The NetBSD Project

CVS log for pkgsrc/lang/npm/Attic/Makefile

[BACK] Up to [] / pkgsrc / lang / npm

Request diff between arbitrary revisions

Default branch: MAIN

Revision 1.57, Wed Apr 19 17:45:31 2023 UTC (11 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.56: +1 -1 lines

npm: removed; now included in nodejs packages

Revision 1.56 / (download) - annotate - [select for diffs], Tue Aug 2 17:30:34 2022 UTC (20 months, 1 week ago) by abs
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)

Updated lang/npm to 8.15.1

v8.15.1 (2022-07-27)
Bug Fixes

    9905d0e #5197 fix: don't fail immediately if cache dir is not accessible (@lukekarrys)
    0e3660e #5206 fix(init): allow for spec on scope-only arg (@wraithgar)
    62b95a0 #5122 fix: allow hash character in paths (@AgainPsychoX)


    f9abee7 #5205 docs: update commit-ish default branch (@dijonkitchen)
    77bf2e1 #5218 docs: update (@MapleCCC)
    de40c31 #5207 docs: sync ci params with install (@wraithgar)
    4d1d8a9 #5221 docs: describe implicit workspace and prefix configuration (@fritzy) (@lukekarrys) (@wraithgar)


    3bbb293 #5223 deps: @npmcli/arborist@5.3.1

v8.15.0 (2022-07-20)

    5ef53ee #5160 feat: accept registry-scoped certfile and keyfile as credentials (@jenseng)
    c8bdb4a feat: Support pure web authentication for commands (@jumoel) (@ljharb) (@hfaulds) (@sandeepmeduru)

Bug Fixes

    9c590fa #5172 fix: disable progress bar on publish (@wraithgar)
    2fa3271 #5196 fix: add missing ` in adduser warning (@MylesBorins)


    7efad06 #5168 docs: Update audit signatures cmd (@feelepxyz)
    8ab5fca #5171 docs: correct bundledDependencies -> bundleDependencies (@nlf)


    64fe64b #5187 deps: @npmcli/config@4.2.0
    51b12a0 #5187 deps: npm-registry-fetch@13.3.0
    3ae1b81 #5190 deps: make-fetch-happen@10.2.0

Revision 1.55 / (download) - annotate - [select for diffs], Thu Jul 14 07:17:14 2022 UTC (21 months ago) by adam
Branch: MAIN
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)

npm: updated to 8.14.0

v8.14.0 (2022-07-13)


feat: add npm audit signatures (@feelepxyz)
feat: Add web auth type (@jumoel)
feat(arborist): add support for dependencies script (@nlf)
feat: notify on adduser of upcoming cmds, login and register (@fritzy)
feat: warn on config --auth-type=sso/saml/oauth, undeprecate --auth-type (@fritzy)

Bug Fixes

fix: properly open package arg repo inside workspace (@wraithgar)


docs: typo in npm command (@crisanmm)
docs: update reference to deprecated spdx package (@kachick)
docs: naming of files in example code should be consistent (@xc1427)
docs: document dependencies script

Revision 1.54 / (download) - annotate - [select for diffs], Wed Jul 13 11:41:06 2022 UTC (21 months ago) by jperkin
Branch: MAIN
Changes since 1.53: +3 -2 lines
Diff to previous 1.53 (colored)

*: Revert changes.

The intention was to avoid nodejs-18.x which no longer supports older
platforms, but that didn't work as pbulk still chooses the latest anyway, so
we'll need to fix that a different way.

It also has the downside of tying them to a specific version, which meant you
could no longer use the npm or yarn package managers with anything other than
the default nodejs version.

Revision 1.53 / (download) - annotate - [select for diffs], Thu Jul 7 10:05:11 2022 UTC (21 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.52: +2 -3 lines
Diff to previous 1.52 (colored)

npm: updated to 8.13.2

v8.13.2 (2022-06-29)


docs: add foreground-scripts to run-script page (@ruyadorno)

deps: @npmcli/run-script@4.1.4
deps: @npmcli/run-script@4.1.5
deps: @npmcli/metavuln-calculator@3.1.1
deps: npm-packlist@5.1.1

v8.13.1 (2022-06-23)


deps: @npmcli/run-script@4.1.3
fix: improves escaping of arguments for run-script, exec and npx (@nlf)
deps: libnpmpack@4.1.2
deps: @npmcli/arborist@5.2.3
deps: libnpmexec@4.0.8
deps: libnpmversion@3.0.6

v8.13.0 (2022-06-22)


feat: prompt before opening web-login URL when performing login/adduser (@jumoel)

Bug Fixes

fix: Add space to SemVer log message (@dnicolson)
fix(view): error on missing version (@wraithgar)


docs: consolidate docs and help for package spec (@wraithgar)
docs: fix typo (@westy92)


deps: pacote@13.6.1
deps: @npmcli/run-script@4.1.0
deps: make-fetch-happen@10.1.8
deps: npm-profile@6.1.0
deps: libnpmdiff@4.0.4
deps: libnpmversion@3.0.5
deps: libnpmpack@4.1.1
deps: libnpmexec@4.0.7
deps: @npmcli/arborist@5.2.2

Revision 1.52 / (download) - annotate - [select for diffs], Thu Jun 30 11:18:33 2022 UTC (21 months, 2 weeks ago) by nia
Branch: MAIN
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)

*: Revbump packages that use Python at runtime without a PKGNAME prefix

Revision 1.51 / (download) - annotate - [select for diffs], Tue Jun 28 11:34:14 2022 UTC (21 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.50: +2 -1 lines
Diff to previous 1.50 (colored)

*: recursive bump for perl 5.36

Revision 1.50 / (download) - annotate - [select for diffs], Fri Jun 17 08:04:03 2022 UTC (21 months, 4 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2
Changes since 1.49: +2 -3 lines
Diff to previous 1.49 (colored)

npm: updated to 8.12.2

v8.12.2 (2022-06-15)


* deps: make-fetch-happen@10.1.7
* deps: cacache@16.1.1
v8.12.1 (2022-06-02)

Bug Fixes

* fix: undeprecate and remove warnings for --global, -g, --local (@fritzy)
v8.12.0 (2022-06-01)


* feat(init): reify on init new workspace (@ruyadorno)
* feat: Add --auth-type=webauthn flag (@jumoel)
Bug Fixes

* fix(arborist): use rawSpec for bundled and shrinkwrapped deps (@nlf)
* fix(libnpmexec): fix bug not install latest pkg (@jihunleekr)

* deps: make-fetch-happen@10.1.6
* deps: pacote@13.6.0
* deps: glob@8.0.3
* deps: minimatch@5.1.0
* deps: tap@16.2.0
* deps: @npmcli/arborist@5.2.1
* deps: libnpmexec@4.0.6
v8.11.0 (2022-05-25)


* feat: deprecated set-script, birthday, --global, and --local (@fritzy)
* feat(libnpmpack): bump pacote for better workspace awareness (@nlf)
Bug Fixes

* fix(ci): remove node_modules post-validation (@wraithgar)
* fix: clean up npm cache tests (@wraithgar)
ee3308a fix: remove dead code from get-identity (@wraithgar)
* fix: pass prefix and workspaces to libnpmpack (@nlf)
* fix: add global getter to npm class (@nlf)

* docs: update roadmap link in readme (@OmriBarZik)
* docs: fix broken link in changelog (@yonran)

* deps: cacache@16.1.0
* deps: make-fetch-happen@10.1.5
* deps: pacote@13.4.1
* deps: ssri@9.0.1
* deps: npm-packlist@5.0.4
* deps: pacote@13.5.0 npm-packlist@5.1.0
* deps: libnpmpack@4.1.0
v8.10.0 (2022-05-11)


* feat: add --iwr alias for --include-workspace-root (@fritzy)
* feat: add flag --omit-lockfile-registry-resolved (@fritzy) (Caleb Ś„Everett)
Bug Fixes

* fix: remove test coverage map (@wraithgar)
* fix: cleanup star/unstar (@wraithgar)
* fix: consolidate bugs, docs, repo command logic (@wraithgar)
* fix(arborist): link deps lifecycle scripts (@ruyadorno)

Revision 1.49 / (download) - annotate - [select for diffs], Fri May 13 10:52:27 2022 UTC (23 months ago) by jperkin
Branch: MAIN
Changes since 1.48: +3 -3 lines
Diff to previous 1.48 (colored)

npm: Switch to

The latest lang/nodejs dropped support for a number of older OS, this gets npm
building again.  Bump PKGREVISION.

Revision 1.48 / (download) - annotate - [select for diffs], Thu May 5 10:52:39 2022 UTC (23 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)

npm: updated to 8.8.0

v8.8.0 (2022-04-27)


* feat: add install-links config definition (@nlf)

Bug Fixes

* fix(exec): workspaces support (@ruyadorno)
* fix(libnpmpublish): unpublish from custom registry (@ruyadorno)
* fix: Use node in and fallback to PATH if not found (@elibus)
* fix: completion for deprecate cmd (@wraithgar)
* fix: consolidate registryConfig application logic (@wraithgar)
* fix(install): do not install invalid package name (@ruyadorno)
* fix: normalize win32 paths before globbing (@lukekarrys)
* fix: remove lib/utils/read-package-name.js (@wraithgar)


* docs: add some more docs for --install-links (@nlf)
* docs: explain that _auth only goes to npm registry (@wraithgar)
* docs: include org instructions in scoped publish (@bnb)

v8.7.0 (2022-04-13)


* feat(config): add more npm/node information to config ls (@lukekarrys)
* feat(config): warn on deprecated configs (@lukekarrys)

Bug Fixes

* fix: update readme badges (@lukekarrys)
* fix: replace deprecated String.prototype.substr() (@CommanderRoot)
* fix: remove dedupe --save (@wraithgar)
* fix: do not export npm_config_include_workspace_root (@wraithgar)
* fix(run-script): don't cascade if-present config (@ruyadorno)
* fix(arborist): when reloading an edge, also refresh overrides (@nlf)
* fix: skip update notifier file if not requested (@lukekarrys)
* fix: show more information during publish dry-run (@lukekarrys)
* fix(arborist): dont skip adding advisories to audit based on name/range (@lukekarrys)
* fix: mitigate doctor test race condition (@wraithgar)
* fix(ls): make --omit filter npm ls (@lukekarrys)


* docs(ci): add note that configuration must be consistent between install and ci (@nlf)
* docs: fix npm-uninstall typo (@JSKitty)

Revision 1.47 / (download) - annotate - [select for diffs], Mon Apr 11 18:50:31 2022 UTC (2 years ago) by adam
Branch: MAIN
Changes since 1.46: +6 -6 lines
Diff to previous 1.46 (colored)

npm: updated to 8.6.0

v8.6.0 (2022-03-31)


* feat(version): reify on workspace version change (@ruyadorno)
* feat: add logs-dir config to set custom logging location (@lukekarrys)

Bug Fixes

fix: remove always true condition (@XhmikosR)
* fix(unpublish): properly apply publishConfig (@wraithgar)
* fix: 100% coverage in tests (@wraithgar)
* fix(arborist): handle link nodes in old lockfiles correctly (@nlf)
* fix(arborist): make sure resolveParent exists before checking props (@nlf)
* fix(arborist): identify and repair invalid nodes in the virtual tree (@nlf)
* fix: make sure we loadOverrides on the root node in loadVirtual() (@nlf)
* fix: move shellout logic into commands (@wraithgar)
* fix: really load all commands in tests, add description to birthday (@wraithgar)
* fix: consolidate command alias code (@wraithgar)
* fix: consolidate is-windows code (@wraithgar)
* fix: consolidate node version support logic (@wraithgar)
* fix: consolidate path delimiter logic (@wraithgar)
* fix: bump knownBroken to <12.5.0 (@wraithgar)
* fix: return otplease fn results (@wraithgar)
* fix: consolidate split-package-names (@wraithgar)
* fix: work better with system manpages (@d0sboots)
* fix: only call npmlog progress methods if explicitly requested (@lukekarrys)


* docs: recommend prepare over prepublish (@verhovsky)


* deps: npm-registry-fetch@13.1.0
* deps: cacache@16.0.3
* deps: make-fetch-happen@10.1.0
* deps: minipass-fetch@2.1.0
* deps: npm-audit-report@3.0.0
* deps: debug@4.3.4
* deps: proc-log@2.0.1
* deps: parse-conflict-json@2.0.2
* deps: gauge@4.0.4
* deps: @npmcli/template-oss@3.2.1
* deps: make-fetch-happen@10.1.1
* deps: init-package-json@3.0.2
* deps: npm-package-arg@9.0.2
* deps: validate-npm-package-name@4.0.0
* deps: @npmcli/template-oss@3.2.2
* deps: @npmcli/arborist@5.0.4

Revision 1.46 / (download) - annotate - [select for diffs], Mon May 24 19:52:34 2021 UTC (2 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4, pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2
Changes since 1.45: +2 -1 lines
Diff to previous 1.45 (colored)

*: recursive bump for perl 5.34

Revision 1.45 / (download) - annotate - [select for diffs], Fri Apr 23 07:15:49 2021 UTC (2 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.44: +2 -2 lines
Diff to previous 1.44 (colored)

npm: updated to 6.14.13

6.14.13 (2021-04-08)


285ab3f65 hosted-git-info@2.8.9
63b5c56c5 ssri@6.0.2

Revision 1.44 / (download) - annotate - [select for diffs], Fri Apr 2 06:17:28 2021 UTC (3 years ago) by adam
Branch: MAIN
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)

npm: updated to 6.14.12

Update y18n to fix CVE-2020-7774

Revision 1.43 / (download) - annotate - [select for diffs], Sat Jan 16 08:13:18 2021 UTC (3 years, 2 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)

npm: updated to 6.14.11


bl@3.0.1 - devDep

docs: update link to CLI issues

add s390x, ppc64 and ppc64el in supported cpu list

Revision 1.42 / (download) - annotate - [select for diffs], Tue Jan 5 08:29:28 2021 UTC (3 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)

npm: updated to 6.14.10

fixes: addressing GHSL-2020-145

Revision 1.41 / (download) - annotate - [select for diffs], Mon Nov 30 12:24:30 2020 UTC (3 years, 4 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)

npm: Update to 6.14.9

6.14.9 (2020-11-20)

    4a91e48aa fix: docs generation breaking builds


    ab80a7cf0 npm-user-validate@1.0.1
        dep update to resolve security issue GHSA-xgh6-85xh-479p
    6b2ab9d53 har-validator@5.1.5
        dep update to resolve security issue SNYK-JS-AJV-584908

Revision 1.40 / (download) - annotate - [select for diffs], Mon Oct 5 12:33:54 2020 UTC (3 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.39: +2 -3 lines
Diff to previous 1.39 (colored)

npm: updated to 6.14.8


npm install --dev deprecation message
remove unused broken require
Do not send user secret in the referer header

docs: add missing metadata in semver page
Node-gyp supports both Python and legacy Python


Revision 1.39 / (download) - annotate - [select for diffs], Mon Aug 31 18:09:51 2020 UTC (3 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base, pkgsrc-2020Q3
Changes since 1.38: +2 -1 lines
Diff to previous 1.38 (colored)

*: bump PKGREVISION for perl-5.32.

