Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: don't suggest npm update outside of valid engine range #8050

Merged
merged 5 commits into from
Feb 19, 2025
Merged

fix: don't suggest npm update outside of valid engine range #8050

merged 5 commits into from
Feb 19, 2025

Conversation

milaninfy
Copy link
Contributor

@milaninfy milaninfy commented Jan 21, 2025
edited
Loading

When doing manifest call for fetching npm manifest it was using latest every-time, however fetchingnpm@* will still give latest if it's satisfies the engine range otherwise it will give highest matching version for the current engine range.
Pacote.manifest calls internally uses pick-manifest logic to pick the appropriate version of the manifest for the engine range.

@milaninfy milaninfy marked this pull request as ready for review January 22, 2025 04:27
@milaninfy milaninfy requested a review from a team as a code owner January 22, 2025 04:27
@wraithgar
Copy link
Member

We'll want a new test for the behavior this is guarding against.

@milaninfy milaninfy marked this pull request as draft January 22, 2025 19:22
@milaninfy
Copy link
Contributor Author

while thinking on how to write a test for this one, logically the problem this pr solves it to get correct engine matched version, we only request for manifest from pacote with appropriate spec. earlier we were requesting npm@latest which gave us latest no matter what the node version is, but now we are fetching manifest with npm@* which gives us default tag ( latest ) if nothing matched otherwise highest appropriate version with engine consideration ( This logic is from npm-pick-manifest )
Do we need an end to end test here to show that it's marching based on engine ?

@wraithgar
Copy link
Member

Do we need an end to end test here to show that it's matching based on engine ?

Yes, this is behavior we don't want to accidentally regress from. The update notifier tests will likely need a bit of tweaking to get there

@milaninfy milaninfy force-pushed the mm/fix-update-notification branch from f95e421 to 07fd64f Compare February 3, 2025 22:20
@milaninfy milaninfy marked this pull request as ready for review February 3, 2025 22:51
@milaninfy milaninfy force-pushed the mm/fix-update-notification branch 2 times, most recently from ee70630 to a1f0923 Compare February 5, 2025 21:07
@milaninfy milaninfy force-pushed the mm/fix-update-notification branch from c4d1ace to 8936f66 Compare February 18, 2025 20:03
@milaninfy milaninfy force-pushed the mm/fix-update-notification branch from 8936f66 to bf1ea3d Compare February 19, 2025 14:32
@wraithgar wraithgar changed the title fix: update notifier to consider engine range fix: don't suggest npm update outside of valid engine range Feb 19, 2025
@wraithgar wraithgar merged commit e345cc5 into npm:latest Feb 19, 2025
21 checks passed
@github-actions github-actions bot mentioned this pull request Feb 19, 2025
Merged
@milaninfy milaninfy mentioned this pull request Feb 19, 2025
Closed
2 tasks
@npm-cli-bot npm-cli-bot mentioned this pull request Mar 5, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wraithgar wraithgar wraithgar approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@milaninfy @wraithgar