npm - @npmcli/config - Versions diffs - 10.9.0 → 11.0.0-pre.0.0 - Mend

@npmcli/config 10.9.0 → 11.0.0-pre.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/lib/definitions/definitions.js +20 -24
package/package.json +1 -1

package/lib/definitions/definitions.js CHANGED Viewed

@@ -292,7 +292,6 @@ const definitions = {
     default: null,
     hint: '<date>',
     type: [null, Date],
-    exclusive: ['min-release-age'],
     description: `
       If passed to \`npm install\`, will rebuild the npm tree such that only
       versions that were available **on or before** the given date are
@@ -303,6 +302,12 @@ const definitions = {
       pass the \`--before\` filter, the most recent version less than or equal
       to that tag will be used. For example, \`foo@latest\` might install
       \`foo@1.2\` even though \`latest\` is \`2.0\`.
+      If \`before\` and \`min-release-age\` are both set in the same source,
+      \`before\` wins (an explicit absolute date overrides a relative window).
+      Across sources, the standard precedence applies (cli > env > project >
+      user > global), so a higher-priority source can always relax or
+      override a lower-priority one.
     `,
     flatten,
   }),
@@ -818,7 +823,7 @@ const definitions = {
     default: true,
     type: Boolean,
     description: `
-      Format \`package-lock.json\` or \`npm-shrinkwrap.json\` as a human
+      Format \`package-lock.json\` as a human
       readable file.
     `,
     flatten,
@@ -1300,8 +1305,8 @@ const definitions = {
       Version 3 if no lockfile, auto-converting v1 lockfiles to v3; otherwise,
       maintain current lockfile version.`,
     description: `
-      Set the lockfile format version to be used in package-lock.json and
-      npm-shrinkwrap-json files.  Possible options are:
+      Set the lockfile format version to be used in package-lock.json files.
+      Possible options are:
       1: The lockfile version used by npm versions 5 and 6.  Lacks some data that
       is used during the install, resulting in slower and possibly less
@@ -1409,7 +1414,6 @@ const definitions = {
     default: null,
     hint: '<days>',
     type: [null, Number],
-    exclusive: ['before'],
     envExport: false,
     description: `
        If set, npm will build the npm tree such that only versions that were
@@ -1418,12 +1422,18 @@ const definitions = {
        command will error.
        This flag is a complement to \`before\`, which accepts an exact date
-       instead of a relative number of days.
+       instead of a relative number of days. The two may coexist (e.g.
+       \`min-release-age\` in your \`.npmrc\` is preserved when npm internally
+       spawns a sub-process with \`--before\` while preparing a \`git:\` or
+       \`github:\` dependency); when both apply, \`before\` wins within a
+       single source and across sources the standard precedence rules apply.
     `,
     flatten: (key, obj, flatOptions) => {
-      if (obj['min-release-age'] !== null) {
-        flatOptions.before = new Date(Date.now() - (86400000 * obj['min-release-age']))
-        obj.before = flatOptions.before
+      const age = obj['min-release-age']
+      // `hasOwn` so a `before` inherited via ConfigData's prototype chain (lib/index.js) from a lower-priority source doesn't silently win.
+      // The `: null` clear depends on `Config#flat` iterating sources low → high.
+      if (age != null && !Object.hasOwn(obj, 'before')) {
+        flatOptions.before = age ? new Date(Date.now() - (86400000 * age)) : null
       }
     },
   }),
@@ -1494,7 +1504,7 @@ const definitions = {
       Dependency types to omit from the installation tree on disk.
       Note that these dependencies _are_ still resolved and added to the
-      \`package-lock.json\` or \`npm-shrinkwrap.json\` file.  They are just
+      \`package-lock.json\` file.  They are just
       not physically installed on disk.
       If a package type appears in both the \`--include\` and \`--omit\`
@@ -2170,20 +2180,6 @@ const definitions = {
     `,
     flatten,
   }),
-  shrinkwrap: new Definition('shrinkwrap', {
-    default: true,
-    type: Boolean,
-    deprecated: `
-      Use the --package-lock setting instead.
-    `,
-    description: `
-      Alias for --package-lock
-    `,
-    flatten (key, obj, flatOptions) {
-      obj['package-lock'] = obj.shrinkwrap
-      definitions['package-lock'].flatten('package-lock', obj, flatOptions)
-    },
-  }),
   'sign-git-commit': new Definition('sign-git-commit', {
     default: false,
     type: Boolean,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@npmcli/config",
-  "version": "10.9.0",
+  "version": "11.0.0-pre.0.0",
   "files": [
     "bin/",
     "lib/"