A new prerelease of the npm cli has been tagged!
You can install it with npm i -g npm@next or try it out with npx npm@next …
Prereleases are promoted to latest after a week if no serious issues stop them. Please give it a whirl and tell us what you think!
Oh and… we’re gonna start including changelogs in here directly, instead of linking to the blog! That should help center our activity around https://npm.community more :)
6e9f04b0bnpm/cli#8 Search for authentication token defined by environment variables by preventing the translation layer from env variable to npm option from breaking
84bfd23e7npm/cli#35 Stop filtering out non-IPv4 addresses from
local-addrs, making npm actually use IPv6 addresses when it must. (@valentin2105)
792c8c709npm/cli#31 configurable audit level for non-zero exit
npm auditcurrently exits with exit code 1 if any vulnerabilities are found of any level. Add a flag of
npm auditto allow it to pass if only vulnerabilities below a certain level are found. Example:
npm audit --audit-level=highwill exit with 0 if only low or moderate level vulns are detected. (@lennym)
A very special dependency update event! Since the release of
email@example.com, an awkward version conflict that was preventing
request from begin flattened was resolved. This means two things:
- We’ve cut down the npm tarball size by another 200kb, to 4.6MB
npm auditnow shows no vulnerabilities for npm itself!
firstname.lastname@example.org: REVERT REVERT, newer versions of this library are broken and print ansi codes even when disabled. (@iarna)
email@example.com: Fixes errors with empty or string-only license fields. (@Gudahtt)
npm publishfrom list of commands not affected by
e2b0f0921npm/cli#36 Tweak formatting in repository field examples. (@noahbenham)
process.envexamples to make accessing certain
npm run-scriptsenvironment variables more clear. (@mwarger)