116 KiB
Changelog
All notable changes to this project will be documented in this file. See standard-version for commit guidelines.
5.5.2 (2022-01-27)
Bug Fixes
5.5.1 (2022-01-24)
Bug Fixes
- remove engines restriction from ui-theme dependency (de7713e)
- deps: update dependency marked to v4 (#2956) (5009797)
- deps: update dependency mime to v3 (#2957) (ac4392a)
5.5.0 (2022-01-22)
Features
- add new options to the web disable login and pkg managers (#2947) (1a7b1ee)
- upgrade @verdaccio-ui-theme (d36b8b1)
- use backward compatible UI from v6 on v5 (#2912) (b79266d)
Bug Fixes
- deps: update all non-major linting dependencies (5.x) (#2885) (23d0bd7)
- deps: update dependency @verdaccio/local-storage to v10.1.1 (#2932) (8c7e39e)
- deps: update dependency @verdaccio/readme to v10.2.1 (#2933) (8a75f8c)
- deps: update dependency async to v3.2.3 (#2934) (e2eb6ce)
- deps: update dependency fast-safe-stringify to v2.1.1 (#2891) (bd738ec)
- deps: update dependency verdaccio-audit to v10.1.1 (#2935) (3a9d773)
- update babel and core dependencies (#2887) (ec98159)
- update docker to v14.18.2 (#2888) (22cfea0)
- deps: update dependency pino to v6.13.4 (#2829) (1ec77e7)
5.4.0 (2021-12-24)
Features
- add cache-control header to endpoints (#2791) (fd3ad1e)
- add rate limit to user api endpoints (#2800) (#2799) (f64e403)
- add rate limit to web endpoints (#2799) (c91d6be)
- allow override user rate limit and user agent (#2803) (5b1264c)
- jwt default time new set (#2787) (1c17d09)
- user agent is the client by default (#2793) (e5d79ce)
Bug Fixes
- deps: update dependency @verdaccio/commons-api to v10.1.0 (#2789) (c5c0ef8)
- deps: update dependency body-parser to v1.19.1 (#2788) (46e583f)
5.3.2 (2021-12-16)
Bug Fixes
5.3.1 (2021-12-11)
Bug Fixes
5.3.0 (2021-12-08)
Bug Fixes
- markdown anchor links in package readme.md broken #2712 (820c9d5)
- update pnpm and bum up core deps (#2716) (60cd25c)
- deps: update dependency @verdaccio/commons-api to v10.0.2 (#2706) (73d565f)
- deps: update dependency @verdaccio/readme to v10.0.1 (#2708) (41cadcc)
- deps: update dependency @verdaccio/streams to v10.0.1 (#2709) (74d7d02)
- deps: update dependency http-errors to v1.8.1 (#2705) (eee19a5)
- deps: update dependency verdaccio-audit to v10.0.3 (#2710) (8c074e8)
- deps: update dependency verdaccio-htpasswd to v10.0.1 (#2711) (8e28848)
5.2.2 (2021-11-08)
Bug Fixes
5.2.1 (2021-11-08)
Bug Fixes
- deps: update dependency async to v3.2.2 (#2633) (da5d7e9)
- deps: update dependency mime to v2.6.0 (#2634) (089796c)
- deps: update dependency validator to v13.7.0 (#2635) (ef2fbff)
5.2.0 (2021-10-24)
Features
Bug Fixes
- deps: update dependency clipanion to v3.1.0 (#2561) (6a78ae0)
- deps: update dependency dayjs to v1.10.7 (#2565) (69091d1)
- deps: update dependency pino to v6.13.3 (#2562) (384b3e2)
5.1.6 (2021-09-21)
Bug Fixes
5.1.5 (2021-09-17)
Bug Fixes
5.1.4 (2021-09-07)
Bug Fixes
5.1.3 (2021-08-20)
Bug Fixes
- plugin allow_publish (pkg) got a undefined version (#2315) (ecfc4c3)
- update docker and core dependencies (#2375) (2e995f5)
- update docker base image to v14.17.5 (d63dcc0)
5.1.2 (2021-07-14)
Bug Fixes
- remove token experiment flag (#2332) (2924054)
- update dependencies (#2291) (b421ed8)
- update dependencies (#2303) (4fe8ddf)
- update dependencies (#2333) (7180338)
- update docker base image node 14.17.1 (#2314) (b8f711a)
- update docker base image node 14.17.3 (2bc5908)
5.1.1 (2021-06-12)
Bug Fixes
- add logger fatal if fails on startup (#2288) (558dd3f), closes #2287
- improve get headers from request #2190 (#2271) (38ca095)
5.1.0 (2021-05-24)
Features
- implement search v1 endpoint (#2256) (251bd95)
- tarball url redirect (#1688) (78d04cf)
- update Node.js docker image 14.17.0 (#2247) (4ed7286)
Bug Fixes
5.0.4 (2021-04-28)
Bug Fixes
5.0.3 (2021-04-27)
Bug Fixes
5.0.2 (2021-04-27)
Bug Fixes
5.0.1 (2021-04-10)
Bug Fixes
5.0.0 (2021-04-09)
Features
5.0.0-alpha.7 (2021-04-08)
Bug Fixes
- ui readme missing css (#2174) (f49ca06)
- Upgrade Node from 14.16 to 14.16.1 for security fixes (#2172) (6ab3163), closes /github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md#14
5.0.0-alpha.6 (2021-04-06)
5.0.0-alpha.5 (2021-04-03)
5.0.0-alpha.4 (2021-04-03)
Features
5.0.0-alpha.3 (2021-04-02)
Features
5.0.0-alpha.2 (2021-03-31)
Bug Fixes
5.0.0-alpha.1 (2021-03-30)
Features
5.0.0-alpha.0 (2021-03-29)
⚠ BREAKING CHANGES
- npm token support revisited and enabled by default (#2145)
- drop node 8 and node 10 (#2142)
Features
- drop node 8 and node 10 (#2142) (43f7043)
- improve url_prefix behavior (#2122) (15bb350)
- npm token support revisited and enabled by default (#2145) (8cc6393)
- upgrade to commander v7 (#2143) (3a1f608)
4.12.0 (2021-03-17)
Features
4.11.3 (2021-03-06)
Bug Fixes
4.11.2 (2021-03-04)
Bug Fixes
4.11.1 (2021-02-25)
Bug Fixes
4.11.0 (2021-01-20)
Features
- enable keep alive (#2067) (4d152ca)
- skip log static content from web (#2027) (39376be), closes #2026
- update @verdaccio/ui-theme (#2026) (2ea17ce)
- update UI theme (#2065) (936aa30)
Bug Fixes
4.10.0 (2020-12-06)
Features
- enable keep alive on configuration by default (#2014) (9171f25)
- Set bytesin log as optional (#2013) (e2f7bb2)
Bug Fixes
4.9.1 (2020-11-28)
Bug Fixes
4.9.0 (2020-11-22)
Features
- migrate yarn 1 to yarn 2 (#1962) (1ece11c)
- update docker base image to node 14.15.0 (#1992) (f901749)
Bug Fixes
- buffer deprecated warnings (#1993) (4feaf24)
- check author if lastest is not found (#1994) (185babc)
- package.json & yarn.lock to reduce vulnerabilities (#1910) (cb5a8a7)
- update dependencies (#1965) (1443b73)
- update dependencies (#1991) (ef51294)
- update dependencies, docker base and build deps (#2007) (6eef015)
- deps: bump @verdaccio/ui-theme from 1.12.1 to 1.13.1 (#1961) (f7aad33)
- update Dockerfile to Node v12.18.4 (#1945) (b409c01)
4.8.1 (2020-08-06)
Bug Fixes
- package.json & yarn.lock to reduce vulnerabilities (#1879) (7c50d87)
- package.json & yarn.lock to reduce vulnerabilities (#1889) (5e94478)
- update readme library (#1892) (f75ad87)
- upgrade docker base image nodejs (#1895) (261eab5)
4.8.0 (2020-07-16)
Features
- deps: bump @verdaccio/ui-theme from 1.11.0 to 1.12.0 (#1872) (0348bf6)
- ca certificate is optional for https configuration (#1853) (912482a)
Bug Fixes
- package.json & yarn.lock to reduce vulnerabilities (#1876) (e374a62)
- revert move bodyParse to the upper level (#1841) (#1877) (844267c)
- update dependencies (#1878) (3c48670)
4.7.2 (2020-06-26)
Bug Fixes
4.7.1 (2020-06-22)
Bug Fixes
4.7.0 (2020-06-20)
Features
- npm deprecation support (#1842) (80ade97)
- restore Node 8 support (#1832) (56b677a)
- update ui add new languages (#1849) (4d01831)
- update verdaccio plugins and dependencies (#1838) (03c7feb)
Bug Fixes
- [Snyk] upgrade @verdaccio/streams from 9.4.0 to 9.5.0 (#1819) (1e2159a)
- move bodyParse to the upper level (#1841) (67c31b6)
- updated nodejs version to fix vulnerability in 12.x https://nodejs.org/en/blog/vulnerability/june-2020-security-releases/ (#1836) (aee69a9)
- upgrade mkdirp from 1.0.3 to 1.0.4 (#1782) (50f6c71)
4.6.2 (2020-05-01)
Bug Fixes
4.6.1 (2020-04-27)
Bug Fixes
4.6.0 (2020-04-24)
Features
- add dark mode on and chinese translation for web (#1765) (4a81262)
- update @verdaccio/ui-theme@1.5.0 (#1780) (656ec55)
- update docker node to 12.16.2 (#1776) (61faa33)
Bug Fixes
- fatal exception and crash when log rotate signal event is called (#1774) (1a9a12e), closes #1709
- incorrect primary_color crash the ui (#1771) (d689260)
- upgrade async from 3.1.1 to 3.2.0 (#1756) (3ec8d13)
- upgrade dayjs from 1.8.20 to 1.8.21 (#1759) (ebae410)
- upgrade dayjs from 1.8.21 to 1.8.22 (b2d00e4)
4.5.1 (2020-03-14)
Bug Fixes
4.5.0 (2020-03-14)
Features
Bug Fixes
- adding Content-Type to response in GET /-/all (#1697) (#1728) (3aaa048)
- package.json & yarn.lock to reduce vulnerabilities (#1746) (3c49777)
- update @verdaccio/readme@9.3.2 (#1745) (9213526)
- update acorn@7.1.1 (#1739) (1968fa8)
- update dependencies security warnings (#1748) (1e664bd)
- upgrade dayjs from 1.8.19 to 1.8.20 (#1721) (6849ef9)
- upgrade handlebars from 4.7.2 to 4.7.3 (#1726) (11fed6d)
- upgrade mkdirp from 1.0.0 to 1.0.3 (#1747) (981efa5)
- upgrade semver from 7.1.2 to 7.1.3 (#1735) (64e2543)
4.4.4 (2020-02-26)
Bug Fixes
- tarball urls for web/package (fix #1714) (#1716) (70a93da)
- upgrade @verdaccio/local-storage from 9.0.0 to 9.3.0 (#1717) (1f3f8cd)
- upgrade semver from 7.1.1 to 7.1.2 (#1719) (c3e931e)
4.4.3 (2020-02-19)
Bug Fixes
- update @verdaccio/ui-theme@0.3.13 (#1710) (d94f838)
- upgrade async from 3.1.0 to 3.1.1 (#1708) (a32e431)
- upgrade dayjs from 1.8.17 to 1.8.19 (#1700) (5320b13)
- upgrade handlebars from 4.5.3 to 4.7.2 (#1699) (8c2e58b)
- upgrade lockfile-lint from 2.0.1 to 2.2.0 (#1698) (17ddf3e)
- use https to resolve mixed content errors (#1674) (fd6c649)
4.4.2 (2020-01-11)
Bug Fixes
- use hasProxyTo to find correct uplink for tarballs (#1644) (19d9fc2), closes #1642 #1642
- deps: bump @verdaccio/local-storage from 8.5.0 to 9.0.0 (7b67bea), closes #1663 #1639
- deps: bump @verdaccio/ui-theme from 0.3.10 to 0.3.11 (#1657) (9a2fd81)
- deps: bump @verdaccio/ui-theme from 0.3.11 to 0.3.12 (#1657) (#1665) (aac6709)
- updated combine url fix method (#1647) (4f43347)
4.4.1 (2020-01-03)
Bug Fixes
- prevent issue with leading hyphen in package name - fixes #1429 (#1636) (f89bf27)
- warning due ui dependecy (#1638) (fbc87fc)
4.4.0 (2019-12-15)
Bug Fixes
Features
4.3.5 (2019-11-21)
Bug Fixes
- changed the exit code for info flag (#1537) (cbea2ed)
- package.json to reduce vulnerabilities (#1552) (cd8228b)
- package.json to reduce vulnerabilities (#1577) (e459881)
- package.json to reduce vulnerabilities (#1583) (2f3ba93)
4.3.4 (2019-10-23)
Bug Fixes
- minor grammatical tweak (#1513) (35f816b)
- minor typos, formatting, and docs (#1512) (549f474)
- security vulnerability at readme in dompurify dep (#1532) (2ac7770)
4.3.3 (2019-10-03)
Bug Fixes
4.3.2 (2019-10-02)
Bug Fixes
- comment out experiments from configuration files (#1505) (3438b75)
- fixing the lint issues (#1503) (02aee3a)
- fixing typos in comments (#1504) (72314e4)
4.3.1 (2019-10-01)
Bug Fixes
4.3.0 (2019-09-30)
Bug Fixes
Features
- browse web package version (#1457) (d5303f4)
- ensure every log file has at least one record (#1414) (962d5d5)
- npm token command support (#1427) (dbf2017)
- docker: Node.js update to 10.16.3 (#1473) (e081a58)
4.2.2 (2019-08-25)
Bug Fixes
- mkdir failed and ec2 infinitely re-launch (342d284)
- update @verdaccio/ui-theme@0.2.3 (#1451)
- use test + mkdir for strict dir check (9006146)
4.2.1 (2019-08-10)
Bug Fixes
- fixed user creation endpoint to properly import groups (50e115f)
- remove stub type definition for handlebars (de8dc43)
- unpublish and add or remove star collision (#1434) (c264f94)
- deps: add missing prod dependency (849f5bc)
4.2.0 (2019-07-29)
Bug Fixes
- security: add secrets baseline (2b218ce)
- allows pkg names that start with dash (e319435), closes /github.com/rlidwka/sinopia/commit/9f662a69e19a15dd90f568fc3a3ebf65b33cbd80#diff-50e3aa130a4f97a42ee2cf111c7b1d9
- upgrade to 1.0.2 which solves the docker issue (aa8f1d3)
Build System
- deps: bump lodash.template from 4.4.0 to 4.5.0 (#1384) (b453681)
- fix semver missing type on build with docker (12b60f6)
- update issue templates for use info new flag (#1377) (495bb0a)
Features
- add new prop to audit middleware (d93e76b)
- convert project to typescript (#1374) (66f4197)
- docker image bump to node.js 10.16 (802c796)
- plugins can throw http status codes (3c53997)
- prevent secrets from leaking to source control (9ef6808)
- update to @verdaccio/ui-theme@0.2.2 (9dd1c8f)
Tests
- add unit test for parser logger strings (3beb57f)
4.1.0 (2019-07-08)
Features
- parse YAML/JSON/JS config file (#1258) (95d134b)
- plugin support to filter packages (b9ffac5), closes #818
- chore: Included provision to show up local environment information (#1365) (eb6bf51), closes #1364
Tests
- increase usage of constants (2f3ec2c)
- fix broken test for validate parameters (4bf6b3b)
- relocate api spec test (8786a37)
- relocate helpers (d052bce)
- relocate notification test (596c727)
- relocate plugin storage (e7400ce)
- relocate spec test (b4c42c1)
- relocate test (3929633)
- relocate unit test (ca2e23c)
- relocate unit test cli, proxy, utils (b1eb7c6)
4.0.4 (2019-06-20)
Bug Fixes
4.0.3 (2019-06-14)
Bug Fixes
- api: return 503 to npm/yarn on uplink connection timeout (#1331) (eb7a8e3), closes #1328 #720 #1328 #720
4.0.2 (2019-06-13)
Bug Fixes
- correctly check if the proxy setting evaluates to false (#1336) (df834f4)
- update dependencies (e581634), closes #1339
- update security policy details (#1342) (ddcd89d)
- api: force authenticate on login (#1347) (85c1bd1)
- ui: failed to load all packages after login (192fb77)
4.0.1 (2019-05-28)
Bug Fixes
4.0.0 (2019-05-26)
Bug Fixes
- add missing pkg version and name on start up (8cf3966)
- update @verdaccio/ui-theme:0.1.7 (8e48eea)
- warning text is hard to read when running under root (3ac038f)
Features
- create security policy (#1322) (0e9f23d)
- prepare release v4 (#1307) (b9506d6)
- update readme v4 (#1312) (7686417)
4.0.0-beta.10 (2019-05-20)
Bug Fixes
- add missing pkg version and name on start up (8cf3966)
4.0.0-beta.9 (2019-05-20)
Bug Fixes
- update @verdaccio/ui-theme:0.1.7 (8e48eea)
Features
4.0.0-beta.8 (2019-05-07)
Bug Fixes
- update lock file (3c69132)
4.0.0-beta.7 (2019-05-07)
4.0.0-beta.6 (2019-05-07)
Bug Fixes
4.0.0-beta.5 (2019-04-30)
Bug Fixes
Features
- add some security headers for web UI (#1295) @juanpicado (615db0a)
4.0.0-beta.4 (2019-04-29)
Features
4.0.0-beta.3 (2019-04-28)
Bug Fixes
- logo field in configuration cannot use the local file (56c70d4)
- ui: version rendering issue (40679aa)
4.0.0-beta.2 (2019-04-26)
Features
4.0.0-beta.1 (2019-04-16)
Bug Fixes
- all static files are captured by the router (86a6e5e)
4.0.0-beta.0 (2019-04-15)
Bug Fixes
- package.json to reduce vulnerabilities (#1276) (fbe9409)
- update @verdaccio/ui-theme@0.0.13 (8760e18)
- update docker node to latest lts version (a5be22b)
4.0.0-alpha.7 (2019-04-06)
Bug Fixes
- package.json to reduce vulnerabilities (d99053e)
Features
4.0.0-alpha.6 (2019-03-30)
Bug Fixes
- add new enpoind that allow download tarballs according the standard (87203f2)
- add not found if package is missing (4da21c1)
