Skip to content
This repository has been archived by the owner on Aug 11, 2022. It is now read-only.

v4.0.5
Compare
Choose a tag to compare
@zkat zkat released this 02 Dec 01:35
· 1143 commits to latest since this release
v4.0.5
This tag was signed with the committer’s verified signature.
zkat Kat Marchán
GPG key ID: AEB529C08A3C7E9E
Learn about vigilant mode.
4d0473c
This commit was signed with the committer’s verified signature.
zkat Kat Marchán
GPG key ID: AEB529C08A3C7E9E
Learn about vigilant mode.

It's that time of year! December is upon us, which means y'all are just going to be doing a lot less, in general, for the next month or so. The "Xmas Chasm", as we like to call it, has already begun. So for those of you reading it from the other side: Hi! Welcome back!

This week's release is a relatively small one, involving just a few bugfixes and dependency upgrades. The CLI team has been busy recently with scoping out npm@5, and starting to do initial spec work for in-scope stuff.

BUGFIXES

On to the actual changes!

  • 9776d8f #15081 bundledDependencies are intended to be left untouched by the installer, as much as possible -- if they're bundled, we assume that you want to be particular about the contents of your bundle. The installer used to have a corner case where existing dependencies that had bundledDependencies would get clobbered by as the installer moved stuff around, even though the installer already avoided moving deps that were themselves bundled. This is now fixed, along with the connected crasher, and your bundledDeps should be left even more intact than before! (@iarna)
  • fc61c08 #15082 Initialize nodes from bundled dependencies. This should address #14427 and related issues, but it's turned out to be a tremendously difficult issue to reproduce in a test. We decided to include it even pending tests, because we found the root cause of the errors. (@iarna)
  • d8471a2 #12811 Consider devDependencies when deciding whether to hoist a package. This should resolve a variety of missing dependency issues some folks were seeing when devDependencies happened to also be dependencies of your dependencies. This often manifested as modules going missing, or only being installed, after npm install was called twice. (@schmod)

DEPENDENCY UPDATES

  • 5978703 graceful-fs@4.1.11: EPERM errors are Windows are now handled more gracefully. Windows users that tended to see these errors due to, say, an antivirus-induced race condition, should see them much more rarely, if at all. (@isaacs)
  • 85b0174 request@2.79.0 (@simov)
  • 9664d36 tap@8.0.1 (@isaacs)

MISCELLANEOUS

Assets 2