chore: update versions (next) (#4033 )

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
update release notes
2023-09-24 10:34:31 +02:00 · 2023-09-24 10:28:45 +02:00 · 2023-09-24 10:17:53 +02:00 · 2023-09-24 07:48:16 +02:00 · 2023-09-21 00:12:24 +00:00 · 2023-09-19 17:37:11 +02:00
1072 changed files with 164074 additions and 31104 deletions
--- a/.babelrc
+++ b/.babelrc
@@ -10,5 +10,9 @@
    ],
    "@babel/typescript"
  ],
-  "ignore": ["**/*.d.ts"]
+  "ignore": ["**/*.d.ts"],
+  "plugins": [
+    "@babel/plugin-proposal-optional-chaining",
+    "@babel/plugin-proposal-nullish-coalescing-operator"
+  ]
 }
--- a/.changeset/afraid-mice-obey.md
+++ b/.changeset/afraid-mice-obey.md
@@ -1,15 +0,0 @@
---
-'@verdaccio/types': minor
-'@verdaccio/ui-theme': minor
-'@verdaccio/web': minor
---
-
-allow disable login on ui and endpoints
-
-To be able disable the login, set `login: false`, anything else would enable login. This flag will disable access via UI and web endpoints.
-
-```yml
-web:
-  title: verdaccio
-  login: false
-```
--- a/.changeset/angry-nails-appear.md
+++ b/.changeset/angry-nails-appear.md
@@ -1,52 +0,0 @@
---
-'@verdaccio/api': major
-'@verdaccio/auth': major
-'@verdaccio/cli': major
-'@verdaccio/config': major
-'@verdaccio/core': major
-'@verdaccio/file-locking': major
-'@verdaccio/readme': major
-'@verdaccio/tarball': major
-'@verdaccio/types': major
-'@verdaccio/url': major
-'@verdaccio/hooks': major
-'@verdaccio/loaders': major
-'@verdaccio/logger': major
-'@verdaccio/logger-prettify': major
-'@verdaccio/middleware': major
-'@verdaccio/node-api': major
-'verdaccio-audit': major
-'verdaccio-auth-memory': major
-'verdaccio-htpasswd': major
-'@verdaccio/local-storage': major
-'verdaccio-memory': major
-'@verdaccio/ui-theme': major
-'@verdaccio/proxy': major
-'@verdaccio/server': major
-'@verdaccio/store': major
-'@verdaccio/utils': major
-'verdaccio': major
-'@verdaccio/web': major
---
-
-feat!: replace deprecated request dependency by got
-
-This is a big refactoring of the core, fetching dependencies, improve code, more tests and better stability. This is essential for the next release, will take some time but would allow modularize more the core.
-
-## Notes
-
- Remove deprecated `request` by other `got`, retry improved, custom Agent ( got does not include it built-in)
- Remove `async` dependency from storage (used by core) it was linked with proxy somehow safe to remove now
- Refactor with promises instead callback wherever is possible
- ~Document the API~
- Improve testing, integration tests
- Bugfix
- Clean up old validations
- Improve performance
-
-## 💥 Breaking changes
-
- Plugin API methods were callbacks based are returning promises, this will break current storage plugins, check documentation for upgrade.
- Write Tarball, Read Tarball methods parameters change, a new set of options like `AbortController` signals are being provided to the `addAbortSignal` can be internally used with Streams when a request is aborted. eg: `addAbortSignal(signal, fs.createReadStream(pathName));`
- `@verdaccio/streams` stream abort support is legacy is being deprecated removed
- Remove AWS and Google Cloud packages for future refactoring [#2574](https://github.com/verdaccio/verdaccio/pull/2574).
