In a special one-off release as part of the strategy to get a version of npm into Node LTS that works with the current registry, modify npm to print out this deprecation banner literally every time npm is invoked to do anything:
npm WARN deprecated This version of npm lacks support for important features,
npm WARN deprecated such as scoped packages, offered by the primary npm
npm WARN deprecated registry. Consider upgrading to at least npm@2, if not the
npm WARN deprecated latest stable version. To upgrade to npm@2, run:
npm WARN deprecated
npm WARN deprecated npm -g install npm@latest-2
npm WARN deprecated
npm WARN deprecated To upgrade to the latest stable version, run:
npm WARN deprecated
npm WARN deprecated npm -g install npm@latest
npm WARN deprecated
npm WARN deprecated (Depending on how Node.js was installed on your system, you
npm WARN deprecated may need to prefix the preceding commands with `sudo`, or if
npm WARN deprecated on Windows, run them from an Administrator prompt.)
npm WARN deprecated
npm WARN deprecated If you're running the version of npm bundled with
npm WARN deprecated Node.js 0.10 LTS, be aware that the next version of 0.10 LTS
npm WARN deprecated will be bundled with a version of npm@2, which has some small
npm WARN deprecated backwards-incompatible changes made to `npm run-script` and
npm WARN deprecated semver behavior.
The message basically tells the tale: Node 0.10 will finally be getting
npm@2
, so those of you who haven't upgraded your build systems to deal with
its (relatively small) breaking changes should do so now.
Also, this version doesn't even pretend that it can deal with scoped packages,
which, given the confusing behavior of older versions of npm@1.4
, where it
would sometimes try to install packages from GitHub, is a distinct improvement.
There is no good reason for you as an end user to upgrade to this version of npm yourself.
709e9b4
Print 20-line deprecation banner on all command invocations.
(@othiym23)0c29d09
Crash out immediately with an exhortation to upgrade on attempts to use
scoped packages. (@othiym23)_auth
config as default auth when using default registry
(@isaacs)be06213
remove residual support for win
log level
(@aterris)a3a85dd
--save
scoped packages correctly (@othiym23)18a3385
npm-registry-client@3.0.2
(@othiym23)375988b
invalid package names are an early error for optional deps
(@othiym23)node-package-arg
instead of arbitrary package spec
splitting (@othiym23)54cf625
fix handling for 301s in npm-registry-client@3.0.1
(@Raynos)e410861
don't crash if no username set on whoami
(@isaacs)0353dde
respect --json
for output (@isaacs)b3d112a
outdated: Don't show headings if there's nothing to output
(@isaacs)bb4b90c
outdated: Default to latest
rather than *
for unspecified deps
(@isaacs)7f55057
install scoped packages (#5239)
(@othiym23)0df7e16
publish scoped packages (#5239)
(@othiym23)0689ba2
support (and save) --scope=@s config
(@othiym23)f34878f
scope credentials to registry (@othiym23)0ac7ca2
capture and store bearer tokens when sent by registry
(@othiym23)63c3277
only delete files that are created by npm
(@othiym23)4f54043
npm-package-arg@2.0.0
(@othiym23)9e1460e
read-package-json@1.2.3
(@othiym23)719d8ad
fs-vacuum@1.2.1
(@othiym23)9ef8fe4
async-some@1.0.0
(@othiym23)a964f65
npmconf@2.0.1
(@othiym23)113765b
npm-registry-client@3.0.0
(@othiym23)f4540b6
#6043 defer rollbacks until just
before the CLI exits (@isaacs)1eabfd5
#6043 slide@1.1.6
: wait until all
callbacks have finished before proceeding
(@othiym23)4cf3c8f
#6007 request@2.42.0: properly set
headers on proxy requests (@isaacs)403cb52
#6055 npmconf@1.1.8: restore
case-insensitivity of environmental config
(@iarna)eceea95
github-url-from-git@1.4.0
: add support for git+https and git+ssh
(@stefanbuck)e561758
columnify@1.2.1
(@othiym23)0c4fab3
cmd-shim@2.0.0
: upgrade to graceful-fs 3
(@ForbesLindesay)2d69e4d
github-url-from-username-repo@1.0.0
: accept slashes in branch names
(@robertkowalski)81f9b2b
ensure lifecycle spawn errors caught properly
(@isaacs)bfaab8c
npm-registry-client@2.0.7
: properly encode % in passwords
(@isaacs)91cfb58
doc: Fix 'npm help index' (@isaacs)64c0ec2
npm-registry-client@2.0.6
: Print the notification header returned by the
registry, and make sure status codes are printed without gratuitous quotes
around them.
(@othiym23)a8ed12b
tar@1.0.1
:
Add test for removing an extract target immediately after unpacking.
(@isaacs)70fd11d
lockfile@1.0.0
: Fix incorrect interaction between wait
, stale
,
and retries
options. Part 2 of race condition leading to ENOENT
errors.
(@isaacs)0072c4d
fstream@1.0.2
: Fix a double-finish call which can result in excess
FS operations after the close
event. Part 2 of race condition
leading to ENOENT
errors.
(@isaacs)9344bd9
doc: add new changelog (@othiym23)4be76fd
doc: update version doc to include pre-*
increment args
(@isaacs)e4f2620
build: add make tag
to tag current release as latest
(@isaacs)ec2596a
build: publish with --tag=v1.4-next
(@isaacs)9ee55f8
build: add script to output v1.4-next
publish tag
(@isaacs)aecb56f
build: remove outdated docpublish
make target
(@isaacs)b57a9b7
build: remove unpublish step from make publish
(@isaacs)2c6acb9
install: rename .gitignore
when unpacking foreign tarballs
(@isaacs)22f3681
cache: detect non-gzipped tar files more reliably
(@isaacs)8dd11d1
update several
dependencies to avoid using semver
s starting with 0.d9a9e84
read-package-json@1.2.4
(@isaacs)86f0340
github-url-from-git@1.2.0
(@isaacs)a94136a
fstream@0.1.29
(@isaacs)bb82d18
glob@4.0.5
(@isaacs)5b6bcf4
cmd-shim@1.1.2
(@isaacs)c2aa8b3
license: Cleaned up
legalese with actual lawyer (@isaacs)63fe0ee
init-package-json@1.0.0
(@isaacs)0353dde
respect --json
for output (@isaacs)b3d112a
outdated: Don't show headings if there's nothing to output
(@isaacs)bb4b90c
outdated: Default to latest
rather than *
for unspecified deps
(@isaacs)f687433
relative URLS for
working non-root registry URLS (@othiym23)bea190c
#5591 bump nopt and npmconf
(@isaacs)npmconf@1.1.2
(@isaacs)npm-registry-client@2.0.2
(@isaacs)fstream@0.1.27
(@isaacs)sha@1.2.4
(@isaacs)rimraf@2.2.8
(@isaacs)npmlog@1.0.1
(@isaacs)npm-registry-client@2.0.1
(@isaacs)npmconf@1.0.5
(@isaacs)fstream@0.1.26
(@isaacs)graceful-fs@3.0.2
(@isaacs)osenv@0.1.0
(@isaacs)osenv@0.1.0
which removes ~/tmp as possible tmp-folder
(@robertkowalski)ini@1.2.1
(@isaacs)graceful-fs@3
(@isaacs)editor@0.1.0
(@isaacs)columnify@1.1.0
(@isaacs)npm install
on a tarball.
(ed3abf1
,
#5330,
@othiym23)9f00306
,
@isaacs)npm.commands.cache.clean
and npm.commands.cache.read
APIs, and
document npm.commands.cache.*
as npm-cache(3).
(e06799e
,
@isaacs)npm ls
labeling issuenode-gyp@0.13.1
npmconf@1.0.0
, Refactor config/uid/prefix loading process
(@isaacs)npm repo
(@evanlucas)update --save
(@timoxley)update --save*
(@timoxley)prerelease
, preminor
, prepatch
to npm version
run-script
: Support --parseable
and --json
npm install
respect config.unicode
Infinity
for config env value--save-prefix
option that can be used to override the default of ^
when using npm install --save
and its counterparts.
(64eefdf
,
@thlorenz)--silent
to silence the echoing of commands that occurs with npm run
.
(c95cf08
,
@Raynos)cb94310
,
3b0870f
,
120f5a9
,
@isaacs)4a5257d
,
7686d02cb0
,
@isaacs)779b164
,
6680ba6ef2
,
@isaacs)npm shrinkwrap
in the presence of a
package.json
with no dependencies.
(a9d9fa5
,
@kislyuk)npm view
on packages that have no versions or have
been unpublished.
(94df2f5
,
@juliangruber;
2241a09
,
@isaacs)f671286
, npm/read-installed#20,
@LaurentVB)package.json
when doing npm install --save
and all
its variants.
(6fd6ff7
,
@domenic)--save-exact
option, usable alongside --save
and its variants, which
will write the exact version number into package.json
instead of the
appropriate semver-compatibility range.
(17f07df
,
@timoxley)a3762de
,
npm/npm-registry-client#40, @fengmk2)npm ls
's --depth
and --log
options.
(1d29b17
,
npm/read-installed#13, @zertosh)9a4b2c4
,
domenic/path-is-inside#1, @pmarques)527b72c
,
@isaacs)npm t
as an alias for npm test
(which is itself an alias for npm run test
, or even npm run-script test
). We like making running your tests
easy. (14e650b
, @isaacs)npm prune --production
, which was removed in 1.3.24.
(acc4d02
,
@davglass)npm install --save
and its counterparts to use the ^
version
specifier, instead of ~
.
(0a3151c
,
@mikolalysenko)npm shrinkwrap
output dependencies in a sorted order, so that diffs
between shrinkwrap files should be saner now.
(059b2bf
,
@Raynos)npm dedupe
not correctly respecting dependency constraints.
(86028e9
,
@rafeca)npm ls
giving spurious warnings when you used "latest"
as a version
specifier.
(d2956400e0
,
@bajtos)npm link
on packages without a name
value could
cause npm to delete itself.
(401a642
,
@isaacs)npm install ./pkg@1.2.3
to actually install the directory at
pkg@1.2.3
; before it would try to find version 1.2.3
of the package
./pkg
in the npm registry.
(46d8768
,
@rlidwka; see also
f851b79
)npm outdated
to respect the color
configuration option.
(d4f6f3f
,
@timoxley)npm outdated --parseable
.
(9575a23
,
@yhpark)164b97e
,
@nigelzor)acbec48372
,
@isaacs)npm shrinkwrap
forgetting to shrinkwrap dependencies that were also
development dependencies.
(9c575c5
,
@diwu1989)9345d3b6c3
,
@isaacs)npm publish --force
. See
https://github.com/npm/npmjs.org/issues/148.
(@isaacs,
npm/npm-registry-client@2c8dba990de6a59af6545b75cc00a6dc12777c2a)npm update
and the package.json
specifies a version that does not exist.
(@evanlucas,
027a33a
)a132690
)user/repo
were not always
treated the same as full Git URLs.
(@robertkowalski,
005d0b637a
)735427a
and
c0ac832
,
@isaacs)npm bugs
with no arguments.
(b99d465
,
@Hoops)--long
option to create wrapping columns.
(20439b2
and
3a6942d
,
@timoxley)npm docs
.
(823010b
,
@timoxley)npm adduser
bug regarding "Error: default value must be string or
number" again. (b9b4248
,
@isaacs)scripts
entries containing whitespaces on Windows.
(80282ed
,
@robertkowalski)npm update
for Git URLs that have credentials in them
(93fc364
,
@danielsantiago)npm install
overwriting npm link
-ed dependencies when they are tagged
Git dependencies. (af9bbd9
,
@evanlucas)npm prune --production
since it buggily removed some dependencies
that were necessary for production; see
#4509. Hopefully it can make its
triumphant return, one day.
(1101b6a
,
@isaacs)Dependency updates:
909cccf
read-package-json@1.1.6
a3891b6
rimraf@2.2.6
ac6efbc
sha@1.2.3
dd30038
node-gyp@0.12.2
c8c3ebe
npm-registry-client@0.3.3
4315286
npmconf@0.1.12
5dc93e8
,
@substack)npm adduser
that would manifest in the error message
"Error: default value must be string or number."
(fba4bd2
,
@isaacs)npm bugs
in the current directory to open the current package's bugs
URL.
(d04cf64
,
@evanlucas)1e6f2a7
,
ff46366
,
8b4bb48
;
@rlidwka,
@evanlucas)4ca4a2c
,
@dominictarr)--ignore-scripts
option, which will prevent package.json
scripts
from being run. Most notably, this will work on npm install
, so e.g. npm install --ignore-scripts
will not run preinstall and prepublish scripts.
(d7e67bf
,
@sqs)966373f
,
@domenic)a362c3f
,
@spmason)644c2ff
,
which avoided re-downloading URL and shinkwrap dependencies when doing npm install
. You can see the in-depth reasoning in
d8c907e
;
the problem was, that the patch changed the behavior of npm install -f
to
reinstall all dependencies.npm install
, fixing a two-year old
bug
(5829ecf
,
@robertkowalski). Additional progress on
reducing the resulting Git-related I/O is tracked as
#4191, but for now, this will be a
big improvement.--json
mode to npm outdated
to give a parseable output.
(0b6c9b7
,
@yyx990803)npm outdated
much prettier and more useful. It now outputs a
color-coded and easy-to-read table.
(fd3017f
,
@quimcalpe)--depth
option to npm outdated
, so that e.g. you can do npm outdated --depth=0
to show only top-level outdated dependencies.
(1d184ef
,
@yyx990803)--no-git-tag-version
option to npm version
, for doing the usual
job of npm version
minus the Git tagging. This could be useful if you need
to increase the version in other related files before actually adding the
tag.
(59ca984
,
@evanlucas)npm repo
and npm docs
work without any arguments, adding them to the
list of npm commands that work on the package in the current directory when
invoked without arguments.
(bf9048e
,
@robertkowalski;
07600d0
,
@wilmoore). There are a few other commands we
still want to implement this for; see
#4204.GIT_SSL_NO_VERIFY
environment variable to Git, if it is
set; we currently do this with a few other environment variables, but we
missed that one.
(c625de9
,
@arikon)npm dedupe
on Windows due to incorrect path separators being used
(7677de4
,
@mcolyer).npm help
command when multiple words were searched for; it
previously gave a ReferenceError
.
(6a28dd1
,
@dereckson)644c2ff
,
@spmason). You can use the --force
option to
force re-download and installation of all dependencies.