2.6.3 - released 2023-09-15
View the release on GitHub
Changelog
- Added audit.abandoned config setting. Can be set to
ignore
, report
(current default) or fail
(future default in 2.7) to make the audit command report abandoned packages as a security problem (#11639)
- Added a warning when duplicates
files
autoload rules are detected (#11109)
- Fixed unhandled promise rejection regression (#11620)
- Fixed loading of root aliases on path repo packages when doing partial updates (#11632)
- Fixed
archive
command not producing the correct output if the temp dir is a symlink (#11636)
- Fixed some replaced packages being incorrectly missing when unlocked in a partial update (#11629)