v3.3.3
v3.3.3 (2015-09-10):
This short week brought us brings us a few small bug fixes, a doc change and a whole lotta dependency updates.
Plus, as usual, this includes a forward port of everything in npm@2.14.4
.
BETA BUT NOT FOREVER
THIS IS BETA SOFTWARE. npm@3
will remain in beta until we're confident that it's stable and have assessed the effect of the breaking changes on the community. During that time we will still be doing npm@2
releases, with npm@2
tagged as latest
and next
. We'll also be publishing new releases of npm@3
as npm@v3.x-next
and npm@v3.x-latest
alongside those versions until we're ready to switch everyone over to npm@3
. We need your help to find and fix its remaining bugs. It's a significant rewrite, so we are sure there still significant bugs remaining. So do us a solid and deploy it in non-critical CI environments and for day-to-day use, but maybe don't use it for production maintenance or frontline continuous deployment just yet.
REMOVE INSTALLED BINARIES ON WINDOWS
So waaaay back at the start of August, I fixed a bug with #9198. That fix made it so that if you had two modules installed that both installed the same binary (eg gulp
& gulp-cli
), that removing one wouldn't remove the binary if it was owned by the other.
It did this by doing some hocus-pocus that, turns out, was Unix-specific, so on Windows it just threw up its hands and stopped removing installed binaries at all. Not great.
So today we're fixing that– it let us maintain the same safety that we added in #9198, but ALSO works with windows.
API DOCUMENTATION HAS BEEN SACRIFICED THE API GOD
The documentation of the internal APIs of npm is going away, because it would lead people into thinking they should integrate with npm by using it. Please don't do that! In the future, we'd like to give you a suite of stand alone modules that provide better, more stand alone APIs for your applications to build on. But for now, call the npm binary with process.exec
or process.spawn
instead.
ALLOW npm link
ON WINDOWS W/ PRERELEASE VERSIONS OF NODE
We never meant to have this be a restriction in the first place and it was only just discovered with the recent node 4.0.0 release candidate.
graceful-fs update
We're updating all of npm's deps to use the most recent graceful-fs
. This turns out to be important for future not yet released versions of node, because older versions monkey-patch fs
in ways that will break in the future. Plus it ALSO makes use of process.binding
which is an internal API that npm definitely shouldn't have been using. We're not done yet, but this is the bulk of them.
e7bc98e
write-file-atomic@1.1.3 (@iarna)7417600
tar@2.2.1 (@zkat)e4e9d40
read-package-json@2.0.1 (@zkat)481611d
read-installed@4.0.3 (@zkat)0dabbda
npm-registry-client@7.0.4 (@zkat)c075a91
fstream@1.0.8 (@zkat)2e4341a
fs-write-stream-atomic@1.0.4 (@zkat)18ad16e
fs-vacuum@1.2.7 (@zkat)
DEPENDENCY UPDATES
9d6666b
node-gyp@3.0.1 (@rvagg)349c4df
retry@0.7.0 (@tim-kos)f507551
which@1.1.2 (@isaacs)e5b6743
nopt@3.0.4 (@zkat)