A package manager for Node.js that allows developers to install and publish packages to a package registry.
Homepage | https://nodejs.org |
---|
6.17.0

6.16.0

6.14.4

6.14.3

6.14.1

6.12.2

6.11.1

6.9.5

Distribution | Version | Since | Package | Installed | Packager | |
---|---|---|---|---|---|---|
![]() | rpm | 6.9.5-1.2 | 2019-01-17 | 1.93 MiB | 7.68 MiB | http://bugs.opensuse.org |
![]() | rpm | 6.17.0-21.1 | 2019-04-08 | 1.92 MiB | 8.06 MiB | http://bugs.opensuse.org |
![]() | rpm | 6.16.0-18.1 | 2019-02-22 | 1.92 MiB | 8.06 MiB | http://bugs.opensuse.org |
![]() | rpm | 6.14.4-15.1 | 2019-01-21 | 1.91 MiB | 8.06 MiB | http://bugs.opensuse.org |
![]() | rpm | 6.14.3-12.1 | 2019-01-21 | 1.91 MiB | 8.06 MiB | http://bugs.opensuse.org |
![]() | rpm | 6.14.1-9.2 | 2019-01-21 | 1.91 MiB | 8.06 MiB | http://bugs.opensuse.org |
![]() | rpm | 6.12.2-6.1 | 2019-01-21 | 1.91 MiB | 8.06 MiB | http://bugs.opensuse.org |
![]() | rpm | 6.11.1-3.1 | 2019-01-21 | 1.91 MiB | 8.06 MiB | http://bugs.opensuse.org |
Manual pages
npm(1)
npm - javascript package manager
npm-access(1)
npm-access - Set access level on published packages
npm-adduser(1)
npm-adduser - Add a registry user account
npm-bin(1)
npm-bin - Display npm bin folder
Synopsis
npm bin [-g|--global]
Description
Print the folder where npm will install executables.
See Also
o
npm help prefix
o
npm help root
o
npm help folders
o
npm help config
o
npm help npmrc
npm-bugs(1)
npm-bugs - Bugs for a package in a web browser maybe
npm-build(1)
npm-build - Build a package
npm-bundle(1)
npm-bundle - REMOVED
npm-cache(1)
npm-cache - Manipulates packages cache
npm-completion(1)
npm-completion - Tab Completion for npm
npm-config(1)
npm-config - Manage the npm configuration files
npm-dedupe(1)
npm-dedupe - Reduce duplication
npm-deprecate(1)
npm-deprecate - Deprecate a version of a package
npm-dist-tag(1)
npm-dist-tag - Modify package distribution tags
npm-docs(1)
npm-docs - Docs for a package in a web browser maybe
npm-edit(1)
npm-edit - Edit an installed package
npm-explore(1)
npm-explore - Browse an installed package
npm-help(1)
npm-help - Get help on npm
npm-help-search(1)
npm-help-search - Search npm help documentation
npm-init(1)
npm-init - create a package.json file
npm-install(1)
npm-install - Install a package
npm-link(1)
npm-link - Symlink a package folder
npm-logout(1)
npm-logout - Log out of the registry
npm-ls(1)
npm-ls - List installed packages
npm-outdated(1)
npm-outdated - Check for outdated packages
npm-owner(1)
npm-owner - Manage package owners
npm-pack(1)
npm-pack - Create a tarball from a package
npm-ping(1)
npm-ping - Ping npm registry
npm-prefix(1)
npm-prefix - Display prefix
npm-prune(1)
npm-prune - Remove extraneous packages
npm-publish(1)
npm-publish - Publish a package
npm-README(1)
npm - a JavaScript package manager
Build Status https://img.shields.io/travis/npm/cli/latest.svg https://travis-ci.org/npm/cli
npm-rebuild(1)
npm-rebuild - Rebuild a package
npm-repo(1)
npm-repo - Open package repository page in the browser
npm-restart(1)
npm-restart - Restart a package
npm-root(1)
npm-root - Display npm root
Synopsis
npm root [-g]
Description
Print the effective node_modules folder to standard out.
See Also
o
npm help prefix
o
npm help bin
o
npm help folders
o
npm help config
o
npm help npmrc
npm-run-script(1)
npm-run-script - Run arbitrary package scripts
npm-search(1)
npm-search - Search for packages
npm-shrinkwrap(1)
npm-shrinkwrap - Lock down dependency versions for publication
npm-star(1)
npm-star - Mark your favorite packages
npm-stars(1)
npm-stars - View packages marked as favorites
npm-start(1)
npm-start - Start a package
npm-stop(1)
npm-stop - Stop a package
Synopsis
npm stop [-- <args>]
Description
This runs a package’s "stop" script, if one was provided.
See Also
o
npm help run-script
o
npm help scripts
o
npm help test
o
npm help start
o
npm help restart
npm-tag(1)
npm-tag - Tag a published version
npm-team(1)
npm-team - Manage organization teams and team memberships
npm-test(1)
npm-test - Test a package
npm-uninstall(1)
npm-uninstall - Remove a package
npm-unpublish(1)
npm-unpublish - Remove a package from the registry
npm-update(1)
npm-update - Update a package
npm-version(1)
npm-version - Bump a package version
npm-view(1)
npm-view - View registry info
npm-whoami(1)
npm-whoami - Display npm username
Synopsis
npm whoami [--registry <registry>]
Description
Print the username config to standard output.
See Also
o
npm help config
o
npm help npmrc
o
npm help adduser
npm6(1)
npm6 - javascript package manager
npm-folders(5)
npm-folders - Folder Structures Used by npm
npm-global(5)
npm-folders - Folder Structures Used by npm
npm-json(5)
package.json - Specifics of npm’s package.json handling
npmrc(5)
npmrc - The npm config files
package.json(5)
package.json - Specifics of npm’s package.json handling
npm-coding-style(7)
npm-coding-style - npm’s "funny" coding style
npm-config(7)
npm-config - More than you probably want to know about npm configuration
npm-developers(7)
npm-developers - Developer Guide
npm-disputes(7)
npm-disputes - Handling Module Name Disputes
npm-index(7)
npm-index - Index of all npm documentation
npm help README
a JavaScript package manager
npm-orgs(7)
npm-orgs - Working with Teams & Orgs
npm-registry(7)
npm-registry - The JavaScript Package Registry
npm-scope(7)
npm-scope - Scoped packages
npm-scripts(7)
npm-scripts - How npm handles the "scripts" field
removing-npm(7)
npm-removal - Cleaning the Slate
semver(7)
semver - The semantic versioner for npm
Latest updates

