Register | Log in

npm

package manager for Node.js

Choose email to subscribe with

general

source: npm (source, web)
version: 1.4.21+ds-2
maintainer: Debian Javascript Maintainers (archive) [DMD]
uploaders: Jonas Smedegaard [DMD] – Jérémy Lal [DMD]
arch: all
std-ver: 3.9.5
VCS: Git (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 1.4.21+ds-2
unstable: 1.4.21+ds-2

versioned links

1.4.21+ds-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

npm

action needed

A new upstream version is available: 5.0.4+ds

high

A new upstream version 5.0.4+ds is available, you should consider packaging it.

Created: 2017-01-17 Last update: 2017-06-29 07:19

1 security issue in sid

high

There is 1 open security issue in sid.

1 important issue:

CVE-2016-3956: The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers.

Please fix it.

Created: 2016-07-05 Last update: 2017-04-22 19:11

lintian reports 1 error and 4 warnings

high

Lintian reports 1 error and 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2015-08-19 Last update: 2016-10-24 06:56

The package has not entered testing even though the delay is over

normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2017-04-22 Last update: 2017-06-29 07:16

1 ignored security issue in jessie

low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2016-3956: The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers.

Please fix it.

Created: 2016-07-05 Last update: 2017-04-22 19:11

testing migrations

excuses:
- Migration status: BLOCKED: Rejected/introduces a regression (please see below)
- 1058 days old (needed 5 days)
- npm has new bugs!
- Updating npm introduces new bugs: #857986
- Piuparts tested OK - https://piuparts.debian.org/sid/source/n/npm.html
- Not considered

news

[2017-04-23] npm REMOVED from testing (Debian testing watch)
[2014-08-11] npm 1.4.21+ds-2 MIGRATED to testing (Britney)
[2014-08-05] Accepted npm 1.4.21+ds-2 (source all) into unstable (Jérémy Lal)
[2014-08-03] npm 1.4.21+ds-1 MIGRATED to testing (Britney)
[2014-07-29] Accepted npm 1.4.21+ds-1 (source all) into unstable (Jérémy Lal)
[2014-03-06] npm 1.4.4+ds-1 MIGRATED to testing (Debian testing watch)
[2014-03-01] Accepted npm 1.4.4+ds-1 (source all) (Jérémy Lal)
[2013-12-30] npm 1.3.10~dfsg-1 MIGRATED to testing (Debian testing watch)
[2013-12-29] npm REMOVED from testing (Debian testing watch)
[2013-09-29] npm 1.3.10~dfsg-1 MIGRATED to testing (Debian testing watch)
[2013-09-08] Accepted npm 1.3.10~dfsg-1 (source all) (Jérémy Lal)
[2013-04-29] Accepted npm 1.2.18~dfsg-3 (source all) (Jérémy Lal)
[2013-04-28] Accepted npm 1.2.18~dfsg-2 (source all) (Jérémy Lal)
[2013-04-28] Accepted npm 1.2.18~dfsg-1 (source all) (Jérémy Lal)
[2012-09-21] Accepted npm 1.1.4~dfsg-2 (source all) (Jonas Smedegaard)
[2012-04-07] Accepted npm 1.1.4~dfsg-1 (source all) (Jonas Smedegaard)
[2011-04-16] Accepted npm 0.2.19-1 (source all) (Jonas Smedegaard)
[2011-03-30] Accepted npm 0.2.16-1 (source all) (Jonas Smedegaard)

bugs [bug history graph]

all: 18 19
RC: 1
I&N: 13 14
M&W: 3
F&P: 1

links

homepage
lintian (1, 4)
buildd: logs, clang
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.5.2-0ubuntu4
20 bugs
patches for 3.5.2-0ubuntu4

Debian Package Tracker — Copyright 2013-2016 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Git Repository — How to contribute