Revision 1.38 / (download) - annotate - [select for diffs], Wed Jul 22 06:55:12 2020 UTC (3 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)

npm: updated to 6.14.7

de5108836 npm explore spawn shell correctly
36e6c01d3 git tag handling regression on shrinkwrap
1961c9369 Fix package id in shrinkwrap lifecycle step output
87888892a gracefully handle error during npm install
6fe2bdc25 npm ls --parseable --long output

2d78481c7 update mkdirp on tacks
4e129d105 uninstall npm-registry-couchapp
8e1869e27 update marked dev dep
6a6151f37 libnpx@10.2.4
dc21422eb bin-links@1.1.8
d341f88ce gentle-fs@2.3.1
3e168d49b libcipm@4.0.8
6ae942a51 npm-audit-report@1.3.3
6a35e3dee npm-lifecycle@3.1.5

Revision 1.37 / (download) - annotate - [select for diffs], Wed Jul 8 06:12:12 2020 UTC (3 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)

npm: updated to 6.14.6


chore: remove auth info from logs
fix: wrong npm doctor command result


chore(docs): fixed links to cli commands
Add note about dropped * filenames
Fix typo

Revision 1.36 / (download) - annotate - [select for diffs], Wed May 27 19:37:40 2020 UTC (3 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored)

*: reset MAINTAINER for fhajny on his request

Revision 1.35 / (download) - annotate - [select for diffs], Fri May 8 13:37:26 2020 UTC (3 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)

npm: updated to 6.14.5

fix: relativize file links when inflating shrinkwrap
fix: npm init help output

Revision 1.34 / (download) - annotate - [select for diffs], Mon Apr 6 20:24:32 2020 UTC (4 years ago) by adam
Branch: MAIN
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)

npm: updated to 6.14.4


* Bump `minimist@1.2.5` transitive dep to resolve security issue
  * `update-notifier@2.5.0`
  * bump `deep-extend@1.2.5`
  * bump `deep-extend@0.6.0`
  * bump `is-ci@1.2.1`
  * bump `is-retry-allowed@1.2.0`
  * bump `rc@1.2.8`
  * bump `registry-auth-token@3.4.0`
  * bump `widest-line@2.0.1`
* `mkdirp@0.5.4`
* deps: updates term-size to use signed binary


* docs(teams): updated team docs to reflect MFA workflow
* docs: cleanup
* docs: fix links to cli commands
* docs: correction to `npm update -g` behaviour

* `mkdirp@0.5.3`
  * fix: bump `minimist` dep to resolve security issue
* `rimraf@2.7.1`
* `npm-registry-mock@1.3.1`
* `npm-registry-couchapp@2.7.4`

Revision 1.33 / (download) - annotate - [select for diffs], Wed Mar 4 19:05:21 2020 UTC (4 years, 1 month ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)

npm: updated to 6.14.2


chore(docs): update unpublish docs & policy reference

fix: regression in old node versions w/ respect to url.URL implmentation
fix: treat non-http/https login urls as invalid

hosted-git-info@2.8.7 Fixes a regression where scp-style git urls are passed to the WhatWG URL parser, which does not handle them properly.


add support for multiple funding sources

fix: check npm.config before accessing its members
fix: access grant with unscoped packages
fix: allow new major versions of node to be automatically considered "supported"

fix: passwords & usernames are escaped properly in git deps
fix: always bypass cache when ?write=true
fix: babel's "loose mode" class transform enbrittles BufferList

update lifecycle hooks docs
fix: trademarks typo
fix: postinstall example
fix: bad links in publish docs

add script to update dist-tags

Revision 1.32 / (download) - annotate - [select for diffs], Wed Jan 29 12:48:51 2020 UTC (4 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)

npm: updated to 6.13.7

Update CI detection cases

Revision 1.31 / (download) - annotate - [select for diffs], Thu Jan 16 10:30:59 2020 UTC (4 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)

npm: updated to 6.13.6


* fix(git): Do not drop uid/gid when executing in root-owned directory


Fix cache location for npm ci
fix(version): using 'allow-same-version', git commit --allow-empty and git tag -f

test(ci): add failing cache config test
test: fix bin-overwriting test on Windows
ci: Allow builds to run even if one fails
Remove the unused appveyor.yml
ci: switch to actions/checkout@v2

fix netlify publish path config
update gatsby dependencies
docs: clarify usage of global prefix

Revision 1.30 / (download) - annotate - [select for diffs], Sun Dec 29 16:22:42 2019 UTC (4 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.29: +3 -12 lines
Diff to previous 1.29 (colored)

npm: updated to 6.13.4

Do not remove global bin/man links inappropriately


bin-links@1.1.5 Properly normalize, sanitize, and verify bin entries in package.json.
fix: Do not drop perms in git when not root
sanitize and normalize package bin field

Revision 1.29 / (download) - annotate - [select for diffs], Mon Dec 9 20:10:19 2019 UTC (4 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)

npm: updated to 6.13.2


* fix docs target typo
* fix(packageRelativePath): fix 'where' for file deps
* Revert "windows: Add preliminary WSL support for npm and npx"
* remove unnecessary package.json read when reading shrinkwrap
* fix(fund): open url for string shorthand
* Don't log error message if git tagging is disabled
* Warn the user that it is uninstalling npm-install

Revision 1.28 / (download) - annotate - [select for diffs], Sun Nov 24 20:21:23 2019 UTC (4 years, 4 months ago) by adam
Branch: MAIN
Changes since 1.27: +3 -4 lines
Diff to previous 1.27 (colored)

npm: updated to 6.13.1

fix(fund): support funding string shorthand
should not publish tap-snapshot folder
Add preliminary WSL support for npm and npx
print quick audit report for human output

add fund command
delete ps1 files on package removal
update supported node list to remove v6.0, v6.1, v9.0 - v9.2

add node v13 as a supported version
Fix regression in lockfile repair for sub-deps
resolve circular dependency in pack.js

Now npm ci runs prepare scripts for git dependencies, and respects the --no-optional argument. Warnings for engine mismatches are printed again. Various other fixes and cleanups.

Revision 1.27 / (download) - annotate - [select for diffs], Sun Aug 11 13:21:22 2019 UTC (4 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base, pkgsrc-2019Q3
Changes since 1.26: +2 -1 lines
Diff to previous 1.26 (colored)

Bump PKGREVISIONs for perl 5.30.0

Revision 1.26 / (download) - annotate - [select for diffs], Wed Aug 7 07:34:32 2019 UTC (4 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

npm: updated to 6.10.3

vulns „śvulnerabilities in npm audit output
install, doctor: don't crash if registry unset
Handle unhandledRejections, tell user what to do when encountering an EACCES error in the cache.

Revision 1.25 / (download) - annotate - [select for diffs], Sat Aug 3 07:32:55 2019 UTC (4 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.24: +3 -3 lines
Diff to previous 1.24 (colored)

npm: updated to 6.10.2


tl;dr - Fixes several issues with the cache when npm is run as sudo on Unix systems.

check test cache for root-owned files
run sudo tests on Travis-CI
set --no-esm tap flag
add script to run tests and leave fixtures for inspection and debugging

add a util for writing arbitrary files to cache This prevents metrics timing and debug logs from becoming root-owned.
infer cache owner from parent dir in correct-mkdir util
ensure correct owner on cached all-packages metadata
report server error on failure
Fix npm ci with file: dependencies.

Revision / (download) - annotate - [select for diffs], Wed Jul 10 15:15:40 2019 UTC (4 years, 9 months ago) by bsiegert
Branch: pkgsrc-2019Q2
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored) next main 1.23 (colored)

Pullup ticket #5992 - requested by nia
lang/npm: build fix

Revisions pulled up:
- lang/npm/Makefile                                             1.24

   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Tue Jul  9 14:10:54 UTC 2019

   Modified Files:
   	pkgsrc/lang/npm: Makefile

   Log Message:
   npm: Add bash to USE_TOOLS.

Revision 1.24 / (download) - annotate - [select for diffs], Tue Jul 9 14:10:54 2019 UTC (4 years, 9 months ago) by nia
Branch: MAIN
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)

npm: Add bash to USE_TOOLS.

Revision 1.23 / (download) - annotate - [select for diffs], Mon Jul 1 10:50:32 2019 UTC (4 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.22: +3 -4 lines
Diff to previous 1.22 (colored)

npm: updated to 6.9.2

This release is identical to v6.9.1, but we had to publish a new version due to a .git directory in the release.

Update knownBroken version.
Fix outdated rendering for global dependencies.
Fix OTP for token create and remove.


Revision 1.22 / (download) - annotate - [select for diffs], Thu Apr 25 07:33:03 2019 UTC (4 years, 11 months ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base
Branch point for: pkgsrc-2019Q2
Changes since 1.21: +2 -1 lines
Diff to previous 1.21 (colored)

PKGREVISION bump for anything using python without a PYPKGPREFIX.

This is a semi-manual PKGREVISION bump.

Revision 1.21 / (download) - annotate - [select for diffs], Thu Mar 7 09:22:48 2019 UTC (5 years, 1 month ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1
Changes since 1.20: +5 -6 lines
Diff to previous 1.20 (colored)

npm: updated to 6.9.0

* Time traveling installs using the --before flag.
* Add support for package aliases. This allows packages to be installed under a
  different directory than the package name listed in package.json, and adds a
  new dependency type to allow this to be done for registry dependencies.
* Always save package-lock.json when using --package-lock-only.
* Make empty-string run-scripts run successfully as a no-op.
* Match git semver ranges when flattening the tree.
* Re-enable updating local packages.

* Set modified to undefined in npm view when time is not available. This
  fixes a bug where npm view would crash on certain third-party registries.
* Print out tar version in only when the flag is supported not all
  the tar implementations support --version flag. This allows the install script
  to work in OpenBSD, for example.
* Fix typo in error message for npm stars.
* Strip version info from pkg on E404. This improves the error messaging format.

* Add npm add as alias to npm install in docs.
* Fix link to RFC 10 in the changelog.
* Describe exit codes in npm-audit docs.

Revision 1.20 / (download) - annotate - [select for diffs], Wed Mar 6 10:07:35 2019 UTC (5 years, 1 month ago) by maya
Branch: MAIN
Changes since 1.19: +1 -7 lines
Diff to previous 1.19 (colored)

npm: remove entirely commented out section

Revision 1.19 / (download) - annotate - [select for diffs], Wed Mar 6 09:42:09 2019 UTC (5 years, 1 month ago) by maya
Branch: MAIN
Changes since 1.18: +15 -5 lines
Diff to previous 1.18 (colored)

npm: use a different way to install to PKGMANDIR.
(Moving a relative symlink to another directory breaks it)


Revision 1.18 / (download) - annotate - [select for diffs], Thu Feb 14 10:36:40 2019 UTC (5 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)

npm: updated to 6.8.0


This release includes an implementation of [RFC 10], documenting an optional field that can be used to specify
the directory path for a package within a monorepo.

* Update package.json docs to include details.

* Add @types to ignore list to fix git clean -fd.
* Fix common.npm callback arguments.
* Show installed but unmet peer deps.
* Use figgy-config to make sure extra opts are there.
* Fix ls-collaborators access error for non-scoped case.
* Fix issue with sub-folder local references.

* npm-registry-couchapp@2.7.1
* npm-registry-fetch@3.9.0:
* Make sure publishing with legacy username:password _auth works again.
* pacote@9.4.1
* normalize-package-data@2.5.0
* npm-packlist@1.3.0
* read-package-tree@5.2.2

* Use const in lib/
* Replace ronn with marked-man in .npmignore.
* Reduce work to test if executable ends with a 'g'.

Revision 1.17 / (download) - annotate - [select for diffs], Thu Jan 24 08:31:18 2019 UTC (5 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)

npm: updated to 6.7.0


Hey y'all! This is a quick hotfix release that includes some important fixes to npm@6.6.0 related to the large rewrite/refactor. We're tagging it as a feature release because the changes involve some minor new features, and semver is semver, but there's nothing major here.

Improve usage errors to npm org commands and add optional filtering to npm org ls subcommand.

Fix default usage printout for npm org so you actually see how it's supposed to be used.
fix default usage message for npm hook

Add manpage for npm org command.

Fall back to "fullfat" packuments on ETARGET errors. This will make it so that, when a package is published but the corgi follower hasn't caught up, users can still install a freshly-published package.
Fixes auth error for username/password legacy authentication.
Fixes issue with "cannot run in wd" errors for run-scripts.
Fixes issues with leaking signal-exit instances and file descriptors.

Revision 1.16 / (download) - annotate - [select for diffs], Tue Jan 22 11:19:17 2019 UTC (5 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.15: +5 -5 lines
Diff to previous 1.15 (colored)

npm: updated to 6.6.0



Today is an auspicious day! This release marks the end of a massive internal refactor to npm that means we finally got rid of the legacy npm-registry-client in favor of the shiny, new, window.fetch-like npm-registry-fetch.

Now, the installer had already done most of this work with the release of npm@5, but it turns out every other command still used the legacy client. This release updates all of those commands to use the new client, and while we're at it, adds a few extra goodies:

All OTP-requiring commands will now prompt. --otp is no longer required for dist-tag, access, et al.
We're starting to integrate a new config system which will eventually get extracted into a standalone package.
We now use libnpm for the API functionality of a lot of our commands! That means you can install a library if you want to write your own tooling around them.
There's now an npm org command for managing users in your org.
pacote now consumes npm-style configurations, instead of its own naming for various config vars. This will make it easier to load npm configs using libnpm.config and hand them directly to pacote.

Make npm dist-tags the same as npm dist-tag ls.
Add support for IBM i.
Update profile to support new npm-profile API.

Fix support for passing git binary path config with --git.
Check for npm.config's existence in error-handler.js to prevent weird errors when failures happen before config object is loaded.
Fix checking for optional dependencies.
Remove tink experiments.
Handle git branch references correctly.
Report any errors above 400 as potentially not supporting audit.
Set default homepage to an empty string.
Fix npm-prefix description.

Fix typo in npm-token documentation.
Correct docs for fake-registry interface.

Revision 1.15 / (download) - annotate - [select for diffs], Tue Jan 8 14:53:49 2019 UTC (5 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.14: +4 -4 lines
Diff to previous 1.14 (colored)

npm: updated to 6.5.0

Backronym npm ci to npm clean-install.
Adds 'Homepage' to outdated --long output.

Fix sign-git-commit options. They were previously totally wrong.
Set lowercase headers for npm audit requests.
Fix npm edit handling of scoped packages.
Make summary output for npm ci go to stdout, not stderr.
Close the file descriptor during publish if exiting upload via an error. This will prevent strange error messages when the upload fails and make sure
cleanup happens correctly.

Revision 1.14 / (download) - annotate - [select for diffs], Sat Dec 15 21:12:21 2018 UTC (5 years, 4 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base, pkgsrc-2018Q4
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)

*: update email for fhajny

Revision 1.13 / (download) - annotate - [select for diffs], Fri Sep 7 11:51:10 2018 UTC (5 years, 7 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base, pkgsrc-2018Q3
Changes since 1.12: +2 -3 lines
Diff to previous 1.12 (colored)

lang/npm: Update to 6.4.1.



