mirror of
https://github.com/verdaccio/verdaccio.git
synced 2024-11-13 03:35:52 +01:00
54606976c3
* chore: remove unused package * Update pnpm-lock.yaml * chore: improve types in general plugins
1.3 KiB
1.3 KiB
| @verdaccio/api | @verdaccio/auth | @verdaccio/cli | @verdaccio/config | @verdaccio/file-locking | verdaccio-htpasswd | @verdaccio/local-storage | @verdaccio/readme | @verdaccio/streams | @verdaccio/types | @verdaccio/hooks | @verdaccio/loaders | @verdaccio/logger | @verdaccio/logger-prettify | @verdaccio/middleware | @verdaccio/node-api | @verdaccio/proxy | @verdaccio/server | @verdaccio/store | @verdaccio/utils | verdaccio | @verdaccio/web |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| major | major | major | major | major | major | major | major | major | major | major | major | major | major | major | major | major | major | major | major | major | major |
- Replace signature handler for legacy tokens by removing deprecated crypto.createDecipher by createCipheriv
- Introduce environment variables for legacy tokens
Code Improvements
- Add debug library for improve developer experience
Breaking change
- The new signature invalidates all previous tokens generated by Verdaccio 4 or previous versions.
- The secret key must have 32 characters long.
New environment variables
VERDACCIO_LEGACY_ALGORITHM: Allows to define the specific algorithm for the token signature which by default isaes-256-ctrVERDACCIO_LEGACY_ENCRYPTION_KEY: By default, the token stores in the database, but using this variable allows to get it from memory