v4.4.0

v4.4.0 (2017-02-23):

Aaaah, @iarna here, it's been a little while since I did one of these! This is a nice little release, we've got an update notifier, vastly less verbose error messages, new warnings on package metadata that will probably give you a bad day, and a sprinkling of bug fixes.

UPDATE NOTIFICATIONS

We now have a little nudge to update your npm, courtesy of update-notifier.

• 148ee66 #15774 npm will now check at start up to see if a newer version is available. It will check once a day. If you want to disable this, set optOut to true in ~/.config/configstore/update-notifier-npm.json. (@ceejbot)

LESS VERBOSE ERROR MESSAGES

npm has, for a long time, had very verbose error messages. There was a lot of info in there, including the cause of the error you were seeing but without a lot of experience reading them pulling that out was time consuming and difficult.

With this change the output is cut down substantially, centering the error message. So, for example if you try to npm run sdlkfj then the entire error you'll get will be:

npm ERR! missing script: sldkfj

npm ERR! A complete log of this run can be found in:
npm ERR!     /Users/rebecca/.npm/_logs/2017-02-24T00_41_36_988Z-debug.log

The CLI team has discussed cutting this down even further and stripping the npm ERR! prefix off those lines too. We'd appreciate your feedback on this!

• e544124 #15716 Make error output less verbose. (@iarna)
• 166bda9 #15716 Stop encouraging users to visit the issue tracker unless we know for certain that it's an npm bug. (@iarna)

OTHER NEW FEATURES

• 53412eb #15772 We now warn if you have a module listed in both dependencies and devDependencies. (@TedYav)
• 426b180 #15757 Default reporting metrics to default registry. Previously it defaulted to using https://registry.npmjs.org, now it will default to the result of npm config get registry. For most folks this won't actually change anything, but it means that folks who use a private registry will have metrics routed there by default. This has the potential to be interesting because it means that in the future private registry products (npme!) will be able to report on these metrics. (@iarna)

BUG FIXES

• 8ea0de9 #15716 Write logs for cb() never called errors.
• c4e83dc Make it so that errors while reading the existing node_modules tree can't result in installer crashes. (@iarna)
• 2690dc2 Update npm doctor to not treat broken symlinks in your global modules as a permission failure. This is particularly important if you link modules and your text editor uses the convention of creating symlinks from .#filename.js to a machine name and pid to lock files (eg emacs and compatible things). (@iarna)
• f4c3f48 #15777 Not exactly a bug, but change a parameterless .apply to .call. (@notarseniy)

DEPENDENCY UPDATES

• 549dcff rimraf@2.6.0: Retry EBUSY, ENOTEMPTY and EPERM on non-Windows platforms too. More reliable rimraf.sync on Windows. (@isaacs)
• 052dfb6 validate-npm-package-name@3.0.0: Remove ableist language in README. Stop allowing ~'!()* in package names. (@tomdale) (@chrisdickinson)
• 6663ea6 abbrev@1.1.0 (@isaacs)
• be6de9a opener@1.4.3 (@dominic)
• 900a5e3 readable-stream@2.2.3 (@RangerMauve) (@mcollina)
• c972a8b tacks@1.2.6 (@iarna)
• 85a36ef 7ac9265 tap@10.2.0 (@isaacs)