タグ「The npm Blog」 - はてブログ

タグ The npm Blog

新着順人気順 5 users 10 users 50 users 100 users 500 users 1000 users

(1 - 16 / 16件)

The npm Blog — Release v7.1.0

2020/12/05 9 users

Happy Friday! ? This week’s release brings two new features, starting with a brand new command: npm set-script that helps you manage your package.json scripts - thanks to the community contribution from @Yash-Singh1 ? Also npm exec (no args) now triggers an interactive subshell that enables you... 続きを読む

The npm Blog — Next Phase Montage

2020/03/16 47 users

tl;dr – Good news! npm, Inc., is being purchased by GitHub. The public registry remains public, free, and as available as ever. npm as you know it continues, and in fact, there is good reason to believe that it’ll only get better. I’m still going to be working on npm (but with the luxury of more ... 続きを読む

2020-02-05のJS: npm unpublish policy、yarn v2(berry) RCリリース - JSer.info

2020/02/05 5 users npm Berry Policy JSer.info ルール

JSer.info #473 - npmにはパッケージを公開した人がパッケージを取り下げるルールを決めたnpm Unpublish Policyがあります。今回、このnpm Unpublish Policyのルールが更新されています。 The npm Blog — Changes to npm Unpublish Policy - January 2020 元々このUnpublish Policyはleft-padがunpublishされた件で、使... 続きを読む

npmとyarnの脆弱性とpostinstall - Cybozu Inside Out | サイボウズエンジニアのブログ

2019/12/22 33 users YARN npm サイボウズエンジニア npm cli 小林

フロントエンドエキスパートチームの小林(@koba04)です。先日、npmから脆弱性についての発表がありました。調べていく中でいくつか思うところがあったので解説も兼ねて書いていきたいと思います。 The npm Blog — Binary Planting with the npm CLI npmの利用者としてやるべきことは、 npmのバージョンを6.13.4以上に... 続きを読む

The npm Blog — A new chapter for npm

2019/07/18 15 users

Not to bury the lede: I have resigned from npm. I made the decision to leave in early May, and my final full-time day was July 1st, but as a co-founder it takes a long time to untangle yourself so I will be helping with transition-related tasks until they are wrapped up. I joined npm in January o... 続きを読む

The npm Blog — Continuous Security

2019/02/02 22 users

It’s been almost a year since npm acquired ^Lift Security and even less since the official formation of the internal npm Security Team. In addition to working on securing the Registry and its users, I’ve been setting aside time to think through how we look at security at npm. I wanted share some ... 続きを読む

The npm Blog — v6.2.0

2018/07/14 9 users

In case you missed it, we moved!. We look forward to seeing future PRs landing in npm/cli in the future, and we’ll be chatting with you all in npm.community. Go check it out! This final release of npm@6.2.0 includes a couple of features that weren’t quite ready on time but that we’d still like to... 続きを読む

The npm Blog — Two-factor authentication protection for packages

2018/07/13 16 users

I’m happy to announce that you can now beta-test two-factor authentication protection for individual packages in the npm Registry. This setting requires that every publication of a protected package be authorized by a one-time password. This requirement is enforced even if maintainers of that pac... 続きを読む

The npm Blog — Beyond npm@6: The future of the npm cli

2018/04/24 7 users npm cli

This week npm@6 is going to be promoted to latest and so now is an excellent time to look forward. If you dig into it you’ll find that it doesn’t have much in the way of breaking changes. Later this y... 続きを読む

npm ciを使おうあるいはより速く - Qiita

2018/03/12 45 users Qiita サブコマンド npm ci npm POST

人類はより高速にCIを回していくべきだと思っているりんご（ @mstssk ）です。先日、 npm の v5.7 がリリースされ npm ci というサブコマンドが新たに追加されました。 The npm Blog — Introducing npm ci for faster, more reliable... http://blog.npmjs.org/post/171556855892/i... 続きを読む

The npm Blog — npm operational incident, 6 Jan 2018

2018/01/07 23 users

The npm registry had an operations incident Saturday that caused 97 packages to be temporarily unavailable for download for approximately 30 minutes, and an additional 9 packages to be unavailable for... 続きを読む

The npm Blog — `crossenv` malware on the npm registry

2017/08/03 29 users npm Registry

On August 1, a user notified us via Twitter that a package with a name very similar to the popular cross-env package was sending environment variables from its installation context out to npm.hacktask... 続きを読む

The npm Blog — v5.0.0

2017/05/26 39 users v5.0.0

Wowowowowow npm@5! This release marks months of hard work for the young, scrappy, and hungry CLI team, and includes some changes we’ve been hoping to do for literally years. npm@5 takes npm a pretty b... 続きを読む

The npm Blog — announcing free Orgs

2017/03/23 30 users

Today, we’re excited to announce that npm Orgs, our collaboration tool for helping teams manage permissions and share their code, is free for all developers of open source packages. You may invite an ... 続きを読む

npm install scriptの脆弱性とオープンソースと信頼 - teppeis blog

2016/03/27 186 users teppeis blog 脆弱性オープンソース信頼周辺

2016 - 03 - 27 npm install scriptの脆弱性とオープンソースと信頼 node.js npm security oss 先日アナウンスされた脆弱性とその周辺について、とりとめなく。 The npm Blog — Package install scripts vulnerability Vulnerability Note VU#319816 脆弱性の概要 VU#... 続きを読む

The npm Blog — npm and front-end packaging

2014/11/04 35 users

We’ve known for a while that front-end asset and dependency management is a huge use-case for npm and a big driver of Node.js adoption in general. But how big, exactly? It’s a hard question to answer.... 続きを読む

(1 - 16 / 16件)