Permalink
Commits on Aug 12, 2016
  1. @iarna

    3.10.7

    iarna committed Aug 12, 2016
  2. @iarna

    update AUTHORS

    iarna committed Aug 12, 2016
  3. @iarna
  4. @iarna

    doc: update changelog for 3.10.7

    iarna committed Aug 12, 2016
  5. @iarna
Commits on Aug 11, 2016
  1. @iarna

    lodash.clonedeep@4.4.1

    Credit: @jdalton
    iarna committed Aug 11, 2016
  2. @iarna

    lodash.without@4.3.0

    Credit: @jdalton
    iarna committed Aug 11, 2016
  3. @iarna

    lodash.union@4.5.0

    Credit: @jdalton
    iarna committed Aug 11, 2016
  4. @iarna

    lodash.uniq@4.4.0

    Credit: @jdalton
    iarna committed Aug 11, 2016
  5. @iarna

    lodash.without@4.2.0

    Credit: @jdalton
    iarna committed Aug 11, 2016
  6. @iarna

    rimraf@2.5.4

    Clarify assertions: cb is required, options are not
    
    Fixes: isaacs/rimraf#111
    Credit: @isaacs
    iarna committed Aug 11, 2016
  7. @iarna

    minimatch@3.0.3

    Update minimatch to 3.0.3 to get fix for ReDOS vuln.
    
    Fixes: #13387
    PR-URL: #13415
    Credit: @isaacs
    iarna committed Aug 11, 2016
  8. @iarna

    tap@6.3.2

    iarna committed Aug 11, 2016
  9. @iarna

    marked@0.3.6

    iarna committed Aug 11, 2016
  10. @zarenner @iarna

    request@2.74.0

    Update request library to at least 2.73 to fix:
    npm install failed - Cannot read property 'emit' of null
    
    Fixes: #9984
    PR-URL: #13432
    Credit: @zarenner
    Reviewed-By: @iarna
    zarenner committed with iarna Jul 20, 2016
  11. @thefourtheye @iarna

    graceful-fs@4.1.5

    graceful-fs had a bug fix, isaacs/node-graceful-fs#71,
    which would fix the problem in Node.js nodejs/node#7846
    
    PR-URL: #13497
    Credit: @thefourtheye
    Reviewed-By: @iarna
    thefourtheye committed with iarna Jul 27, 2016
  12. @watilde @iarna

    error: Correct url in an error message of typeerror

    Credit: @watilde
    Reviewed-By: @iarna
    PR-URL: #13626
    watilde committed with iarna Aug 10, 2016
  13. @iarna

    shrinkwrap: Improve detection of pkgs req'd by top level dev deps

    Specifically, we now don't blow the stack on dev deps that have cycles.
    
    Fixes: #13327
    iarna committed Jul 14, 2016
  14. @zkat @iarna

    install: fix hiccup that caused a conflict

    Basically, there was some duck typing in `resolveWithNewModule`
    in situations where the function got a `package.json` from `npa`,
    rather than the internal request object.
    
    The issue reared its head because of a package that had `type`
    in its `package.json`, which confused the duck typing.
    
    Instead, the special case was inlined into (afaict) the only
    place where it was actually triggered from.
    
    Fixes: #11398
    Credit: @zkat
    PR-URL: #13635
    Reviewed-By: @iarna
    zkat committed with iarna Aug 11, 2016
  15. @danpaz @iarna

    doc: Clarify that npm@2 is required for scoped packages

    PR-URL: #10167
    Credit: @danpaz
    Reviewed-By: @othiym23
    danpaz committed with iarna Oct 30, 2015
  16. @zkat @iarna

    config: pretend login is a toplevel command

    The `login` command has long been an alias for `adduser`.
    
    At the same time, there is an expectation not just of that
    particular word being something to look for, but of there being
    clear symmetry with `logout`.
    
    So it was a bit confusing when `login` didn't show up in
    `npm help` on a technicality. This seems like an acceptable
    exception to the rule that says "no aliases in `npm help`".
    
    Fixes: #13581
    PR-URL: #13580
    Credit: @zkat
    Reviewed-By: @iarna
    zkat committed with iarna Aug 4, 2016
  17. @christophehurpeau @iarna
  18. @DaveEmmerson @iarna

    update-linked: Only warn about symlink update if version number differs

    The update-linked action outputs a warning that it needs to update the
    linked package, but can't, There is no need for the package to be updated if
    it is already at the correct version.  This change does a check before
    logging the warning.
    
    PR-URL: #12893
    Credit: @DaveEmmerson
    Reviewed-By: @iarna
    DaveEmmerson committed with iarna May 29, 2016
  19. @kossnocorp @iarna

    inflate-shrinkwrap: Determine equivalency of git deps correctly

    Prevent inflateShrinkwrap function from relying on a package version
    for git dependencies. That was the cause of two problems:
    
    1. When node_modules dir contains an outdated git dependency,
       it won't be updated during npm install.
    
    2. npm shrinkwrap command fails.
    
    Fixes: #12718.
    Credit: @kossnocorp
    PR-URL: #12770
    Reviewed-By: @iarna
    kossnocorp committed with iarna May 19, 2016
  20. @mhart @iarna

    install: add GIT_EXEC_PATH to git env whitelist

    Fixes: #13353
    PR-URL: #13358
    Credit: @mhart
    Reviewed-By: @othiym23
    mhart committed with iarna Jul 12, 2016
  21. @watilde @iarna

    readme: remove 0.8 from readme as well

    Credit: @watilde
    Reviewed-By: @iarna
    PR-URL: #13319
    watilde committed with iarna Jul 7, 2016
  22. @palmerj3 @iarna

    install: Run top level preinstall before installing dependencies

    Credit: @palmerj3
    Reviewed-By: @iarna
    PR-URL: #13259
    palmerj3 committed with iarna Jul 3, 2016
Commits on Aug 2, 2016
  1. @zkat

    fstream-npm@1.1.1

    Fixes bug with inclusion of scoped bundledDependencies.
    
    Fixes: #8614
    PR-URL: npm/fstream-npm#22
    Credit: @forivall
    Reviewed-By: @zkat
    zkat committed Aug 2, 2016
  2. @forivall @zkat

    tar: include scoped packages in bundledDeps

    PR-URL: #13438
    Fixes: #8614
    Credit: @forivall
    Reviewed-By: @iarna
    Reviewed-By: @zkat
    forivall committed with zkat Aug 2, 2016
Commits on Jul 20, 2016
  1. @zkat

    test: added basic bundledDeps tests

    zkat committed Jul 20, 2016
Commits on Jul 15, 2016
  1. @iarna

    test: separate the remaining network tests

    PR-URL: #13397
    Credit: @iarna
    Reviewed-By: @othiym23
    iarna committed Jul 15, 2016
  2. @iarna

    test: Stop using network with invalid-dep-version-filtering test

    PR-URL: #13397
    Credit: @iarna
    Reviewed-By: @othiym23
    iarna committed Jul 15, 2016
  3. @iarna

    test: Stop using network in 404-private-registry test

    PR-URL: #13397
    Credit: @iarna
    Reviewed-By: @othiym23
    iarna committed Jul 15, 2016
  4. @iarna

    test: Stop using network in 404-private-registry-scoped test

    PR-URL: #13397
    Credit: @iarna
    Reviewed-By: @othiym23
    iarna committed Jul 15, 2016
  5. @iarna

    test: Stop update-symlink test from hitting network

    PR-URL: #13397
    Credit: @iarna
    Reviewed-By: @othiym23
    iarna committed Jul 15, 2016