OpenSUSE Leap 42.3 update/oss: Updated from 6.16.0-18.1 to 6.17.0-21.1
2019-04-08
- New upstream LTS release 6.17.0:
- deps: OpenSSL has been upgraded to 1.0.2r. Under certain circumstances, a TLS server can be forced to respond differently to a client if a zero-byte record is received with an invalid padding compared to a zero-byte record with an invalid MAC. This can be used as the basis of a padding oracle attack to decrypt data.
(CVE-2019-1559, bsc#1127080) - http:
- Backport server.keepAliveTimeout to prevent keep-alive
Denial of Service (DoS). (CVE-2019-5739, bsc#1127533)- Further prevention of "Slowloris" attacks on HTTP and HTTPS
- deps: OpenSSL has been upgraded to 1.0.2r. Under certain circumstances, a TLS server can be forced to respond differently to a client if a zero-byte record is received with an invalid padding compared to a zero-byte record with an invalid MAC. This can be used as the basis of a padding oracle attack to decrypt data.

OpenSUSE Tumbleweed oss: Version 6.17.0-1.1 removed
2019-03-15

OpenSUSE Tumbleweed oss: Updated from 6.16.0-1.5 to 6.17.0-1.1
2019-03-10
- New upstream LTS release 6.17.0:
- deps: OpenSSL has been upgraded to 1.0.2r. Under certain circumstances, a TLS server can be forced to respond differently to a client if a zero-byte record is received with an invalid padding compared to a zero-byte record with an invalid MAC. This can be used as the basis of a padding oracle attack to decrypt data.
(CVE-2019-1559, bsc#1127080) - http:
- Backport server.keepAliveTimeout to prevent keep-alive
Denial of Service (DoS). (CVE-2019-5739, bsc#1127533)- Further prevention of "Slowloris" attacks on HTTP and HTTPS
- deps: OpenSSL has been upgraded to 1.0.2r. Under certain circumstances, a TLS server can be forced to respond differently to a client if a zero-byte record is received with an invalid padding compared to a zero-byte record with an invalid MAC. This can be used as the basis of a padding oracle attack to decrypt data.

