-
Notifications
You must be signed in to change notification settings - Fork 29.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Closes: #16280 PR-URL: #16509 Fixes: #14161 Reviewed-By: Daijiro Wachi <[email protected]> Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
- Loading branch information
1 parent
4359a93
commit 0d7e4d2
Showing
1,388 changed files
with
92,493 additions
and
19,935 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,118 @@ | ||
| ## v5.5.1 (2017-10-04): | ||
|
|
||
| A very quick, record time, patch release, of a bug fix to a (sigh) last minute bug fix. | ||
|
|
||
| * [`e628e058b`](https://github.com/npm/npm/commit/e628e058b) | ||
| Fix login to properly recognize OTP request and store bearer tokens. | ||
| ([@Rebecca Turner](https://github.com/Rebecca Turner)) | ||
|
|
||
| ## v5.5.0 (2017-10-04): | ||
|
|
||
| Hey y'all, this is a big new feature release! We've got some security | ||
| related goodies plus a some quality-of-life improvements for anyone who uses | ||
| the public registry (so, virtually everyone). | ||
|
|
||
| The changes largely came together in one piece, so I'm just gonna leave the commit line here: | ||
|
|
||
| * [`f6ebf5e8b`](https://github.com/npm/npm/commit/f6ebf5e8bd6a212c7661e248c62c423f2b54d978) | ||
| [`f97ad6a38`](https://github.com/npm/npm/commit/f97ad6a38412581d059108ea29be470acb4fa510) | ||
| [`f644018e6`](https://github.com/npm/npm/commit/f644018e6ef1ff7523c6ec60ae55a24e87a9d9ae) | ||
| [`8af91528c`](https://github.com/npm/npm/commit/8af91528ce6277cd3a8c7ca8c8102671baf10d2f) | ||
| [`346a34260`](https://github.com/npm/npm/commit/346a34260b5fba7de62717135f3e083cc4820853) | ||
| Two factor authentication, profile editing and token management. | ||
| ([@iarna](https://github.com/iarna)) | ||
|
|
||
| ### TWO FACTOR AUTHENTICATION | ||
|
|
||
| You can now enable two-factor authentication for your npm account. You can | ||
| even do it from the CLI. In fact, you have to, for the time being: | ||
|
|
||
| ``` | ||
| npm profile enable-tfa | ||
| ``` | ||
|
|
||
| With the default two-factor authentication mode you'll be prompted to enter | ||
| a one-time password when logging in, when publishing and when modifying access rights to | ||
| your modules. | ||
|
|
||
| ### TOKEN MANAGEMENT | ||
|
|
||
| You can now create, list and delete authentication tokens from the comfort | ||
| of the command line. Authentication tokens created this way can have NEW | ||
| restrictions placed on them. For instance, you can create a `read-only` | ||
| token to give to your CI. It will be able to download your private modules | ||
| but it won't be able to publish or modify modules. You can also create | ||
| tokens that can only be used from certain network addresses. This way you | ||
| can lock down access to your corporate VPN or other trusted machines. | ||
|
|
||
| Deleting tokens isn't new, you could [do it via the | ||
| website](https://www.npmjs.com/settings/tokens) but now you can do it via | ||
| the CLI as well. | ||
|
|
||
| ### CHANGE YOUR PASSWORD, SET YOUR EMAIL | ||
|
|
||
| You can finally change your password from the CLI with `npm profile set | ||
| password`! You can also update your email address with `npm profile set | ||
| email <address>`. If you change your email address we'll send you a new | ||
| verification email so you verify that its yours. | ||
|
|
||
| ### AND EVERYTHING ELSE ON YOUR PROFILE | ||
|
|
||
| You can also update all of the other attributes of your profile that | ||
| previously you could only update via the website: `fullname`, `homepage`, | ||
| `freenode`, `twitter` and `github`. | ||
|
|
||
| ### AVAILABLE STAND ALONE | ||
|
|
||
| All of these features were implemented in a stand alone library, so if you | ||
| have use for them in your own project you can find them in | ||
| [npm-profile](https://www.npmjs.com/package/npm-profile) on the registry. | ||
| There's also a little mini-cli written just for it at | ||
| [npm-profile-cli](https://www.npmjs.com/package/npm-profile-cli). You might | ||
| also be interested in the [API | ||
| documentation](https://github.com/npm/registry/tree/master/docs) for these | ||
| new features: [user profile editing](https://github.com/npm/registry/blob/master/docs/user/profile.md) and | ||
| [authentication](https://github.com/npm/registry/blob/master/docs/user/authentication.md). | ||
|
|
||
| ### BUG FIXES | ||
|
|
||
| * [`5ee55dc71`](https://github.com/npm/npm/commit/5ee55dc71b8b74b8418c3d5ec17483a07b3b6777) | ||
| install.sh: Drop support for upgrading from npm@1 as npm@5 can't run on | ||
| any Node.js version that ships npm@1. This fixes an issue some folks were seeing when trying | ||
| to upgrade using `curl | http://npmjs.com/install.sh`. | ||
| ([@iarna](https://github.com/iarna)) | ||
| * [`5cad1699a`](https://github.com/npm/npm/commit/5cad1699a7a0fc85ac7f77a95087a9647f75e344) | ||
| `[email protected]` Fix a bug where when more than one lifecycle script | ||
| got queued to run, npm would crash. | ||
| ([@zkat](https://github.com/zkat)) | ||
| * [`cd256cbb2`](https://github.com/npm/npm/commit/cd256cbb2f97fcbcb82237e94b66eac80e493626) | ||
| `[email protected]` Fix a bug where test directories would always be | ||
| excluded from published modules. | ||
| ([@isaacs](https://github.com/isaacs)) | ||
| * [`2a11f0215`](https://github.com/npm/npm/commit/2a11f021561acb1eb1ad4ad45ad955793b1eb4af) | ||
| Fix formatting of unsupported version warning | ||
| ([@iarna](https://github.com/iarna)) | ||
|
|
||
| ### DEPENDENCY UPDATES | ||
|
|
||
| * [`6d2a285a5`](https://github.com/npm/npm/commit/6d2a285a58655f10834f64d38449eb1f3c8b6c47) | ||
| `[email protected]` | ||
| * [`69e64e27b`](https://github.com/npm/npm/commit/69e64e27bf58efd0b76b3cf6e8182c77f8cc452f) | ||
| `[email protected]` | ||
| * [`34e0f4209`](https://github.com/npm/npm/commit/34e0f42090f6153eb5462f742e402813e4da56c8) | ||
| `[email protected]` | ||
| * [`10d31739d`](https://github.com/npm/npm/commit/10d31739d39765f1f0249f688bd934ffad92f872) | ||
| `[email protected]` | ||
| * [`2b02e86c0`](https://github.com/npm/npm/commit/2b02e86c06cf2a5fe7146404f5bfd27f190ee4f4) | ||
| `[email protected]` | ||
| * [`b81fff808`](https://github.com/npm/npm/commit/b81fff808ee269361d3dcf38c1b6019f1708ae02) | ||
| `[email protected]`: | ||
| Fixes a long standing bug in rimraf's attempts to work around Windows limitations | ||
| where it owns a file and can change its perms but can't remove it without | ||
| first changing its perms. This _may_ be an improvement for Windows users of npm under | ||
| some circumstances. | ||
| ([@isaacs](https://github.com/isaacs)) | ||
|
|
||
| ## v5.4.2 (2017-09-14): | ||
|
|
||
| This is a small bug fix release wrapping up most of the issues introduced with 5.4.0. | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,74 @@ | ||
| npm-profile(1) -- Change settings on your registry profile | ||
| ========================================================== | ||
|
|
||
| ## SYNOPSIS | ||
|
|
||
| npm profile get [--json|--parseable] [<property>] | ||
| npm profile set [--json|--parseable] <property> <value> | ||
| npm profile set password | ||
| npm profile enable-2fa [auth-and-writes|auth-only] | ||
| npm profile disable-2fa | ||
|
|
||
| ## DESCRIPTION | ||
|
|
||
| Change your profile information on the registry. This not be available if | ||
| you're using a non-npmjs registry. | ||
|
|
||
| * `npm profile get [<property>]`: | ||
| Display all of the properties of your profile, or one or more specific | ||
| properties. It looks like: | ||
|
|
||
| ``` | ||
| +-----------------+---------------------------+ | ||
| | name | example | | ||
| +-----------------+---------------------------+ | ||
| | email | [email protected] (verified) | | ||
| +-----------------+---------------------------+ | ||
| | two factor auth | auth-and-writes | | ||
| +-----------------+---------------------------+ | ||
| | fullname | Example User | | ||
| +-----------------+---------------------------+ | ||
| | homepage | | | ||
| +-----------------+---------------------------+ | ||
| | freenode | | | ||
| +-----------------+---------------------------+ | ||
| | twitter | | | ||
| +-----------------+---------------------------+ | ||
| | github | | | ||
| +-----------------+---------------------------+ | ||
| | created | 2015-02-26T01:38:35.892Z | | ||
| +-----------------+---------------------------+ | ||
| | updated | 2017-10-02T21:29:45.922Z | | ||
| +-----------------+---------------------------+ | ||
| ``` | ||
|
|
||
| * `npm profile set <property> <value>`: | ||
| Set the value of a profile property. You can set the following properties this way: | ||
| email, fullname, homepage, freenode, twitter, github | ||
|
|
||
| * `npm profile set password`: | ||
| Change your password. This is interactive, you'll be prompted for your | ||
| current password and a new password. You'll also be prompted for an OTP | ||
| if you have two-factor authentication enabled. | ||
|
|
||
| * `npm profile enable-2fa [auth-and-writes|auth-only]`: | ||
| Enables two-factor authentication. Defaults to `auth-and-writes` mode. Modes are: | ||
| * `auth-only`: Require an OTP when logging in or making changes to your | ||
| account's authentication. The OTP will be required on both the website | ||
| and the command line. | ||
| * `auth-and-writes`: Requires an OTP at all the times `auth-only` does, and also requires one when | ||
| publishing a module, setting the `latest` dist-tag, or changing access | ||
| via `npm access` and `npm owner`. | ||
|
|
||
| * `npm profile disable-2fa`: | ||
| Disables two-factor authentication. | ||
|
|
||
| ## DETAILS | ||
|
|
||
| All of the `npm profile` subcommands accept `--json` and `--parseable` and | ||
| will tailor their output based on those. Some of these commands may not be | ||
| available on non npmjs.com registries. | ||
|
|
||
| ## SEE ALSO | ||
|
|
||
| * npm-config(7) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| npm-token(1) -- Manage your authentication tokens | ||
| ================================================= | ||
|
|
||
| ## SYNOPSIS | ||
|
|
||
| npm token list [--json|--parseable] | ||
| npm token create [--read-only] [--cidr=1.1.1.1/24,2.2.2.2/16] | ||
| npm token delete <id|token> | ||
|
|
||
| ## DESCRIPTION | ||
|
|
||
| This list you list, create and delete authentication tokens. | ||
|
|
||
| * `npm token list`: | ||
| Shows a table of all active authentication tokens. You can request this as | ||
| JSON with `--json` or tab-separated values with `--parseable`. | ||
| ``` | ||
| +--------+---------+------------+----------+----------------+ | ||
| | id | token | created | read-only | CIDR whitelist | | ||
| +--------+---------+------------+----------+----------------+ | ||
| | 7f3134 | 1fa9ba… | 2017-10-02 | yes | | | ||
| +--------+---------+------------+----------+----------------+ | ||
| | c03241 | af7aef… | 2017-10-02 | no | 192.168.0.1/24 | | ||
| +--------+---------+------------+----------+----------------+ | ||
| | e0cf92 | 3a436a… | 2017-10-02 | no | | | ||
| +--------+---------+------------+----------+----------------+ | ||
| | 63eb9d | 74ef35… | 2017-09-28 | no | | | ||
| +--------+---------+------------+----------+----------------+ | ||
| | 2daaa8 | cbad5f… | 2017-09-26 | no | | | ||
| +--------+---------+------------+----------+----------------+ | ||
| | 68c2fe | 127e51… | 2017-09-23 | no | | | ||
| +--------+---------+------------+----------+----------------+ | ||
| | 6334e1 | 1dadd1… | 2017-09-23 | no | | | ||
| +--------+---------+------------+----------+----------------+ | ||
| ``` | ||
|
|
||
| * `npm token create [--read-only] [--cidr=<cidr-ranges>]`: | ||
| Create a new authentication token. It can be `--read-only` or accept a list of | ||
| [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) ranges to | ||
| limit use of this token to. This will prompt you for your password, and, if you have | ||
| two-factor authentication enabled, an otp. | ||
|
|
||
| ``` | ||
| +----------------+--------------------------------------+ | ||
| | token | a73c9572-f1b9-8983-983d-ba3ac3cc913d | | ||
| +----------------+--------------------------------------+ | ||
| | cidr_whitelist | | | ||
| +----------------+--------------------------------------+ | ||
| | readonly | false | | ||
| +----------------+--------------------------------------+ | ||
| | created | 2017-10-02T07:52:24.838Z | | ||
| +----------------+--------------------------------------+ | ||
| ``` | ||
|
|
||
| * `npm token delete <token|id>`: | ||
| This removes an authentication token, making it immediately unusable. This can accept | ||
| both complete tokens (as you get back from `npm token create` and will | ||
| find in your `.npmrc`) and ids as seen in the `npm token list` output. | ||
| This will NOT accept the truncated token found in `npm token list` output. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.