パッケージの詳細

libnpmpack

npm2.7mISC9.0.5

Programmatic API for the bits behind npm pack

readme

npm - a JavaScript package manager

Requirements

You should be running a currently supported version of Node.js to run npm. For a list of which versions of Node.js are currently supported, please see the Node.js releases page.

Installation

npm comes bundled with node, & most third-party distributions, by default. Officially supported downloads/distributions can be found at: nodejs.org/en/download

Direct Download

You can download & install npm directly from npmjs.com using our custom install.sh script:

curl -qL https://www.npmjs.com/install.sh | sh

Node Version Managers

If you're looking to manage multiple versions of Node.js &/or npm, consider using a node version manager

Usage

npm <command>

Links & Resources

Documentation - Official docs & how-tos for all things npm
- Note: you can also search docs locally with npm help-search <query>
Bug Tracker - Search or submit bugs against the CLI
Roadmap - Track & follow along with our public roadmap
Community Feedback and Discussions - Contribute ideas & discussion around the npm registry, website & CLI
RFCs - Contribute ideas & specifications for the API/design of the npm CLI
Service Status - Monitor the current status & see incident reports for the website & registry
Project Status - See the health of all our maintained OSS projects in one view
Events Calendar - Keep track of our Open RFC calls, releases, meetups, conferences & more
Support - Experiencing problems with the npm website or registry? File a ticket here

Acknowledgments

npm is configured to use the npm Public Registry at https://registry.npmjs.org by default; Usage of this registry is subject to Terms of Use available at https://npmjs.com/policies/terms
You can configure npm to use any other compatible registry you prefer. You can read more about configuring third-party registries here

FAQ on Branding

Is it "npm" or "NPM" or "Npm"?

npm should never be capitalized unless it is being displayed in a location that is customarily all-capitals (ex. titles on man pages).

Is "npm" an acronym for "Node Package Manager"?

Contrary to popular belief, npm is not in fact an acronym for "Node Package Manager"; It is a recursive bacronymic abbreviation for "npm is not an acronym" (if the project was named "ninaa", then it would be an acronym). The precursor to npm was actually a bash utility named "pm", which was the shortform name of "pkgmakeinst" - a bash function that installed various things on various platforms. If npm were to ever have been considered an acronym, it would be as "node pm" or, potentially "new pm".

更新履歴

Changelog

11.4.2 (2025-06-11)

Bug Fixes

f2d6947 #8345 move warning to new line when npm init is canceled (@mbtools)
e758dd7 #8318 powershell: multiple Invoke-Expression fixes (#8318) (@alexsch01)
Documentation
7233cb3 #8355 remove deprecated section related temp files (#8355) (@milaninfy)
fb7a498 #8351 clarify shell used for script (#8351) (@milaninfy)
8b55d38 #8329 Rename "command" to "script" (#8329) (@DanKaplanSES)
Dependencies
7b05420 #8358 fdir@6.4.6
e1a3b23 #8358 tinyglobby@0.2.14
522efa2 #8358 socks@2.8.5
7a0723f #8358 debug@4.4.1
9a342a4 #8358 brace-expansion@2.0.2
e691ba0 #8358 @sigstore/protobuf-specs@0.4.3
42ef765 #8358 validate-npm-package-name@6.0.1
774c0b1 #8358 @npmcli/redact@3.2.2
dda6f87 #8317 @npmcli/package-json@6.2.0
bc08ac7 #8317 remove normalize-package-data
Chores
0ad1444 #8358 dev dependency updates (@wraithgar)
workspace: @npmcli/arborist@9.1.2
workspace: libnpmdiff@8.0.5
workspace: libnpmexec@10.1.4
workspace: libnpmfund@7.0.5
workspace: libnpmpack@9.0.5
workspace: libnpmpublish@11.0.1

11.4.1 (2025-05-21)

Documentation

3ed764a #8308 Clarify script working directory behavior (fixes #8305) (#8308) (@tarekwfa0110, @owlstronaut)
Chores
2f30251 #8314 remove references to skimdb.npmjs.com (#8314) (@shmam)
9cb9d50 #8298 add contributor to changelog entry (#8298) (@wraithgar)

Dependencies

workspace: @npmcli/arborist@9.1.1
workspace: libnpmdiff@8.0.4
workspace: libnpmexec@10.1.3
workspace: libnpmfund@7.0.4
workspace: libnpmpack@9.0.4

11.4.0 (2025-05-15)

Features

a0e60fb #8246 added init-private option (@owlstronaut)
57aa89f #8265 use run by default and run-script as the alias (#8265) (@owlstronaut)
0d4c023 #8234 install: add package info to json output (#8234) (@wraithgar)
Bug Fixes
8794fd9 #8297 powershell: support pipeline input with Invoke-Expression (#8297) (@alexsch01)
b5173d1 #8293 docs: corrected github_path (#8293) (@xaos7991)
2210d7a #8278 powershell: use Invoke-Expression to pass args (#8278) (@alexsch01, @mbtools)
8669d09 #8228 add otplease for enable-2fa, disable-2fa, access (#8228) (@reggi, @wraithgar)
78b5a6f #8269 correctly handle scenario where prefix is the cwd (#8269) (@owlstronaut, @ficocelliguy)
fdc3413 #8221 exec: Fails to Execute Binaries Named After Shell Keywords (#8221) (@13sfaith)
4b08e2e #8245 docs: prepare script runs for local package links (@milaninfy)
1622ac4 #8241 handle missing time in packument to prevent crash on npm view (@owlstronaut)
db8f5da #8110 outdated: add dependent location in long output (#8110) (@milaninfy, @wraithgar)
Documentation
d2498df #8295 Remove CHANGELOG from never-ignored list (#8295) (@mrazauskas)
4d5c3c1 #8283 fix overrides example in package-json.md (#8283) (@glasser)
96cc4f9 #8226 format publish as code to highlight it (@LiangYingC)
4990ea0 #8226 clarify legacy token creation in npm login and adduser commands (@LiangYingC)
Dependencies
c97ef8a #8246 init-package-json@8.2.1
f48613d #8292 @sigstore/verify@2.1.1
a4c5e74 #8292 tinyglobby@0.2.13
b9156d2 #8292 http-cache-semantics@4.2.0
472a685 #8292 binary-extensions@3.1.0
988696e #8292 @sigstore/tuf@3.1.1
569ac84 #8292 semver@7.7.2
2521c9b #8233 @sigstore/protobuf-specs@0.4.1
3274d68 #8233 @npmcli/query@4.0.1
c263626 #8233 abbrev@3.0.1
78df711 #8233 hosted-git-info@8.1.0
Chores
e80e38e #8292 dev dependency updates (@wraithgar)
3231ee9 #8244 update snapshots (@owlstronaut)
c561a33 #8233 dev dependency updates (@owlstronaut)
7eca19c #8215 update workflow permissions for updating Node PR (@owlstronaut)
workspace: @npmcli/arborist@9.1.0
workspace: @npmcli/config@10.3.0
workspace: libnpmaccess@10.0.1
workspace: libnpmdiff@8.0.3
workspace: libnpmexec@10.1.2
workspace: libnpmfund@7.0.3
workspace: libnpmpack@9.0.3
workspace: libnpmteam@8.0.1
workspace: libnpmversion@8.0.1

11.3.0 (2025-04-08)

Features

b306d25 #8129 add node-gyp as actual config (@wraithgar)
Bug Fixes
2f5392a #8135 make npm run autocomplete work with workspaces (#8135) (@terrainvidia)
Documentation
26b6454 fix grammer in local path note (@cgay)
1c0e83d #7886 fix typo in package-json.md (#7886) (@stoneLeaf)
14efa57 #8178 fix example package name in overrides explainer (#8178) (@G-Rath)
4183cba #8162 logging: replace proceeding with preceding in loglevels details (#8162) (@tyleralbee)
Dependencies
e57f112 #8207 minipass-fetch@4.0.1
3daabb1 #8207 minizlib@3.0.2
c7a7527 #8207 ci-info@4.2.0
20b09b6 #8207 node-gyp@11.2.0
679bc4a #8129 @npmcli/run-script@9.1.0
Chores
3fbed84 #8207 install rimraf as a devdependency for smoke tests (@owlstronaut)
43f0b41 #8207 dev dependency updates (@wraithgar)
26803bc #8147 release integration node 23 yml (#8147) (@reggi)
d679a1a #8146 release integration node 23 (#8146) (@reggi)
workspace: @npmcli/arborist@9.0.2
workspace: @npmcli/config@10.2.0
workspace: libnpmdiff@8.0.2
workspace: libnpmexec@10.1.1
workspace: libnpmfund@7.0.2
workspace: libnpmpack@9.0.2