--- a/.changeset/angry-trees-tie.md
+++ b/.changeset/angry-trees-tie.md
@@ -0,0 +1,6 @@
+---
+'@verdaccio/ui-components': patch
+'@verdaccio/ui-theme': patch
+---
+
+- fixed login state when token is expired (@ku3mi41 in #3980)
--- a/.changeset/big-lobsters-sin.md
+++ b/.changeset/big-lobsters-sin.md
@@ -1,23 +0,0 @@
---
-'@verdaccio/local-storage': major
-'@verdaccio/url': major
-'verdaccio-aws-s3-storage': major
-'verdaccio-google-cloud': major
-'verdaccio-memory': major
-'@verdaccio/store': major
---
-
-# async storage plugin bootstrap
-
-Gives a storage plugin the ability to perform asynchronous tasks on initialization
-
-## Breaking change
-
-Plugin must have an init method in which asynchronous tasks can be executed
-
-```js
-public async init(): Promise<void> {
-   this.data = await this._fetchLocalPackages();
-   this._sync();
-}
-```
--- a/.changeset/breezy-mayflies-pull.md
+++ b/.changeset/breezy-mayflies-pull.md
@@ -5,33 +5,40 @@
 '@verdaccio/config': major
 '@verdaccio/core': major
 '@verdaccio/file-locking': major
-'verdaccio-htpasswd': major
-'@verdaccio/readme': major
-'@verdaccio/server-fastify': major
-'@verdaccio/streams': major
 '@verdaccio/tarball': major
 '@verdaccio/types': major
 '@verdaccio/url': major
 '@verdaccio/hooks': major
 '@verdaccio/loaders': major
 '@verdaccio/logger': major
+'@verdaccio/logger-7': major
+'@verdaccio/logger-commons': major
+'@verdaccio/logger-prettify': major
 '@verdaccio/middleware': major
 '@verdaccio/node-api': major
-'@verdaccio/active-directory': major
 'verdaccio-audit': major
 'verdaccio-auth-memory': major
-'verdaccio-aws-s3-storage': major
-'verdaccio-google-cloud': major
+'verdaccio-htpasswd': major
+'@verdaccio/local-storage': major
 'verdaccio-memory': major
 '@verdaccio/ui-theme': major
+'@verdaccio/proxy': major
+'@verdaccio/search': major
 '@verdaccio/server': major
+'@verdaccio/server-fastify': major
+'@verdaccio/signature': major
 '@verdaccio/cli-standalone': major
 '@verdaccio/store': major
+'docusaurus-plugin-contributors': major
+'@verdaccio/eslint-config': major
+'@verdaccio/test-helper': major
+'customprefix-auth': major
+'@verdaccio/ui-components': major
 '@verdaccio/utils': major
 'verdaccio': major
 '@verdaccio/web': major
+'@verdaccio/website': major
+'@verdaccio/local-publish': patch
 ---

-Remove Node 12 support
-
- We need move to the new `undici` and does not support Node.js 12
+feat!: bump to v7
--- a/.changeset/bright-poems-obey.md
+++ b/.changeset/bright-poems-obey.md
@@ -1,37 +0,0 @@
---
-'@verdaccio/api': major
-'@verdaccio/server-fastify': major
-'@verdaccio/tarball': major
-'@verdaccio/local-storage': major
-'verdaccio-memory': major
-'@verdaccio/server': major
-'@verdaccio/store': major
-'@verdaccio/utils': major
---
-
-refactor: download manifest endpoint and integrate fastify
-
-Much simpler API for fetching a package
-
-```
- const manifest = await storage.getPackageNext({
-      name,
-      uplinksLook: true,
-      req,
-      version: queryVersion,
-      requestOptions,
- });
-```
-
-> not perfect, the `req` still is being passed to the proxy (this has to be refactored at proxy package) and then removed from here, in proxy we pass the request instance to the `request` library.
-
-### Details
-
- `async/await` sugar for getPackage()
- Improve and reuse code between current implementation and new fastify endpoint (add scaffolding for request manifest)
- Improve performance
- Add new tests
-
-### Breaking changes
-
-All storage plugins will stop to work since the storage uses `getPackageNext` method which is Promise based, I won't replace this now because will force me to update all plugins, I'll follow up in another PR. Currently will throw http 500
--- a/.changeset/brown-cycles-laugh.md
+++ b/.changeset/brown-cycles-laugh.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/cli': patch
---
-
-chore: improve error logger message
--- a/.changeset/brown-pandas-wink.md
+++ b/.changeset/brown-pandas-wink.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
-add banner support ukraine
--- a/.changeset/calm-pants-impress.md
+++ b/.changeset/calm-pants-impress.md
@@ -1,5 +0,0 @@
---
-'verdaccio-aws-s3-storage': patch
---
-
-Fix the prefix used to delete from s3 when unpublishing packages
--- a/.changeset/chilled-carrots-guess.md
+++ b/.changeset/chilled-carrots-guess.md
