[pull] latest from npm:latest #9
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
|
Your organization has reached the subscribed usage limit. You can upgrade your plan at https://www.codeautopilot.com/#pricing Disclaimer: This comment was entirely generated using AI. Be aware that the information provided may be incorrect. Current plan usage: 219.29% Have feedback or need help? |
This will fix the `npm cache add` to cache package with same header as it's used in `npm install` by adding extra manifest call with `fullMetadata: true` while caching to match behaviour with install command which internally request manifest with fullMetadata. ## References Closes #7465
<!-- What / Why --> <!-- Describe the request in detail. What it does and why it's being changed. --> Updates `publish` command docs: - Refers to `npm tag` which is now `npm dist-tag` - Add docs specific for `npm publish --tag` ## References <!-- Examples: Related to #0 Depends on #0 Blocked by #0 Fixes #0 Closes #0 -->
`npm publish --workspaces` will skip workspace packages marked as private in package.json. Currently it's skipping those packages only when you have configured auth for those packages, it would error out with `ENEEDAUTH` if it doesn't find the valid auth information. this fix checks for the private property before checking for auth for the packages that will essentially not going to get published. Fixes #7199
Invalid scripts warnings are gone that should not be there
unnecessary files in node_modules
When searching for multiple terms in npm, the highlighting code has a bug where it duplicates the output any time there are matching terms. This fixes the highlighting code. Before:  After: 
Certain project dependency trees may result in an SBOM with duplicate entries. This fix ensures that each unique dependency (identified by the combination of package name and version) only appears in the SBOM once. Applies to both SPDX and CycloneDX SBOM formats. Specific to the CycloneDX format, this change also removes the `cdx:npm:package:path` property from the `component` entries in the generated SBOM. Since the same package may be present at multiple paths within the project and we're now de-duplicating those packages, it no longer makes sense to include this in the SBOM. This does not impact the SPDX format as there is no equivalent property. Fixes: #6967 Signed-off-by: Brian DeHamer <[email protected]>
Noticed some of the resources pointed to external sites not controlled by npm or github and wanted to clean them up so they can't be squatted on.
Setting `tag` in `publishConfig` constitutes a "non default" scenario.
documentation of `ls` command specifies that `depth` flag if not set defaults to `1` but as per code it uses 0 as default value. https://github.com/npm/cli/blob/dc31c1bdc6658ab69554adcf2988ee99a615c409/lib/commands/ls.js#L113-L116 fixes: #7979
This PR fixes small typos in the documentation for "configuring npm/package-json"
Update the copy for "requirements" to specify that it is the Node.js support lifecycle that is key, not a specific version. Also removed the badges from the readme. Most of that info is already on the page as parsed by GitHub.
#8054 broke the smoke test because were publishing the current version in a test
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )