[pull] latest from npm:latest #11
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
fritzy
force-pushed
the
latest
branch
3 times, most recently
from
3037d35 to
f3b0c43
Compare
lukekarrys
force-pushed
the
latest
branch
2 times, most recently
from
591d1d1 to
9e74d3e
Compare
Dev dep but it fixed the hoisting of @tufjs/models
Our existing example present in npm doc was giving warning. issue: #7302
The first argument to all `log.method()` calls gets formatted differently with a color. So calls to these should always be a short descriptive title or an empty string.
This changes a bunch of commands to use the new `output.buffer` capabilities from `proc-log` as well as the `outputError` helper from `utils/output-error.js`. This also adds a few comments about future display related breaking changes that npm should make. There is some new behavior around `run-script` and how it outputs errors. It now displays the error for each workspace similar to how that error would get displayed when the process exits.
Fixes: #5444 This PR will continue running through all workspaces for `npm view` even when a workspace encounters an `E404` error. This usually happens when you run `npm view -ws` but have private workspaces. A future iteration could log a different message if an `E404` is encountered on a private workspace, but for this PR I wanted to keep it generic since there are a number of reasons a request for a package manifest could 404.
In refactoring this behavior previously plain strings were no longer being passed through JSON.stringify even in json mode. This commit changes that to the previous behavior which fixes the bug in `npm view`. This also required changing the behavior of `npm pkg` which relied on this. Fixes #7537
This converts all remaining commands/utils to use the display layer for formatting their json output
This has no functional difference but matches where we landed for the rest of the commands.
Adds bun lockfile, and points to the package.json docs as the authoritative list for ignore rules in the cli docs.
The v10 branch is where new changelog entries for npm@10 get added ref: https://github.com/npm/cli/tree/release/v10
cafile is the correct config key Closes: npm/documentation#1337
BREAKING CHANGE: `npm init` now has a `type` prompt, and sorts the entries the created packages differently
Fixed code to deal w/ new esm export
BREAKING CHANGE: Upon publishing, in order to apply a default "latest" dist tag, the command now retrieves all prior versions of the package. It will require that the version you're trying to publish is above the latest semver version in the registry, not including pre-release tags. Implements [npm RFC7](https://github.com/npm/rfcs/blob/main/accepted/0007-publish-without-tag.md). Related to prerelease dist-tag: #7910 A part of npm 11 roadmap: npm/statusboard#898 --------- Co-authored-by: Jordan Harband <ljharb@gmail.com>
Removed npm 8 design change pending section note section from the documentation for `npm ls` https://docs.npmjs.com/cli/v10/commands/npm-ls?v=true#note-design-changes-pending Closes npm/documentation#1365, #6773
unnecessary files in node_modules
When searching for multiple terms in npm, the highlighting code has a bug where it duplicates the output any time there are matching terms. This fixes the highlighting code. Before:  After: 
Certain project dependency trees may result in an SBOM with duplicate entries. This fix ensures that each unique dependency (identified by the combination of package name and version) only appears in the SBOM once. Applies to both SPDX and CycloneDX SBOM formats. Specific to the CycloneDX format, this change also removes the `cdx:npm:package:path` property from the `component` entries in the generated SBOM. Since the same package may be present at multiple paths within the project and we're now de-duplicating those packages, it no longer makes sense to include this in the SBOM. This does not impact the SPDX format as there is no equivalent property. Fixes: #6967 Signed-off-by: Brian DeHamer <bdehamer@github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )