npm/changelogs/CHANGELOG-1.md

37 KiB

v1.4.29 (2015-10-29):

THINGS ARE HAPPENING IN LTS LAND

In a special one-off release as part of the strategy to get a version of npm into Node LTS that works with the current registry, modify npm to print out this deprecation banner literally every time npm is invoked to do anything:

npm WARN deprecated This version of npm lacks support for important features,
npm WARN deprecated such as scoped packages, offered by the primary npm
npm WARN deprecated registry. Consider upgrading to at least npm@2, if not the
npm WARN deprecated latest stable version. To upgrade to npm@2, run:
npm WARN deprecated
npm WARN deprecated   npm -g install npm@latest-2
npm WARN deprecated
npm WARN deprecated To upgrade to the latest stable version, run:
npm WARN deprecated
npm WARN deprecated   npm -g install npm@latest
npm WARN deprecated
npm WARN deprecated (Depending on how Node.js was installed on your system, you
npm WARN deprecated may need to prefix the preceding commands with `sudo`, or if
npm WARN deprecated on Windows, run them from an Administrator prompt.)
npm WARN deprecated
npm WARN deprecated If you're running the version of npm bundled with
npm WARN deprecated Node.js 0.10 LTS, be aware that the next version of 0.10 LTS
npm WARN deprecated will be bundled with a version of npm@2, which has some small
npm WARN deprecated backwards-incompatible changes made to `npm run-script` and
npm WARN deprecated semver behavior.

The message basically tells the tale: Node 0.10 will finally be getting npm@2, so those of you who haven't upgraded your build systems to deal with its (relatively small) breaking changes should do so now.

Also, this version doesn't even pretend that it can deal with scoped packages, which, given the confusing behavior of older versions of npm@1.4, where it would sometimes try to install packages from GitHub, is a distinct improvement.

There is no good reason for you as an end user to upgrade to this version of npm yourself.

  • 709e9b4 Print 20-line deprecation banner on all command invocations. (@othiym23)
  • 0c29d09 Crash out immediately with an exhortation to upgrade on attempts to use scoped packages. (@othiym23)

v1.5.0-alpha-4 (2014-07-18):

  • fall back to _auth config as default auth when using default registry (@isaacs)
  • support for 'init.version' for those who don't want to deal with semver 0.0.x oddities (@rvagg)
  • be06213 remove residual support for win log level (@aterris)

v1.5.0-alpha-3 (2014-07-17):

v1.5.0-alpha-2 (2014-07-01):

v1.5.0-alpha-1 (2014-07-01):

v1.5.0-alpha-0 (2014-07-01):

v1.4.28 (2014-09-12):

v1.4.27 (2014-09-04):

v1.4.26 (2014-08-28):

v1.4.25 (2014-08-21):

  • 64c0ec2 npm-registry-client@2.0.6: Print the notification header returned by the registry, and make sure status codes are printed without gratuitous quotes around them. (@othiym23)
  • a8ed12b tar@1.0.1: Add test for removing an extract target immediately after unpacking. (@isaacs)
  • 70fd11d lockfile@1.0.0: Fix incorrect interaction between wait, stale, and retries options. Part 2 of race condition leading to ENOENT errors. (@isaacs)
  • 0072c4d fstream@1.0.2: Fix a double-finish call which can result in excess FS operations after the close event. Part 2 of race condition leading to ENOENT errors. (@isaacs)

v1.4.24 (2014-08-14):

v1.4.23 (2014-07-31):

  • 8dd11d1 update several dependencies to avoid using semvers starting with 0.

v1.4.22 (2014-07-31):

v1.4.21 (2014-07-14):

  • 88f51aa fix handling for 301s in npm-registry-client@2.0.3 (@Raynos)

v1.4.20 (2014-07-02):

v1.4.19 (2014-07-01):

v1.4.18 (2014-06-29):

v1.4.17 (2014-06-27):

  • replace escape codes with ansicolors (@othiym23)
  • Allow to build all the docs OOTB. (@GeJ)
  • Use core.longpaths on win32 git - fixes #5525 (@bmeck)
  • npmconf@1.1.2 (@isaacs)
  • Consolidate color sniffing in config/log loading process (@isaacs)
  • add verbose log when project config file is ignored (@isaacs)
  • npmconf: Float patch to remove 'scope' from config defs (@isaacs)
  • doc: npm-explore can't handle a version (@robertkowalski)
  • Add user-friendly errors for ENOSPC and EROFS. (@voodootikigod)
  • bump tar and fstream deps (@isaacs)
  • Run the npm-registry-couchapp tests along with npm tests (@isaacs)

v1.2.8000 (2014-06-17):

  • Same as v1.4.16, but with the spinner disabled, and a version number that starts with v1.2.

v1.4.16 (2014-06-17):

v1.4.15 (2014-06-10):

  • cache: atomic de-race-ified package.json writing (@isaacs)
  • fstream@0.1.26 (@isaacs)
  • graceful-fs@3.0.2 (@isaacs)
  • osenv@0.1.0 (@isaacs)
  • Only spin the spinner when we're fetching stuff (@isaacs)
  • Update osenv@0.1.0 which removes ~/tmp as possible tmp-folder (@robertkowalski)
  • ini@1.2.1 (@isaacs)
  • graceful-fs@3 (@isaacs)
  • Update glob and things depending on glob (@isaacs)
  • github-url-from-username-repo and read-package-json updates (@isaacs)
  • editor@0.1.0 (@isaacs)
  • columnify@1.1.0 (@isaacs)
  • bump ansi and associated deps (@isaacs)

v1.4.14 (2014-06-05):

  • char-spinner: update to not bork windows (@isaacs)

v1.4.13 (2014-05-23):

  • Fix npm install on a tarball. (ed3abf1, #5330, @othiym23)
  • Fix an issue with the spinner on Node 0.8. (9f00306, @isaacs)
  • Re-add npm.commands.cache.clean and npm.commands.cache.read APIs, and document npm.commands.cache.* as npm-cache(3). (e06799e, @isaacs)

v1.4.12 (2014-05-23):

  • remove normalize-package-data from top level, de-^-ify inflight dep (@isaacs)
  • Always sort saved bundleDependencies (@isaacs)
  • add inflight to bundledDependencies (@othiym23)

v1.4.11 (2014-05-22):

  • fix npm ls labeling issue
  • node-gyp@0.13.1
  • default repository to https:// instead of git://
  • addLocalTarball: Remove extraneous unpack (@isaacs)
  • Massive cache folder refactor (@othiym23 and @isaacs)
  • Busy Spinner, no http noise (@isaacs)
  • Per-project .npmrc file support (@isaacs)
  • npmconf@1.0.0, Refactor config/uid/prefix loading process (@isaacs)
  • Allow once-disallowed characters in passwords (@isaacs)
  • Send npm version as 'version' header (@isaacs)
  • fix cygwin encoding issue (Karsten Tinnefeld)
  • Allow non-github repositories with npm repo (@evanlucas)
  • Allow peer deps to be satisfied by grandparent
  • Stop optional deps moving into deps on update --save (@timoxley)
  • Ensure only matching deps update with update --save* (@timoxley)
  • Add support for prerelease, preminor, prepatch to npm version

v1.4.10 (2014-05-05):

  • Don't set referer if already set
  • fetch: Send referer and npm-session headers
  • run-script: Support --parseable and --json
  • list runnable scripts (@evanlucas)
  • Use marked instead of ronn for html docs

v1.4.9 (2014-05-01):

  • Send referer header (with any potentially private stuff redacted)
  • Fix critical typo bug in previous npm release

v1.4.8 (2014-05-01):

  • Check SHA before using files from cache
  • adduser: allow change of the saved password
  • Make npm install respect config.unicode
  • Fix lifecycle to pass Infinity for config env value
  • Don't return 0 exit code on invalid command
  • cache: Handle 404s and other HTTP errors as errors
  • Resolve ~ in path configs to env.HOME
  • Include npm version in default user-agent conf
  • npm init: Use ISC as default license, use save-prefix for deps
  • Many test and doc fixes

v1.4.7 (2014-04-15):

  • Add --save-prefix option that can be used to override the default of ^ when using npm install --save and its counterparts. (64eefdf, @thlorenz)
  • Allow --silent to silence the echoing of commands that occurs with npm run. (c95cf08, @Raynos)
  • Some speed improvements to the cache, which should improve install times. (cb94310, 3b0870f, 120f5a9, @isaacs)
  • Improve ability to retry registry requests when a subset of the registry servers are down. (4a5257d, 7686d02cb0, @isaacs)
  • Fix marking of peer dependencies as extraneous. (779b164, 6680ba6ef2, @isaacs)
  • Fix npm crashing when doing npm shrinkwrap in the presence of a package.json with no dependencies. (a9d9fa5, @kislyuk)
  • Fix error when using npm view on packages that have no versions or have been unpublished. (94df2f5, @juliangruber; 2241a09, @isaacs)

v1.4.6 (2014-03-19):

  • Fix extraneous package detection to work in more cases. (f671286, npm/read-installed#20, @LaurentVB)

v1.4.5 (2014-03-18):

  • Sort dependencies in package.json when doing npm install --save and all its variants. (6fd6ff7, @domenic)
  • Add --save-exact option, usable alongside --save and its variants, which will write the exact version number into package.json instead of the appropriate semver-compatibility range. (17f07df, @timoxley)
  • Accept gzipped content from the registry to speed up downloads and save bandwidth. (a3762de, npm/npm-registry-client#40, @fengmk2)
  • Fix npm ls's --depth and --log options. (1d29b17, npm/read-installed#13, @zertosh)
  • Fix "Adding a cache directory to the cache will make the world implode" in certain cases. (9a4b2c4, domenic/path-is-inside#1, @pmarques)
  • Fix readmes not being uploaded in certain rare cases. (527b72c, @isaacs)

v1.4.4 (2014-02-20):

  • Add npm t as an alias for npm test (which is itself an alias for npm run test, or even npm run-script test). We like making running your tests easy. (14e650b, @isaacs)

v1.4.3 (2014-02-16):

  • Add back npm prune --production, which was removed in 1.3.24. (acc4d02, @davglass)
  • Default npm install --save and its counterparts to use the ^ version specifier, instead of ~. (0a3151c, @mikolalysenko)
  • Make npm shrinkwrap output dependencies in a sorted order, so that diffs between shrinkwrap files should be saner now. (059b2bf, @Raynos)
  • Fix npm dedupe not correctly respecting dependency constraints. (86028e9, @rafeca)
  • Fix npm ls giving spurious warnings when you used "latest" as a version specifier. (d2956400e0, @bajtos)
  • Fixed a bug where using npm link on packages without a name value could cause npm to delete itself. (401a642, @isaacs)
  • Fixed npm install ./pkg@1.2.3 to actually install the directory at pkg@1.2.3; before it would try to find version 1.2.3 of the package ./pkg in the npm registry. (46d8768, @rlidwka; see also f851b79)
  • Fix npm outdated to respect the color configuration option. (d4f6f3f, @timoxley)
  • Fix npm outdated --parseable. (9575a23, @yhpark)
  • Fix a lockfile-related errors when using certain Git URLs. (164b97e, @nigelzor)

v1.4.2 (2014-02-13):

  • Fixed an issue related to mid-publish GET requests made against the registry. (acbec48372, @isaacs)

v1.4.1 (2014-02-13):

  • Fix npm shrinkwrap forgetting to shrinkwrap dependencies that were also development dependencies. (9c575c5, @diwu1989)
  • Fixed publishing of pre-existing packages with uppercase characters in their name. (9345d3b6c3, @isaacs)

v1.4.0 (2014-02-12):

v1.3.26 (2014-02-02):

v1.3.25 (2014-01-25):

  • Remove gubblebum blocky font from documentation headers. (6940c9a, @isaacs)

v1.3.24 (2014-01-19):

  • Make the search output prettier, with nice truncated columns, and a --long option to create wrapping columns. (20439b2 and 3a6942d, @timoxley)
  • Support multiple packagenames in npm docs. (823010b, @timoxley)
  • Fix the npm adduser bug regarding "Error: default value must be string or number" again. (b9b4248, @isaacs)
  • Fix scripts entries containing whitespaces on Windows. (80282ed, @robertkowalski)
  • Fix npm update for Git URLs that have credentials in them (93fc364, @danielsantiago)
  • Fix npm install overwriting npm link-ed dependencies when they are tagged Git dependencies. (af9bbd9, @evanlucas)
  • Remove npm prune --production since it buggily removed some dependencies that were necessary for production; see #4509. Hopefully it can make its triumphant return, one day. (1101b6a, @isaacs)

Dependency updates:

v1.3.23 (2014-01-03):

  • Properly handle installations that contained a certain class of circular dependencies. (5dc93e8, @substack)

v1.3.22 (2013-12-25):

  • Fix a critical bug in npm adduser that would manifest in the error message "Error: default value must be string or number." (fba4bd2, @isaacs)
  • Allow npm bugs in the current directory to open the current package's bugs URL. (d04cf64, @evanlucas)
  • Several fixes to various error messages to include more useful or updated information. (1e6f2a7, ff46366, 8b4bb48; @rlidwka, @evanlucas)

v1.3.21 (2013-12-17):

  • Fix a critical bug that prevented publishing due to incorrect hash calculation. (4ca4a2c, @dominictarr)

v1.3.20 (2013-12-17):

  • Fixes a critical bug in v1.3.19. Thankfully, due to that bug, no one could install npm v1.3.19 :)

v1.3.19 (2013-12-16):

  • Adds atomic PUTs for publishing packages, which should result in far fewer requests and less room for replication errors on the server-side.

v1.3.18 (2013-12-16):

  • Added an --ignore-scripts option, which will prevent package.json scripts from being run. Most notably, this will work on npm install, so e.g. npm install --ignore-scripts will not run preinstall and prepublish scripts. (d7e67bf, @sqs)
  • Fixed a bug introduced in 1.3.16 that would manifest with certain cache configurations, by causing spurious errors saying "Adding a cache directory to the cache will make the world implode." (966373f, @domenic)
  • Re-fixed the multiple download of URL dependencies, whose fix was reverted in 1.3.17. (a362c3f, @spmason)

v1.3.17 (2013-12-11):

  • This release reverts 644c2ff, which avoided re-downloading URL and shinkwrap dependencies when doing npm install. You can see the in-depth reasoning in d8c907e; the problem was, that the patch changed the behavior of npm install -f to reinstall all dependencies.
  • A new version of the no-re-downloading fix has been submitted as #4303 and will hopefully be included in the next release.

v1.3.16 (2013-12-11):

  • Git URL dependencies are now updated on npm install, fixing a two-year old bug (5829ecf, @robertkowalski). Additional progress on reducing the resulting Git-related I/O is tracked as #4191, but for now, this will be a big improvement.
  • Added a --json mode to npm outdated to give a parseable output. (0b6c9b7, @yyx990803)
  • Made npm outdated much prettier and more useful. It now outputs a color-coded and easy-to-read table. (fd3017f, @quimcalpe)
  • Added the --depth option to npm outdated, so that e.g. you can do npm outdated --depth=0 to show only top-level outdated dependencies. (1d184ef, @yyx990803)
  • Added a --no-git-tag-version option to npm version, for doing the usual job of npm version minus the Git tagging. This could be useful if you need to increase the version in other related files before actually adding the tag. (59ca984, @evanlucas)
  • Made npm repo and npm docs work without any arguments, adding them to the list of npm commands that work on the package in the current directory when invoked without arguments. (bf9048e, @robertkowalski; 07600d0, @wilmoore). There are a few other commands we still want to implement this for; see #4204.
  • Pass through the GIT_SSL_NO_VERIFY environment variable to Git, if it is set; we currently do this with a few other environment variables, but we missed that one. (c625de9, @arikon)
  • Fixed npm dedupe on Windows due to incorrect path separators being used (7677de4, @mcolyer).
  • Fixed the npm help command when multiple words were searched for; it previously gave a ReferenceError. (6a28dd1, @dereckson)
  • Stopped re-downloading URL and shrinkwrap dependencies, as demonstrated in #3463 (644c2ff, @spmason). You can use the --force option to force re-download and installation of all dependencies.