OpenSUSE Leap 42.3 update/oss: Updated from 6.14.4-15.1 to 6.16.0-18.1
2019-02-22
- Update upstream LTS release 6.16.0:
- cli: add --max-http-header-size flag
- http: add maxHeaderSize property
- Changes in LTS release 6.15.0:
- debugger: prevent the debugger from listening on 0.0.0.0. It now defaults to 127.0.0.1. (CVE-2018-12120, bsc#1117625)
- deps: Upgrade to OpenSSL 1.0.2q, fixing
CVE-2018-0734 (bsc#1113652) and CVE-2018-5407 (bsc#1113534) - http:
- Headers received by HTTP servers must not exceed 8192 bytes
(CVE-2018-12121, bsc#1117626)- A timeout of 40 seconds now applies to servers receiving
server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with
server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service. (CVE-2018-12122, bsc#1117627)- Two-byte characters are now strictly disallowed for the path
(CVE-2018-12116, bsc#1117630) - util: Fix a bug that would allow a hostname being spoofed when parsing URLs with url.parse() with the 'javascript:' protocol. (CVE-2018-12123, bsc#1117629)
- skip_test_on_lowmem.patch: skip test on low-memory build machine

OpenSUSE Tumbleweed oss: Updated from 6.16.0-1.4 to 6.16.0-1.5
2019-02-15
- Update upstream LTS release 6.16.0:
- cli: add --max-http-header-size flag
- http: add maxHeaderSize property
- Changes in LTS release 6.15.0:
- debugger: prevent the debugger from listening on 0.0.0.0. It now defaults to 127.0.0.1. (CVE-2018-12120, bsc#1117625)
- deps: Upgrade to OpenSSL 1.0.2q, fixing
CVE-2018-0734 (bsc#1113652) and CVE-2018-5407 (bsc#1113534) - http:
- Headers received by HTTP servers must not exceed 8192 bytes
(CVE-2018-12121, bsc#1117626)- A timeout of 40 seconds now applies to servers receiving
server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with
server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service. (CVE-2018-12122, bsc#1117627)- Two-byte characters are now strictly disallowed for the path
(CVE-2018-12116, bsc#1117630) - util: Fix a bug that would allow a hostname being spoofed when parsing URLs with url.parse() with the 'javascript:' protocol. (CVE-2018-12123, bsc#1117629)
- skip_test_on_lowmem.patch: skip test on low-memory build machine

OpenSUSE Tumbleweed oss: Updated from 6.16.0-1.3 to 6.16.0-1.4
2019-02-05
- Update upstream LTS release 6.16.0:
- cli: add --max-http-header-size flag
- http: add maxHeaderSize property
- Changes in LTS release 6.15.0:
- debugger: prevent the debugger from listening on 0.0.0.0. It now defaults to 127.0.0.1. (CVE-2018-12120, bsc#1117625)
- deps: Upgrade to OpenSSL 1.0.2q, fixing
CVE-2018-0734 (bsc#1113652) and CVE-2018-5407 (bsc#1113534) - http:
- Headers received by HTTP servers must not exceed 8192 bytes
(CVE-2018-12121, bsc#1117626)- A timeout of 40 seconds now applies to servers receiving
server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with
server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service. (CVE-2018-12122, bsc#1117627)- Two-byte characters are now strictly disallowed for the path
(CVE-2018-12116, bsc#1117630) - util: Fix a bug that would allow a hostname being spoofed when parsing URLs with url.parse() with the 'javascript:' protocol. (CVE-2018-12123, bsc#1117629)
- skip_test_on_lowmem.patch: skip test on low-memory build machine

OpenSUSE Tumbleweed oss: Updated from 6.16.0-1.1 to 6.16.0-1.3
2019-02-03
- Update upstream LTS release 6.16.0:
- cli: add --max-http-header-size flag
- http: add maxHeaderSize property
- Changes in LTS release 6.15.0:
- debugger: prevent the debugger from listening on 0.0.0.0. It now defaults to 127.0.0.1. (CVE-2018-12120, bsc#1117625)
- deps: Upgrade to OpenSSL 1.0.2q, fixing
CVE-2018-0734 (bsc#1113652) and CVE-2018-5407 (bsc#1113534) - http:
- Headers received by HTTP servers must not exceed 8192 bytes
(CVE-2018-12121, bsc#1117626)- A timeout of 40 seconds now applies to servers receiving
server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with
server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service. (CVE-2018-12122, bsc#1117627)- Two-byte characters are now strictly disallowed for the path
(CVE-2018-12116, bsc#1117630) - util: Fix a bug that would allow a hostname being spoofed when parsing URLs with url.parse() with the 'javascript:' protocol. (CVE-2018-12123, bsc#1117629)
- skip_test_on_lowmem.patch: skip test on low-memory build machine