- husky commitlint not work, replace invalid test (84be869)
- potential issue on sign new jwt tokens (265849e), closes /github.com/auth0/node-jsonwebtoken/issues/326#issuecomment-288124020
Features
- add star and unstar api for 4.x (1ab7c50)
- add stars api (75c0e1e)
- engines and npm upgraded to v8 and v5 (89b0efe)
4.0.0-alpha.5 (2019-03-04)
Bug Fixes
- #1191 overrides existing package to 0 bytes file (783fbce)
- applied jsx-max-depth (d940da4)
- applied prefer-const (4962e36)
- applied valid-describe (2b48958)
- applied valid-describe (3bda0cf)
- applied valid-expect-in-promise (c7034e7)
- broken home page (4f41fc9)
- click on logo break ui (#1071) (5b34dc8)
- fixed container size (039a94d)
- issue on refactor router (19b0f47)
- logo on header (158666f)
- remove online fonts (29c6e56)
- remove unused dependency (3ed7a86)
- update markup@6.0.1 (009bb98)
- v4 compatible helpers (7279662)
Features
- ability to restrict unpublish action to certain users #492 (ef50325)
- add dependencies navigation (adfcbc2)
- add dist-tags on ui (4f4720d)
- add support for profile cli command #392 (change password) (#1034) (f1416ed)
- added uplinks component (6c32769)
- added versions. wip (5573ff5)
- allow apiJWTmiddleware to be managed by Auth plugin (049917a)
- allow disable gravatar #1172 (c338f46)
- allow order packages via on web #1163 (49c6f03)
- disable node9 on circleci (9e4e8be)
- endpoints change password on ui (#1068) (712db31)
- migrate react router from hash to history api #1013 (1a456fb)
- not found page (#1208) (752b870)
- package version gets sent to plugins (3943863)
- register info selector (6d96007)
- stop hit proxies on search web UI (#1126) (2362310)
- update verdaccio author (9efd1e2)
- use verdaccio babel preset (d37fe5c)
- use verdaccio babel preset (c3af3cb)
4.0.0-alpha.1 (2018-09-27)
4.0.0-alpha.0 (2018-09-27)
Bug Fixes
- fix docker python issue #883 (611aeb4)
- load package list undefined (#993) (4431c47)
- Make systemd unit more production-like (#929) (ffc9410)
Features
- add support for jwt on api (#896) (a68d247), closes #168
- add support for multiple protocol on protocol header (#1014) (40e2b10)
- added prettier (#921) (43bd622)
- check for minimum node.js version on start (#968) (ba9dc35)
- rename database file name (#954) (dd72120)
- replaced element-react by Material-UI (#950) (#985) (3639557)
- replaced lunr by lunr-mutable (#915) (1602840)
- verdaccio update notification on CLI (#988) (#998) (bc04703)
4.0.0-alpha.4 (2019-01-09)
Bug Fixes
- applied jsx-max-depth (d940da4)
- applied prefer-const (4962e36)
- applied valid-describe (3bda0cf)
- applied valid-describe (2b48958)
- applied valid-expect-in-promise (c7034e7)
- broken home page (4f41fc9)
- click on logo break ui (#1071) (5b34dc8)
- issue on refactor router (19b0f47)
Features
- add support for profile cli command #392 (change password) (#1034) (f1416ed)
- endpoints change password on ui (#1068) (712db31)
- stop hit proxies on search web UI (#1126) (2362310)
4.0.0-alpha.3 (2018-10-12)
Bug Fixes
4.0.0-alpha.2 (2018-10-12)
Bug Fixes
4.0.0-alpha.1 (2018-09-27)
Bug Fixes
- fix docker python issue #883 (611aeb4)
- load package list undefined (#993) (4431c47)
- Make systemd unit more production-like (#929) (ffc9410)
Features
- add support for jwt on api (#896) (a68d247), closes #168
- add support for multiple protocol on protocol header (#1014) (40e2b10)
- added prettier (#921) (43bd622)
- check for minimum node.js version on start (#968) (ba9dc35)
- rename database file name (#954) (dd72120)
- replaced element-react by Material-UI (#950) (#985) (3639557)
- replaced lunr by lunr-mutable (#915) (1602840)
- verdaccio update notification on CLI (#988) (#998) (bc04703)
3.11.6 (2019-02-25)
Bug Fixes
3.11.5 (2019-02-21)
Bug Fixes
3.11.4 (2019-02-11)
Bug Fixes
- update dependencies due to security vulnerabilities (f6f014a)
3.11.3 (2019-02-07)
Bug Fixes
- server keepAliveTimeout is in milliseconds, config value in seconds. (7f79c77)
3.11.2 (2019-02-05)
Bug Fixes
- lodash vulnerability (c35486d)
3.11.1 (2019-01-31)
Bug Fixes
- don’t make change if
time
fields match (#1167) (e62ef8d) - don’t packages that have no uplinks after reading (#1204) (95686be)
3.11.0 (2019-01-27)
Features
- introduce server keepAliveTimeout into config files (a359055)
3.10.2 (2019-01-22)
Bug Fixes
- add logic to catch clause (#1183) (056d396)
- adds _id to normalise metadata (#1194) (e2fa581)
- remove some unneeded checks (#1182) (ab56d75)
- remove unused object (#1185) (e9b3907)
- remove unused parameters from processBody method invocation (#1184) (064f7cf)
- remove use of comma separator (#1186) (f20fefa)
- remove useless assignment to local variable emailCopy (#1181) (13b8347)
3.10.1 (2018-12-20)
Bug Fixes
3.10.0 (2018-12-06)
Bug Fixes
