Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[pull] latest from npm:latest #7

Open
wants to merge 968 commits into
base: latest
Choose a base branch
from
Open

[pull] latest from npm:latest #7

wants to merge 968 commits into from

Conversation

pull[bot]
Copy link

@pull pull bot commented Oct 17, 2022
edited

See Commits and Changes for more details.

Created by pull[bot]

Can you help keep this open source service alive? 💖 Please sponsor : )

@pull pull bot added the ⤵️ pull label Oct 17, 2022
wraithgar and others added 24 commits February 22, 2024 08:20
@wraithgar
chore: update devDependencies in lockfile
d6bc684
@wraithgar
feat: add --expect-entries to npm query
4f3ddbb 
This will allow users to tell npm whether or not to exit with an exit
code depending on if the command had any resulting entries or not.
@wraithgar
docs: clarify in-range and out-of-range in dependency selectors
95b5057
@robertobasile84
docs(scope): update example command to work in windows (#7247)
686a622 
Update scope.md

Missing = was causing error
@wraithgar
fix(query-selector): don't look up private packages on :outdated
ed17276
@wraithgar
deps: @npmcli/query@3.1.0
16d4c9f
@wraithgar
feat(query): add :vuln pseudo selector
2366edc
@rveerd
docs: Remove additional example and comments about uninstall script (#…
c4741fe 
…7254)

Remove additional example and comments about uninstall script

The document already mentiones that the uninstall script is never executed since npm 7.
@lukekarrys
chore(smoke-tests): always return stdout and stderr from npm spawn
a530215
@ljharb
fix(pack, publish): default foreground-scripts to true (#7158)
818957c 
Fixes #6816
@wraithgar
fix: Arborist code cleanup (#7237)
6d1789c 
A bunch of tiny tweaks to Arborist, in service of eventually cleaning it up and removing the mixin approach.

Most of the fixes are like before: removing symbols in favor of private attributes so we can easily find where state is being shared. There is also some shuffling of single-use methods into larger classes.
@github-actions @wraithgar
chore: release 10.5.0
569f391
@wraithgar
chore: test refactor (#7262)
af3c48e 
Makes the install tests do less DI and more network mocking
@wraithgar
chore: jsdom@24.0.0 (#7258)
0dab381
@wraithgar
fix: more lightweight npm bin discovery in windows (#7271)
7f1ab88 
This will stop npm having to load twice on every windows invocation
@cod1r
fix: added check for dry-run (#7274)
bdb3c28 
* fix: added check for dry-run
  added a check for dry-run for `npm ci` so that node_modules won't be
  deleted

  closes #7239

* chore: added test for ci --dry-run check
@coliff
docs: Correct capitalization for URL (#7285)
e1ecfa7 
Correct capitalization for URL
@10xLaCroixDrinker
fix(search): include searchlimit option in help output (#7297)
9d4e85f
@bdehamer
docs: update audit docs with provenance info (#7304)
9807caf 
Adds a note to the `audit` docs discussing the verification of
provenance attestations.

Per: npm/documentation#1010

Signed-off-by: Brian DeHamer <bdehamer@github.com>
@davidlj95
docs: fix incorrect npm audit key response link (#7307)
1114a12
@uiolee
docs: add link to engines section (#7198)
1da5cf0
@wraithgar
fix(query): properly return :missing nodes (#7320)
9bffa13 
Fixes #7316
@lukekarrys
fix: ensure maxSockets is respected (#7324)
8cab136 
Fixes #7072

deps: agent-base@7.1.1

chore: add smoke-test for large prod installs
@lukekarrys
deps: @sigstore/tuf@2.3.2
5bb0031
lukekarrys and others added 30 commits May 16, 2024 21:37
@lukekarrys
fix: pass strings to JSON.stringify in --json mode (#7540)
4dfc7d2 
In refactoring this behavior previously plain strings were no longer
being passed through JSON.stringify even in json mode. This commit
changes that to the previous behavior which fixes the bug in `npm view`.
This also required changing the behavior of `npm pkg` which relied on
this.

Fixes #7537
@lukekarrys
fix: remove json.stringify from all commands (#7541)
61d5771 
This converts all remaining commands/utils to use the display layer for
formatting their json output
@lukekarrys
fix: refactor ls to use output.buffer for json (#7542)
53cda32 
This has no functional difference but matches where
we landed for the rest of the commands.
@lukekarrys
fix(refactor): use output.buffer and set explicit json mode in query (#…
b1db070 
…7534)
@wraithgar
fix: send proper otp token on web auth (#7545)
9e6686b
@milaninfy
fix(cache): add both full and minified packument to cache (#7516)
9122fb6 
This will fix the `npm cache add` to cache package with same header as
it's used in `npm install` by adding extra manifest call with
`fullMetadata: true` while caching to match behaviour with install
command which internally request manifest with fullMetadata.

## References
Closes #7465
@reggi
fix(ci): rm workspace node_modules (#7490)
7d89b55
@davidlj95
docs: update publish docs: dist-tag + publish case (#7560)
fd6479f 
<!-- What / Why -->
<!-- Describe the request in detail. What it does and why it's being
changed. -->
Updates `publish` command docs:
 - Refers to `npm tag` which is now `npm dist-tag`
 - Add docs specific for `npm publish --tag`

## References
<!-- Examples:
  Related to #0
  Depends on #0
  Blocked by #0
  Fixes #0
  Closes #0
-->
@reggi
fix: adds node: specifier to all native node modules (#7559)
2d1d8d0
@NormanPerrin
fix(utils/tar): index access while match is null (#7555) (#7556)
8f94ae8 
Details explained in issue #7555

Closes #7555
@milaninfy
fix(publish): skip workspace packages marked private on publish (#7564)
e4c7a41 
`npm publish --workspaces` will skip workspace packages marked as
private in package.json.
Currently it's skipping those packages only when you have configured
auth for those packages, it would error out with `ENEEDAUTH` if it
doesn't find the valid auth information.

this fix checks for the private property before checking for auth for
the packages that will essentially not going to get published.

Fixes #7199
@wraithgar
deps: ini@4.1.3
6278fe4
@wraithgar
deps: is-cidr@5.1.0
2508a83
@wraithgar
deps: postcss-selector-parser@6.1.0
5c6759d
@wraithgar
deps: glob@10.4.1
18b42a4
@wraithgar
deps: @sigstore/tuf@2.3.4
41291ba
@wraithgar
deps: sigstore@2.3.1
83fed2e
@wraithgar
deps: spdx-license-ids@3.0.18
447a8d7
@wraithgar
chore: dev dependency updates
6574dc9
@wraithgar
chore: fix linting in mock registry
4b57b95
@wraithgar
deps: @npmcli/package-json@5.1.1
e3f0fd4
@wraithgar
chore: fix snapshots for updated @npmcli/package-json
2d84091 
Invalid scripts warnings are gone that should not be there
@wraithgar
chore: fix linting in arborist debugger
4a36d78
@wraithgar
fix(exec): look in workspace and root for bin entries (#7569)
6b55646 
Closes: #7379
@github-actions @wraithgar
chore: release 10.8.1
6109960
@wraithgar
deps: remove read-package-json-fast
4ef4830
@wraithgar
deps: @npmcli/package-json@5.1.1
04d6910
@wraithgar
fix: use @npmcli/package-json to parse local package
d185c9b
@wraithgar
fix: don't try parsing workspaces if none exist
15be6dd
@leobalter
docs: fix links to community discussions (#7576)
92e71e6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
⤵️ pull
Projects
None yet
Milestone
No milestone