11.2.0 (2025-03-05)

Features

247ee1d #8100 cache: add npx commands (@wraithgar)
3a80a7b #8081 add --init-type flag (#8081) (@reggi)
2a1e11f #8071 move nerfDart list into @npmcli/config (@wraithgar)
Bug Fixes
8461186 #8100 update npx cache if possible when spec is a range (@wraithgar)
e345cc5 #8050 don't suggest npm update outside of valid engine range (#8050) (@milaninfy)
811ca29 #8115 stop working around bug fixed in npm-package-arg@12.0.2 (@TrevorBurnham)
879303c #8078 warn on invalid publishConfig (#8078) (@wraithgar)
41417de #8080 warn when TUF fetching of keys fails (#8080) (@wraithgar)
593c849 #8076 warn on invalid single-hyphen cli flags (#8076) (@wraithgar)
Dependencies
3d8b257 #8100 @npmcli/package-json@6.1.1
ab17523 #8134 supports-color@10.0.0
3cbe21a #8134 foreground-child@3.3.1
ee5e1aa #8118 @npmcli/redact@3.1.1
5df69b4 #8118 exponential-backoff@3.1.2
80c3273 #8118 read@4.1.0
7fd70fa #8118 node-gyp@11.1.0
7aeffff #8118 cidr-regex@4.1.3
b0c0490 #8118 is-cidr@5.1.1
ef49d6b #8118 sigstore@3.1.0
1399bfb #8118 socks@2.8.4
6b72107 #8118 semver@7.7.1
c9ad0c4 #8118 @npmcli/git@6.0.3
b153927 #8115 npm-package-arg@12.0.2
f0f6265 #8071 nopt@8.1.0
Chores
cc72b89 #8143 fix smoke tests to account for new release versions within a workspace (#8143) (@reggi)
c3810bc #8134 dev dependency updates (@wraithgar)
9dc40e6 #8118 dev dependency updates (@wraithgar)
7ec0831 #8118 update jsonpath-plus (@wraithgar)
ed85b01 #8071 tests for config warnings/changes (@wraithgar)
workspace: @npmcli/arborist@9.0.1
workspace: @npmcli/config@10.1.0
workspace: libnpmdiff@8.0.1
workspace: libnpmexec@10.1.0
workspace: libnpmfund@7.0.1
workspace: libnpmpack@9.0.1

11.1.0 (2025-01-29)

Features

7f6c997 #8009 add dry-run to deprecate/undeprecate commands (@wraithgar)
1764a37 #8009 add npm undeprecate command (@wraithgar)
Bug Fixes
31455b2 #8054 publish: honor force for no dist tag and registry version check (#8054) (@reggi)
dc31c1b #8038 remove max-len linting bypasses (@wraithgar)
8a911ff #8038 publish: disregard deprecated versions when calculating highest version (@wraithgar)
7f72944 #8038 publish: accept publishConfig.tag to override highes semver check (@wraithgar)
ab9ddc0 #7992 sbom: deduplicate sbom dependencies (#7992) (@bdehamer)
f7da341 #7980 search: properly display multiple search terms (#7980) (@wraithgar)
Documentation
3644e79 #8055 update readme for Node.js versions, remove badges (#8055) (@wraithgar)
f1af61f #8041 fix typos in "package-json" (#8041) (@maxkoryukov)
e90c6fe #8051 depth flag default value (#8051) (@milaninfy)
866b5ee #8030 safer documentation urls, repos, packages (#8030) (@reggi)
Dependencies
7ddfbad #8053 @npmcli/package-json@6.1.1
9473a86 #8053 spdx-license-ids@3.0.21
a65e5ce #8053 @sigstore/protobuf-specs@0.3.3
215ebe4 #8053 chalk@5.4.1
Chores
61f00e3 #8069 splits out smoke-tests from publish-dryrun tests (#8069) (@reggi)
6d0f46e #8058 stop publish smoke from check git clean (#8058) (@reggi)
9281ebf #8057 fix smoke tests prerelease needs separate string args (#8057) (@reggi)
aa202e9 #8056 smoke tests using a preid (#8056) (@reggi)
18e0449 #8053 dev dependency updates (@wraithgar)
859a71c #8052 update node versions for release integration tests (#8052) (@wraithgar)
7e7961d #8038 bump @npmcli/eslint-config to 5.1.0 (@wraithgar)
workspace: @npmcli/config@10.0.1

