drop npm v1.x.x support #2622
Labels
area: security
involving vulnerabilities
semver-major
implementation requires increase of "major" version number; "breaking changes"
type: chore
generally involving deps, tooling, configuration, etc.
Comments
boneskull
added
the
type: chore
|
See #2621 |
|
It looks like the latest Node.js v0.10 installs npm v2.x.x by default. I think we're OK to drop npm 1.x support. Probably still necessitates a major release. |
boneskull
added
area: security
|
this will arrive as part of #3016. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently we support npm v1.4.0 and greater. This will allow us to upgrade production dependencies (or dependencies thereof) which use carets in semver ranges. It should also allow scoped packages.
I'm not sure exactly in what version of npm v2.x.x scoped packages were introduced. I've asked @seldo if any data is available for npm v1.x.x usage.
The text was updated successfully, but these errors were encountered: