KEMBAR78
Comparing v6.13.3...v6.13.4 · npm/cli · GitHub
Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: npm/cli
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v6.13.3
Choose a base ref
...
head repository: npm/cli
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v6.13.4
Choose a head ref
  • 5 commits
  • 13 files changed
  • 1 contributor

Commits on Dec 11, 2019

  1. gentle-fs@2.3.0

    @isaacs
    isaacs committed Dec 11, 2019
    Configuration menu
    Copy the full SHA
    52fd210 View commit details
    Browse the repository at this point in the history

  2. bin-links@1.1.6

    @isaacs
    isaacs committed Dec 11, 2019
    Configuration menu
    Copy the full SHA
    d06f5c0 View commit details
    Browse the repository at this point in the history

  3. Do not remove global bin/man links inappropriately 

    Prevent a global install from overwriting bins and manpages if they are
not links/shims that npm controls, or if then are links/shims to
packages other than the one being installed.

Changes error message output on EEXIST errors to be more helpful.

Related:

- npm/bin-links#12
- npm/gentle-fs#7

Note: this does NOT prevent packages from overwriting one another's bins
in non-global package installs, because doing so would introduce a
[dependency hell](https://en.wikipedia.org/wiki/Dependency_hell) that
npm 6 is not capable of avoiding without significant refactoring.  The
collision detection in npm v7's tree building will enable us to explore
such an option, by never placing dependencies in the same place if they
would write the same bin script.  (It's fundamentally similar to
peerDependency resolution, but much simpler.)

Since users have not complained about this potential foot-gun in the
last 5 years, its unlikely that it is a significant issue, and
introducing additional dependency nesting (or worse, failing installs
for unresolveable trees) is likely an even worse hazard.  If we do
prevent non-global-top installs from overwriting one another's bins, it
ought to be done only as best-effort (ie, allow the collision if both
deps need to be placed in the same node_modules folder) and perhaps
opt-in with a config flag.
    @isaacs
    isaacs committed Dec 11, 2019
    Configuration menu
    Copy the full SHA
    320ac9a View commit details
    Browse the repository at this point in the history

  4. docs: changelog for 6.13.4

    @isaacs
    isaacs committed Dec 11, 2019
    Configuration menu
    Copy the full SHA
    f2aca36 View commit details
    Browse the repository at this point in the history

  5. 6.13.4

    @isaacs
    isaacs committed Dec 11, 2019
    Configuration menu
    Copy the full SHA
    fd29398 View commit details
    Browse the repository at this point in the history
Loading