11.0.0 (2024-12-16)

Documentation

8a911da #7963 ls: removed design change pending section note (#7963) (@milaninfy)
Dependencies
5319e48 #7973 remove unnecessary sprintf-js files in node_modules (#7973)
d369c77 #7976 socks-proxy-agent@8.0.5
3b2951a #7976 https-proxy-agent@7.0.6
a598b7b #7976 agent-base@7.1.3
52bcaf6 #7976 debug@4.4.0
aabf345 #7976 p-map@7.0.3
28e8761 #7976 npm-package-arg@12.0.1
Chores
ecd7190 #7976 dev dependency updates (@wraithgar)
a07f4e0 #7976 @npmcli/template-oss@4.23.6 (@wraithgar)
687ab12 #7970 remove pre-release mode from npm 11 and workspaces (#7970) (@wraithgar)
workspace: @npmcli/arborist@9.0.0
workspace: @npmcli/config@10.0.0
workspace: libnpmaccess@10.0.0
workspace: libnpmdiff@8.0.0
workspace: libnpmexec@10.0.0
workspace: libnpmfund@7.0.0
workspace: libnpmorg@8.0.0
workspace: libnpmpack@9.0.0
workspace: libnpmpublish@11.0.0
workspace: libnpmsearch@9.0.0
workspace: libnpmteam@8.0.0
workspace: libnpmversion@8.0.0

11.0.0-pre.1 (2024-12-06)

⚠️ BREAKING CHANGES

Upon publishing, in order to apply a default "latest" dist tag, the command now retrieves all prior versions of the package. It will require that the version you're trying to publish is above the latest semver version in the registry, not including pre-release tags.
npm init now has a type prompt, and sorts the entries the created packages differently
bun.lockb files are now included in the strict ignore list during packing
Features
f3ac7b7 #7939 no implicit latest tag on publish when latest > version (#7939) (@reggi, @ljharb)
Bug Fixes
e362c6d #7944 prefix: remove duplicate -g from usage output (#7944) (@wraithgar)
Documentation
2af31dd #7947 change certfile to cafile (#7947) (@wraithgar)
1be8e95 #7945 update ignore rules (@wraithgar)
Dependencies
bc9b14d #7955 @npmcli/run-script@9.0.2
fecfcf4 #7955 node-gyp@11.0.0
8905037 #7955 p-map@7.0.2
ac8eb39 #7955 diff@7.0.0
c0bcc2a #7955 walk-up-path@4.0.0
d463a6f #7955 init-package-json@8.0.0
b87ba24 #7945 @npmcli/package-json@6.1.0
4bf1901 #7945 @npmcli/metavuln-calculator@9.0.0
ca84b22 #7945 pacote@21.0.0
4906f3d #7945 npm-packlist@10.0.0
Chores
cfdf214 #7943 fork changelog (#7943) (@wraithgar)
workspace: @npmcli/arborist@9.0.0-pre.1
workspace: @npmcli/config@10.0.0-pre.1
workspace: libnpmdiff@8.0.0-pre.1
workspace: libnpmexec@10.0.0-pre.1
workspace: libnpmfund@7.0.0-pre.1
workspace: libnpmorg@8.0.0-pre.1
workspace: libnpmpack@9.0.0-pre.1

11.0.0-pre.0 (2024-11-26)

