This repository was archived by the owner on Nov 7, 2025. It is now read-only.
[Snyk] Upgrade npm from 8.0.0 to 8.3.1#1
Open
snyk-bot wants to merge 1 commit into
Open
Conversation
Snyk has created this PR to upgrade npm from 8.0.0 to 8.3.1. See this package in npm: https://www.npmjs.com/package/npm See this project in Snyk: https://app.snyk.io/org/tosh.koevoets/project/9d6a8206-fd8c-4886-bb42-d1b06e7431c7?utm_source=github&utm_medium=referral&page=upgrade-pr
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade npm from 8.0.0 to 8.3.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Release notes
Package name: npm
-
8.3.1 - 2022-01-13
- feat: Support Sourcehut
-
8.3.0 - 2021-12-09
- introduces overrides
- Fixes object property assignment bug in resolving package-locks with
- fixes some TAR_ENTRY_INVALID and Z_DATA_ERROR errors
-
8.2.0 - 2021-12-02
- fix: always load localPrefix
-
8.1.4 - 2021-11-18
- Update to eslint@8 and and
- Remove eslint-plugin-node.
- feat: support vs2022
- feat: build with config.gypi from node headers
- fix: accurate filtering of workspaces
-
8.1.3 - 2021-11-04
- fix: don't compare spec for local dep vs existing
- fix: stop pruning peerSets when entryEdge is from a workspace
- fix: dont load project configs in global mode
-
8.1.2 - 2021-10-28
-
8.1.1 - 2021-10-21
- fix: skip peer conflict check if there is a current node
- feat(gyp): update gyp to v0.10.0
-
8.1.0 - 2021-10-14
- fix: preserve git+ssh url for non-hosted repos
- deps: update
- fix: no longer include ignored bundled link deps
-
8.0.0 - 2021-10-07
- Drop support for node 10 and 11
- Raise support ceiling in node 12 and 14 to LTS (^12.13.0/^14.15.0)
- Drop support to
- Update subdependencies that also dropped node10 support
- The following dependencies were updated to drop node10 support and
- libnpmversion@2.0.1
- pacote@12.0.0
- libnpmpack@3.0.0
- @ npmcli/arborist@3.0.0
- libnpmfund@2.0.0
- libnpmexec@3.0.0
- node-gyp@8.2.0
from npm GitHub release notesv8.3.1 (2022-01-13)
Bug Fixes
2ac540b0c#4191 fix(unpublish): Show warning on unpublish command when last version (@ ebsaral)Dependencies
da80d579d#4211 deps:hosted-git-info@4.1.05a87d190f#4228 deps:@ npmcli/config@2.4.01f0d1370fchore(release):@ npmcli/arborist@4.2.03cfae3840#4181 feat(arborist) addtoJSON/toStringmethods to get shrinkwrap contents without saving (@ ljharb)Chores
d72650457chore: Bring in all libnpm modules + arborist as workspaces (#4166) (@ fritzy)v8.3.0 (2021-12-09)
Features
4b0c29a7c#4116 feat:@ npmcli/arborist@4.1.0(@ nlf)166d9e144npm/statusboard#416 #4143 feat: output configured registry during publish (@ lukekarrys)71777be17npm/statusboard#417 #4146 feat: displaypublishConfigduringconfig list(@ lukekarrys)Bug Fixes
08c663931#4128 #4134 fix: dont warn on error cleaning individual log files (@ lukekarrys)e605b128c#4142 fix: redact all private keys from config output (@ lukekarrys)Documentation
db1885d7f#4092 chore(docs): document overrides (@ nlf)Dependencies
e1da1fa4b#4141 deps:@ npmcli/arborist@4.1.1:parse-conflict-json@2.0.1conflicts
1d8bec566#4144 #3884 deps:minipass@3.1.6v8.2.0 (2021-12-02)
Features
6734ba36d#4062 feat: streaming debug logfile (@ lukekarrys)Bug Fixes
5f4040aa0chore: remove get-project-scope utils (@ yuqu)c5c6d1603#4060 fix: add missing scope on flat options (@ yuqu)47828b766chore: update one-time password prompt (@ darcyclarke)Documentation
fc46a7926#4072 docs: fix typo insave-peerdescription (@ chalkygames123)2fbf1576f#4081 docs: Fix typo (@ idleberg)a8bc95f11#4089 docs(workspaces): Fix typo (@ yotamselementor)31b098ee2#4113 docs: add logging docs (@ darcyclarke)cbae0fb71#4114 docs: update description about where/when debug log is written (@ lukekarrys)Dependencies
037f2cc8c#4078node-gyp@8.4.10e63df612#4102@ npmcli/config@2.3.2:v8.1.4 (2021-11-18)
BUG FIXES
7887fb3d7#4025 fix: don't try to open file:/// urls (@ wraithgar)cd6d3a90d#4026 fix: explicitly allownpm helpto open file:/// man pages (@ wraithgar)72ca4a4e3#4020 #4032 fix: command completion (@ wraithgar)b78949134#4023 fix(install): command completion with single match (@ wraithgar)DEPENDENCIES
225645420#3995 update to latest eslint and linting rules (@ wraithgar)203fedf5b#4016eslint@8.0.0:@ npmcli/eslint-config@2.0.0(@ wraithgar)@ npmcli/eslint-config@2.0.07b4aa59b6signal-exit@3.0.6:,tap@15.1.2(@ isaacs)08015859c#4049npmlog@6.0.0(@ wraithgar)088c11694#4045node-gyp@8.4.0: (@ wraithgar)44bfa3787#4065 @ npmcli/arborist 4.0.5 (@ fritzy)--no-workspacesv8.1.3 (2021-11-04)
BUG FIXES
8ffeb71df#3959 fix: refactor commands (@ wraithgar)e5bfdaca4#3978 fix: shrinkwrap setting incorrect lockfileVersion (@ lukekarrys)32ccd3c27#3988 fix: remove usage of unnecessary util.promisify (@ lukekarrys)1e9c31c4e#3994 fix: npm help on windows (@ wraithgar)22230ef3d#3987 fix: make prefixed usage errors more consistent (@ lukekarrys)DEPENDENCIES
ac2fabb86#3990@ npmcli/arborist@4.0.4a0d35ff20#3996@ npmcli/config@2.3.1:BUG FIXES
cb9f43551#3949 allow--lockfile-versionconfig to be string and coerce to number (@ lukekarrys)070901d7a#3943 fix(publish): clean args before logging (@ wraithgar)DEPENDENCIES
8af94726b#3953arborist@4.0.338cee94#340 fix: set lockfileVersion from file during resetd310bd3#339 fix: always set originalLockfileVersion when doing shrinkwrap resetv8.1.1 (2021-10-21)
DEPENDENCIES
51fb83ce9#3921@ npmcli/arborist@4.0.2:1d07f2187#3913node-gyp@8.3.0:v8.1.0 (2021-10-14)
FEATURES
24273a862#3890 feat(workspaces): add --include-workspace-root and explicit --no-workspaces (@ fritzy)d559d6da8#3880 feat(config): Add --lockfile-version config option (@ isaacs)DEPENDENCIES
ae4bf013d#3883pacote@12.0.2:npm-packlist@3.0.0fbc5a3d08#3889@ npmcli/ci-detect@1.4.0b6bc279e5#3893@ npmcli/arborist@4.0.10f69d295b#3893@ npmcli/map-workspaces@2.0.0DOCUMENTATION
f77932ca1#3861 fix(docs): Update Node support in README (@ gfyoung)a190f422a#3878 fix(docs): grammar fix (@ XhmikosR)v8.0.0 (2021-10-07)
The purpose of this release is to drop support for old node versions and
to remove support for
require('npm'). There are no other breakingchanges.
BREAKING CHANGES
require('npm')DEPENDENCIES
update to the latest node-gyp
8bd85cdae#3813cli-columns@4.0.0Commit messages
Package name: npm
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs