Create a new pull request by comparing changes across two branches #134
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BREAKING CHANGE: npm will no longer fall back to the old audit endpoint if the bulk advisory request fails. This legacy code has a long tail in npm. Getting rid of it was difficult because of how load-bearing some of those requests were in tests. This PR removes the old "mock server" that arborist tests spun up, and moved that logic into the existing mock registry that the cli uses. This will allow us to consolidate our logic in tests, and also outline more granularly which tests actually make registry requests. A few tests that were testing just the fallback behavior were also removed.
Adding support to [module.enableCompileCache](https://nodejs.org/docs/v22.11.0/api/module.html#moduleenablecompilecachecachedir), added by nodejs/node#54501, Typescript got [2.5x perf on tsc](https://devblogs.microsoft.com/typescript/announcing-typescript-5-7-beta/#support-for-v8-compile-caching-in-node.js). On my machine, for the command `--version`, I got the following results: ```bash Benchmark 1: node bin/npm-cli.js --version Time (mean ± σ): 58.0 ms ± 1.1 ms [User: 51.8 ms, System: 16.8 ms] Range (min … max): 56.5 ms … 62.6 ms 51 runs Benchmark 2: node bin/npm-cli-with-cache.js --version Time (mean ± σ): 52.9 ms ± 1.0 ms [User: 46.5 ms, System: 16.8 ms] Range (min … max): 51.4 ms … 55.5 ms 56 runs Summary 'node bin/npm-cli-with-cache.js --version' ran 1.10 ± 0.03 times faster than 'node bin/npm-cli.js --version' ``` I run the same test with `npm run empty` and I got the same 10% improvement.
BREAKING CHANGE: `--ignore-scripts` now applies to all lifecycle scripts, include `prepare`
BREAKING CHANGE: When publishing a package with a pre-release version, you must explicitly specify a tag. ref: npm/statusboard#898
Update the list of the cli repos, as its been a while. And fix `which`'s association with its repo.
A few of our tests necessarily use npm's own local version in its package.json, and those tests need to be fixed for the new breaking change that requires an explicit dist tag.
BREAKING CHANGE: `bun.lockb` files are now included in the strict ignore list during packing
Adds bun lockfile, and points to the package.json docs as the authoritative list for ignore rules in the cli docs.
The v10 branch is where new changelog entries for npm@10 get added ref: https://github.com/npm/cli/tree/release/v10
cafile is the correct config key Closes: npm/documentation#1337
BREAKING CHANGE: `npm init` now has a `type` prompt, and sorts the entries the created packages differently
Fixed code to deal w/ new esm export
BREAKING CHANGE: Upon publishing, in order to apply a default "latest" dist tag, the command now retrieves all prior versions of the package. It will require that the version you're trying to publish is above the latest semver version in the registry, not including pre-release tags. Implements [npm RFC7](https://github.com/npm/rfcs/blob/main/accepted/0007-publish-without-tag.md). Related to prerelease dist-tag: #7910 A part of npm 11 roadmap: npm/statusboard#898 --------- Co-authored-by: Jordan Harband <[email protected]>
Removed npm 8 design change pending section note section from the documentation for `npm ls` https://docs.npmjs.com/cli/v10/commands/npm-ls?v=true#note-design-changes-pending Closes npm/documentation#1365, #6773
unnecessary files in node_modules
When searching for multiple terms in npm, the highlighting code has a bug where it duplicates the output any time there are matching terms. This fixes the highlighting code. Before:  After: 
Certain project dependency trees may result in an SBOM with duplicate entries. This fix ensures that each unique dependency (identified by the combination of package name and version) only appears in the SBOM once. Applies to both SPDX and CycloneDX SBOM formats. Specific to the CycloneDX format, this change also removes the `cdx:npm:package:path` property from the `component` entries in the generated SBOM. Since the same package may be present at multiple paths within the project and we're now de-duplicating those packages, it no longer makes sense to include this in the SBOM. This does not impact the SPDX format as there is no equivalent property. Fixes: #6967 Signed-off-by: Brian DeHamer <[email protected]>
GulajavaMinistudio
merged commit d2f6338
into
GulajavaMinistudio:latest
15 checks passed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.