Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deps: upgrade npm to 4.0.5 #10330

Closed
wants to merge 1 commit into from
Closed

deps: upgrade npm to 4.0.5 #10330

wants to merge 1 commit into from

Conversation

zkat
Copy link
Contributor

@zkat zkat commented Dec 19, 2016

Checklist
  • make -j8 test (UNIX), or vcbuild test nosign (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
Affected core subsystem(s)
  • deps
Description of change
Breaking Changes
  • npm search rewritten to stream results, and no longer supports sorting.
  • npm scripts no longer prepend the path of the node executable used to run npm before running scripts. A --scripts-prepend-node-path option has been added to configure this behavior. (/cc @addaleax)
  • prepublish has been deprecated, replaced by prepare. A prepublishOnly script has been temporarily added, which will only run on npm publish. NOTE: This change only affects users publishing new versions of their packages and developers installing through git and local deps. Registry installs should be (mostly) unaffected by this change.
  • npm outdated exits with exit code 1 if it finds any outdated packages. (/cc @watilde)
  • npm tag has been removed after a deprecation cycle. Use npm dist-tag.
  • Partial shrinkwraps are no longer supported. npm-shrinkwrap.json is considered a complete installation manifest except for devDependencies. This will affect certain projects that relied heavily on this feature, most notably hapi.
  • devDependencies are now included in npm-shrinkwrap.json by default. This should make the transition to npm@5 easier.
Other Notable Changes
  • npm will now send Npm-In-CI and Npm-Scope headers to registries when fetching modules. The former will allow registries to more accurately distinguish between CI and user traffic. The latter will allow registries to implement features on the basis of the scope of the project (rather than the module actually being installed).
  • d8471a2 npm/npm#12811 Fixes issue where npm install needed to be run twice when devDependencies had conflicting subdeps with dependencies. (@schmod)
Changelogs

r: @Fishrock123
r: @addaleax
r: @jasnell

@nodejs-github-bot nodejs-github-bot added npm Issues and PRs related to the npm client dependency or the npm registry. lts-watch-v6.x labels Dec 19, 2016
@addaleax addaleax mentioned this pull request Dec 19, 2016
4 tasks
@addaleax
Copy link
Member

CI: https://ci.nodejs.org/job/node-test-commit/6719/

I’m +1 on pulling this into Node 7.

@Fishrock123
Copy link
Contributor

Fishrock123 commented Dec 19, 2016

@addaleax Remember, the regular CI does not significantly test npm. make test-npm passes for me, it is only a matter of deciding when to land into v7.

@Fishrock123
Copy link
Contributor

I'll merge this to master after we discuss it on the CTC agenda tomorrow.

@jasnell
Copy link
Member

jasnell commented Dec 21, 2016

Discussed briefly on the CTC call today but we did not have quorum to make any actual decisions. There were no objections to getting this landed in master or v7. @nodejs/ctc ... if anyone has objections please raise them here as soon as possible!

Copy link
Contributor

@MylesBorins MylesBorins left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tests pass locally LGTM

@MylesBorins
Copy link
Contributor

landed in 9946519

MylesBorins pushed a commit that referenced this pull request Dec 28, 2016
PR-URL: #10330
Reviewed-By: Myles Borins <[email protected]>
@evanlucas
Copy link
Contributor

Should this be marked semver-minor?

@addaleax addaleax added the semver-minor PRs that contain new features and should be released in the next minor version. label Jan 4, 2017
@addaleax
Copy link
Member

addaleax commented Jan 4, 2017

@evanlucas Yea, I think that makes sense here

evanlucas pushed a commit that referenced this pull request Jan 4, 2017
PR-URL: #10330
Reviewed-By: Myles Borins <[email protected]>
evanlucas added a commit that referenced this pull request Jan 4, 2017
Notable changes:

* buffer:
  - Improve performance of Buffer allocation by ~11% (Brian White) #10443
  - Improve performance of Buffer.from() by ~50% (Brian White) #10443
* events: Improve performance of EventEmitter.once() by ~27% (Brian White) #10445
* fs: Allow passing Uint8Array to fs methods where Buffers are supported. (Anna Henningsen) #10382
* http: Improve performance of http server by ~7% (Brian White) #6533
* npm: Upgrade to v4.0.5 (Kat Marchán) #10330

PR-URL: #10589
evanlucas added a commit that referenced this pull request Jan 4, 2017
Notable changes:

* buffer:
  - Improve performance of Buffer allocation by ~11% (Brian White) #10443
  - Improve performance of Buffer.from() by ~50% (Brian White) #10443
* events: Improve performance of EventEmitter.once() by ~27% (Brian White) #10445
* fs: Allow passing Uint8Array to fs methods where Buffers are supported. (Anna Henningsen) #10382
* http: Improve performance of http server by ~7% (Brian White) #6533
* npm: Upgrade to v4.0.5 (Kat Marchán) #10330

PR-URL: #10589
@egoroof

This comment was marked as abuse.

@jdalton
Copy link
Member

jdalton commented Jan 5, 2017

@zkat

Can you cover the shrinkwrap change a bit more? The two notes state:

Partial shrinkwraps are no longer supported. npm-shrinkwrap.json is considered a complete installation manifest except for devDependencies. This will affect certain projects that relied heavily on this feature, most notably hapi.

devDependencies are now included in npm-shrinkwrap.json by default. This should make the transition to npm@5 easier.

The lines that are throwing me are:

npm-shrinkwrap.json is considered a complete installation manifest except for devDependencies.

Followed by:

devDependencies are now included in npm-shrinkwrap.json by default.

Are devDepenencies included but somehow treated less complete than direct dependencies?

@azu azu mentioned this pull request Jan 6, 2017
@zkat
Copy link
Contributor Author

zkat commented Jan 6, 2017

@jdalton I'm gonna ping @iarna on this to check this cause I may be confused (and this stuff is changing again soon), but lmk if this helps clarify things:

Command State Result
npm shrinkwrap No shrinkwrap all dependencies, including devDependencies, end up in npm-shrinkwrap.json
npm shrinkwrap Existing shrinkwrap, devDeps not present devDependencies added to npm-shrinkwrap.json
npm i existing npm-shrinkwrap.json from above, with devDeps in it installation is done entirely from shrinkwrap
npm i npm-shrinkwrap.json was created without devDeps (or there's missing devDeps) dependencies installed from shrinkwrap, devDependencies picked up from package.json and added.

@jdalton
Copy link
Member

jdalton commented Jan 6, 2017

@zkat

but lmk if this helps clarify things

It does. Thank you!

@Trott Trott removed the ctc-agenda label Feb 9, 2017
imyller added a commit to imyller/meta-nodejs that referenced this pull request Mar 2, 2017
    Notable changes:

    * buffer:
      - Improve performance of Buffer allocation by ~11% (Brian White) nodejs/node#10443
      - Improve performance of Buffer.from() by ~50% (Brian White) nodejs/node#10443
    * events: Improve performance of EventEmitter.once() by ~27% (Brian White) nodejs/node#10445
    * fs: Allow passing Uint8Array to fs methods where Buffers are supported. (Anna Henningsen) nodejs/node#10382
    * http: Improve performance of http server by ~7% (Brian White) nodejs/node#6533
    * npm: Upgrade to v4.0.5 (Kat Marchán) nodejs/node#10330

    PR-URL: nodejs/node#10589

Signed-off-by: Ilkka Myller <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
npm Issues and PRs related to the npm client dependency or the npm registry. semver-minor PRs that contain new features and should be released in the next minor version.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

10 participants