Skip to content

v0.27.0
Compare
Choose a tag to compare
@github-actions github-actions released this 19 Apr 08:24
v0.27.0
df1b773
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

0.27.0 (2024-04-19)

⚠ BREAKING CHANGES

  • attempting to download a version from the npm registry (or a mirror) that was published using the now deprecated PGP signature without providing a hash will trigger an error. Users can disable the signature verification using a environment variable.

Features

  • separate read and write operations on lastKnownGood.json (#446) (c449adc)
  • update package manager versions (#425) (1423190)
  • update package manager versions (#462) (56816c2)
  • verify integrity signature when downloading from npm registry (#432) (e561dd0)

Bug Fixes

  • add path to package.json in error message (#456) (32a93ea)
  • correctly set Dispatcher prototype for ProxyAgent (#451) (73d9a1e)
  • download fewer metadata from npm registry (#436) (082fabf)
  • hash check when downloading Yarn Berry from npm (#439) (4672162)
  • Incorrect authorization prefix for basic auth, and undocumented env var (#454) (2d63536)
  • re-add support for custom registries with auth (#397) (d267753)
Assets 3
Loading