corepack

Commit Graph

Author	SHA1	Message	Date
Antoine du Hamel	9317593dda	chore(tests): await promise in `config.test.js` (#639 )	2025-02-07 14:35:44 +00:00
Kristoffer K.	85e556a1a9	test: migrate to vitest (#349 )	2024-07-16 23:31:15 +02:00
Antoine du Hamel	e561dd00bb	feat: verify integrity signature when downloading from npm registry (#432 ) When the user has not provided any hash (so when running `corepack up`/`corepack use …`), and the package manager is downloaded from the npm registry, we can verify the signature. BREAKING CHANGE: attempting to download a version from the npm registry (or a mirror) that was published using the now deprecated PGP signature without providing a hash will trigger an error. Users can disable the signature verification using a environment variable.	2024-04-12 22:49:11 +00:00

Author

SHA1

Message

Date

Antoine du Hamel

9317593dda

chore(tests): await promise in `config.test.js` (#639 )

2025-02-07 14:35:44 +00:00

Kristoffer K.

85e556a1a9

test: migrate to vitest (#349 )

2024-07-16 23:31:15 +02:00

Antoine du Hamel

e561dd00bb

feat: verify integrity signature when downloading from npm registry (#432 )

When the user has not provided any hash (so when running `corepack up`/`corepack use …`), and the package manager is downloaded from the npm registry, we can verify the signature.

BREAKING CHANGE: attempting to download a version from the npm registry (or a mirror) that was published using the now deprecated PGP signature without providing a hash will trigger an error. Users can disable the signature verification using a environment variable.

2024-04-12 22:49:11 +00:00

3 Commits