cli: don't check for updates to npm when we are updating npm itself#32
Merged
zkat merged 2 commits intonpm:release-nextfrom Aug 3, 2018
Merged
Conversation
zkat
suggested changes
Jul 30, 2018
Contributor
zkat
left a comment
There was a problem hiding this comment.
I think we need to do a bit more with this before it's mergeable. Thanks for taking the time to do this, though! It's super helpful to make sure this improves.
bin/npm-cli.js
Outdated
| npm.load(conf, function (er) { | ||
| if (er) return errorHandler(er) | ||
| if ( | ||
| !npm.argv.includes('npm') && |
Contributor
There was a problem hiding this comment.
You'll note that pnpm also makes sure it's a relevant command, as well as whether we're in global mode. I think both of those check are worth doing.
I also agree with what pnpm is doing as far as disabling this on CI. The ci-info package by @watson seems to do a pretty good job at detecting this, so maybe that's worth pulling in (/cc @iarna).
Contributor
Author
7c90e10 to
692ce93
Compare
692ce93 to
d905508
Compare
Contributor
Author
|
@zkat I think we're all set. Let me know if anything else. |
zkat
approved these changes
Aug 3, 2018
Contributor
|
Looks great! Thanks. 🎉 |
4 tasks
4 tasks
This was referenced May 12, 2022
This was referenced Jun 23, 2023
This was referenced Jun 23, 2023
This was referenced Jun 24, 2023
renovate bot
added a commit
to redwoodjs/graphql
that referenced
this pull request
Nov 16, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [@npmcli/arborist](https://togithub.com/npm/cli) | [`6.2.10` -> `6.5.0`](https://renovatebot.com/diffs/npm/@npmcli%2farborist/6.2.10/6.5.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>npm/cli (@​npmcli/arborist)</summary> ### [`v6.5.0`](https://togithub.com/npm/cli/releases/tag/v6.5.0) [Compare Source](https://togithub.com/npm/cli/compare/v6.4.0...v6.5.0) ##### NEW FEATURES - [`fc1a8d185`](https://togithub.com/npm/cli/commit/fc1a8d185fc678cdf3784d9df9eef9094e0b2dec) Backronym `npm ci` to `npm clean-install`. ([@​zkat](https://togithub.com/zkat)) - [`4be51a9cc`](https://togithub.com/npm/cli/commit/4be51a9cc65635bb26fa4ce62233f26e0104bc20) [#​81](https://togithub.com/npm/cli/pull/81) Adds 'Homepage' to outdated --long output. ([@​jbottigliero](https://togithub.com/jbottigliero)) ##### BUGFIXES - [`89652cb9b`](https://togithub.com/npm/cli/commit/89652cb9b810f929f5586fc90cc6794d076603fb) [npm.community#1661](https://npm.community/t/https://npm.community/t/1661) Fix sign-git-commit options. They were previously totally wrong. ([@​zkat](https://togithub.com/zkat)) - [`414f2d1a1`](https://togithub.com/npm/cli/commit/414f2d1a1bdffc02ed31ebb48a43216f284c21d4) [npm.community#1742](https://npm.community/t/npm-audit-making-non-rfc-compliant-requests-to-server-resulting-in-400-bad-request-pr-with-fix/1742) Set lowercase headers for npm audit requests. ([@​maartenba](https://togithub.com/maartenba)) - [`a34246baf`](https://togithub.com/npm/cli/commit/a34246bafe73218dc9e3090df9ee800451db2c7d) [#​75](https://togithub.com/npm/cli/pull/75) Fix `npm edit` handling of scoped packages. ([@​larsgw](https://togithub.com/larsgw))\* [`d3e8a7c72`](https://togithub.com/npm/cli/commit/d3e8a7c7240dd25379a5bcad324a367c58733c73) [npm.community#2303](https://npm.community/t/npm-ci-logs-success-to-stderr/2303) Make summary output for `npm ci` go to `stdout`, not `stderr`. ([@​alopezsanchez](https://togithub.com/alopezsanchez)) - [`71d8fb4a9`](https://togithub.com/npm/cli/commit/71d8fb4a94d65e1855f6d0c5f2ad2b7c3202e3c4) [npm.community#1377](https://npm.community/t/unhelpful-error-message-when-publishing-without-logging-in-error-eperm-operation-not-permitted-unlink/1377/3) Close the file descriptor during publish if exiting upload via an error. This will prevent strange error messages when the upload fails and make sure cleanup happens correctly. ([@​macdja38](https://togithub.com/macdja38)) ##### DOCS UPDATES - [`b1a8729c8`](https://togithub.com/npm/cli/commit/b1a8729c80175243fbbeecd164e9ddd378a09a50) [#​60](https://togithub.com/npm/cli/pull/60) Mention --otp flag when prompting for OTP. ([@​bakkot](https://togithub.com/bakkot)) - [`bcae4ea81`](https://togithub.com/npm/cli/commit/bcae4ea8173e489a76cc226bbd30dd9eabe21ec6) [#​64](https://togithub.com/npm/cli/pull/64) Clarify that git dependencies use the default branch, not just `master`. ([@​zckrs](https://togithub.com/zckrs)) - [`15da82690`](https://togithub.com/npm/cli/commit/15da8269032bf509ade3252978e934f2a61d4499) [#​72](https://togithub.com/npm/cli/pull/72) `bash_completion.d` dir is sometimes found in `/etc` not `/usr/local`. ([@​RobertKielty](https://togithub.com/RobertKielty)) - [`8a6ecc793`](https://togithub.com/npm/cli/commit/8a6ecc7936dae2f51638397ff5a1d35cccda5495) [#​74](https://togithub.com/npm/cli/pull/74) Update OTP documentation for `dist-tag add` to clarify `--otp` is needed right now. ([@​scotttrinh](https://togithub.com/scotttrinh)) - [`dcc03ec85`](https://togithub.com/npm/cli/commit/dcc03ec858bddd7aa2173b5a86b55c1c2385a2a3) [#​82](https://togithub.com/npm/cli/pull/82) Note that `prepare` runs when installing git dependencies. ([@​seishun](https://togithub.com/seishun)) - [`a91a470b7`](https://togithub.com/npm/cli/commit/a91a470b71e08ccf6a75d4fb8c9937789fa8d067) [#​83](https://togithub.com/npm/cli/pull/83) Specify that --dry-run isn't available in older versions of npm publish. ([@​kjin](https://togithub.com/kjin)) - [`1b2fabcce`](https://togithub.com/npm/cli/commit/1b2fabccede37242233755961434c52536224de5) [#​96](https://togithub.com/npm/cli/pull/96) Fix inline code tag issue in docs. ([@​midare](https://togithub.com/midare)) - [`6cc70cc19`](https://togithub.com/npm/cli/commit/6cc70cc1977e58a3e1ea48e660ffc6b46b390e59) [#​68](https://togithub.com/npm/cli/pull/68) Add semver link and a note on empty string format to `deprecate` doc. ([@​neverett](https://togithub.com/neverett)) - [`61dbbb7c3`](https://togithub.com/npm/cli/commit/61dbbb7c3474834031bce88c423850047e8131dc) Fix semver docs after version update. ([@​zkat](https://togithub.com/zkat)) - [`4acd45a3d`](https://togithub.com/npm/cli/commit/4acd45a3d0ce92f9999446226fe7dfb89a90ba2e) [#​78](https://togithub.com/npm/cli/pull/78) Correct spelling across various docs. ([@​hugovk](https://togithub.com/hugovk)) ##### DEPENDENCIES - [`4f761283e`](https://togithub.com/npm/cli/commit/4f761283e8896d0ceb5934779005646463a030e8) `figgy-pudding@3.5.1` ([@​zkat](https://togithub.com/zkat)) - [`3706db0bc`](https://togithub.com/npm/cli/commit/3706db0bcbc306d167bb902362e7f6962f2fe1a1) [npm.community#1764](https://npm.community/t/crash-invalid-config-key-requested-error/1764) `ssri@6.0.1` ([@​zkat](https://togithub.com/zkat)) - [`83c2b117d`](https://togithub.com/npm/cli/commit/83c2b117d0b760d0ea8d667e5e4bdfa6a7a7a8f6) `bluebird@3.5.2` ([@​petkaantonov](https://togithub.com/petkaantonov)) - [`2702f46bd`](https://togithub.com/npm/cli/commit/2702f46bd7284fb303ca2119d23c52536811d705) `ci-info@1.5.1` ([@​watson](https://togithub.com/watson)) - [`4db6c3898`](https://togithub.com/npm/cli/commit/4db6c3898b07100e3a324e4aae50c2fab4b93a04) `config-chain@1.1.1`:2 ([@​dawsbot](https://togithub.com/dawbot)) - [`70bee4f69`](https://togithub.com/npm/cli/commit/70bee4f69bb4ce4e18c48582fe2b48d8b4aba566) `glob@7.1.3` ([@​isaacs](https://togithub.com/isaacs)) - [`e469fd6be`](https://togithub.com/npm/cli/commit/e469fd6be95333dcaa7cf377ca3620994ca8d0de) `opener@1.5.1`: Fix browser opening under Windows Subsystem for Linux (WSL). ([@​thijsputman](https://togithub.com/thijsputman)) - [`03840dced`](https://togithub.com/npm/cli/commit/03840dced865abdca6e6449ea030962e5b19db0c) `semver@5.5.1` ([@​iarna](https://togithub.com/iarna)) - [`161dc0b41`](https://togithub.com/npm/cli/commit/161dc0b4177e76306a0e3b8660b3b496cc3db83b) `bluebird@3.5.3` ([@​petkaantonov](https://togithub.com/petkaantonov)) - [`bb6f94395`](https://togithub.com/npm/cli/commit/bb6f94395491576ec42996ff6665df225f6b4377) `graceful-fs@4.1.1`:5 ([@​isaacs](https://togithub.com/isaacs)) - [`43b1f4c91`](https://togithub.com/npm/cli/commit/43b1f4c91fa1d7b3ebb6aa2d960085e5f3ac7607) `tar@4.4.8` ([@​isaacs](https://togithub.com/isaacs)) - [`ab62afcc4`](https://togithub.com/npm/cli/commit/ab62afcc472de82c479bf91f560a0bbd6a233c80) `npm-packlist@1.1.1`:2 ([@​isaacs](https://togithub.com/isaacs)) - [`027f06be3`](https://togithub.com/npm/cli/commit/027f06be35bb09f390e46fcd2b8182539939d1f7) `ci-info@1.6.0` ([@​watson](https://togithub.com/watson)) ##### MISCELLANEOUS - [`27217dae8`](https://togithub.com/npm/cli/commit/27217dae8adbc577ee9cb323b7cfe9c6b2493aca) [#​70](https://togithub.com/npm/cli/pull/70) Automatically audit dependency licenses for npm itself. ([@​kemitchell](https://togithub.com/kemitchell)) ### [`v6.4.0`](https://togithub.com/npm/cli/releases/tag/v6.4.0) [Compare Source](https://togithub.com/npm/cli/compare/v6.3.0...v6.4.0) ##### NEW FEATURES - [`6e9f04b0b`](https://togithub.com/npm/cli/commit/6e9f04b0baed007169d4e0c341f097cf133debf7) [npm/cli#8](https://togithub.com/npm/cli/pull/8) Search for authentication token defined by environment variables by preventing the translation layer from env variable to npm option from breaking `:_authToken`. ([@​mkhl](https://togithub.com/mkhl)) - [`84bfd23e7`](https://togithub.com/npm/cli/commit/84bfd23e7d6434d30595594723a6e1976e84b022) [npm/cli#35](https://togithub.com/npm/cli/pull/35) Stop filtering out non-IPv4 addresses from `local-addrs`, making npm actually use IPv6 addresses when it must. ([@​valentin2105](https://togithub.com/valentin2105)) - [`792c8c709`](https://togithub.com/npm/cli/commit/792c8c709dc7a445687aa0c8cba5c50bc4ed83fd) [npm/cli#31](https://togithub.com/npm/cli/pull/31) configurable audit level for non-zero exit `npm audit` currently exits with exit code 1 if any vulnerabilities are found of any level. Add a flag of `--audit-level` to `npm audit` to allow it to pass if only vulnerabilities below a certain level are found. Example: `npm audit --audit-level=high` will exit with 0 if only low or moderate level vulns are detected. ([@​lennym](https://togithub.com/lennym)) ##### BUGFIXES - [`d81146181`](https://togithub.com/npm/cli/commit/d8114618137bb5b9a52a86711bb8dc18bfc8e60c) [npm/cli#32](https://togithub.com/npm/cli/pull/32) Don't check for updates to npm when we are updating npm itself. ([@​olore](https://togithub.com/olore)) ##### DEPENDENCY UPDATES A very special dependency update event! Since the [release of `node-gyp@3.8.0`](https://togithub.com/nodejs/node-gyp/pull/1521), an awkward version conflict that was preventing `request` from begin flattened was resolved. This means two things: 1. We've cut down the npm tarball size by another 200kb, to 4.6MB 2. `npm audit` now shows no vulnerabilities for npm itself! Thanks, [@​rvagg](https://togithub.com/rvagg)! - [`866d776c2`](https://togithub.com/npm/cli/commit/866d776c27f80a71309389aaab42825b2a0916f6) `request@2.87.0` ([@​simov](https://togithub.com/simov)) - [`f861c2b57`](https://togithub.com/npm/cli/commit/f861c2b579a9d4feae1653222afcefdd4f0e978f) `node-gyp@3.8.0` ([@​rvagg](https://togithub.com/rvagg)) - [`32e6947c6`](https://togithub.com/npm/cli/commit/32e6947c60db865257a0ebc2f7e754fedf7a6fc9) [npm/cli#39](https://togithub.com/npm/cli/pull/39) `colors@1.1.2`: REVERT REVERT, newer versions of this library are broken and print ansi codes even when disabled. ([@​iarna](https://togithub.com/iarna)) - [`beb96b92c`](https://togithub.com/npm/cli/commit/beb96b92caf061611e3faafc7ca10e77084ec335) `libcipm@2.0.1` ([@​zkat](https://togithub.com/zkat)) - [`348fc91ad`](https://togithub.com/npm/cli/commit/348fc91ad223ff91cd7bcf233018ea1d979a2af1) `validate-npm-package-license@3.0.4`: Fixes errors with empty or string-only license fields. ([@​Gudahtt](https://togithub.com/Gudahtt)) - [`e57d34575`](https://togithub.com/npm/cli/commit/e57d3457547ef464828fc6f82ae4750f3e511550) `iferr@1.0.2` ([@​shesek](https://togithub.com/shesek)) - [`46f1c6ad4`](https://togithub.com/npm/cli/commit/46f1c6ad4b2fd5b0d7ec879b76b76a70a3a2595c) `tar@4.4.6` ([@​isaacs](https://togithub.com/isaacs)) - [`50df1bf69`](https://togithub.com/npm/cli/commit/50df1bf691e205b9f13e0fff0d51a68772c40561) `hosted-git-info@2.7.1` ([@​iarna](https://togithub.com/iarna)) ([@​Erveon](https://togithub.com/Erveon)) ([@​huochunpeng](https://togithub.com/huochunpeng)) ##### DOCUMENTATION - [`af98e76ed`](https://togithub.com/npm/cli/commit/af98e76ed96af780b544962aa575585b3fa17b9a) [npm/cli#34](https://togithub.com/npm/cli/pull/34) Remove `npm publish` from list of commands not affected by `--dry-run`. ([@​joebowbeer](https://togithub.com/joebowbeer)) - [`e2b0f0921`](https://togithub.com/npm/cli/commit/e2b0f092193c08c00f12a6168ad2bd9d6e16f8ce) [npm/cli#36](https://togithub.com/npm/cli/pull/36) Tweak formatting in repository field examples. ([@​noahbenham](https://togithub.com/noahbenham)) - [`e2346e770`](https://togithub.com/npm/cli/commit/e2346e7702acccefe6d711168c2b0e0e272e194a) [npm/cli#14](https://togithub.com/npm/cli/pull/14) Used `process.env` examples to make accessing certain `npm run-scripts` environment variables more clear. ([@​mwarger](https://togithub.com/mwarger)) ### [`v6.3.0`](https://togithub.com/npm/cli/blob/HEAD/workspaces/arborist/CHANGELOG.md#630-2023-07-05) ##### Features - [`67459e7`](https://togithub.com/npm/cli/commit/67459e7b56a5e8d2b4f8eb3a0487183013c63b99) [#​6626](https://togithub.com/npm/cli/pull/6626) add `pkg fix` subcommand ([@​wraithgar](https://togithub.com/wraithgar)) ##### Bug Fixes - [`c61e037`](https://togithub.com/npm/cli/commit/c61e0376408240590bfc712fe9fdadd7dc9a48bc) [#​6626](https://togithub.com/npm/cli/pull/6626) use new load/create syntax for package-json ([@​wraithgar](https://togithub.com/wraithgar)) ##### Dependencies - [`b252164`](https://togithub.com/npm/cli/commit/b252164dd5c866bf2d25c96836ad829d4d6909ee) [#​6626](https://togithub.com/npm/cli/pull/6626) `@npmcli/package-json@4.0.0` </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/redwoodjs/redwood). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
jtoar
pushed a commit
to redwoodjs/graphql
that referenced
this pull request
Nov 17, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [@npmcli/arborist](https://togithub.com/npm/cli) | [`6.2.10` -> `6.5.0`](https://renovatebot.com/diffs/npm/@npmcli%2farborist/6.2.10/6.5.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>npm/cli (@​npmcli/arborist)</summary> ### [`v6.5.0`](https://togithub.com/npm/cli/releases/tag/v6.5.0) [Compare Source](https://togithub.com/npm/cli/compare/v6.4.0...v6.5.0) ##### NEW FEATURES - [`fc1a8d185`](https://togithub.com/npm/cli/commit/fc1a8d185fc678cdf3784d9df9eef9094e0b2dec) Backronym `npm ci` to `npm clean-install`. ([@​zkat](https://togithub.com/zkat)) - [`4be51a9cc`](https://togithub.com/npm/cli/commit/4be51a9cc65635bb26fa4ce62233f26e0104bc20) [#​81](https://togithub.com/npm/cli/pull/81) Adds 'Homepage' to outdated --long output. ([@​jbottigliero](https://togithub.com/jbottigliero)) ##### BUGFIXES - [`89652cb9b`](https://togithub.com/npm/cli/commit/89652cb9b810f929f5586fc90cc6794d076603fb) [npm.community#1661](https://npm.community/t/https://npm.community/t/1661) Fix sign-git-commit options. They were previously totally wrong. ([@​zkat](https://togithub.com/zkat)) - [`414f2d1a1`](https://togithub.com/npm/cli/commit/414f2d1a1bdffc02ed31ebb48a43216f284c21d4) [npm.community#1742](https://npm.community/t/npm-audit-making-non-rfc-compliant-requests-to-server-resulting-in-400-bad-request-pr-with-fix/1742) Set lowercase headers for npm audit requests. ([@​maartenba](https://togithub.com/maartenba)) - [`a34246baf`](https://togithub.com/npm/cli/commit/a34246bafe73218dc9e3090df9ee800451db2c7d) [#​75](https://togithub.com/npm/cli/pull/75) Fix `npm edit` handling of scoped packages. ([@​larsgw](https://togithub.com/larsgw))\* [`d3e8a7c72`](https://togithub.com/npm/cli/commit/d3e8a7c7240dd25379a5bcad324a367c58733c73) [npm.community#2303](https://npm.community/t/npm-ci-logs-success-to-stderr/2303) Make summary output for `npm ci` go to `stdout`, not `stderr`. ([@​alopezsanchez](https://togithub.com/alopezsanchez)) - [`71d8fb4a9`](https://togithub.com/npm/cli/commit/71d8fb4a94d65e1855f6d0c5f2ad2b7c3202e3c4) [npm.community#1377](https://npm.community/t/unhelpful-error-message-when-publishing-without-logging-in-error-eperm-operation-not-permitted-unlink/1377/3) Close the file descriptor during publish if exiting upload via an error. This will prevent strange error messages when the upload fails and make sure cleanup happens correctly. ([@​macdja38](https://togithub.com/macdja38)) ##### DOCS UPDATES - [`b1a8729c8`](https://togithub.com/npm/cli/commit/b1a8729c80175243fbbeecd164e9ddd378a09a50) [#​60](https://togithub.com/npm/cli/pull/60) Mention --otp flag when prompting for OTP. ([@​bakkot](https://togithub.com/bakkot)) - [`bcae4ea81`](https://togithub.com/npm/cli/commit/bcae4ea8173e489a76cc226bbd30dd9eabe21ec6) [#​64](https://togithub.com/npm/cli/pull/64) Clarify that git dependencies use the default branch, not just `master`. ([@​zckrs](https://togithub.com/zckrs)) - [`15da82690`](https://togithub.com/npm/cli/commit/15da8269032bf509ade3252978e934f2a61d4499) [#​72](https://togithub.com/npm/cli/pull/72) `bash_completion.d` dir is sometimes found in `/etc` not `/usr/local`. ([@​RobertKielty](https://togithub.com/RobertKielty)) - [`8a6ecc793`](https://togithub.com/npm/cli/commit/8a6ecc7936dae2f51638397ff5a1d35cccda5495) [#​74](https://togithub.com/npm/cli/pull/74) Update OTP documentation for `dist-tag add` to clarify `--otp` is needed right now. ([@​scotttrinh](https://togithub.com/scotttrinh)) - [`dcc03ec85`](https://togithub.com/npm/cli/commit/dcc03ec858bddd7aa2173b5a86b55c1c2385a2a3) [#​82](https://togithub.com/npm/cli/pull/82) Note that `prepare` runs when installing git dependencies. ([@​seishun](https://togithub.com/seishun)) - [`a91a470b7`](https://togithub.com/npm/cli/commit/a91a470b71e08ccf6a75d4fb8c9937789fa8d067) [#​83](https://togithub.com/npm/cli/pull/83) Specify that --dry-run isn't available in older versions of npm publish. ([@​kjin](https://togithub.com/kjin)) - [`1b2fabcce`](https://togithub.com/npm/cli/commit/1b2fabccede37242233755961434c52536224de5) [#​96](https://togithub.com/npm/cli/pull/96) Fix inline code tag issue in docs. ([@​midare](https://togithub.com/midare)) - [`6cc70cc19`](https://togithub.com/npm/cli/commit/6cc70cc1977e58a3e1ea48e660ffc6b46b390e59) [#​68](https://togithub.com/npm/cli/pull/68) Add semver link and a note on empty string format to `deprecate` doc. ([@​neverett](https://togithub.com/neverett)) - [`61dbbb7c3`](https://togithub.com/npm/cli/commit/61dbbb7c3474834031bce88c423850047e8131dc) Fix semver docs after version update. ([@​zkat](https://togithub.com/zkat)) - [`4acd45a3d`](https://togithub.com/npm/cli/commit/4acd45a3d0ce92f9999446226fe7dfb89a90ba2e) [#​78](https://togithub.com/npm/cli/pull/78) Correct spelling across various docs. ([@​hugovk](https://togithub.com/hugovk)) ##### DEPENDENCIES - [`4f761283e`](https://togithub.com/npm/cli/commit/4f761283e8896d0ceb5934779005646463a030e8) `figgy-pudding@3.5.1` ([@​zkat](https://togithub.com/zkat)) - [`3706db0bc`](https://togithub.com/npm/cli/commit/3706db0bcbc306d167bb902362e7f6962f2fe1a1) [npm.community#1764](https://npm.community/t/crash-invalid-config-key-requested-error/1764) `ssri@6.0.1` ([@​zkat](https://togithub.com/zkat)) - [`83c2b117d`](https://togithub.com/npm/cli/commit/83c2b117d0b760d0ea8d667e5e4bdfa6a7a7a8f6) `bluebird@3.5.2` ([@​petkaantonov](https://togithub.com/petkaantonov)) - [`2702f46bd`](https://togithub.com/npm/cli/commit/2702f46bd7284fb303ca2119d23c52536811d705) `ci-info@1.5.1` ([@​watson](https://togithub.com/watson)) - [`4db6c3898`](https://togithub.com/npm/cli/commit/4db6c3898b07100e3a324e4aae50c2fab4b93a04) `config-chain@1.1.1`:2 ([@​dawsbot](https://togithub.com/dawbot)) - [`70bee4f69`](https://togithub.com/npm/cli/commit/70bee4f69bb4ce4e18c48582fe2b48d8b4aba566) `glob@7.1.3` ([@​isaacs](https://togithub.com/isaacs)) - [`e469fd6be`](https://togithub.com/npm/cli/commit/e469fd6be95333dcaa7cf377ca3620994ca8d0de) `opener@1.5.1`: Fix browser opening under Windows Subsystem for Linux (WSL). ([@​thijsputman](https://togithub.com/thijsputman)) - [`03840dced`](https://togithub.com/npm/cli/commit/03840dced865abdca6e6449ea030962e5b19db0c) `semver@5.5.1` ([@​iarna](https://togithub.com/iarna)) - [`161dc0b41`](https://togithub.com/npm/cli/commit/161dc0b4177e76306a0e3b8660b3b496cc3db83b) `bluebird@3.5.3` ([@​petkaantonov](https://togithub.com/petkaantonov)) - [`bb6f94395`](https://togithub.com/npm/cli/commit/bb6f94395491576ec42996ff6665df225f6b4377) `graceful-fs@4.1.1`:5 ([@​isaacs](https://togithub.com/isaacs)) - [`43b1f4c91`](https://togithub.com/npm/cli/commit/43b1f4c91fa1d7b3ebb6aa2d960085e5f3ac7607) `tar@4.4.8` ([@​isaacs](https://togithub.com/isaacs)) - [`ab62afcc4`](https://togithub.com/npm/cli/commit/ab62afcc472de82c479bf91f560a0bbd6a233c80) `npm-packlist@1.1.1`:2 ([@​isaacs](https://togithub.com/isaacs)) - [`027f06be3`](https://togithub.com/npm/cli/commit/027f06be35bb09f390e46fcd2b8182539939d1f7) `ci-info@1.6.0` ([@​watson](https://togithub.com/watson)) ##### MISCELLANEOUS - [`27217dae8`](https://togithub.com/npm/cli/commit/27217dae8adbc577ee9cb323b7cfe9c6b2493aca) [#​70](https://togithub.com/npm/cli/pull/70) Automatically audit dependency licenses for npm itself. ([@​kemitchell](https://togithub.com/kemitchell)) ### [`v6.4.0`](https://togithub.com/npm/cli/releases/tag/v6.4.0) [Compare Source](https://togithub.com/npm/cli/compare/v6.3.0...v6.4.0) ##### NEW FEATURES - [`6e9f04b0b`](https://togithub.com/npm/cli/commit/6e9f04b0baed007169d4e0c341f097cf133debf7) [npm/cli#8](https://togithub.com/npm/cli/pull/8) Search for authentication token defined by environment variables by preventing the translation layer from env variable to npm option from breaking `:_authToken`. ([@​mkhl](https://togithub.com/mkhl)) - [`84bfd23e7`](https://togithub.com/npm/cli/commit/84bfd23e7d6434d30595594723a6e1976e84b022) [npm/cli#35](https://togithub.com/npm/cli/pull/35) Stop filtering out non-IPv4 addresses from `local-addrs`, making npm actually use IPv6 addresses when it must. ([@​valentin2105](https://togithub.com/valentin2105)) - [`792c8c709`](https://togithub.com/npm/cli/commit/792c8c709dc7a445687aa0c8cba5c50bc4ed83fd) [npm/cli#31](https://togithub.com/npm/cli/pull/31) configurable audit level for non-zero exit `npm audit` currently exits with exit code 1 if any vulnerabilities are found of any level. Add a flag of `--audit-level` to `npm audit` to allow it to pass if only vulnerabilities below a certain level are found. Example: `npm audit --audit-level=high` will exit with 0 if only low or moderate level vulns are detected. ([@​lennym](https://togithub.com/lennym)) ##### BUGFIXES - [`d81146181`](https://togithub.com/npm/cli/commit/d8114618137bb5b9a52a86711bb8dc18bfc8e60c) [npm/cli#32](https://togithub.com/npm/cli/pull/32) Don't check for updates to npm when we are updating npm itself. ([@​olore](https://togithub.com/olore)) ##### DEPENDENCY UPDATES A very special dependency update event! Since the [release of `node-gyp@3.8.0`](https://togithub.com/nodejs/node-gyp/pull/1521), an awkward version conflict that was preventing `request` from begin flattened was resolved. This means two things: 1. We've cut down the npm tarball size by another 200kb, to 4.6MB 2. `npm audit` now shows no vulnerabilities for npm itself! Thanks, [@​rvagg](https://togithub.com/rvagg)! - [`866d776c2`](https://togithub.com/npm/cli/commit/866d776c27f80a71309389aaab42825b2a0916f6) `request@2.87.0` ([@​simov](https://togithub.com/simov)) - [`f861c2b57`](https://togithub.com/npm/cli/commit/f861c2b579a9d4feae1653222afcefdd4f0e978f) `node-gyp@3.8.0` ([@​rvagg](https://togithub.com/rvagg)) - [`32e6947c6`](https://togithub.com/npm/cli/commit/32e6947c60db865257a0ebc2f7e754fedf7a6fc9) [npm/cli#39](https://togithub.com/npm/cli/pull/39) `colors@1.1.2`: REVERT REVERT, newer versions of this library are broken and print ansi codes even when disabled. ([@​iarna](https://togithub.com/iarna)) - [`beb96b92c`](https://togithub.com/npm/cli/commit/beb96b92caf061611e3faafc7ca10e77084ec335) `libcipm@2.0.1` ([@​zkat](https://togithub.com/zkat)) - [`348fc91ad`](https://togithub.com/npm/cli/commit/348fc91ad223ff91cd7bcf233018ea1d979a2af1) `validate-npm-package-license@3.0.4`: Fixes errors with empty or string-only license fields. ([@​Gudahtt](https://togithub.com/Gudahtt)) - [`e57d34575`](https://togithub.com/npm/cli/commit/e57d3457547ef464828fc6f82ae4750f3e511550) `iferr@1.0.2` ([@​shesek](https://togithub.com/shesek)) - [`46f1c6ad4`](https://togithub.com/npm/cli/commit/46f1c6ad4b2fd5b0d7ec879b76b76a70a3a2595c) `tar@4.4.6` ([@​isaacs](https://togithub.com/isaacs)) - [`50df1bf69`](https://togithub.com/npm/cli/commit/50df1bf691e205b9f13e0fff0d51a68772c40561) `hosted-git-info@2.7.1` ([@​iarna](https://togithub.com/iarna)) ([@​Erveon](https://togithub.com/Erveon)) ([@​huochunpeng](https://togithub.com/huochunpeng)) ##### DOCUMENTATION - [`af98e76ed`](https://togithub.com/npm/cli/commit/af98e76ed96af780b544962aa575585b3fa17b9a) [npm/cli#34](https://togithub.com/npm/cli/pull/34) Remove `npm publish` from list of commands not affected by `--dry-run`. ([@​joebowbeer](https://togithub.com/joebowbeer)) - [`e2b0f0921`](https://togithub.com/npm/cli/commit/e2b0f092193c08c00f12a6168ad2bd9d6e16f8ce) [npm/cli#36](https://togithub.com/npm/cli/pull/36) Tweak formatting in repository field examples. ([@​noahbenham](https://togithub.com/noahbenham)) - [`e2346e770`](https://togithub.com/npm/cli/commit/e2346e7702acccefe6d711168c2b0e0e272e194a) [npm/cli#14](https://togithub.com/npm/cli/pull/14) Used `process.env` examples to make accessing certain `npm run-scripts` environment variables more clear. ([@​mwarger](https://togithub.com/mwarger)) ### [`v6.3.0`](https://togithub.com/npm/cli/blob/HEAD/workspaces/arborist/CHANGELOG.md#630-2023-07-05) ##### Features - [`67459e7`](https://togithub.com/npm/cli/commit/67459e7b56a5e8d2b4f8eb3a0487183013c63b99) [#​6626](https://togithub.com/npm/cli/pull/6626) add `pkg fix` subcommand ([@​wraithgar](https://togithub.com/wraithgar)) ##### Bug Fixes - [`c61e037`](https://togithub.com/npm/cli/commit/c61e0376408240590bfc712fe9fdadd7dc9a48bc) [#​6626](https://togithub.com/npm/cli/pull/6626) use new load/create syntax for package-json ([@​wraithgar](https://togithub.com/wraithgar)) ##### Dependencies - [`b252164`](https://togithub.com/npm/cli/commit/b252164dd5c866bf2d25c96836ad829d4d6909ee) [#​6626](https://togithub.com/npm/cli/pull/6626) `@npmcli/package-json@4.0.0` </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/redwoodjs/redwood). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
antongolub
pushed a commit
to antongolub-forks/npm-cli
that referenced
this pull request
May 18, 2024
1 task
koralle
pushed a commit
to koralle/npm-cli
that referenced
this pull request
Feb 11, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is to resolve: https://npm.community/t/npm-warns-about-new-version-while-installing-new-npm-version/655
Skip checking for updates if we are updating npm similar to how pnpm does it