⚠️ BREAKING CHANGES

When publishing a package with a pre-release version, you must explicitly specify a tag.
--ignore-scripts now applies to all lifecycle scripts, include prepare
npm will no longer fall back to the old audit endpoint if the bulk advisory request fails.
npm will no longer switch to global mode if aliased to "npmg" or "npm-g" etc.
The npm hook command has been removed
Attestations made by this package will no longer validate in npm versions prior to 10.6.0
npm now supports node ^20.17.0 || >=22.9.0
@npmcli/docs now supports node ^20.17.0 || >=22.9.0
Features
6995303 #7850 adds --ignore-scripts flag to pack (@reggi)
Bug Fixes
16b7367 #7910 publishing prerelease requires explicit tag (#7910) (@reggi)
e19bff0 #7901 perf: enable compile cache if present (#7901) (@H4ad)
080a0f2 #7911 remove old audit fallback request (@wraithgar)
780afc5 #7855 pkg: display if any of multiple attributes exist (#7855) (@Sanderovich)
ecd2d23 #7842 don't go into global mode if aliased to npmg (#7842) (@wraithgar)
62c71e5 #7835 removes npm hook command (@reggi)
7f541e8 #7815 make pack and exec work with git hash refs (#7815) (@milaninfy)
3162620 #7831 sets node engine range to ^20.17.0 || >=22.9.0 (@reggi)
4c8ba0a #7831 for @npmcli/docs sets node engine range to ^20.17.0 || >=22.9.0 (@reggi)
70cd88d #7808 view: sort and truncate dist-tags (#7808) (@wraithgar)
534ad77 #7795 remove unused parameters catch statements (#7795) (@btea)
Documentation
feb54f7 #7822 package.json: add libc field (#7822) (@wraithgar)
Dependencies
78293ad #7937 spdx-license-ids@3.0.20
33cf580 #7937 promise-call-limit@3.0.2
ef1c368 #7937 package-json-from-dist@1.0.1
92e6f07 #7937 npm-registry-fetch@18.0.2
e32284a #7937 npm-install-checks@7.1.1
5dffd11 #7937 negotiator@0.6.4
69d9f01 #7937 make-fetch-happen@14.0.3
884bbde #7937 hosted-git-info@8.0.2
3c74ec0 #7937 debug@4.3.7
f00359f #7937 cross-spawn@7.0.6
534bbe8 #7937 ci-info@4.1.0
8cbf1a7 #7937 @npmcli/promise-spawn@8.0.2
1bd39e7 #7937 @npmcli/map-workspaces@4.0.2
eb6498d #7937 ansi-regex@6.1.0
66fc8c9 #7850 @npmcli/metavuln-calculator@8.0.1
7dbef6f #7850 pacote@20.0.0
75a3f12 #7859 remove unused deps (#7859)
f36dc59 #7833 pacote@19.0.1
7ee15bb #7833 bump sigstore from 2.x to 3.0.0 (@bdehamer)
Chores
2d530a5 #7941 tests: account for when npm is a prerelease (#7941) (@wraithgar)
2c1b369 #7937 dev dependency updates (@wraithgar)
6edfe2f #7937 @npmcli/template-oss@4.23.5 (@wraithgar)
475285b #7920 clean up dependency graph repos (#7920) (@hashtagchris)
ec57f5f #7911 fix dependencies script for circular workspace deps (@wraithgar)
ccd8420 #7911 fix cli tests for audit fallback removal (@wraithgar)
720b4d8 #7833 bump @npmcli/arborist to 8.0.0 (@wraithgar)
286739c #7824 add creation of a DEPENDENCIES.json file (#7824) (@reggi)
852dd8b #7831 sets npm 11 to prerelase (@reggi)
95d009e #7831 update engine ^20.17.0 || >=22.9.0 in actions (@reggi)
5a74478 #7831 update engines ^20.17.0 || >=22.9.0 in package template (@reggi)
workspace: @npmcli/arborist@9.0.0-pre.0
workspace: @npmcli/config@10.0.0-pre.0
workspace: libnpmaccess@10.0.0-pre.0
workspace: libnpmdiff@8.0.0-pre.0
workspace: libnpmexec@10.0.0-pre.0
workspace: libnpmfund@7.0.0-pre.0
workspace: libnpmorg@8.0.0-pre.0
workspace: libnpmpack@9.0.0-pre.0
workspace: libnpmpublish@11.0.0-pre.0
workspace: libnpmsearch@9.0.0-pre.0
workspace: libnpmteam@8.0.0-pre.0
workspace: libnpmversion@8.0.0-pre.0