[Snyk] Upgrade npm from 6.4.1 to 6.13.0 #7
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade npm from 6.4.1 to 6.13.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.The recommended version fixes:
Release notes
6.13.0 (2019-11-05)
NEW FEATURES
4414b06d9
#273 add fund command (@ruyadorno)DOCUMENTATION
ae4c74d04
#274 migrate existing docs to gatsby (@claudiahdz)4ff1bb180
#277 updated documentation copy (@oletizi)BUG FIXES
e4455409f
#281 delete ps1 files on package removal (@NoDocCat)cd14d4701
#279 update supported node list to remove v6.0, v6.1, v9.0 - v9.2 (@ljharb)DEPENDENCIES
a37296b20
[email protected]
d3cb3abe8
[email protected]
TESTING
688cd97be
#272 use github actions for CI (@JasonEtco)9a2d8af84
#240 Clean up some flakiness and inconsistency (@isaacs)6.12.1 (2019-10-29)
BUG FIXES
6508e833d
#269 add node v13 as a supported version (@ljharb)b6588a8f7
#265 Fix regression in lockfile repair for sub-deps (@feelepxyz)d5dfe57a1
#266 resolve circular dependency in pack.js (@addaleax)DEPENDENCIES
73678bb59
[email protected]
4b76926e2
[email protected]
c691f36a9
[email protected]
5e1a14975
[email protected]
c194482d6
[email protected]
bc6a8e0ec
[email protected]
4dcca3cbb
[email protected]
6.12.0 (2019-10-08):
Now
npm ci
runs prepare scripts for git dependencies, and respects the--no-optional
argument. Warnings forengine
mismatches are printed again. Various other fixes and cleanups.BUG FIXES
890b245dc
#252 ci: add dirPacker to options (@claudiahdz)f3299acd0
#257 npm.community#4792 warn message on engine mismatch (@ruyadorno)bbc92fb8f
#259 npm.community#10288 Fix figgyPudding error innpm token
(@benblank)70f54dcb5
#241 doctor: Make OK more consistent (@gemal)FEATURES
ed993a29c
#249 Add CI environment variables to user-agent (@isaacs)f6b0459a4
#248 Add option to save package-lock without formatting Adds a new config--format-package-lock
, which defaults to true. (@bl00mber)DEPENDENCIES
0ca063c5d
[email protected]
:5df6b0ea2
[email protected]
:7e04f728c
[email protected]
5c380e5a3
[email protected]
(@isaacs)62f2ca692
[email protected]
(@isaacs)0ff0ea47a
[email protected]
(@isaacs)f46edae94
[email protected]
(@isaacs)TESTING
44a2b036b
#262 fix root-ownership race conditions in meta-test (@isaacs)Now
npm ci
runs prepare scripts for git dependencies, and respects the--no-optional
argument.BUG FIXES
890b245dc
#252 chore(ci): add dirPacker to options (@claudiahdz)DEPENDENCIES
0ca063c5d
[email protected]
:5df6b0ea2
[email protected]
:7e04f728c
[email protected]
6.11.3 (2019-09-03):
Fix npm ci regressions and npm outdated depth.
BUG FIXES
235ed1d28
#239 Don't override user specified depth in outdated. Restores ability to update packages using--depth
as suggested bynpm audit
. (@G-Rath)1fafb5151
#242 npm.community#9586 Revert "install: do not descend into directory deps' child modules" (@isaacs)cebf542e6
#243 npm.community#9720 ci: pass appropriate configs for file/dir modes (@isaacs)DEPENDENCIES
e5fbb7ed1
[email protected]
(@claudiahdz)23ce65616
[email protected]
(@claudiahdz)6.11.2 (2019-08-22):
Fix a recent Windows regression, and two long-standing Windows bugs. Also, get CI running on Windows, so these things are less likely in the future.
DEPENDENCIES
9778a1b87
[email protected]
: Fix regression where shims fail to preserve exit code (@isaacs)bf93e91d8
[email protected]
: Properly handle git+file: urls on Windows when a drive letter is included. (@isaacs)BUGFIXES
6cc4cc66f
escape args properly on Windows Bash Despite being bash, Node.js running on windows git mingw bash still executes child processes using cmd.exe. As a result, arguments in this environment need to be escaped in the style of cmd.exe, not bash. (@isaacs)TESTS
291aba7b8
make tests pass on Windows (@isaacs)fea3a023a
travis: run tests on Windows as well (@isaacs)6.11.1 (2019-08-20):
Fix a regression for windows command shim syntax.