Features
3.9.0 (2018-12-04)
Bug Fixes
Features
3.8.6 (2018-11-15)
Bug Fixes
3.8.5 (2018-10-18)
Bug Fixes
3.8.4 (2018-10-13)
Bug Fixes
- click on logo break ui (#1073) (9a3c8bc)
- click on logo when using url_prefix was not working (#996) (3ac9646)
3.8.3 (2018-10-07)
Bug Fixes
3.8.2 (2018-09-27)
Bug Fixes
3.8.1 (2018-09-10)
Bug Fixes
3.8.0 (2018-09-05)
Bug Fixes
Features
3.7.1 (2018-08-28)
Bug Fixes
- login modal validation (#958) (9f78c31)
- ui change details issue in props update (#959) (#960) (431e760)
3.7.0 (2018-08-25)
Bug Fixes
- bugs related to logging with type json (#893) (cd231ba)
- login without reload (#678) (#679) (#914) (9cd3ccb)
- path to static directory could be changed (#942) (5557ce5)
- removes asciidoctor.js support (#884) (#947) (cf05938)
Features
3.6.0 (2018-08-13)
Bug Fixes
- abort the stream to prevent overwriting existing tarbal (2e5a409)
- webui: search crash on ' ' as a value #898 (#902) (fd67698)
Features
- translations: enable Chinese Simplified on website (88b29e0)
3.5.1 (2018-08-02)
Bug Fixes
- remove version page (8a0e8ab)
3.5.0 (2018-08-02)
Bug Fixes
Features
- adds gravatar support for maintainers (4df6b3b)
- adds option to set scope in webui instructions header (f9e9383), closes #593
3.4.1 (2018-07-27)
Bug Fixes
3.4.0 (2018-07-27)
Bug Fixes
- Authentication Plugins / plugin[method] is not a function (0a3870e)
Features
3.3.0 (2018-07-22)
Bug Fixes
- add RemoteUser type for auth (2f4dbe8)
- adds webpack banner plugin to tag bundles with version (#784) (dac28d3)
- dynamic date generation for component test (e5ea0c2)
- ignores http_proxy and https_proxy (d04dc8d)
- improves regex for ascii and test (#461) (be3968f)
- license field alignment on web ui (#761) (9fa523a)
- open external tabs in new tabs (25e8e60)
- package.json to reduce vulnerabilities (389e306)
- solve seo issue #760 (62d3033)
- wrong auth plugin signature (5c2c414)
Features
- adds support for ascii-doc preview in readme (#464) (29bb57a)
- adds support for external plugin directory (#532) (11dcf79)
- capitalises logged in username (#752) (0e21e35)
3.2.0 (2018-06-15)
Bug Fixes
- allowing to allow replace static enpoint in case of reverse proxy (90803c7)
- fixed linebreaks lint issue (9e3ab09)
- normalize package was broken #758 (3717ad4)
Features
- Add basic package infos and resource links to sidebar. (7bd3a4f)
- add published package support to template (4245636)
- added information about package publisher for notifications (1ca5298)
3.1.2 (2018-06-11)
Bug Fixes
- configure fetch to send cookies (98ac855)
- search implementation depends now of each plugin (8f0508f)
3.1.1 (2018-06-07)
Bug Fixes
3.1.0 (2018-06-05)
Bug Fixes
Features
3.0.2 (2018-05-31)
Bug Fixes
3.0.1 (2018-05-31)
Bug Fixes
- ui fails to render whether time is missing (f575b48)
3.0.0 (2018-05-30)
Bug Fixes
- favicon refers to .png while only .ico exists #681 (11e6f9f)
- web-ui css were not being minimized (3168a76)
Features
- new verdaccio skin to webui (b8b2612)
3.0.0-beta.12 (2018-05-23)
Features
3.0.0-beta.11 (2018-05-20)
Bug Fixes
3.0.0-beta.10 (2018-05-14)
Bug Fixes
Features
- return latest dis-tag readme whether main metadata readme is emtpy (e75376b)
3.0.0-beta.9 (2018-05-13)
Bug Fixes
- update dependencies #691 (d07bfc5)
- vulnerabilities dependencies (d4722d6)
- vulnerabilities with lodash (bcf128e)
3.0.0-beta.8 (2018-05-09)
Bug Fixes
- allow do not include storage if uses a storage plugin (4332ffc)
- disable autocomplete on search so it doesn't default to username (2e41d9f)
- make enter key submit the login modal form (f89b498)
3.0.0-beta.7 (2018-04-30)
Bug Fixes
- beta header (102fa22)
- enforce maximum amount of users for new users only (4d19d7d)
- package command build:webui breaks on non-unix platforms (4ec81d4)
- restore plugin loader (3c1c3ca)
- should fix flow performance issues (453891b)
- update memory plugin (a7aa77a)
- update memory plugin for e2e (df418a8)
- update memory storage plugin (a75b7bd)
- update types (4d5e8aa)
- update uplinks auth header (3f6eeb4), closes #670
- upgrade webpack to v4. fixes [#544] (b1c631c)
3.0.0-beta.6 (2018-04-03)
Bug Fixes
- api login use case when user already exist (6491db4)
Features
- update verdaccio-htpasswd plugin (3a9c994)
3.0.0-beta.5 (2018-03-26)
Bug Fixes
- adds debounce to search api call (aa60e1d)
- test: replaces LocaleString with date-nfs/format (0d3cf84)
- correct linter errors and warnings (5c5af27)
- display logo (cbf4b9c)
- login with fetch (f338ee4)
- unit test and better error handling (2022a30)
Features
- remove web logout endpoint (badc707)
3.0.0-beta.4 (2018-03-18)
Bug Fixes
- add teardown for unit test (036120b)
Features
3.0.0-alpha.0 (2018-01-07)
2.7.2 (2018-01-05)
Bug Fixes
- marked dependency to latest (75bf2a8)
2.7.1 (2017-12-20)
Bug Fixes
- notification for multiple endpoints (b605d1e)
2.7.0 (2017-12-05)
Features
- Add middleware plugins from fl4re/sinopia (374a5e8)
- Log-rotation used to require a full restart of the application (baa4763
- Add Kubernetes instructions (ef1bd34
- Match shell title with web title (ddcc493
2.6.6 (2017-11-08)
Bug Fixes
- 🐛 incorrect logo url with slash at the end of
url_prefix
(859eccb)
2.6.5 (2017-11-05)
Bug Fixes
- upgrade node to fix long standing socket timeout issue (bcc13ac)
2.6.4 (2017-10-31)
Bug Fixes
- 🐛 incorrect resource and registry url while install on sub directory (67e97a1)
2.6.3 (2017-10-21)
Bug Fixes
- Check if socket exists before removing (e916a0f)
2.6.2 (2017-10-21)
Bug Fixes
- Remove unix socket before listen (d42a41e)
2.6.1 (2017-10-19)
2.6.0 (2017-10-18)
Bug Fixes
- plugin loader with logs (d6ed202)
Features
- add pfx support for https (c84d567)
2.5.1 (2017-10-01)
Bug Fixes
- fix docker build failure due breaking changes in yarn (c62e90f)
2.5.0 (2017-10-01)
Bug Fixes
- 🐛 check error code to prevent data loss (5d73dca) fix #329
- Fix #334 UI failure on IE 11, add suppor for old browsers. (f1f15be)
Features
- header authorization uplink (7baf7cb)
2.4.0 (2017-09-23)
Bug Fixes
- 🐛 check error code to prevent data loss (5d73dca)
- 🐛 check error code to prevent data loss (93aae05)
- 🐛 Package metadata cache not work (4d6a447)
- Fixed bug with Maximum call stack size exceeded on packages web API (#326)
- fix: 🐛 Package metadata cache does not work (#317)
- Debug log color in terminal is too dark (#311)
- docs: Add new sections to documentation (#308)
- Remove from web section not longer valid properties (#307) (#309)
- Fix possible data loss upstream (#306) (#300)
Features
- Update node alpine version to 8.4.0 (3f96ce3)
2.3.6 (2017-08-17)
Bug Fixes
- link was broken (a9481cc)
- Correct accept header set for registry requests (#295)
- Update SSL documentation (#296)
- Fix auth process to check against username also and not just groups (#293)
2.3.5 (2017-08-14)
Bug Fixes
- configuration files inconsistencies, add unit test (644c098)
- Remove accept header that seems cause issues #285 #289 and npm search fails (fab8391)
2.3.4 (2017-07-29)
Bug Fixes
- Docker image fails due lock file localhost references (901a7be)
2.3.3 (2017-07-29)
Bug Fixes
2.3.2 (2017-07-28)
Bug Fixes
- 🐛 detail page can't handle scoped package (1c9fbfc)
- #268 remove the accept header that avoids request with some regiestries (e7dcf3c)
- #78 add new setting to allow publish when uplinks are offline (430425c)
- broken link (9fb0e14)
- lint warning (d0afe78)
- Param web.title from config.yaml does not work on docker image #265 (b1a396d)
- undefined check (ff96d2e)
2.3.1 (July 25, 2017)
- bug: Detail page can't handle scoped package - #261
- bug: can't publish a private package to verdaccio while offline - #223
- refactor: use light version of syntax highlighter - #260
2.3.0 (July 22, 2017)
- feature: Refactor User Interface - #220
2.2.7 (July 18, 2017)
- bug: fix running behind of loadbalancer with TLS termination - #254
2.2.6 (July 13, 2017)
- build: update node version due security update announcement - #251
2.2.5 (July 4, 2017)
- Fixed adding the verdaccio user into the group - #241
2.2.3 (July 4, 2017)
- Updated Dockerfile & added proper signal handling - #239
2.2.2 (July 2, 2017)
- Improve Docker Build - #181
- Bugfix #73
npm-latest
support - #228 - Add documentation - #229
2.2.1 (June 17, 2017)
- config section moved up, some keywords added - #211
- docs: update docs with behind reverse proxy - #214
- Add remote ip to request log - #216
2.2.0 (June 8, 2017)
- Allow url_prefix to be only the path - (@BartDubois ) in #197
- Apache reverse proxy configuration - (@mysiar ) in #198
- don't blindly clobber local dist-tags - (@rmg ) in #206
- Adds cache option to uplinks - (@silkentrance ) in #132
2.1.7 (May 14, 2017)
- Fixed publish fail in YARN - (@W1U02 in #183
2.1.6 (May 12, 2017)
- Fix https certificates safety check - (@juanpicado) in #189
- Fix upstream search not work with gzip - (@Meeeeow in #170)
- Add additional requirement to output message - (@marnel in #184)
- Implement npm ping endpoint - (@juanpicado) in #179
- Add support for multiple notification endpoints to existing webhook - (@ryan-codingintrigue) in #108
2.1.5 (April 22, 2017)
- fix upstream search - (@Meeeeow in #166)
- Fix search feature - (@Meeeeow in #163)
- add docs about run behind proxy - (@Meeeeow in #160)
2.1.4 (April 13, 2017)
- Added Nexus Repository OSS as similar existing software - (@nedelenbos030 in #147)
- Increase verbose on notify request - (@juanpicado in #153)
- Add fallback support to previous config files - (@juanpicado in #155)
- Allows retrieval of all local package contents via http://server/-/search/* - (@Verikon in #152)
2.1.3 (March 29, 2017)
- [GH-83] create systemd service - (@030 in #89)
- optional scope in the readme package name. - (@psychocode in #136)
- Added docker image for rpi - (@danielo515 in #137)
- Allow configuring a tagline that is displayed on the webpage between. (@jachstet-sea in #143)
2.1.2 (March 9, 2017)
- Contribute guidelines - (@juanpicado in #133)
- fix(plugin-loader): plugins verdaccio-* overwrite by sinopia- (@Alexandre-io in #129)
2.1.1 (February 7, 2017)
- [GH-86] updated readme to point to new chef cookbook (@kgrubb in #117)
- [GH-88] rename to Verdaccio instead of Sinopia (@kgrubb in #93)
- Unit testing coverage (@juanpicado in #116)
- Allow htpasswd-created users to log in @imsnif in #112)
- remove travis io.js support (@juanpicado in #115)
- rename clean up (@juanpicado in #114)
- _npmUser / author not showing up (@juanpicado in #65)
- Docs: correct config attribute
proxy_access
(@robertgroh in #96) - Problem with docker.yaml (@josedepaz in #72)
- Prevent logging of user and password (@tlvince in #94)
- Updated README.md to reflect the availability of the docker image (@jmwilkinson) in #71)
2.1.0 (October 11, 2016)
- Use __dirname to resolve local plugins (@aledbf in #25)
- Fix npm cli logout (@plitex in #47)
- Add log format: pretty-timestamped (@jachstet-sea in #68)
- Allow adding/overriding HTTP headers of uplinks via config (@jachstet-sea in #67)
- Update Dockerfile to fix failed start (@denisbabineau in #62)
- Update the configs to fully support proxying scoped packages (@ChadKillingsworth in #60)
- Prevent the server from crashing if a repo is accessed that the user does not have access to (@crowebird in #58)
- Hook system, for integration into things like slack
- Register entry partial even if custom template is provided (@plitex in #46)
- Rename process to verdaccio (@juanpicado in #57)
7 Jun 2015, version 1.4.0
- avoid sending X-Forwarded-For through proxies (issues #19, #254)
- fix multiple issues in search (issues #239, #253)
- fix "maximum stack trace exceeded" errors in auth (issue #258)
10 May 2015, version 1.3.0
- add dist-tags endpoints (issue #211)
22 Apr 2015, version 1.2.2
- fix access control regression in
1.2.1
(issue #238) - add a possibility to bind on unix sockets (issue #237)
11 Apr 2015, version 1.2.1
- added more precise authorization control to auth plugins (issue #207)
29 Mar 2015, version 1.1.0
- add a possibility to listen on multiple ports (issue #172)
- added https support (issues #71, #166)
- added an option to use a custom template for web UI (issue #208)
- remove "from" and "resolved" fields from shrinkwrap (issue #204)
- fix hanging when rendering readme (issue #206)
- fix logger-related crash when using sinopia as a library
- all requests to uplinks should now have proper headers
12 Feb 2015, version 1.0.1
- fixed issue with
max_users
option (issue #184) - fixed issue with not being able to disable the web interface (issue #195)
- fixed 500 error while logging in with npm (issue #200)
26 Jan 2015, version 1.0.0
- switch markdown parser from
remarkable
tomarkdown-it
- update
npm-shrinkwrap.json
- now downloading tarballs from upstream using the same protocol as for metadata (issue #166)
22 Dec 2014, version 1.0.0-beta.2
- fix windows behavior when
$HOME
isn't set (issue #177) - fix sanitization for highlighted code blocks in readme (issue render-readme/#1)
15 Dec 2014, version 1.0.0-beta
- Markdown rendering is now a lot safer (switched to remarkable+sanitizer).
- Header in web interface is now static instead of fixed.
GET /-/all?local
now returns list of all local packages (issue #179)
5 Dec 2014, version 1.0.0-alpha.3
- Fixed an issue with scoped packages in tarballs
25 Nov 2014, version 1.0.0-alpha
-
Config file is now created in
$XDG_CONFIG_HOME
instead of current directory.It is printed to stdout each time sinopia starts, so you hopefully won't have any trouble locating it.
The change is made so sinopia will pick up the same config no matter which directory it is started from.
-
Default config file is now a lot shorter, and it is very permissive by default. You could use sinopia without modifying it on your own computer, but definitely should change it on production.
-
Added auth tokens. For now, auth token is just a username+password encrypted for security reasons, so it isn't much different from basic auth, but allows to avoid "always-auth" npm setting.
-
Added scoped packages.
Please note that default
*
mask won't apply to them. You have to use masks like@scope/*
to match scoped packages, or**
to match everything. -
Enabled web interface by default. Wow, it looks almost ready now!
-
All dependencies are bundled now, so uncompatible changes in 3rd party stuff in the future won't ruin the day.
1 Nov 2014, version 0.13.2
- fix
EPERM
-related crashes on windows (issue #67)
22 Oct 2014, version 0.13.0
- web interface:
2 Oct 2014, version 0.12.1
-
web interface:
-
bugfixes:
- fix "offset out of bounds" issues (issue sinopia-htpasswd/#2)
- "max_users" in htpasswd plugin now work correctly (issue sinopia-htpasswd/#3)
- fix
ENOTDIR, open '.sinopia-db.json'
error in npm search (issue #122)
25 Sep 2014, version 0.12.0
-
set process title to
sinopia
-
web interface bugfixes:
18 Sep 2014, version 0.11.3
- fix 500 error in adduser function in sinopia-htpasswd (issue #121)
- fix fd leak in authenticate function in sinopia-htpasswd (issue #116)
15 Sep 2014, version 0.11.1
- mark crypt3 as optional (issue #119)
15 Sep 2014, version 0.11.0
-
Added auth plugins (issue #99)
Now you can create your own auth plugin based on sinopia-htpasswd package.
-
WIP: web interface (issue #73)
It is disabled by default, and not ready for production yet. Use at your own risk. We will enable it in the next major release.
-
Some modules are now bundled by default, so users won't have to install stuff from git. We'll see what issues it causes, maybe all modules will be bundled in the future like in npm.
14 Sep 2014, version 0.10.x
A bunch of development releases that are broken in various ways. Please use 0.11.x instead.
7 Sep 2014, version 0.9.3
- fix several bugs that could cause "can't set headers" exception
3 Sep 2014, version 0.9.2
- allow "pretty" format for logging into files (issue #88)
- remove outdated user existence check (issue #115)
11 Aug 2014, version 0.9.1
26 Jul 2014, version 0.9.0
-
new features:
-
bugfixes:
- avoid crashing when res.socket is null (issue #89)
20 Jun 2014, version 0.8.2
14 Apr 2014, version 0.8.1
- "latest" tag is now always present in any package (issue #63)
- tags created with new npm versions (>= 1.3.19) can now be published correctly
1 Apr 2014, version 0.8.0
- use gzip compression whenever possible (issue #54)
- set
ignore_latest_tag
to false, it should now be more compatible with npm registry - make
fs-ext
optional (issue #61)
29 Mar 2014, version 0.7.1
13 Mar 2014, version 0.7.0
-
config changes:
- breaking change: all time intervals are now specified in seconds instead of milliseconds for the sake of consistency. Change
timeout
if you have one! - all time intervals now can be specified in nginx notation, for example
1m 30s
will specify a 90 seconds timeout - added
maxage
option to avoid asking public registry for the same data too often (issue #47) - added
max_fails
andfail_timeout
options to reduce amount of requests to public registry when it's down (issue #7)
- breaking change: all time intervals are now specified in seconds instead of milliseconds for the sake of consistency. Change
-
bug fixes:
-
other changes:
- 404 errors are returned in couchdb-like manner (issue #56)
5 Mar 2014, version 0.6.7
- pin down express@3 version, since sinopia doesn't yet work with express@4
28 Feb 2014, version 0.6.5
- old SSL keys for npm are removed, solves
SELF_SIGNED_CERT_IN_CHAIN
error
3 Feb 2014, version 0.6.3
18 Jan 2014, version 0.6.2
- adding config param to specify upload limits (issue #39)
- making loose semver versions work (issue #38)
13 Jan 2014, version 0.6.1
- support setting different storage paths for different packages (issue #35)
30 Dec 2013, version 0.6.0
- tag support (issue #8)
- adding support for npm 1.3.19+ behaviour (issue #31)
- removing all support for proxying publish requests to uplink (too complex)
26 Dec 2013, version 0.5.9
- fixing bug with bad Accept header (issue #32)
20 Dec 2013, version 0.5.8
- fixed a warning from js-yaml
- don't color multiline strings in logs output
- better error messages in various cases
- test format changed
15 Dec 2013, version 0.5.7
- try to fetch package from uplinks if user requested a tarball we don't know about (issue #29)
- security fix: set express.js to production mode so we won't return stack traces to the user in case of errors
11 Dec 2013, version 0.5.6
- fixing a few crashes related to tags
8 Dec 2013, version 0.5.4
- latest tag always shows highest version available (issue #8)
- added a configurable timeout for requests to uplinks (issue #18)
- users with bad authentication header are considered not logged in (issue #17)
24 Nov 2013, version 0.5.3
- added proxy support for requests to uplinks (issue #13)
- changed license from default BSD to WTFPL
26 Oct 2013, version 0.5.2
- server now supports unpublishing local packages
- added fs-ext dependency (flock)
- fixed a few face conditions
20 Oct 2013, version 0.5.1
- fixed a few errors related to logging
12 Oct 2013, version 0.5.0
- using bunyan as a log engine
- pretty-formatting colored logs to stdout by default
- ask user before creating any config files
5 Oct 2013, version 0.4.3
- basic tags support for npm (read-only)
- npm star/unstar calls now return proper error
29 Sep 2013, version 0.4.2
28 Sep 2013, version 0.4.1
- using mocha for tests now
- making use of streams2 api, doesn't work on 0.8 anymore
- basic support for uploading packages to other registries
27 Sep 2013, version 0.4.0
- basic test suite
- storage path in config is now relative to config file location, not cwd
- proper cleanup for temporary files
12 Jul 2013, version 0.3.2
4 Jul 2013, version 0.3.1
- using ETag header for all json output, based on md5
20 Jun 2013, version 0.3.0
- compression for http responses
- requests for files to uplinks are now streams (no buffering)
- tarballs are now cached locally
19 Jun 2013, version 0.2.0
- config file changed, packages is now specified with minimatch
- ability to retrieve all packages from another registry (i.e. npmjs)
14 Jun 2013, version 0.1.1
- config is now autogenerated
- tarballs are now read/written from fs using streams (no buffering)
9 Jun 2013, version 0.1.0
- first npm version
- ability to publish packages and retrieve them locally
- basic authentication/access control
22 May 2013, version 0.0.0
- first commits