Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
26 KiB
Change Log
12.0.0-next.4
Patch Changes
- @verdaccio/core@7.0.0-next.4
- @verdaccio/config@7.0.0-next.4
12.0.0-next.3
Major Changes
e7ebccb61
: update major dependencies, remove old nodejs support
Minor Changes
daceb6d87
: restore legacy support
Patch Changes
- Updated dependencies [
daceb6d87
] - Updated dependencies [
e7ebccb61
]- @verdaccio/config@7.0.0-next.3
- @verdaccio/core@7.0.0-next.3
12.0.0-next.2
Patch Changes
- @verdaccio/core@7.0.0-next.2
- @verdaccio/config@7.0.0-next.2
12.0.0-next.1
Patch Changes
- @verdaccio/core@7.0.0-next.1
- @verdaccio/config@7.0.0-next.1
12.0.0-next.0
Major Changes
- feat!: bump to v7
Patch Changes
- Updated dependencies
- @verdaccio/config@7.0.0-next.0
- @verdaccio/core@7.0.0-next.0
11.0.0
Major Changes
-
292c0a37f
: feat!: replace deprecated request dependency by gotThis is a big refactoring of the core, fetching dependencies, improve code, more tests and better stability. This is essential for the next release, will take some time but would allow modularize more the core.
Notes
- Remove deprecated
request
by othergot
, retry improved, custom Agent ( got does not include it built-in) - Remove
async
dependency from storage (used by core) it was linked with proxy somehow safe to remove now - Refactor with promises instead callback wherever is possible
Document the API- Improve testing, integration tests
- Bugfix
- Clean up old validations
- Improve performance
💥 Breaking changes
- Plugin API methods were callbacks based are returning promises, this will break current storage plugins, check documentation for upgrade.
- Write Tarball, Read Tarball methods parameters change, a new set of options like
AbortController
signals are being provided to theaddAbortSignal
can be internally used with Streams when a request is aborted. eg:addAbortSignal(signal, fs.createReadStream(pathName));
@verdaccio/streams
stream abort support is legacy is being deprecated removed- Remove AWS and Google Cloud packages for future refactoring #2574.
- Remove deprecated
-
a3a209b5e
: feat: migrate to pino.js 8 -
459b6fa72
: refactor: search v1 endpoint and local-database- refactor search
api v1
endpoint, improve performance - remove usage of
async
dependency https://github.com/verdaccio/verdaccio/issues/1225 - refactor method storage class
- create new module
core
to reduce the ammount of modules with utilities - use
undici
insteadnode-fetch
- use
fastify
insteadexpress
for functional test
Breaking changes
- plugin storage API changes
- remove old search endpoint (return 404)
- filter local private packages at plugin level
The storage api changes for methods
get
,add
,remove
as promise base. Thesearch
methods also changes and recieves aquery
object that contains all query params from the client.export interface IPluginStorage<T> extends IPlugin { add(name: string): Promise<void>; remove(name: string): Promise<void>; get(): Promise<any>; init(): Promise<void>; getSecret(): Promise<string>; setSecret(secret: string): Promise<any>; getPackageStorage(packageInfo: string): IPackageStorage; search(query: searchUtils.SearchQuery): Promise<searchUtils.SearchItem[]>; saveToken(token: Token): Promise<any>; deleteToken(user: string, tokenKey: string): Promise<any>; readTokens(filter: TokenFilter): Promise<Token[]>; }
- refactor search
-
9fc2e7961
: feat(plugins): improve plugin loaderChanges
- Add scope plugin support to 6.x https://github.com/verdaccio/verdaccio/pull/3227
- Avoid config collisions https://github.com/verdaccio/verdaccio/issues/928
- https://github.com/verdaccio/verdaccio/issues/1394
config.plugins
plugin path validations- Updated algorithm for plugin loader.
- improved documentation (included dev)
Features
- Add scope plugin support to 6.x https://github.com/verdaccio/verdaccio/pull/3227
- Custom prefix:
// config.yaml server: pluginPrefix: mycompany middleware: audit: foo: 1
This configuration will look up for
mycompany-audit
insteadVerdaccio-audit
.Breaking Changes
sinopia plugins
sinopia
fallback support is removed, but can be restored usingpluginPrefix
plugin filter
- method rename
filter_metadata
->filterMetadata
Plugin constructor does not merge configs anymore https://github.com/verdaccio/verdaccio/issues/928
The plugin receives as first argument
config
, which represents the config of the plugin. Example:// config.yaml auth: plugin: foo: 1 bar: 2 export class Plugin<T> { public constructor(config: T, options: PluginOptions) { console.log(config); // {foo:1, bar: 2} } }
-
794af76c5
: Remove Node 12 support- We need move to the new
undici
and does not support Node.js 12
- We need move to the new
-
10aeb4f13
: feat!: experiments config renamed to flags- The
experiments
configuration is renamed toflags
. The functionality is exactly the same.
flags: token: false; search: false;
- The
self_path
property from the config file is being removed in favor ofconfig_file
full path. - Refactor
config
module, better types and utilities
- The
-
061bfcc8d
: feat: standalone registry with no dependenciesUsage
To install a server with no dependencies
npm install -g @verdaccio/standalone
with no internet required
npm install -g ./tarball.tar.gz
Bundles htpasswd and audit plugins.
Breaking Change
It does not allow anymore the
auth
andmiddleware
property at config file empty, it will fallback to those plugins by default.
Minor Changes
-
24b9be020
: refactor: improve docker image build with strict dependencies and prod build -
631abe1ac
: feat: refactor logger -
b61f762d6
: feat: add server rate limit protection to all requestTo modify custom values, use the server settings property.
server: ## https://www.npmjs.com/package/express-rate-limit#configuration-options rateLimit: windowMs: 1000 max: 10000
The values are intended to be high, if you want to improve security of your server consider using different values.
-
45c03819e
: refactor: render html middleware
Patch Changes
351aeeaa8
: fix(deps): @verdaccio/utils should be a prod dep of local-storagea610ef26b
: chore: add release step to private regisry on merge changeset prf96b147ea
: fix: several issues which caused the audit to fail (#2335)- Updated dependencies [
292c0a37f
] - Updated dependencies [
974cd8c19
] - Updated dependencies [
ef88da3b4
] - Updated dependencies [
43f32687c
] - Updated dependencies [
679c19c1b
] - Updated dependencies [
a3a209b5e
] - Updated dependencies [
459b6fa72
] - Updated dependencies [
9fc2e7961
] - Updated dependencies [
24b9be020
] - Updated dependencies [
794af76c5
] - Updated dependencies [
351aeeaa8
] - Updated dependencies [
10aeb4f13
] - Updated dependencies [
9718e0330
] - Updated dependencies [
1b217fd34
] - Updated dependencies [
e367c3f1e
] - Updated dependencies [
a1da11308
] - Updated dependencies [
d167f92e1
] - Updated dependencies [
00d1d2a17
] - Updated dependencies [
1810ed0d8
] - Updated dependencies [
a610ef26b
] - Updated dependencies [
ddb6a2239
] - Updated dependencies [
b61f762d6
] - Updated dependencies [
d43894e8f
] - Updated dependencies [
154b2ecd3
] - Updated dependencies [
aa763baec
] - Updated dependencies [
378e907d5
] - Updated dependencies [
16e38df8a
] - Updated dependencies [
34f0f1101
] - Updated dependencies [
82cb0f2bf
] - Updated dependencies [
dc571aabd
] - Updated dependencies [
f859d2b1a
] - Updated dependencies [
6c1eb021b
] - Updated dependencies [
62c24b632
] - Updated dependencies [
0a6412ca9
] - Updated dependencies [
d08fe29d9
] - Updated dependencies [
5167bb528
] - Updated dependencies [
c9d1af0e5
] - Updated dependencies [
4b29d715b
] - Updated dependencies [
68ea21214
] - Updated dependencies [
8f43bf17d
] - Updated dependencies [
45c03819e
] - Updated dependencies [
b849128de
]- @verdaccio/config@6.0.0
- @verdaccio/core@6.0.0
11.0.0-6-next.39
Patch Changes
- @verdaccio/core@6.0.0-6-next.76
- @verdaccio/config@6.0.0-6-next.76
11.0.0-6-next.38
Patch Changes
- Updated dependencies [
0a6412ca9
]- @verdaccio/core@6.0.0-6-next.75
- @verdaccio/config@6.0.0-6-next.75
11.0.0-6-next.37
Patch Changes
- @verdaccio/core@6.0.0-6-next.74
- @verdaccio/config@6.0.0-6-next.74
11.0.0-6-next.36
Patch Changes
- Updated dependencies [
f859d2b1a
]- @verdaccio/core@6.0.0-6-next.73
- @verdaccio/config@6.0.0-6-next.73
11.0.0-6-next.35
Patch Changes
- @verdaccio/core@6.0.0-6-next.72
- @verdaccio/config@6.0.0-6-next.72
11.0.0-6-next.34
Patch Changes
- Updated dependencies [
679c19c1b
]- @verdaccio/config@6.0.0-6-next.71
- @verdaccio/core@6.0.0-6-next.71
11.0.0-6-next.33
Patch Changes
- @verdaccio/core@6.0.0-6-next.70
- @verdaccio/config@6.0.0-6-next.70
11.0.0-6-next.32
Patch Changes
- Updated dependencies [
c9d1af0e
]- @verdaccio/core@6.0.0-6-next.69
- @verdaccio/config@6.0.0-6-next.69
11.0.0-6-next.31
Patch Changes
- @verdaccio/core@6.0.0-6-next.68
- @verdaccio/config@6.0.0-6-next.68
11.0.0-6-next.30
Patch Changes
- Updated dependencies [
16e38df8
]- @verdaccio/config@6.0.0-6-next.67
- @verdaccio/core@6.0.0-6-next.67
11.0.0-6-next.29
Patch Changes
- @verdaccio/core@6.0.0-6-next.66
- @verdaccio/config@6.0.0-6-next.66
11.0.0-6-next.28
Patch Changes
- Updated dependencies [
a1da1130
]- @verdaccio/core@6.0.0-6-next.65
- @verdaccio/config@6.0.0-6-next.65
11.0.0-6-next.27
Patch Changes
- Updated dependencies [
974cd8c1
]- @verdaccio/core@6.0.0-6-next.64
- @verdaccio/config@6.0.0-6-next.64
11.0.0-6-next.26
Patch Changes
- Updated dependencies [
ddb6a223
] - Updated dependencies [
dc571aab
]- @verdaccio/config@6.0.0-6-next.63
- @verdaccio/core@6.0.0-6-next.63
11.0.0-6-next.25
Patch Changes
- Updated dependencies [
378e907d
]- @verdaccio/core@6.0.0-6-next.62
- @verdaccio/config@6.0.0-6-next.62
11.0.0-6-next.24
Patch Changes
- Updated dependencies [
d167f92e
]- @verdaccio/config@6.0.0-6-next.61
- @verdaccio/core@6.0.0-6-next.61
11.0.0-6-next.23
Minor Changes
45c03819
: refactor: render html middleware
Patch Changes
- Updated dependencies [
45c03819
]- @verdaccio/config@6.0.0-6-next.60
- @verdaccio/core@6.0.0-6-next.60
11.0.0-6-next.22
Patch Changes
- Updated dependencies [
65f88b82
]- @verdaccio/logger@6.0.0-6-next.27
- @verdaccio/core@6.0.0-6-next.59
- @verdaccio/config@6.0.0-6-next.59
11.0.0-6-next.21
Patch Changes
- @verdaccio/core@6.0.0-6-next.58
- @verdaccio/config@6.0.0-6-next.58
- @verdaccio/logger@6.0.0-6-next.26
11.0.0-6-next.20
Patch Changes
- @verdaccio/core@6.0.0-6-next.57
- @verdaccio/config@6.0.0-6-next.57
- @verdaccio/logger@6.0.0-6-next.25
11.0.0-6-next.19
Patch Changes
- @verdaccio/config@6.0.0-6-next.56
- @verdaccio/core@6.0.0-6-next.56
- @verdaccio/logger@6.0.0-6-next.24
11.0.0-6-next.18
Patch Changes
- Updated dependencies [
9718e033
]- @verdaccio/config@6.0.0-6-next.55
- @verdaccio/core@6.0.0-6-next.55
- @verdaccio/logger@6.0.0-6-next.23
11.0.0-6-next.17
Patch Changes
- Updated dependencies [
ef88da3b
]- @verdaccio/config@6.0.0-6-next.54
- @verdaccio/core@6.0.0-6-next.54
- @verdaccio/logger@6.0.0-6-next.22
11.0.0-6-next.16
Patch Changes
- @verdaccio/core@6.0.0-6-next.53
- @verdaccio/logger@6.0.0-6-next.21
- @verdaccio/config@6.0.0-6-next.53
11.0.0-6-next.15
Patch Changes
- @verdaccio/core@6.0.0-6-next.52
- @verdaccio/config@6.0.0-6-next.52
- @verdaccio/logger@6.0.0-6-next.20
11.0.0-6-next.14
Patch Changes
- Updated dependencies [
4b29d715
]- @verdaccio/config@6.0.0-6-next.51
- @verdaccio/core@6.0.0-6-next.51
- @verdaccio/logger@6.0.0-6-next.19
11.0.0-6-next.13
Patch Changes
- @verdaccio/core@6.0.0-6-next.50
- @verdaccio/config@6.0.0-6-next.50
- @verdaccio/logger@6.0.0-6-next.18
11.0.0-6-next.12
Patch Changes
- @verdaccio/core@6.0.0-6-next.49
- @verdaccio/config@6.0.0-6-next.49
- @verdaccio/logger@6.0.0-6-next.17
11.0.0-6-next.11
Major Changes
-
9fc2e796
: feat(plugins): improve plugin loaderChanges
- Add scope plugin support to 6.x https://github.com/verdaccio/verdaccio/pull/3227
- Avoid config collisions https://github.com/verdaccio/verdaccio/issues/928
- https://github.com/verdaccio/verdaccio/issues/1394
config.plugins
plugin path validations- Updated algorithm for plugin loader.
- improved documentation (included dev)
Features
- Add scope plugin support to 6.x https://github.com/verdaccio/verdaccio/pull/3227
- Custom prefix:
// config.yaml server: pluginPrefix: mycompany middleware: audit: foo: 1
This configuration will look up for
mycompany-audit
insteadVerdaccio-audit
.Breaking Changes
sinopia plugins
sinopia
fallback support is removed, but can be restored usingpluginPrefix
plugin filter
- method rename
filter_metadata
->filterMetadata
Plugin constructor does not merge configs anymore https://github.com/verdaccio/verdaccio/issues/928
The plugin receives as first argument
config
, which represents the config of the plugin. Example:// config.yaml auth: plugin: foo: 1 bar: 2 export class Plugin<T> { public constructor(config: T, options: PluginOptions) { console.log(config); // {foo:1, bar: 2} } }
11.0.0-6-next.10
Patch Changes
351aeeaa
: fix(deps): @verdaccio/utils should be a prod dep of local-storage
11.0.0-6-next.9
Major Changes
-
292c0a37
: feat!: replace deprecated request dependency by gotThis is a big refactoring of the core, fetching dependencies, improve code, more tests and better stability. This is essential for the next release, will take some time but would allow modularize more the core.
Notes
- Remove deprecated
request
by othergot
, retry improved, custom Agent ( got does not include it built-in) - Remove
async
dependency from storage (used by core) it was linked with proxy somehow safe to remove now - Refactor with promises instead callback wherever is possible
Document the API- Improve testing, integration tests
- Bugfix
- Clean up old validations
- Improve performance
💥 Breaking changes
- Plugin API methods were callbacks based are returning promises, this will break current storage plugins, check documentation for upgrade.
- Write Tarball, Read Tarball methods parameters change, a new set of options like
AbortController
signals are being provided to theaddAbortSignal
can be internally used with Streams when a request is aborted. eg:addAbortSignal(signal, fs.createReadStream(pathName));
@verdaccio/streams
stream abort support is legacy is being deprecated removed- Remove AWS and Google Cloud packages for future refactoring #2574.
- Remove deprecated
-
a3a209b5
: feat: migrate to pino.js 8
11.0.0-6-next.8
Minor Changes
24b9be02
: refactor: improve docker image build with strict dependencies and prod build
11.0.0-6-next.7
Major Changes
-
794af76c
: Remove Node 12 support- We need move to the new
undici
and does not support Node.js 12
- We need move to the new
11.0.0-6-next.6
Major Changes
-
459b6fa7
: refactor: search v1 endpoint and local-database- refactor search
api v1
endpoint, improve performance - remove usage of
async
dependency https://github.com/verdaccio/verdaccio/issues/1225 - refactor method storage class
- create new module
core
to reduce the ammount of modules with utilities - use
undici
insteadnode-fetch
- use
fastify
insteadexpress
for functional test
Breaking changes
- plugin storage API changes
- remove old search endpoint (return 404)
- filter local private packages at plugin level
The storage api changes for methods
get
,add
,remove
as promise base. Thesearch
methods also changes and recieves aquery
object that contains all query params from the client.export interface IPluginStorage<T> extends IPlugin { add(name: string): Promise<void>; remove(name: string): Promise<void>; get(): Promise<any>; init(): Promise<void>; getSecret(): Promise<string>; setSecret(secret: string): Promise<any>; getPackageStorage(packageInfo: string): IPackageStorage; search(query: searchUtils.SearchQuery): Promise<searchUtils.SearchItem[]>; saveToken(token: Token): Promise<any>; deleteToken(user: string, tokenKey: string): Promise<any>; readTokens(filter: TokenFilter): Promise<Token[]>; }
- refactor search
11.0.0-6-next.5
Patch Changes
f96b147e
: fix: several issues which caused the audit to fail (#2335)
10.0.0-alpha.4
Major Changes
-
f8a50baa
: feat: standalone registry with no dependenciesUsage
To install a server with no dependencies
npm install -g @verdaccio/standalone
with no internet required
npm install -g ./tarball.tar.gz
Bundles htpasswd and audit plugins.
Breaking Change
It does not allow anymore the
auth
andmiddleware
property at config file empty, it will fallback to those plugins by default.
10.0.0-alpha.3
Patch Changes
fecbb9be
: chore: add release step to private regisry on merge changeset pr
10.0.0-alpha.2
Minor Changes
-
54c58d1e
: feat: add server rate limit protection to all requestTo modify custom values, use the server settings property.
server: ## https://www.npmjs.com/package/express-rate-limit#configuration-options rateLimit: windowMs: 1000 max: 10000
The values are intended to be high, if you want to improve security of your server consider using different values.
10.0.0-alpha.1
Major Changes
-
d87fa026
: feat!: experiments config renamed to flags- The
experiments
configuration is renamed toflags
. The functionality is exactly the same.
flags: token: false; search: false;
- The
self_path
property from the config file is being removed in favor ofconfig_file
full path. - Refactor
config
module, better types and utilities
- The
All notable changes to this project will be documented in this file. See Conventional Commits for commit guidelines.
9.7.3 (2020-07-30)
Bug Fixes
9.7.2 (2020-07-20)
Note: Version bump only for package verdaccio-audit
9.7.1 (2020-07-10)
Note: Version bump only for package verdaccio-audit
9.7.0 (2020-06-24)
Note: Version bump only for package verdaccio-audit
9.6.1 (2020-06-07)
Note: Version bump only for package verdaccio-audit
9.5.0 (2020-05-02)
Note: Version bump only for package verdaccio-audit
9.4.0 (2020-03-21)
Note: Version bump only for package verdaccio-audit
9.3.2 (2020-03-08)
Note: Version bump only for package verdaccio-audit
9.3.1 (2020-02-23)
Note: Version bump only for package verdaccio-audit
9.3.0 (2020-01-29)
Note: Version bump only for package verdaccio-audit
9.0.0 (2020-01-07)
Note: Version bump only for package verdaccio-audit
8.5.2 (2019-12-25)
Note: Version bump only for package verdaccio-audit
8.5.1 (2019-12-24)
Note: Version bump only for package verdaccio-audit
8.5.0 (2019-12-22)
Note: Version bump only for package verdaccio-audit
8.4.2 (2019-11-23)
Note: Version bump only for package verdaccio-audit
8.4.1 (2019-11-22)
Note: Version bump only for package verdaccio-audit
8.4.0 (2019-11-22)
Note: Version bump only for package verdaccio-audit
8.3.0 (2019-10-27)
Note: Version bump only for package verdaccio-audit
8.2.0 (2019-10-23)
Note: Version bump only for package verdaccio-audit
8.2.0-next.0 (2019-10-08)
Bug Fixes
- fixed lint errors (c80e915)
8.1.4 (2019-09-30)
Note: Version bump only for package verdaccio-audit
8.1.3 (2019-09-30)
Note: Version bump only for package verdaccio-audit
8.1.2 (2019-09-29)
Note: Version bump only for package verdaccio-audit
8.1.1 (2019-09-26)
Note: Version bump only for package verdaccio-audit
8.1.0 (2019-09-07)
Note: Version bump only for package verdaccio-audit
8.0.1-next.1 (2019-08-29)
Note: Version bump only for package verdaccio-audit
8.0.1-next.0 (2019-08-29)
Note: Version bump only for package verdaccio-audit
8.0.0 (2019-08-22)
Note: Version bump only for package verdaccio-audit
8.0.0-next.4 (2019-08-18)
Note: Version bump only for package verdaccio-audit
8.0.0-next.2 (2019-08-03)
Note: Version bump only for package verdaccio-audit
8.0.0-next.1 (2019-08-01)
Note: Version bump only for package verdaccio-audit
8.0.0-next.0 (2019-08-01)
Bug Fixes
Features
- add audit quick endpoint (5ab2ece)
- migrate to typescript (caffcd5)
- proxy npm audit endpoint (b11151d)
Changelog
All notable changes to this project will be documented in this file. See standard-version for commit guidelines.
1.2.1 (2019-07-29)
Bug Fixes
- audit module doesn't support strict_ssl flag (f7d3f86)
Build System
- update dependencies (ddaa990)
1.2.0 (2019-04-06)
Bug Fixes
Features
- migrate to typescript (bec6824)
1.1.0 (2019-01-09)
Features
1.0.1 (2019-01-09)
Bug Fixes
- package.json to reduce vulnerabilities (bdf35df)
1.0.0 (2018-10-18)
Features
- handle 'application/json, application/octet-stream' content types (cf38a38)
0.2.0 (2018-06-15)
Features
- support audit via HTTPS proxy (5328bc3)