Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
corepack - npm Package Compare versions
Comparing version 0.26.0 to 0.27.0
| # Changelog | ||
| ## [0.27.0](https://github.com/nodejs/corepack/compare/v0.26.0...v0.27.0) (2024-04-19) | ||
| ### ⚠ BREAKING CHANGES | ||
| * attempting to download a version from the npm registry (or a mirror) that was published using the now deprecated PGP signature without providing a hash will trigger an error. Users can disable the signature verification using a environment variable. | ||
| ### Features | ||
| * separate read and write operations on lastKnownGood.json ([#446](https://github.com/nodejs/corepack/issues/446)) ([c449adc](https://github.com/nodejs/corepack/commit/c449adc81822a604ee8f00ae2b53fc411535f96d)) | ||
| * update package manager versions ([#425](https://github.com/nodejs/corepack/issues/425)) ([1423190](https://github.com/nodejs/corepack/commit/142319056424b1e0da2bdbe801c52c5910023707)) | ||
| * update package manager versions ([#462](https://github.com/nodejs/corepack/issues/462)) ([56816c2](https://github.com/nodejs/corepack/commit/56816c2b7ebc9926f07048b0ec4ff6025bb4e293)) | ||
| * verify integrity signature when downloading from npm registry ([#432](https://github.com/nodejs/corepack/issues/432)) ([e561dd0](https://github.com/nodejs/corepack/commit/e561dd00bbacc5bc15a492fc36574fa0e37bff7b)) | ||
| ### Bug Fixes | ||
| * add path to `package.json` in error message ([#456](https://github.com/nodejs/corepack/issues/456)) ([32a93ea](https://github.com/nodejs/corepack/commit/32a93ea4f51eb7db7dc95a16c5719695edf4b53e)) | ||
| * correctly set `Dispatcher` prototype for `ProxyAgent` ([#451](https://github.com/nodejs/corepack/issues/451)) ([73d9a1e](https://github.com/nodejs/corepack/commit/73d9a1e2d2f84906bf01952f1dca8adab576b7bf)) | ||
| * download fewer metadata from npm registry ([#436](https://github.com/nodejs/corepack/issues/436)) ([082fabf](https://github.com/nodejs/corepack/commit/082fabf8b15658e69e4fb62bb854fe9aace78b70)) | ||
| * hash check when downloading Yarn Berry from npm ([#439](https://github.com/nodejs/corepack/issues/439)) ([4672162](https://github.com/nodejs/corepack/commit/467216281e1719a739d0eeea370b335adfb37b8d)) | ||
| * Incorrect authorization prefix for basic auth, and undocumented env var ([#454](https://github.com/nodejs/corepack/issues/454)) ([2d63536](https://github.com/nodejs/corepack/commit/2d63536413971d43f570deb035845aa0bd5202f0)) | ||
| * re-add support for custom registries with auth ([#397](https://github.com/nodejs/corepack/issues/397)) ([d267753](https://github.com/nodejs/corepack/commit/d2677538cdb613fcab6d2a45bb07f349bdc65c2b)) | ||
| ## [0.26.0](https://github.com/nodejs/corepack/compare/v0.25.2...v0.26.0) (2024-03-08) | ||
@@ -4,0 +28,0 @@ |
| { | ||
| "name": "corepack", | ||
| "version": "0.26.0", | ||
| "version": "0.27.0", | ||
| "homepage": "https://github.com/nodejs/corepack#readme", | ||
@@ -19,3 +19,3 @@ "bugs": { | ||
| "license": "MIT", | ||
| "packageManager": "yarn@4.1.0+sha224.bc24d7f5afc738464f3d4e95f4e6e7829a35cee54a0fd527ea5baa83", | ||
| "packageManager": "yarn@4.1.1+sha224.00f08619463229f8ba40c4ee90e8c2e4ced1f11c3115c26f3b98432e", | ||
| "devDependencies": { | ||
@@ -49,3 +49,3 @@ "@babel/core": "^7.14.3", | ||
| "supports-color": "^9.0.0", | ||
| "tar": "^6.0.1", | ||
| "tar": "^6.2.1", | ||
| "ts-node": "^10.0.0", | ||
@@ -57,2 +57,5 @@ "typescript": "^5.3.3", | ||
| }, | ||
| "resolutions": { | ||
| "undici-types": "6.x" | ||
| }, | ||
| "scripts": { | ||
@@ -59,0 +62,0 @@ "build": "rm -rf dist shims && run build:bundle && ts-node ./mkshims.ts", |
| # <img src="./icon.svg" height="25" /> corepack | ||
| [](https://slack-invite.openjsf.org/) | ||
| Corepack is a zero-runtime-dependency Node.js script that acts as a bridge | ||
@@ -57,3 +59,3 @@ between Node.js projects and the package managers they are intended to be used | ||
| - **If the local project is configured for the package manager you're using**, | ||
| Corepack will silently download and cache the latest compatible version. | ||
| Corepack will download and cache the latest compatible version. | ||
@@ -298,2 +300,5 @@ - **If the local project is configured for a different package manager**, | ||
| - `COREPACK_INTEGRITY_KEYS` can be set to an empty string to instruct Corepack | ||
| to skip integrity checks, or a JSON string containing custom keys. | ||
| ## Troubleshooting | ||
@@ -300,0 +305,0 @@ |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.03%
1053527
- Number of lines in readme file
- increased by1.59%
320
Worsened metrics
- Lines of code
- decreased by-0.51%
24643
- Number of low supply chain risk alerts
- increased by9.8%
112
No dependency changes