37db29647
[email protected]
(@isaacs)v6.11.0 (2019-08-20):
A few meaty bugfixes, and introducing
peerDependenciesMeta
.FEATURES
a12341088
#224 Implements peerDependenciesMeta (@arcanis)2f3b79bba
#234 add new forbidden 403 error code (@claudiahdz)BUGFIXES
24acc9fc8
and45772af0d
#217 npm.community#8863 npm.community#9327 do not descend into directory deps' child modules, fix shrinkwrap files that inappropriately list child nodes of symlink packages (@isaacs and @salomvary)50cfe113d
#229 fixed typo in semver doc (@gall0ws)e8fb2a1bd
#231 Fix spelling mistakes in CHANGELOG-3.md (@XhmikosR)769d2e057
npm/uid-number#7 Better error on invalid--user
/--group
configs. This addresses the issue when people fail to install binary packages on Docker and other environments where there is no 'nobody' user. (@isaacs)8b43c9624
nodejs/node#28987 npm.community#6032 npm.community#6658 npm.community#6069 npm.community#9323 Fix the regression where random config values in a .npmrc file are not passed to lifecycle scripts, breaking build processes which rely on them. (@isaacs)8b85eaa47
save files with inferred ownership rather than relying onSUDO_UID
andSUDO_GID
. (@isaacs)b7f6e5f02
Infer ownership of shrinkwrap files (@isaacs)54b095d77
#235 Add spec to dist-tag remove function (@theberbie)DEPENDENCIES
dc8f9e52f
[email protected]
: Infer the ownership of all unpacked files innode_modules
, so that we never have user-owned files in root-owned folders, or root-owned files in user-owned folders. (@isaacs)bb33940c3
[email protected]
:9c93ac3
#2 npm#3380 Handle environment variables properly (@basbossink)2d277f8
#25 #36 #35 Fix 'no shebang' case by always providing$basedir
in shell script (@igorklopov)adaf20b
#26 Fix$*
causing an error when arguments contain parentheses (@satazor)49f0c13
#30 Fix paths for MSYS/MINGW bash (@dscho)51a8af3
#34 Add proper support for PowerShell (@ExE-Boss)4c37e04
#10 Work around quoted batch file names (@isaacs)a4e279544
[email protected]
(@isaacs):uid-number
raises an error7086a1809
[email protected]
(@isaacs)8845141f9
[email protected]
(@isaacs)51c028215
[email protected]
(@isaacs)534a5548c
[email protected]
(@isaacs)3038f2fd5
[email protected]
(@isaacs)a609a1648
[email protected]
(@isaacs)f0346f754
[email protected]
(@isaacs)ca9c615c8
[email protected]
(@isaacs)b417affbf
[email protected]
(@isaacs)TESTS
b6df0913c
#228 Proper handing of /usr/bin/node lifecycle-path test (@olivr70)aaf98e88c
[email protected]
(@isaacs)v6.10.3 (2019-08-06):
BUGFIXES
27cccfbda
#223 vulns → vulnerabilities in npm audit output (@sapegin)d5e865eb7
#222 #226 install, doctor: don't crash if registry unset (@dmitrydvorkin, @isaacs)5b3890226
#227 npm.community#9167 Handle unhandledRejections, tell user what to do when encountering anEACCES
error in the cache. (@isaacs)DEPENDENCIES
77516df6e
[email protected]
(@isaacs)ceb993590
[email protected]
(@isaacs)4050b9189
[email protected]
3b1d629
#48 fix http protocol using sshurl by default (@fengmk2)5d4a8d7
ignore noCommittish on tarball url generation (@isaacs)1692435
use gist tarball url that works for anonymous gists (@isaacs)d5cf830
Do not allow invalid gist urls (@isaacs)e518222
Use LRU cache to prevent unbounded memory consumption (@iarna)v6.10.2 (2019-07-23):
tl;dr - Fixes several issues with the cache when npm is run as
sudo
on Unix systems.TESTING
2a78b96f8
check test cache for root-owned files (@isaacs)108646ebc
run sudo tests on Travis-CI (@isaacs)cf984e946
set --no-esm tap flag (@isaacs)8e0a3100d
add script to run tests and leave fixtures for inspection and debugging (@isaacs)BUGFIXES
25f4f73f6
add a util for writing arbitrary files to cache This prevents metrics timing and debug logs from becoming root-owned. (@isaacs)2c61ce65d
infer cache owner from parent dir incorrect-mkdir
util (@isaacs)235e5d6df
ensure correct owner on cached all-packages metadata (@isaacs)e2d377bb6
npm.community#8540 audit: report server error on failure (@isaacs)52576a39e
#216 npm.community#5385 npm.community#6076 Fixnpm ci
withfile:
dependencies. Partially reverts #40/#86, recording dependencies of linked deps in order fornpm ci
to work. (@jfirebaugh)DEPENDENCIES
0fefdee13
[email protected]
(@isaacs)e1d87a392
[email protected]
(@isaacs)3f035bf09
[email protected]
(@isaacs)ba3283112
[email protected]
(@isaacs)ee90c334d
[email protected]
(@isaacs)1e480c384
[email protected]
(@isaacs)7662ee850
[email protected]
(@isaacs)1357fadc6
[email protected]
(@isaacs)a621b5cb6
[email protected]
(@isaacs)560cd31dd
[email protected]
(@isaacs)de7ae0867
[email protected]
(@isaacs)e95da463c
[email protected]
(@isaacs)554b641d4
[email protected]
(@isaacs)06772f34a
[email protected]
(@isaacs)85358db80
[email protected]
(@isaacs)051cf20
#26 fix switches for alternative shells on Windows (@gucong3000)3aaf954
#25 set only one PATH env variable for child process on Windows (@zkochan)ea18ed2
#36 #11 #18 remove procInterrupt listener on SIGINT in procError (@mattshin)5523951
#29 #30 Use platform specific path casing if present (@mattezell)Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs