
Issues and PRs related to the npm client dependency or the npm registry.
dont-land-on-v14.x
dont-land-on-v18.x
PRs that should not land on the v18.x-staging branch and should not be released in v18.x.
labels
Nov 1, 2022
nodejs-github-bot
added
fast-track
PRs that do not need to wait for 48 hours to land.
needs-ci
PRs that need a full CI run.
labels
Nov 1, 2022
This comment was marked as outdated.
This comment was marked as outdated.
lukekarrys
added
request-ci
Add this label to start a Jenkins CI on a PR.
and removed
fast-track
PRs that do not need to wait for 48 hours to land.
labels
Nov 1, 2022
github-actions
bot
removed
the
request-ci
Add this label to start a Jenkins CI on a PR.
label
Nov 2, 2022
Trott
approved these changes
Nov 2, 2022
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rubber stamp
lukekarrys
force-pushed
the
npm-v9.0.1
branch
6 times, most recently
from
November 4, 2022 20:11
c779aac
to
08caf1a
Compare
lukekarrys
force-pushed
the
npm-v9.0.1
branch
from
November 4, 2022 20:13
08caf1a
to
b51babb
Compare
15 tasks
Closing in favor of #45323 |
18 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
dont-land-on-v18.x
PRs that should not land on the v18.x-staging branch and should not be released in v18.x.
needs-ci
PRs that need a full CI run.
needs-citgm
PRs that need a CITGM CI run.
npm
Issues and PRs related to the npm client dependency or the npm registry.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR replaces #44916 to do integration testing between npm
v9.0.1
and the Node.js main branch. Below are the full release notes forv9.0.0
andv9.0.1
including all prereleases.9.0.1 (2022-10-26)
Documentation
b5fadd0
#5742 Better npx link (etw: fix descriptors of events 9 and 23 #5742) (@mrienstra)Dependencies
de6618e
#5757@npmcli/[email protected]
(net.Socket has no setConnectionTimeout(timeout) method #5757)5625274
#5755[email protected]
(url.parse outputs incorrect url object #5755)32bdd68
#5754[email protected]
(security revert CVE-2016-2216 didn't work with HPE_UNEXPECTED_CONTENT_LENGTH #5754)@npmcli/[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
9.0.0 (2022-10-19)
npm
is now compatible with the following semver range for node:^14.17.0 || ^16.13.0 || >=18.0.0
npm
will no longer attempt to modify ownership of files it createslogin
,adduser
, andauth-type
changessso
,saml
&legacy
have been consolidated into"legacy"
auth-type
defaults to"web"
login
andadduser
are now separate commands that send different data tothe registry.
auth-type
config valuesweb
andlegacy
only trytheir respective methods, npm no longer tries them all and waits to see
which one doesn't fail.
npm pack
now follows a strict order of operations when applying ignore rules. If afiles
array is present in thepackage.json
, then rules in.gitignore
and.npmignore
files from the root will be ignored.HEAD
instead ofmaster
as the default reftiming
andloglevel
changestiming
has been removed as a value for--loglevel
--timing
will show timing information regardless of--loglevel
, except when--silent
--timing
file changes:--timing
flag,npm
now writes timing data to afile alongside the debug log data, respecting the
logs-dir
option andfalling back to
<CACHE>/_logs/
dir, instead of directly inside thecache directory.
each run will create a uniquely named
<ID>-timing.json
file, with the<ID>
portion being the same as the debug log.metadata
,timers
, andunfinishedTimers
instead of everything beinga top level key.
npm
now outputs some json errors on stdout. Previouslynpm
would output all json formatted errors on stderr, making it difficult to parse as the stderr stream usually has logs already written to it. In the future,npm
will differentiate between errors and crashes. Errors, such asE404
andERESOLVE
, will be handled and will continue to be output on stdout. In the case of a crash,npm
will log the error as usual but will not attempt to display it as json, even in--json
mode. Moving a case from the category of an error to a crash will not be considered a breaking change. For more information see npm/rfcs#482.--install-strategy
--global-style
,--global
now sets--install-strategy=shallow
--legacy-bundling
, now sets--install-strategy=nested
npm config set
will no longer accept deprecated or invalid config optionsinstall-links
config defaults to"true"
node-version
config has been removednpm-version
config has been removednpm access
subcommands have been renamednpm birthday
has been removednpm set-script
has been removednpm bin
has been removed (usenpx
ornpm exec
to execute binaries)Features
a09e19d
#5696 introduce thenpm config fix
command (@nlf)d2963c6
explicitly validate config within the cli (@nlf)a5fec08
rewrite: docs generation (@lukekarrys)9609e9e
#5605 use v3 lockfiles by default (@fritzy)3ae796d
implement newnpm-packlist
behavior (@lukekarrys)e64d69a
#5581 write eresolve error files to the logs directory (@lukekarrys)3445da0
timings are now written alongside debug log files (@lukekarrys)66ed584
#5551 defaultauth-type
to"web"
(@wraithgar)6ee5b32
query: displayqueryContext
in results (@nlf)314311c
#5550 separatelogin
/adduser
& remove unnecessary auth types (@wraithgar)9c32c6c
rewrite:npm access
(@wraithgar)854521b
rewrite:libnpmaccess
(@wraithgar)e95017a
#5485 feat(workspaces): update supported node engines inpackage.json
(@lukekarrys)de2d33f
add--install-strategy=hoisted|nested|shallow
, deprecate--global-style
,--legacy-bundling
(Debugger doesn't exit after program run #5709) (@fritzy)49bbb2f
#5455 removenpm birthday
(@wraithgar)926f0ad
#5456 removenpm set-script
(@wraithgar)2a8c2fc
#5458 defaultinstall-links
to"true"
(@wraithgar)2e92800
#5459 removenpm bin
(@wraithgar)457d388
#5475 update supported node engines in package.json (@wraithgar)46d038f
#5716 output json formatted errors onstdout
(@lukekarrys)0a69db4
#5719 refuse to set deprecated/invalid config (@wraithgar)6e4961f
separate configs for--timing
and--loglevel
(@lukekarrys)6a27a7b
#5712 deprecatedkey
,cert
config options and updated registry scoped auth docs (@fritzy)Bug Fixes
c3d7549
add tag to publish log message (@wraithgar)a35c784
#5691 config: removenode-version
andnpm-version
(@wraithgar)e4e8ae2
libnpmpack: obeyforegroundScripts
(@winterqt)07fabc9
#5633npm link
should override--install-links
(@fritzy)02fcbb6
#5634 ensureArborist
constructor gets passed around everywhere forpacote
(@nlf)0d90a01
#5480 audit: add a condition to allow third-party registries returning E400 (@juanheyns, Juan Heyns)41481f8
#5475 attempt more graceful failure in older node versions (@wraithgar)fc82298
#5295npm hook ls
duplicates hook name prefixes (@gennadiygashev)3f1fcf0
account for newnpm-package-arg
behavior (@wraithgar)353b5bb
#5710 removechownr
andmkdirp-infer-owner
(@nlf)Documentation
285b39f
#5324 add documentation for expanded:semver
selector (@nlf)fd0eebe
update registry docs header (@hughlilly)542efdb
updatefolders
page for modern npm (@shalvah)f37caad
#5606 accurately describeinstall-links
effect on relative paths (@lukekarrys)130bc9f
#5626 remove circular reference (node.js 5.7.1 crash caused by a simple JS line #5626) (@giovanniPepi)f0e7584
#5601 update docs/logging for new--access
default (@wraithgar)2d756cb
#5527 add instruction to query objects withnpm view
(@moonith)8743366
#5519 add hash to "tag" config link (@mrienstra, @lukekarrys)5645c51
#5521 link mentions of config parameters (@mrienstra)19762b4
#5529 modify misleading doc about bins (@Hafizur046)19762b4
#5529 modify misleading doc about package.json:bin (@Hafizur046)8402fd8
#5547 add:outdated
pseudo selector to docs (@nlf)Dependencies
df77a1f
#5707 Update Major Versions of DependenciesUpdated:
@npmcli/[email protected]
@npmcli/[email protected]
@npmcli/[email protected]
@npmcli/[email protected]
@npmcli/[email protected]
@npmcli/[email protected]
@npmcli/[email protected]
@npmcli/[email protected]
@npmcli/[email protected]
@npmcli/[email protected]
@npmcli/[email protected]
@npmcli/[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
Removed:
@npmcli/fs