OpenSUSE Tumbleweed oss: Version 6.16.0-1.1 reintroduced
2019-01-23
- Update upstream LTS release 6.16.0:
- cli: add --max-http-header-size flag
- http: add maxHeaderSize property
- Changes in LTS release 6.15.0:
- debugger: prevent the debugger from listening on 0.0.0.0. It now defaults to 127.0.0.1. (CVE-2018-12120, bsc#1117625)
- deps: Upgrade to OpenSSL 1.0.2q, fixing
CVE-2018-0734 (bsc#1113652) and CVE-2018-5407 (bsc#1113534) - http:
- Headers received by HTTP servers must not exceed 8192 bytes
(CVE-2018-12121, bsc#1117626)- A timeout of 40 seconds now applies to servers receiving
server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with
server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service. (CVE-2018-12122, bsc#1117627)- Two-byte characters are now strictly disallowed for the path
(CVE-2018-12116, bsc#1117630) - util: Fix a bug that would allow a hostname being spoofed when parsing URLs with url.parse() with the 'javascript:' protocol. (CVE-2018-12123, bsc#1117629)
- skip_test_on_lowmem.patch: skip test on low-memory build machine

OpenSUSE Leap 42.3 update/oss: Updated from 6.14.3-12.1 to 6.14.4-15.1
2019-01-21
- New upstream LTS release 6.14.4:
- buffer: Fix out-of-bounds (OOB) write in Buffer.write() for UCS-2 encoding (CVE-2018-12115, bsc#1105019)
- deps: Upgrade to OpenSSL 1.0.2p, fixing:
- Client DoS due to large DH parameter
- ECDSA key extraction via local side-channel

OpenSUSE Leap 42.3 update/oss: Updated from 6.14.1-9.2 to 6.14.3-12.1
2019-01-21
- New upstream LTS release 6.14.3:
- buffer: Fixes Denial of Service vulnerability where calling Buffer.fill() could hang (CVE-2018-7167, bsc#1097375)

OpenSUSE Leap 42.3 update/oss: Updated from 6.12.2-6.1 to 6.14.1-9.2
2019-01-21
- Fix some node-gyp permissions

OpenSUSE Leap 42.3 update/oss: Updated from 6.11.1-3.1 to 6.12.2-6.1
2019-01-21
- Dropped 8334.diff - no longer needed

OpenSUSE Leap 42.3 update/oss: Version 6.11.1-3.1 introduced
2019-01-21
- Fix update-alternative handling in %postun - don't remove links on upgrades.

OpenSUSE Leap 42.3 oss: Version 6.9.5-1.2 introduced
2019-01-17

OpenSUSE Tumbleweed oss: Version 6.16.0-1.1 removed
2019-01-17

OpenSUSE Tumbleweed oss: Version 6.16.0-1.1 introduced
2019-01-17
- Update upstream LTS release 6.16.0:
- cli: add --max-http-header-size flag
- http: add maxHeaderSize property
- Changes in LTS release 6.15.0:
- debugger: prevent the debugger from listening on 0.0.0.0. It now defaults to 127.0.0.1. (CVE-2018-12120, bsc#1117625)
- deps: Upgrade to OpenSSL 1.0.2q, fixing
CVE-2018-0734 (bsc#1113652) and CVE-2018-5407 (bsc#1113534) - http:
- Headers received by HTTP servers must not exceed 8192 bytes
(CVE-2018-12121, bsc#1117626)- A timeout of 40 seconds now applies to servers receiving
server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with
server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service. (CVE-2018-12122, bsc#1117627)- Two-byte characters are now strictly disallowed for the path
(CVE-2018-12116, bsc#1117630) - util: Fix a bug that would allow a hostname being spoofed when parsing URLs with url.parse() with the 'javascript:' protocol. (CVE-2018-12123, bsc#1117629)
- skip_test_on_lowmem.patch: skip test on low-memory build machine