# @verdaccio/api ## 6.0.0-6-next.44 ### Patch Changes - Updated dependencies [d167f92e] - @verdaccio/config@6.0.0-6-next.61 - @verdaccio/auth@6.0.0-6-next.40 - @verdaccio/middleware@6.0.0-6-next.40 - @verdaccio/store@6.0.0-6-next.41 - @verdaccio/core@6.0.0-6-next.61 - @verdaccio/utils@6.0.0-6-next.29 - @verdaccio/logger@6.0.0-6-next.29 ## 6.0.0-6-next.43 ### Minor Changes - 45c03819: refactor: render html middleware ### Patch Changes - Updated dependencies [45c03819] - @verdaccio/config@6.0.0-6-next.60 - @verdaccio/middleware@6.0.0-6-next.39 - @verdaccio/store@6.0.0-6-next.40 - @verdaccio/auth@6.0.0-6-next.39 - @verdaccio/core@6.0.0-6-next.60 - @verdaccio/logger@6.0.0-6-next.28 - @verdaccio/utils@6.0.0-6-next.28 ## 6.0.0-6-next.42 ### Patch Changes - Updated dependencies [65f88b82] - @verdaccio/logger@6.0.0-6-next.27 - @verdaccio/middleware@6.0.0-6-next.38 - @verdaccio/auth@6.0.0-6-next.38 - @verdaccio/store@6.0.0-6-next.39 - @verdaccio/core@6.0.0-6-next.59 - @verdaccio/config@6.0.0-6-next.59 - @verdaccio/utils@6.0.0-6-next.27 ## 6.0.0-6-next.41 ### Patch Changes - Updated dependencies [fa274ee4] - @verdaccio/middleware@6.0.0-6-next.37 - @verdaccio/core@6.0.0-6-next.58 - @verdaccio/config@6.0.0-6-next.58 - @verdaccio/auth@6.0.0-6-next.37 - @verdaccio/store@6.0.0-6-next.38 - @verdaccio/utils@6.0.0-6-next.26 - @verdaccio/logger@6.0.0-6-next.26 ## 6.0.0-6-next.40 ### Patch Changes - Updated dependencies [9943e2b1] - @verdaccio/middleware@6.0.0-6-next.36 - @verdaccio/store@6.0.0-6-next.37 - @verdaccio/core@6.0.0-6-next.57 - @verdaccio/config@6.0.0-6-next.57 - @verdaccio/auth@6.0.0-6-next.36 - @verdaccio/logger@6.0.0-6-next.25 - @verdaccio/utils@6.0.0-6-next.25 ## 6.0.0-6-next.39 ### Minor Changes - a1986e09: feat: expose middleware utils ### Patch Changes - Updated dependencies [a1986e09] - @verdaccio/middleware@6.0.0-6-next.35 - @verdaccio/utils@6.0.0-6-next.24 - @verdaccio/auth@6.0.0-6-next.35 - @verdaccio/config@6.0.0-6-next.56 - @verdaccio/store@6.0.0-6-next.36 - @verdaccio/core@6.0.0-6-next.56 - @verdaccio/logger@6.0.0-6-next.24 ## 6.0.0-6-next.38 ### Patch Changes - Updated dependencies [9718e033] - @verdaccio/config@6.0.0-6-next.55 - @verdaccio/core@6.0.0-6-next.55 - @verdaccio/store@6.0.0-6-next.35 - @verdaccio/utils@6.0.0-6-next.23 - @verdaccio/auth@6.0.0-6-next.34 - @verdaccio/logger@6.0.0-6-next.23 - @verdaccio/middleware@6.0.0-6-next.34 ## 6.0.0-6-next.37 ### Minor Changes - ef88da3b: feat: improve support for fs promises older nodejs ### Patch Changes - Updated dependencies [ef88da3b] - @verdaccio/config@6.0.0-6-next.54 - @verdaccio/core@6.0.0-6-next.54 - @verdaccio/logger@6.0.0-6-next.22 - @verdaccio/utils@6.0.0-6-next.22 - @verdaccio/auth@6.0.0-6-next.33 - @verdaccio/store@6.0.0-6-next.34 - @verdaccio/middleware@6.0.0-6-next.33 ## 6.0.0-6-next.36 ### Patch Changes - @verdaccio/auth@6.0.0-6-next.32 - @verdaccio/core@6.0.0-6-next.53 - @verdaccio/logger@6.0.0-6-next.21 - @verdaccio/store@6.0.0-6-next.33 - @verdaccio/config@6.0.0-6-next.53 - @verdaccio/middleware@6.0.0-6-next.32 - @verdaccio/utils@6.0.0-6-next.21 ## 6.0.0-6-next.35 ### Patch Changes - @verdaccio/core@6.0.0-6-next.52 - @verdaccio/config@6.0.0-6-next.52 - @verdaccio/auth@6.0.0-6-next.31 - @verdaccio/logger@6.0.0-6-next.20 - @verdaccio/middleware@6.0.0-6-next.31 - @verdaccio/store@6.0.0-6-next.32 - @verdaccio/utils@6.0.0-6-next.20 ## 6.0.0-6-next.34 ### Minor Changes - 4b29d715: chore: move improvements from v5 to v6 Migrate improvements form v5 to v6: - https://github.com/verdaccio/verdaccio/pull/3158 - https://github.com/verdaccio/verdaccio/pull/3151 - https://github.com/verdaccio/verdaccio/pull/2271 - https://github.com/verdaccio/verdaccio/pull/2787 - https://github.com/verdaccio/verdaccio/pull/2791 - https://github.com/verdaccio/verdaccio/pull/2205 ### Patch Changes - Updated dependencies [4b29d715] - @verdaccio/auth@6.0.0-6-next.30 - @verdaccio/config@6.0.0-6-next.51 - @verdaccio/core@6.0.0-6-next.51 - @verdaccio/middleware@6.0.0-6-next.30 - @verdaccio/store@6.0.0-6-next.31 - @verdaccio/logger@6.0.0-6-next.19 - @verdaccio/utils@6.0.0-6-next.19 ## 6.0.0-6-next.33 ### Patch Changes - b4cc8001: fix: improve abort request search - @verdaccio/core@6.0.0-6-next.50 - @verdaccio/config@6.0.0-6-next.50 - @verdaccio/auth@6.0.0-6-next.29 - @verdaccio/logger@6.0.0-6-next.18 - @verdaccio/middleware@6.0.0-6-next.29 - @verdaccio/store@6.0.0-6-next.30 - @verdaccio/utils@6.0.0-6-next.18 ## 6.0.0-6-next.32 ### Minor Changes - ce013d2f: refactor: npm star command support reimplemented ### Patch Changes - Updated dependencies [ce013d2f] - @verdaccio/store@6.0.0-6-next.29 - @verdaccio/core@6.0.0-6-next.49 - @verdaccio/config@6.0.0-6-next.49 - @verdaccio/auth@6.0.0-6-next.28 - @verdaccio/logger@6.0.0-6-next.17 - @verdaccio/middleware@6.0.0-6-next.28 - @verdaccio/utils@6.0.0-6-next.17 ## 6.0.0-6-next.31 ### Major Changes - 9fc2e796: feat(plugins): improve plugin loader ### Changes - Add scope plugin support to 6.x https://github.com/verdaccio/verdaccio/pull/3227 - Avoid config collisions https://github.com/verdaccio/verdaccio/issues/928 - https://github.com/verdaccio/verdaccio/issues/1394 - `config.plugins` plugin path validations - Updated algorithm for plugin loader. - improved documentation (included dev) ## Features - Add scope plugin support to 6.x https://github.com/verdaccio/verdaccio/pull/3227 - Custom prefix: ``` // config.yaml server: pluginPrefix: mycompany middleware: audit: foo: 1 ``` This configuration will look up for `mycompany-audit` instead `Verdaccio-audit`. ## Breaking Changes ### sinopia plugins - `sinopia` fallback support is removed, but can be restored using `pluginPrefix` ### plugin filter - method rename `filter_metadata`->`filterMetadata` ### Plugin constructor does not merge configs anymore https://github.com/verdaccio/verdaccio/issues/928 The plugin receives as first argument `config`, which represents the config of the plugin. Example: ``` // config.yaml auth: plugin: foo: 1 bar: 2 export class Plugin { public constructor(config: T, options: PluginOptions) { console.log(config); // {foo:1, bar: 2} } } ``` ### Minor Changes - 62c24b63: feat: add passwordValidationRegex property ### Patch Changes - 43f32687: fix: abbreviated headers handle quality values - Updated dependencies [43f32687] - Updated dependencies [9fc2e796] - Updated dependencies [62c24b63] - @verdaccio/core@6.0.0-6-next.48 - @verdaccio/store@6.0.0-6-next.28 - @verdaccio/auth@6.0.0-6-next.27 - @verdaccio/config@6.0.0-6-next.48 - @verdaccio/utils@6.0.0-6-next.16 - @verdaccio/logger@6.0.0-6-next.16 - @verdaccio/middleware@6.0.0-6-next.27 ## 6.0.0-6-next.30 ### Patch Changes - @verdaccio/core@6.0.0-6-next.47 - @verdaccio/config@6.0.0-6-next.47 - @verdaccio/auth@6.0.0-6-next.26 - @verdaccio/logger@6.0.0-6-next.15 - @verdaccio/middleware@6.0.0-6-next.26 - @verdaccio/store@6.0.0-6-next.27 - @verdaccio/utils@6.0.0-6-next.15 ## 6.0.0-6-next.29 ### Patch Changes - b849128d: fix: handle upload scoped tarball - Updated dependencies [b849128d] - @verdaccio/core@6.0.0-6-next.8 - @verdaccio/store@6.0.0-6-next.26 - @verdaccio/auth@6.0.0-6-next.25 - @verdaccio/config@6.0.0-6-next.17 - @verdaccio/logger@6.0.0-6-next.14 - @verdaccio/middleware@6.0.0-6-next.25 - @verdaccio/utils@6.0.0-6-next.14 ## 6.0.0-6-next.28 ### Patch Changes - 351aeeaa: fix(deps): @verdaccio/utils should be a prod dep of local-storage - Updated dependencies [351aeeaa] - @verdaccio/auth@6.0.0-6-next.24 - @verdaccio/core@6.0.0-6-next.7 - @verdaccio/logger@6.0.0-6-next.13 - @verdaccio/store@6.0.0-6-next.25 - @verdaccio/middleware@6.0.0-6-next.24 - @verdaccio/config@6.0.0-6-next.16 - @verdaccio/utils@6.0.0-6-next.13 ## 6.0.0-6-next.27 ### Minor Changes - 37274e4c: feat: implement abbreviated manifest Enable abbreviated manifest data by adding the header: ``` curl -H "Accept: application/vnd.npm.install-v1+json" https://registry.npmjs.org/verdaccio ``` It returns a filtered manifest, additionally includes the [time](https://github.com/pnpm/rfcs/pull/2) field by request. Current support for packages managers: - npm: yes - pnpm: yes - yarn classic: yes - yarn modern (+2.x): [no](https://github.com/yarnpkg/berry/pull/3981#issuecomment-1076566096) https://github.com/npm/registry/blob/master/docs/responses/package-metadata.md#abbreviated-metadata-format ### Patch Changes - Updated dependencies [37274e4c] - @verdaccio/store@6.0.0-6-next.24 - @verdaccio/auth@6.0.0-6-next.23 - @verdaccio/core@6.0.0-6-next.6 - @verdaccio/logger@6.0.0-6-next.12 ## 6.0.0-6-next.26 ### Major Changes - 292c0a37: feat!: replace deprecated request dependency by got This is a big refactoring of the core, fetching dependencies, improve code, more tests and better stability. This is essential for the next release, will take some time but would allow modularize more the core. ## Notes - Remove deprecated `request` by other `got`, retry improved, custom Agent ( got does not include it built-in) - Remove `async` dependency from storage (used by core) it was linked with proxy somehow safe to remove now - Refactor with promises instead callback wherever is possible - ~Document the API~ - Improve testing, integration tests - Bugfix - Clean up old validations - Improve performance ## 💥 Breaking changes - Plugin API methods were callbacks based are returning promises, this will break current storage plugins, check documentation for upgrade. - Write Tarball, Read Tarball methods parameters change, a new set of options like `AbortController` signals are being provided to the `addAbortSignal` can be internally used with Streams when a request is aborted. eg: `addAbortSignal(signal, fs.createReadStream(pathName));` - `@verdaccio/streams` stream abort support is legacy is being deprecated removed - Remove AWS and Google Cloud packages for future refactoring [#2574](https://github.com/verdaccio/verdaccio/pull/2574). ### Minor Changes - 00d1d2a1: chore: env variable for launch fastify - Update fastify to major release `v4.3.0` - Update CLI launcher via CLI ``` VERDACCIO_SERVER=fastify verdaccio ``` with docker ``` docker run -it --rm --name verdaccio \ -e "VERDACCIO_SERVER=8080" -p 8080:8080 \ -e "VERDACCIO_SERVER=fastify" \ verdaccio/verdaccio ``` ### Patch Changes - Updated dependencies [292c0a37] - Updated dependencies [a3a209b5] - Updated dependencies [00d1d2a1] - @verdaccio/auth@6.0.0-6-next.23 - @verdaccio/config@6.0.0-6-next.15 - @verdaccio/core@6.0.0-6-next.6 - @verdaccio/logger@6.0.0-6-next.12 - @verdaccio/middleware@6.0.0-6-next.23 - @verdaccio/store@6.0.0-6-next.23 - @verdaccio/utils@6.0.0-6-next.12 ## 6.0.0-6-next.25 ### Patch Changes - Updated dependencies [d43894e8] - Updated dependencies [d08fe29d] - @verdaccio/config@6.0.0-6-next.14 - @verdaccio/auth@6.0.0-6-next.22 - @verdaccio/hooks@6.0.0-6-next.13 - @verdaccio/store@6.0.0-6-next.22 - @verdaccio/core@6.0.0-6-next.5 - @verdaccio/logger@6.0.0-6-next.11 - @verdaccio/middleware@6.0.0-6-next.22 ## 6.0.0-6-next.24 ### Major Changes - 82cb0f2b: feat!: config.logs throw an error, logging config not longer accept array or logs property ### 💥 Breaking change This is valid ```yaml log: { type: stdout, format: pretty, level: http } ``` This is invalid ```yaml logs: { type: stdout, format: pretty, level: http } ``` or ```yaml logs: - [{ type: stdout, format: pretty, level: http }] ``` ### Minor Changes - 5167bb52: feat: ui search support for remote, local and private packages The command `npm search` search globally and return all matches, with this improvement the user interface is powered with the same capabilities. The UI also tag where is the origin the package with a tag, also provide the latest version and description of the package. ### Patch Changes - Updated dependencies [82cb0f2b] - Updated dependencies [5167bb52] - @verdaccio/config@6.0.0-6-next.13 - @verdaccio/core@6.0.0-6-next.5 - @verdaccio/logger@6.0.0-6-next.11 - @verdaccio/store@6.0.0-6-next.21 - @verdaccio/auth@6.0.0-6-next.21 - @verdaccio/hooks@6.0.0-6-next.13 - @verdaccio/middleware@6.0.0-6-next.21 - @verdaccio/utils@6.0.0-6-next.11 ## 6.0.0-6-next.23 ### Patch Changes - @verdaccio/auth@6.0.0-6-next.20 - @verdaccio/store@6.0.0-6-next.20 - @verdaccio/hooks@6.0.0-6-next.12 - @verdaccio/middleware@6.0.0-6-next.20 ## 6.0.0-6-next.22 ### Patch Changes - Updated dependencies [aeff267d] - @verdaccio/auth@6.0.0-6-next.19 - @verdaccio/hooks@6.0.0-6-next.12 - @verdaccio/middleware@6.0.0-6-next.19 ## 6.0.0-6-next.21 ### Patch Changes - Updated dependencies [b78f3525] - @verdaccio/logger@6.0.0-6-next.10 - @verdaccio/auth@6.0.0-6-next.18 - @verdaccio/hooks@6.0.0-6-next.12 - @verdaccio/middleware@6.0.0-6-next.18 - @verdaccio/store@6.0.0-6-next.19 ## 6.0.0-6-next.20 ### Patch Changes - Updated dependencies [730b5d8c] - @verdaccio/logger@6.0.0-6-next.9 - @verdaccio/auth@6.0.0-6-next.17 - @verdaccio/hooks@6.0.0-6-next.11 - @verdaccio/middleware@6.0.0-6-next.17 - @verdaccio/store@6.0.0-6-next.18 ## 6.0.0-6-next.19 ### Major Changes - a828271d: refactor: download manifest endpoint and integrate fastify Much simpler API for fetching a package ``` const manifest = await storage.getPackageNext({ name, uplinksLook: true, req, version: queryVersion, requestOptions, }); ``` > not perfect, the `req` still is being passed to the proxy (this has to be refactored at proxy package) and then removed from here, in proxy we pass the request instance to the `request` library. ### Details - `async/await` sugar for getPackage() - Improve and reuse code between current implementation and new fastify endpoint (add scaffolding for request manifest) - Improve performance - Add new tests ### Breaking changes All storage plugins will stop to work since the storage uses `getPackageNext` method which is Promise based, I won't replace this now because will force me to update all plugins, I'll follow up in another PR. Currently will throw http 500 ### Minor Changes - 24b9be02: refactor: improve docker image build with strict dependencies and prod build - b13a3fef: refactor: improve versions and dist-tag filters ### Patch Changes - Updated dependencies [a828271d] - Updated dependencies [24b9be02] - Updated dependencies [e75c0a3b] - Updated dependencies [b13a3fef] - @verdaccio/store@6.0.0-6-next.17 - @verdaccio/utils@6.0.0-6-next.10 - @verdaccio/core@6.0.0-6-next.4 - @verdaccio/middleware@6.0.0-6-next.16 - @verdaccio/logger@6.0.0-6-next.8 - @verdaccio/auth@6.0.0-6-next.16 - @verdaccio/config@6.0.0-6-next.12 - @verdaccio/hooks@6.0.0-6-next.10 ## 6.0.0-6-next.18 ### Patch Changes - Updated dependencies [f86c31ed] - Updated dependencies [20c9e43e] - @verdaccio/store@6.0.0-6-next.16 - @verdaccio/utils@6.0.0-6-next.9 - @verdaccio/auth@6.0.0-6-next.15 - @verdaccio/config@6.0.0-6-next.11 - @verdaccio/tarball@11.0.0-6-next.10 - @verdaccio/middleware@6.0.0-6-next.15 - @verdaccio/hooks@6.0.0-6-next.9 ## 6.0.0-6-next.17 ### Patch Changes - Updated dependencies [6c1eb021] - @verdaccio/core@6.0.0-6-next.3 - @verdaccio/logger@6.0.0-6-next.7 - @verdaccio/auth@6.0.0-6-next.14 - @verdaccio/config@6.0.0-6-next.10 - @verdaccio/tarball@11.0.0-6-next.9 - @verdaccio/hooks@6.0.0-6-next.9 - @verdaccio/middleware@6.0.0-6-next.14 - @verdaccio/store@6.0.0-6-next.15 - @verdaccio/utils@6.0.0-6-next.8 ## 6.0.0-6-next.16 ### Major Changes - 794af76c: Remove Node 12 support - We need move to the new `undici` and does not support Node.js 12 ### Minor Changes - b702ea36: abort search request support for proxy - 154b2ecd: refactor: remove @verdaccio/commons-api in favor @verdaccio/core and remove duplications ### Patch Changes - Updated dependencies [794af76c] - Updated dependencies [b702ea36] - Updated dependencies [154b2ecd] - @verdaccio/auth@6.0.0-6-next.13 - @verdaccio/config@6.0.0-6-next.9 - @verdaccio/core@6.0.0-6-next.2 - @verdaccio/tarball@11.0.0-6-next.8 - @verdaccio/hooks@6.0.0-6-next.8 - @verdaccio/logger@6.0.0-6-next.6 - @verdaccio/middleware@6.0.0-6-next.13 - @verdaccio/store@6.0.0-6-next.14 - @verdaccio/utils@6.0.0-6-next.7 ## 6.0.0-6-next.15 ### Patch Changes - Updated dependencies [2c594910] - @verdaccio/logger@6.0.0-6-next.5 - @verdaccio/auth@6.0.0-6-next.12 - @verdaccio/hooks@6.0.0-6-next.7 - @verdaccio/middleware@6.0.0-6-next.12 - @verdaccio/store@6.0.0-6-next.13 ## 6.0.0-6-next.14 ### Major Changes - 459b6fa7: refactor: search v1 endpoint and local-database - refactor search `api v1` endpoint, improve performance - remove usage of `async` dependency https://github.com/verdaccio/verdaccio/issues/1225 - refactor method storage class - create new module `core` to reduce the ammount of modules with utilities - use `undici` instead `node-fetch` - use `fastify` instead `express` for functional test ### Breaking changes - plugin storage API changes - remove old search endpoint (return 404) - filter local private packages at plugin level The storage api changes for methods `get`, `add`, `remove` as promise base. The `search` methods also changes and recieves a `query` object that contains all query params from the client. ```ts export interface IPluginStorage extends IPlugin { add(name: string): Promise; remove(name: string): Promise; get(): Promise; init(): Promise; getSecret(): Promise; setSecret(secret: string): Promise; getPackageStorage(packageInfo: string): IPackageStorage; search(query: searchUtils.SearchQuery): Promise; saveToken(token: Token): Promise; deleteToken(user: string, tokenKey: string): Promise; readTokens(filter: TokenFilter): Promise; } ``` ### Patch Changes - Updated dependencies [459b6fa7] - @verdaccio/auth@6.0.0-6-next.11 - @verdaccio/config@6.0.0-6-next.8 - @verdaccio/commons-api@11.0.0-6-next.4 - @verdaccio/core@6.0.0-6-next.1 - @verdaccio/hooks@6.0.0-6-next.6 - @verdaccio/store@6.0.0-6-next.12 - @verdaccio/utils@6.0.0-6-next.6 - @verdaccio/middleware@6.0.0-6-next.11 - @verdaccio/tarball@11.0.0-6-next.7 - @verdaccio/logger@6.0.0-6-next.4 ## 6.0.0-6-next.13 ### Patch Changes - Updated dependencies [df0da3d6] - @verdaccio/hooks@6.0.0-6-next.5 - @verdaccio/auth@6.0.0-6-next.10 - @verdaccio/store@6.0.0-6-next.11 - @verdaccio/middleware@6.0.0-6-next.10 ## 6.0.0-6-next.12 ### Patch Changes - Updated dependencies [d2c65da9] - @verdaccio/utils@6.0.0-6-next.5 - @verdaccio/auth@6.0.0-6-next.9 - @verdaccio/config@6.0.0-6-next.7 - @verdaccio/tarball@11.0.0-6-next.6 - @verdaccio/middleware@6.0.0-6-next.9 - @verdaccio/store@6.0.0-6-next.10 - @verdaccio/hooks@6.0.0-6-next.4 ## 6.0.0-6-next.11 ### Patch Changes - Updated dependencies [5ddfa526] - @verdaccio/store@6.0.0-6-next.9 ## 6.0.0-6-next.10 ### Patch Changes - Updated dependencies [1b217fd3] - @verdaccio/config@6.0.0-6-next.6 - @verdaccio/auth@6.0.0-6-next.8 - @verdaccio/hooks@6.0.0-6-next.4 - @verdaccio/store@6.0.0-6-next.8 - @verdaccio/middleware@6.0.0-6-next.8 ## 6.0.0-6-next.9 ### Patch Changes - Updated dependencies [1810ed0d] - Updated dependencies [648575aa] - @verdaccio/config@6.0.0-6-next.5 - @verdaccio/tarball@11.0.0-6-next.5 - @verdaccio/utils@6.0.0-6-next.4 - @verdaccio/auth@6.0.0-6-next.7 - @verdaccio/hooks@6.0.0-6-next.4 - @verdaccio/store@6.0.0-6-next.7 - @verdaccio/middleware@6.0.0-6-next.7 ## 6.0.0-6-next.8 ### Patch Changes - Updated dependencies [5c5057fc] - @verdaccio/config@6.0.0-6-next.4 - @verdaccio/logger@6.0.0-6-next.4 - @verdaccio/auth@6.0.0-6-next.6 - @verdaccio/hooks@6.0.0-6-next.4 - @verdaccio/store@6.0.0-6-next.6 - @verdaccio/tarball@11.0.0-6-next.4 - @verdaccio/middleware@6.0.0-6-next.6 ## 6.0.0-6-next.7 ### Patch Changes - Updated dependencies [cb2281a5] - @verdaccio/store@6.0.0-6-next.5 - @verdaccio/tarball@11.0.0-6-next.4 ## 5.0.0-alpha.6 ### Patch Changes - @verdaccio/auth@5.0.0-alpha.5 - @verdaccio/hooks@5.0.0-alpha.3 - @verdaccio/middleware@5.0.0-alpha.5 ## 5.0.0-alpha.5 ### Patch Changes - Updated dependencies [f8a50baa] - @verdaccio/auth@5.0.0-alpha.4 - @verdaccio/hooks@5.0.0-alpha.3 - @verdaccio/middleware@5.0.0-alpha.4 ## 5.0.0-alpha.4 ### Patch Changes - fecbb9be: chore: add release step to private regisry on merge changeset pr - Updated dependencies [fecbb9be] - @verdaccio/auth@5.0.0-alpha.3 - @verdaccio/config@5.0.0-alpha.3 - @verdaccio/commons-api@10.0.0-alpha.3 - @verdaccio/hooks@5.0.0-alpha.3 - @verdaccio/logger@5.0.0-alpha.3 - @verdaccio/middleware@5.0.0-alpha.3 - @verdaccio/store@5.0.0-alpha.4 - @verdaccio/utils@5.0.0-alpha.3 ## 5.0.0-alpha.3 ### Minor Changes - 54c58d1e: feat: add server rate limit protection to all request To modify custom values, use the server settings property. ```markdown server: ## https://www.npmjs.com/package/express-rate-limit#configuration-options rateLimit: windowMs: 1000 max: 10000 ``` The values are intended to be high, if you want to improve security of your server consider using different values. ### Patch Changes - Updated dependencies [54c58d1e] - @verdaccio/auth@5.0.0-alpha.2 - @verdaccio/config@5.0.0-alpha.2 - @verdaccio/commons-api@10.0.0-alpha.2 - @verdaccio/hooks@5.0.0-alpha.2 - @verdaccio/logger@5.0.0-alpha.2 - @verdaccio/middleware@5.0.0-alpha.2 - @verdaccio/store@5.0.0-alpha.3 - @verdaccio/utils@5.0.0-alpha.2 ## 5.0.0-alpha.2 ### Minor Changes - 2a327c4b: feat: remove level dependency by lowdb for npm token cli as storage ### new npm token database There will be a new database located in your storage named `.token-db.json` which will store all references to created tokens, **it does not store tokens**, just mask of them and related metadata required to reference them. #### Breaking change If you were relying on `npm token` experiment. This PR will replace the used database (level) by a json plain based one (lowbd) which does not require Node.js C++ compilation step and has less dependencies. Since was a experiment there is no migration step. ### Patch Changes - @verdaccio/store@5.0.0-alpha.2 ## 5.0.0-alpha.1 ### Major Changes - d87fa026: feat!: experiments config renamed to flags - The `experiments` configuration is renamed to `flags`. The functionality is exactly the same. ```js flags: token: false; search: false; ``` - The `self_path` property from the config file is being removed in favor of `config_file` full path. - Refactor `config` module, better types and utilities - da1ee9c8: - Replace signature handler for legacy tokens by removing deprecated crypto.createDecipher by createCipheriv - Introduce environment variables for legacy tokens ### Code Improvements - Add debug library for improve developer experience ### Breaking change - The new signature invalidates all previous tokens generated by Verdaccio 4 or previous versions. - The secret key must have 32 characters long. ### New environment variables - `VERDACCIO_LEGACY_ALGORITHM`: Allows to define the specific algorithm for the token signature which by default is `aes-256-ctr` - `VERDACCIO_LEGACY_ENCRYPTION_KEY`: By default, the token stores in the database, but using this variable allows to get it from memory ### Minor Changes - 26b494cb: feat: add typescript project references settings Reading https://ebaytech.berlin/optimizing-multi-package-apps-with-typescript-project-references-d5c57a3b4440 I realized I can use project references to solve the issue to pre-compile modules on develop mode. It allows to navigate (IDE) trough the packages without need compile the packages. Add two `tsconfig`, one using the previous existing configuration that is able to produce declaration files (`tsconfig.build`) and a new one `tsconfig` which is enables [_projects references_](https://www.typescriptlang.org/docs/handbook/project-references.html). ### Patch Changes - b57b4338: Enable prerelease mode with **changesets** - 42dfed78: testing changesets - 31af0164: ESLint Warnings Fixed Related to issue #1461 - max-len: most of the sensible max-len errors are fixed - no-unused-vars: most of these types of errors are fixed by deleting not needed declarations - @typescript-eslint/no-unused-vars: same as above - Updated dependencies [d87fa026] - Updated dependencies [42024c34] - Updated dependencies [da1ee9c8] - Updated dependencies [ae52ba35] - Updated dependencies [26b494cb] - Updated dependencies [b57b4338] - Updated dependencies [add778d5] - Updated dependencies [31af0164] - @verdaccio/auth@5.0.0-alpha.1 - @verdaccio/config@5.0.0-alpha.1 - @verdaccio/commons-api@10.0.0-alpha.1 - @verdaccio/hooks@5.0.0-alpha.1 - @verdaccio/logger@5.0.0-alpha.1 - @verdaccio/middleware@5.0.0-alpha.1 - @verdaccio/store@5.0.0-alpha.1 - @verdaccio/utils@5.0.0-alpha.1 ## 5.0.0-alpha.1 ### Major Changes - d87fa0268: feat!: experiments config renamed to flags - The `experiments` configuration is renamed to `flags`. The functionality is exactly the same. ```js flags: token: false; search: false; ``` - The `self_path` property from the config file is being removed in favor of `config_file` full path. - Refactor `config` module, better types and utilities - da1ee9c82: - Replace signature handler for legacy tokens by removing deprecated crypto.createDecipher by createCipheriv - Introduce environment variables for legacy tokens ### Code Improvements - Add debug library for improve developer experience ### Breaking change - The new signature invalidates all previous tokens generated by Verdaccio 4 or previous versions. - The secret key must have 32 characters long. ### New environment variables - `VERDACCIO_LEGACY_ALGORITHM`: Allows to define the specific algorithm for the token signature which by default is `aes-256-ctr` - `VERDACCIO_LEGACY_ENCRYPTION_KEY`: By default, the token stores in the database, but using this variable allows to get it from memory ### Minor Changes - 26b494cbd: feat: add typescript project references settings Reading https://ebaytech.berlin/optimizing-multi-package-apps-with-typescript-project-references-d5c57a3b4440 I realized I can use project references to solve the issue to pre-compile modules on develop mode. It allows to navigate (IDE) trough the packages without need compile the packages. Add two `tsconfig`, one using the previous existing configuration that is able to produce declaration files (`tsconfig.build`) and a new one `tsconfig` which is enables [_projects references_](https://www.typescriptlang.org/docs/handbook/project-references.html). ### Patch Changes - b57b43388: Enable prerelease mode with **changesets** - 42dfed785: testing changesets - 31af01641: ESLint Warnings Fixed Related to issue #1461 - max-len: most of the sensible max-len errors are fixed - no-unused-vars: most of these types of errors are fixed by deleting not needed declarations - @typescript-eslint/no-unused-vars: same as above - Updated dependencies [d87fa0268] - Updated dependencies [42024c346] - Updated dependencies [da1ee9c82] - Updated dependencies [ae52ba352] - Updated dependencies [26b494cbd] - Updated dependencies [b57b43388] - Updated dependencies [add778d55] - Updated dependencies [31af01641] - @verdaccio/auth@5.0.0-alpha.1 - @verdaccio/config@5.0.0-alpha.1 - @verdaccio/commons-api@10.0.0-alpha.0 - @verdaccio/hooks@5.0.0-alpha.1 - @verdaccio/logger@5.0.0-alpha.1 - @verdaccio/middleware@5.0.0-alpha.1 - @verdaccio/store@5.0.0-alpha.1 - @verdaccio/utils@5.0.0-alpha.1