- Prevent blowing up on malformed responses from the npm audit
  endpoint, such as with third-party registries.
- Fix NO_PROXY support by renaming npm-side config to --noproxy. The
  environment variable should still work.
- Disable update-notifier checks when a CI environment is detected.
- Fix issue where postpack scripts would break if pack was used with


- figgy-pudding@3.4.1
- cacache@11.2.0
- npm-packlist@1.1.11
- libcipm@2.0.2
- JSONStream@1.3.4
- npm-lifecycle@2.1.0
- npm-registry-client@8.6.0
- opener@1.5.0
- request@2.88.0
- tacks@1.2.7
- ci-info@1.4.0
- marked@0.5.0


- Mention registry terms of use in manpage and registry docs and
  update language in README for it.
- Add documentation for --dry-run in install and pack docs.
- Update republish time and lightly reorganize republish info.
- Correct npm@6.4.0 release date in changelog.
- Align command descriptions in help text.



- Search for authentication token defined by environment variables by
  preventing the translation layer from env variable to npm option
  from breaking :_authToken.
- Stop filtering out non-IPv4 addresses from local-addrs, making npm
  actually use IPv6 addresses when it must.
- Configurable audit level for non-zero exit npm audit currently exits
  with exit code 1 if any vulnerabilities are found of any level. Add
  a flag of --audit-level to npm audit to allow it to pass if only
  vulnerabilities below a certain level are found. Example: npm audit
  --audit-level=high will exit with 0 if only low or moderate level
  vulns are detected.


- Don't check for updates to npm when we are updating npm itself.

Revision 1.12 / (download) - annotate - [select for diffs], Sat Aug 25 20:46:28 2018 UTC (5 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)

npm: fix building with PKGREVISION

Revision 1.11 / (download) - annotate - [select for diffs], Wed Aug 22 09:45:21 2018 UTC (5 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.10: +2 -1 lines
Diff to previous 1.10 (colored)

Recursive bump for perl5-5.28.0

Revision 1.10 / (download) - annotate - [select for diffs], Thu Aug 2 12:28:35 2018 UTC (5 years, 8 months ago) by fhajny
Branch: MAIN
Changes since 1.9: +9 -8 lines
Diff to previous 1.9 (colored)

lang/npm: Update tp 6.3.0.

## v6.3.0 (2018-08-01):

- `figgy-pudding@3.2.0`
- `cacache@11.1.0`

## v6.3.0-next.0 (2018-07-25):


- `npm version` now supports a `--preid` option to specify the preid
  for prereleases. For example, `npm version premajor --preid rc` will tag
  a version like `2.0.0-rc.0`.


- Make `npm audit fix` message provide better instructions for
  vulnerabilities that require manual review.
- Fix missing colon next to tarball url in new `npm view` output.
- Use the defaut OTP explanation everywhere except when the context is
  "OTP-aware" (like when setting double-authentication). This improves
  the overall CLI messaging when prompting for an OTP code.

### MISC

- Use the extracted `stringify-package` package.
- `wrappy` was previously added to dependencies in order to flatten
  it, but we no longer do legacy-style for npm itself, so it has been
  removed from `package.json`.

## v6.2.0 (2018-07-13):


- Add support for tab-separated output for `npm audit` data with the
  `--parseable` flag.
- Add new `sign-git-commit` config to control whether the git commit
  itself gets signed, or just the tag (which is the default).


- Do not use `SET` to fetch the env in git-bash or Cygwin.


- `request@2.81.0`: Downgraded to allow better deduplication. This
  does introduce a bunch of `hoek`-related audit reports, but they don't
  affect npm itself so we consider it safe. We'll upgrade `request` again
  once `node-gyp` unpins it.
- `node-gyp@3.7.0`
_ `cli-table3@0.5.0`: `cli-table2` is unmaintained and required
  `lodash`. With this dependency bump, we've removed `lodash` from our tree,
  which cut back tarball size by another 300kb.
- `npm-audit-report@1.3.1`
- Add `cli-table3` to bundleDeps.
- Make `standard` happy.

## v6.2.0-next.1 (2018-07-05):

- Remove postinstall script that depended on source files, thus
  preventing `npm@next` from being installable from the registry.

## v6.2.0-next.0 (2018-06-28):


- You can now disable the update notifier entirely by using
  `--no-update-notifier` or setting it in your config with `npm config
  set update-notifier false`.
- When `npm run-script <script>` fails due to a typo or missing
  script, npm will now do a "did you mean?..." for scripts that do exist.


- Fix the regular expression matching in `xcode_emulation` in
  `node-gyp` to also handle version numbers with multiple-digit major
  versions which would otherwise break under use of XCode 10.
- Stop trying to hoist/dedupe bundles dependencies.
- Add synopsis to brief help for `npm audit` and suppress trailing
- Exclude /.github directory from npm tarball.
- Add suggestion to use a temporary cache instead of `npm cache clear


We did some reshuffling and moving around of npm's own dependencies.
This significantly reduces the total bundle size of the npm pack,
from 8MB to 4.8MB for the distributed tarball! We also moved around
what we actually commit to the repo as far as devDeps go.

- Flatten and dedupe our dependencies!
- Remove unused direct dependency `ansi-regex`.
- Reshuffle ansi-regex for better deduping.
- Reshuffle strip-ansi for better deduping.
- Reshuffle is-fullwidth-code-point for better deduping.
- Add fake-registry, npm-registry-mock replacement.


- `tar@4.4.3`
- `pacote@8.1.6`
- `libcipm@2.0.0`
- `request@2.87.0`
- `which@1.3.1`
- `tar@4.4.4`
- `JSONStream@1.3.3`
- `is-cidr@2.0.6`
- `marked@0.4.0`
- `tap@12.0.1`
- `npm-profile@3.0.2`
- `uuid@3.3.2`

Revision 1.9 / (download) - annotate - [select for diffs], Tue Jul 10 15:57:00 2018 UTC (5 years, 9 months ago) by jperkin
Branch: MAIN
Changes since 1.8: +4 -2 lines
Diff to previous 1.8 (colored)

npm: Switch to regular DEPENDS.

This needs to be able to be installed against any nodejs version, and
can be as no native modules are used.  Bump PKGREVISION.

Revision 1.8 / (download) - annotate - [select for diffs], Tue Jul 3 05:03:22 2018 UTC (5 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)

extend PYTHON_VERSIONS_ for Python 3.7

Revision 1.7 / (download) - annotate - [select for diffs], Thu Jun 28 11:28:01 2018 UTC (5 years, 9 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2
Changes since 1.6: +4 -4 lines
Diff to previous 1.6 (colored)

lang/npm: Set proper env for build/install, ensure FAKEHOME is used.

Revision 1.6 / (download) - annotate - [select for diffs], Thu May 24 14:14:43 2018 UTC (5 years, 10 months ago) by fhajny
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

Update lang/npm to 6.1.0.

- NEW FEATURE: npm audit fix
  - Add support for npm audit --json to print the report in JSON
  - Include number of audited packages in npm install summary output.
  - Overhaul audit install and detail output format.
- NEW FEATURE: GIT DEPS AND npm init <pkg>!
  - When requesting the update of a direct dependency that was also a
    transitive dependency to a version incompatible with the
    transitive requirement and you had a lock-file but did not have a
    node_modules folder then npm would fail to provide a new copy of the
    transitive dependency, resulting in an invalid lock-file that could
    not self heal.
  - Cleanup output of npm ci summary report.
  - Node.js now has a test that scans for things that look like
    conflict markers in source code. This was triggering false
    positives on a fixture in a test of npm's ability to heal lockfiles
    with conflicts in them.
  - Make the new npm view work when the license field is an object
    instead of a string.
  - Add support for environments (like Docker) where the expected
    binary for opening external URLs is not available.
  - Fix a spurious colon in the new update notifier message and add
    support for the npm canary.
  - Infer a version range when a package.json has a dist-tag instead
    of a version range in one of its dependency specs. Previously,
    this would cause dependencies to be flagged as invalid.
  - Make sure scoped bundled deps are shown in the new publish
    preview, too.
  - Stop dropping size from metadata on npm cache verify.
  - Fix nested command aliases.
  - Make sure different versions of the Path env var on Windows all
    get node_modules/.bin prepended when running lifecycle scripts.

Revision 1.5 / (download) - annotate - [select for diffs], Fri May 11 09:37:13 2018 UTC (5 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.4: +2 -3 lines
Diff to previous 1.4 (colored)

npm: updated to 6.0.1

lockfile@1.0.4: Switches to signal-exit to detect abnormal exits and remove locks.

If a published modules had legacy npm-shrinkwrap.json we were saving ordinary registry dependencies (name@version) to your package-lock.json as https:// URLs instead of versions.

* When saving the lock-file compute how the dependency is being required instead of using _resolved in the package.json. This fixes the bug that was converting registry dependencies into https:// dependencies.
* When encountering a https:// URL in our lockfiles that point at our default registry, extract the version and use them as registry dependencies. This lets us heal package-lock.json files produced by 6.0.0

You can't use it quite yet, but we do have a few last moment patches to npm audit to make it even better when it is turned on!

Revision 1.4 / (download) - annotate - [select for diffs], Fri May 4 13:23:53 2018 UTC (5 years, 11 months ago) by fhajny
Branch: MAIN
Changes since 1.3: +11 -1 lines
Diff to previous 1.3 (colored)

lang/npm: Limit Python version to 2.7, fix path to interpreter.

Revision 1.3 / (download) - annotate - [select for diffs], Fri May 4 09:40:02 2018 UTC (5 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.2: +11 -9 lines
Diff to previous 1.2 (colored)

npm: fixes for rebuild; small cleanups

Revision 1.2 / (download) - annotate - [select for diffs], Thu May 3 21:09:17 2018 UTC (5 years, 11 months ago) by fhajny
Branch: MAIN
Changes since 1.1: +9 -1 lines
Diff to previous 1.1 (colored)

lang/npm: Make sure we don't fetch when building.

Revision 1.1 / (download) - annotate - [select for diffs], Wed May 2 17:03:09 2018 UTC (5 years, 11 months ago) by fhajny
Branch: MAIN

lang/npm: Import npm 6.0.0.

npm is a package manager for node. You can use it to install and
publish your node programs.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

CVSweb <>