@@ -0,0 +1,6 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+- added `onClick` prop to `Link` component in @verdaccio/ui-components. (@moglerdev in #3989)
+- resolved issue in the `Package` component where the download button was incorrectly opening a new tab to the homepage. (@moglerdev in #3989)
--- a/.changeset/chilled-ways-fetch.md
+++ b/.changeset/chilled-ways-fetch.md
@@ -1,5 +0,0 @@
---
-'verdaccio-memory': patch
---
-
-Fix storing tarballs with identical names from different packages in memory plugin
--- a/.changeset/chilly-glasses-occur.md
+++ b/.changeset/chilly-glasses-occur.md
@@ -1,8 +0,0 @@
---
-'@verdaccio/api': patch
-'@verdaccio/core': patch
-'@verdaccio/server-fastify': patch
-'@verdaccio/store': patch
---
-
-fix: abbreviated headers handle quality values
--- a/.changeset/clever-pugs-warn.md
+++ b/.changeset/clever-pugs-warn.md
@@ -1,11 +0,0 @@
---
-'@verdaccio/cli': major
-'@verdaccio/core': major
-'@verdaccio/types': major
-'@verdaccio/logger': major
-'@verdaccio/logger-prettify': major
-'verdaccio-audit': major
-'@verdaccio/eslint-config': major
---
-
-feat: migrate to pino.js 8
--- a/.changeset/dry-planes-tap.md
+++ b/.changeset/dry-planes-tap.md
@@ -1,57 +0,0 @@
---
-'@verdaccio/api': major
-'@verdaccio/auth': major
-'@verdaccio/cli': major
-'@verdaccio/config': major
-'@verdaccio/core': major
-'@verdaccio/local-storage': major
-'@verdaccio/server-fastify': major
-'@verdaccio/streams': major
-'@verdaccio/types': major
-'@verdaccio/hooks': major
-'verdaccio-audit': major
-'verdaccio-aws-s3-storage': major
-'verdaccio-google-cloud': major
-'verdaccio-memory': major
-'@verdaccio/ui-theme': major
-'@verdaccio/proxy': major
-'@verdaccio/server': major
-'@verdaccio/store': major
-'@verdaccio/eslint-config': major
-'@verdaccio/utils': major
-'verdaccio': major
-'@verdaccio/web': major
---
-
-refactor: search v1 endpoint and local-database
-
- refactor search `api v1` endpoint, improve performance
- remove usage of `async` dependency https://github.com/verdaccio/verdaccio/issues/1225
- refactor method storage class
- create new module `core` to reduce the ammount of modules with utilities
- use `undici` instead `node-fetch`
- use `fastify` instead `express` for functional test
-
-### Breaking changes
-
- plugin storage API changes
- remove old search endpoint (return 404)
- filter local private packages at plugin level
-
-The storage api changes for methods `get`, `add`, `remove` as promise base. The `search` methods also changes and recieves a `query` object that contains all query params from the client.
-
-```ts
-export interface IPluginStorage<T> extends IPlugin {
-  add(name: string): Promise<void>;
-  remove(name: string): Promise<void>;
-  get(): Promise<any>;
-  init(): Promise<void>;
-  getSecret(): Promise<string>;
-  setSecret(secret: string): Promise<any>;
-  getPackageStorage(packageInfo: string): IPackageStorage;
-  search(query: searchUtils.SearchQuery): Promise<searchUtils.SearchItem[]>;
-  saveToken(token: Token): Promise<any>;
-  deleteToken(user: string, tokenKey: string): Promise<any>;
-  readTokens(filter: TokenFilter): Promise<Token[]>;
-}
-```
--- a/.changeset/dull-monkeys-search.md
+++ b/.changeset/dull-monkeys-search.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
-show verdaccio logo in the footer even when custom brand is set
--- a/.changeset/early-jokes-nail.md
+++ b/.changeset/early-jokes-nail.md
@@ -1,76 +0,0 @@
---
-'@verdaccio/api': major
-'@verdaccio/auth': major
-'@verdaccio/config': major
-'@verdaccio/types': major
-'@verdaccio/loaders': major
-'@verdaccio/node-api': major
-'verdaccio-audit': major
-'verdaccio-auth-memory': major
-'verdaccio-htpasswd': major
-'@verdaccio/local-storage': major
-'verdaccio-memory': major
-'@verdaccio/server': major
-'@verdaccio/server-fastify': major
-'@verdaccio/store': major
-'@verdaccio/test-helper': major
-'customprefix-auth': major
-'verdaccio': major
-'@verdaccio/web': major
---
-
-feat(plugins): improve plugin loader
-
-### Changes
-
- Add scope plugin support to 6.x https://github.com/verdaccio/verdaccio/pull/3227
- Avoid config collisions https://github.com/verdaccio/verdaccio/issues/928
- https://github.com/verdaccio/verdaccio/issues/1394
- `config.plugins` plugin path validations
- Updated algorithm for plugin loader.
- improved documentation (included dev)
-
-## Features
-
- Add scope plugin support to 6.x https://github.com/verdaccio/verdaccio/pull/3227
- Custom prefix:
-
-```
-// config.yaml
-server:
-  pluginPrefix: mycompany
-middleware:
-  audit:
-      foo: 1
-```
-
-This configuration will look up for `mycompany-audit` instead `Verdaccio-audit`.
-
-## Breaking Changes
-
-### sinopia plugins
-
- `sinopia` fallback support is removed, but can be restored using `pluginPrefix`
-
-### plugin filter
-
- method rename `filter_metadata`->`filterMetadata`
-
-### Plugin constructor does not merge configs anymore https://github.com/verdaccio/verdaccio/issues/928
-
-The plugin receives as first argument `config`, which represents the config of the plugin. Example:
-
-```
-// config.yaml
-auth:
-  plugin:
-     foo: 1
-     bar: 2
-
-export class Plugin<T> {
-  public constructor(config: T, options: PluginOptions) {
-    console.log(config);
-    // {foo:1, bar: 2}
- }
-}
-```
--- a/.changeset/eleven-brooms-hunt.md
+++ b/.changeset/eleven-brooms-hunt.md
@@ -1,11 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/core': minor
-'@verdaccio/tarball': minor
-'@verdaccio/middleware': minor
-'verdaccio-audit': minor
-'@verdaccio/utils': minor
-'@verdaccio/web': minor
---
-
-refactor: improve docker image build with strict dependencies and prod build
--- a/.changeset/fair-lemons-beam.md
+++ b/.changeset/fair-lemons-beam.md
@@ -1,6 +0,0 @@
---
-'@verdaccio/logger-prettify': minor
-'@verdaccio/logger': patch
---
-
-hydrate template placeholders in log messages when format is set to 'json'
--- a/.changeset/famous-tigers-doubt.md
+++ b/.changeset/famous-tigers-doubt.md
@@ -1,42 +0,0 @@
---
-'@verdaccio/api': patch
-'@verdaccio/auth': patch
-'@verdaccio/cli': patch
-'@verdaccio/core': patch
-'@verdaccio/file-locking': patch
-'@verdaccio/readme': patch
-'@verdaccio/tarball': patch
-'@verdaccio/types': patch
-'@verdaccio/url': patch
-'@verdaccio/hooks': patch
-'@verdaccio/loaders': patch
-'@verdaccio/logger': patch
-'@verdaccio/node-api': patch
-'verdaccio-audit': patch
-'verdaccio-auth-memory': patch
-'verdaccio-htpasswd': patch
-'@verdaccio/local-storage': patch
-'verdaccio-memory': patch
-'@verdaccio/ui-theme': patch
-'@verdaccio/proxy': patch
-'@verdaccio/server': patch
-'@verdaccio/server-fastify': patch
-'@verdaccio/cli-standalone': patch
-'@verdaccio/store': patch
-'docusaurus-plugin-contributors': patch
-'@verdaccio/test-helper': patch
-'verdaccio': patch
-'@verdaccio/web': patch
-'@verdaccio/test-cli-commons': patch
-'@verdaccio/e2e-cli-npm6': patch
-'@verdaccio/e2e-cli-npm7': patch
-'@verdaccio/e2e-cli-npm8': patch
-'@verdaccio/e2e-cli-pnpm6': patch
-'@verdaccio/e2e-cli-pnpm7': patch
-'@verdaccio/e2e-cli-yarn1': patch
-'@verdaccio/e2e-cli-yarn2': patch
-'@verdaccio/e2e-cli-yarn3': patch
-'@verdaccio/e2e-cli-yarn4': patch
---
-
-fix(deps): @verdaccio/utils should be a prod dep of local-storage
--- a/.changeset/few-cooks-destroy.md
+++ b/.changeset/few-cooks-destroy.md
@@ -1,42 +0,0 @@
---
-'@verdaccio/api': major
-'@verdaccio/auth': major
-'@verdaccio/cli': major
-'@verdaccio/config': major
-'@verdaccio/file-locking': major
-'verdaccio-htpasswd': major
-'@verdaccio/local-storage': major
-'@verdaccio/readme': major
-'@verdaccio/streams': major
-'@verdaccio/types': major
-'@verdaccio/hooks': major
-'@verdaccio/loaders': major
-'@verdaccio/logger': major
-'@verdaccio/logger-prettify': major
-'@verdaccio/middleware': major
-'@verdaccio/node-api': major
-'@verdaccio/active-directory': major
-'verdaccio-audit': major
-'verdaccio-auth-memory': major
-'verdaccio-aws-s3-storage': major
-'verdaccio-google-cloud': major
-'verdaccio-memory': major
-'@verdaccio/proxy': major
-'@verdaccio/server': major
-'@verdaccio/store': major
-'@verdaccio/utils': major
-'verdaccio': major
-'@verdaccio/web': major
---
-
-feat!: experiments config renamed to flags
-
- The `experiments` configuration is renamed to `flags`. The functionality is exactly the same.
-
-```js
-flags: token: false;
-search: false;
-```
-
- The `self_path` property from the config file is being removed in favor of `config_file` full path.
- Refactor `config` module, better types and utilities
--- a/.changeset/few-mangos-grow.md
+++ b/.changeset/few-mangos-grow.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': minor
---
-
-upgrade to react@17 and other dependencies
--- a/.changeset/fifty-jars-rest.md
+++ b/.changeset/fifty-jars-rest.md
@@ -1,6 +0,0 @@
---
-'@verdaccio/middleware': patch
-'@verdaccio/web': patch
---
-
-Remove @ts-ignore and any in packages/web/src/endpoint/package.ts
--- a/.changeset/four-ways-try.md
+++ b/.changeset/four-ways-try.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': minor
---
-
-feat: upgrade to react 18
--- a/.changeset/fuzzy-drinks-taste.md
+++ b/.changeset/fuzzy-drinks-taste.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': minor
---
-
-fix: remove engines from ui-theme
--- a/.changeset/fuzzy-onions-draw.md
+++ b/.changeset/fuzzy-onions-draw.md
@@ -1,10 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/server-fastify': minor
-'@verdaccio/hooks': minor
-'@verdaccio/logger-prettify': minor
-'@verdaccio/proxy': minor
-'@verdaccio/store': minor
---
-
-abort search request support for proxy
--- a/.changeset/gentle-parrots-lay.md
+++ b/.changeset/gentle-parrots-lay.md
@@ -1,11 +0,0 @@
---
-'@verdaccio/config': minor
-'@verdaccio/local-storage': minor
-'@verdaccio/e2e-ui': minor
---
-
-Some verdaccio modules depend on 'mkdirp' library which provides recursive directory creation functionality.
-NodeJS can do this out of the box since v.10.12. The last commit in 'mkdirp' was made in early 2016, and it's mid 2021 now.
-Time to stick with a built-in library solution!
-
- All 'mkdirp' calls are replaced with appropriate 'fs' calls.
--- a/.changeset/gentle-trains-switch.md
+++ b/.changeset/gentle-trains-switch.md
@@ -1,41 +0,0 @@
---
-'@verdaccio/api': major
-'@verdaccio/auth': major
-'@verdaccio/cli': major
-'@verdaccio/config': major
-'@verdaccio/file-locking': major
-'verdaccio-htpasswd': major
-'@verdaccio/local-storage': major
-'@verdaccio/readme': major
-'@verdaccio/streams': major
-'@verdaccio/types': major
-'@verdaccio/hooks': major
-'@verdaccio/loaders': major
-'@verdaccio/logger': major
-'@verdaccio/logger-prettify': major
-'@verdaccio/middleware': major
-'@verdaccio/node-api': major
-'@verdaccio/proxy': major
-'@verdaccio/server': major
-'@verdaccio/store': major
-'@verdaccio/utils': major
-'verdaccio': major
-'@verdaccio/web': major
---
-
- Replace signature handler for legacy tokens by removing deprecated crypto.createDecipher by createCipheriv
- Introduce environment variables for legacy tokens
-
-### Code Improvements
-
- Add debug library for improve developer experience
-
-### Breaking change
-
- The new signature invalidates all previous tokens generated by Verdaccio 4 or previous versions.
- The secret key must have 32 characters long.
-
-### New environment variables
-
- `VERDACCIO_LEGACY_ALGORITHM`: Allows to define the specific algorithm for the token signature which by default is `aes-256-ctr`
- `VERDACCIO_LEGACY_ENCRYPTION_KEY`: By default, the token stores in the database, but using this variable allows to get it from memory
--- a/.changeset/gold-vans-tease.md
+++ b/.changeset/gold-vans-tease.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/utils': patch
---
-
-Fixed the validation of the name when searching for a tarball that have scoped package name
--- a/.changeset/green-yaks-divide.md
+++ b/.changeset/green-yaks-divide.md
@@ -1,29 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/cli': minor
-'@verdaccio/core': minor
-'@verdaccio/node-api': minor
-'@verdaccio/server': minor
-'@verdaccio/server-fastify': minor
-'verdaccio': minor
---
-
-chore: env variable for launch fastify
-
- Update fastify to major release `v4.3.0`
- Update CLI launcher
-
-via CLI
-
-```
-VERDACCIO_SERVER=fastify verdaccio
-```
-
-with docker
-
-```
-docker run -it --rm --name verdaccio \
-  -e "VERDACCIO_SERVER=8080" -p 8080:8080 \
-  -e "VERDACCIO_SERVER=fastify" \
-  verdaccio/verdaccio
-```
--- a/.changeset/healthy-bikes-behave.md
+++ b/.changeset/healthy-bikes-behave.md
@@ -1,21 +0,0 @@
---
-'@verdaccio/cli': patch
-'@verdaccio/types': patch
-'@verdaccio/node-api': patch
-'@verdaccio/server': patch
---
-
-fix: restore logger on init
-
-Enable logger after parse configuration and log the very first step on startup phase.
-
-```bash
- warn --- experiments are enabled, it is recommended do not use experiments in production comment out this section to disable it
- info --- support for experiment [token]  is disabled
- info --- support for experiment [search]  is disabled
-(node:50831) Warning: config.logs is deprecated, rename configuration to "config.log"
-(Use `node --trace-warnings ...` to show where the warning was created)
- info --- http address http://localhost:4873/
- info --- version: 6.0.0-6-next.11
- info --- server started
-```
--- a/.changeset/healthy-pants-smash.md
+++ b/.changeset/healthy-pants-smash.md
@@ -1,7 +0,0 @@
---
-'@verdaccio/ui-theme': patch
-'@verdaccio/test-helper': patch
-'@verdaccio/web': patch
---
-
-fix: #3174 set correctly ui values to html render
--- a/.changeset/healthy-poets-compare.md
+++ b/.changeset/healthy-poets-compare.md
@@ -1,11 +0,0 @@
---
-'@verdaccio/config': patch
---
-
-Feature
-
- add option to set storage from environment variable VERDACCIO_STORAGE_PATH
-
-#### Related tickets
-
-https://github.com/verdaccio/verdaccio/issues/1681
--- a/.changeset/heavy-ravens-lay.md
+++ b/.changeset/heavy-ravens-lay.md
@@ -1,6 +0,0 @@
---
-'@verdaccio/cli': minor
-'@verdaccio/server-fastify': minor
---
-
-[Fastify] Add ping endpoint
--- a/.changeset/hip-hounds-destroy.md
+++ b/.changeset/hip-hounds-destroy.md
@@ -1,33 +0,0 @@
---
-'@verdaccio/local-storage': patch
-'@verdaccio/ui-theme': patch
-'@verdaccio/server': patch
-'@verdaccio/api': patch
-'@verdaccio/auth': patch
-'@verdaccio/cli': patch
-'@verdaccio/config': patch
-'@verdaccio/file-locking': patch
-'verdaccio-htpasswd': patch
-'@verdaccio/readme': patch
-'@verdaccio/streams': patch
-'@verdaccio/types': patch
-'@verdaccio/hooks': patch
-'@verdaccio/loaders': patch
-'@verdaccio/logger': patch
-'@verdaccio/logger-prettify': patch
-'@verdaccio/middleware': patch
-'@verdaccio/node-api': patch
-'@verdaccio/active-directory': patch
-'verdaccio-audit': patch
-'verdaccio-auth-memory': patch
-'verdaccio-aws-s3-storage': patch
-'verdaccio-google-cloud': patch
-'verdaccio-memory': patch
-'@verdaccio/proxy': patch
-'@verdaccio/store': patch
-'@verdaccio/utils': patch
-'verdaccio': patch
-'@verdaccio/web': patch
---
-
-chore: add release step to private regisry on merge changeset pr
--- a/.changeset/kind-bears-nail.md
+++ b/.changeset/kind-bears-nail.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
-feat: add types and package module icons on sidebar
--- a/.changeset/late-adults-love.md
+++ b/.changeset/late-adults-love.md
@@ -1,20 +0,0 @@
---
-'@verdaccio/api': minor
-'verdaccio-htpasswd': minor
-'@verdaccio/local-storage': minor
---
-
-feat: remove level dependency by lowdb for npm token cli as storage
-
-### new npm token database
-
-There will be a new database located in your storage named `.token-db.json` which
-will store all references to created tokens, **it does not store tokens**, just
-mask of them and related metadata required to reference them.
-
-#### Breaking change
-
-If you were relying on `npm token` experiment. This PR will replace the
-used database (level) by a json plain based one (lowbd) which does not
-require Node.js C++ compilation step and has less dependencies. Since was
-a experiment there is no migration step.
--- a/.changeset/late-parents-act.md
+++ b/.changeset/late-parents-act.md
@@ -1,6 +0,0 @@
---
-'@verdaccio/hooks': patch
-'@verdaccio/proxy': patch
---
-
-refactor: migrate request to node-fetch at hooks package
--- a/.changeset/light-pumas-brake.md
+++ b/.changeset/light-pumas-brake.md
@@ -1,7 +0,0 @@
---
-'@verdaccio/ui-theme': minor
-'@verdaccio/server-fastify': minor
-'@verdaccio/web': minor
---
-
-feat: parse and sanitize on ui
--- a/.changeset/light-walls-begin.md
+++ b/.changeset/light-walls-begin.md
@@ -1,7 +0,0 @@
---
-'@verdaccio/ui-theme': minor
-'@verdaccio/server': minor
-'@verdaccio/web': minor
---
-
-feat: align with v5 ui endpoints and ui small bugfix
--- a/.changeset/little-stingrays-rule.md
+++ b/.changeset/little-stingrays-rule.md
@@ -1,5 +0,0 @@
---
-'verdaccio-audit': patch
---
-
-fix: several issues which caused the audit to fail (#2335)
--- a/.changeset/loud-shoes-jog.md
+++ b/.changeset/loud-shoes-jog.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
-chore: force publish
--- a/.changeset/lovely-drinks-argue.md
+++ b/.changeset/lovely-drinks-argue.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/loaders': patch
---
-
-always create plugin instance with new
--- a/.changeset/many-vans-care.md
+++ b/.changeset/many-vans-care.md
@@ -1,15 +0,0 @@
---
-'@verdaccio/tarball': patch
-'@verdaccio/ui-theme': patch
-'@verdaccio/server': patch
-'@verdaccio/utils': patch
-'verdaccio': patch
---
-
-Bug Fixes
-
- fix escaped slash in namespaced packages
-
-#### Related tickets
-
-https://github.com/verdaccio/verdaccio/pull/2193
--- a/.changeset/modern-maps-lie.md
+++ b/.changeset/modern-maps-lie.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
-Hide search icon on medium or larger devices
--- a/.changeset/modern-spies-tell.md
+++ b/.changeset/modern-spies-tell.md
@@ -1,6 +0,0 @@
---
-'@verdaccio/ui-theme': minor
-'verdaccio': minor
---
-
-feat: ui theme plugin part of the application
--- a/.changeset/moody-clocks-roll.md
+++ b/.changeset/moody-clocks-roll.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/cli': patch
---
-
-fix: version with breakline
--- a/.changeset/neat-toes-report.md
+++ b/.changeset/neat-toes-report.md
@@ -1,48 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/auth': minor
-'@verdaccio/cli': minor
-'@verdaccio/config': minor
-'@verdaccio/file-locking': minor
-'verdaccio-htpasswd': minor
-'@verdaccio/local-storage': minor
-'@verdaccio/readme': minor
-'@verdaccio/streams': minor
-'@verdaccio/types': minor
-'@verdaccio/hooks': minor
-'@verdaccio/loaders': minor
-'@verdaccio/logger': minor
-'@verdaccio/logger-prettify': minor
-'@verdaccio/middleware': minor
-'@verdaccio/node-api': minor
-'@verdaccio/active-directory': minor
-'verdaccio-audit': minor
-'verdaccio-auth-memory': minor
-'verdaccio-aws-s3-storage': minor
-'verdaccio-google-cloud': minor
-'verdaccio-memory': minor
-'@verdaccio/ui-theme': minor
-'@verdaccio/proxy': minor
-'@verdaccio/server': minor
-'@verdaccio/store': minor
-'@verdaccio/utils': minor
-'verdaccio': minor
-'@verdaccio/web': minor
---
-
-feat: add server rate limit protection to all request
-
-To modify custom values, use the server settings property.
-
-```markdown
-server:
-
-## https://www.npmjs.com/package/express-rate-limit#configuration-options
-
-rateLimit:
-windowMs: 1000
-max: 10000
-```
-
-The values are intended to be high, if you want to improve security of your server consider
-using different values.
--- a/.changeset/neat-toys-float.md
+++ b/.changeset/neat-toys-float.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
-fix: replace ts icon by td and fix commonjs icon
--- a/.changeset/olive-candles-speak.md
+++ b/.changeset/olive-candles-speak.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': minor
---
-
-feat: integrate rematch for ui state storage
--- a/.changeset/orange-flowers-cover.md
+++ b/.changeset/orange-flowers-cover.md
@@ -1,43 +0,0 @@
---
-'@verdaccio/config': minor
-'@verdaccio/types': minor
-'@verdaccio/ui-theme': minor
---
-
-feat: rework web header for mobile, add new settings and raw manifest button
-
-### New set of variables to hide features
-
-Add set of new variables that allow hide different parts of the UI, buttons, footer or download tarballs. _All are
-enabled by default_.
-
-```yaml
-# login: true <-- already exist but worth the reminder
-# showInfo: true
-# showSettings: true
-# In combination with darkMode you can force specific theme
-# showThemeSwitch: true
-# showFooter: true
-# showSearch: true
-# showDownloadTarball: true
-```
-
-> If you disable `showThemeSwitch` and force `darkMode: true` the local storage settings would be
-> ignored and force all themes to the one in the configuration file.
-
-Future could be extended to
-
-### Raw button to display manifest package
-
-A new experimental feature (enabled by default), button named RAW to be able navigate on the package manifest directly on the ui, kudos to [react-json-view](https://www.npmjs.com/package/react-json-view) that allows an easy integration, not configurable yet until get more feedback.
-
-```yaml
-showRaw: true
-```
-
-#### Rework header buttons
-
- The header has been rework, the mobile was not looking broken.
- Removed info button in the header and moved to a dialog
- Info dialog now contains more information about the project, license and the aid content for Ukrania now is inside of the info modal.
- Separate settings and info to avoid collapse too much info (for mobile still need some work)
--- a/.changeset/perfect-candles-clap.md
+++ b/.changeset/perfect-candles-clap.md
@@ -1,34 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/auth': minor
-'@verdaccio/cli': minor
-'@verdaccio/config': minor
-'@verdaccio/core': minor
-'verdaccio-htpasswd': minor
-'@verdaccio/local-storage': minor
-'@verdaccio/server-fastify': minor
-'@verdaccio/tarball': minor
-'@verdaccio/types': minor
-'@verdaccio/url': minor
-'@verdaccio/hooks': minor
-'@verdaccio/loaders': minor
-'@verdaccio/logger': minor
-'@verdaccio/middleware': minor
-'@verdaccio/node-api': minor
-'@verdaccio/active-directory': minor
-'verdaccio-auth-memory': minor
-'verdaccio-aws-s3-storage': minor
-'verdaccio-google-cloud': minor
-'verdaccio-memory': minor
-'@verdaccio/ui-theme': minor
-'@verdaccio/proxy': minor
-'@verdaccio/server': minor
-'@verdaccio/cli-standalone': minor
-'@verdaccio/store': minor
-'@verdaccio/utils': minor
-'verdaccio': minor
-'@verdaccio/web': minor
-'@verdaccio/e2e-ui': minor
---
-
-refactor: remove @verdaccio/commons-api in favor @verdaccio/core and remove duplications
--- a/.changeset/perfect-emus-clean.md
+++ b/.changeset/perfect-emus-clean.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/cli': major
---
-
-feat: node 14 as minimum for running cli
--- a/.changeset/perfect-kangaroos-agree.md
+++ b/.changeset/perfect-kangaroos-agree.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/cli': major
---
-
-feat: use clipanion over commander
--- a/.changeset/plenty-news-remember.md
+++ b/.changeset/plenty-news-remember.md
@@ -1,30 +0,0 @@
---
-'@verdaccio/auth': major
-'verdaccio-htpasswd': major
-'verdaccio-audit': major
-'@verdaccio/server': major
-'@verdaccio/cli-standalone': major
---
-
-feat: standalone registry with no dependencies
-
-## Usage
-
-To install a server with no dependencies
-
-```bash
-npm install -g @verdaccio/standalone
-```
-
-with no internet required
-
-```bash
-npm install -g ./tarball.tar.gz
-```
-
-Bundles htpasswd and audit plugins.
-
-### Breaking Change
-
-It does not allow anymore the `auth` and `middleware` property at config file empty,
-it will fallback to those plugins by default.
--- a/.changeset/plenty-spiders-melt.md
+++ b/.changeset/plenty-spiders-melt.md
@@ -1,32 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/auth': minor
-'@verdaccio/cli': minor
-'@verdaccio/config': minor
-'@verdaccio/file-locking': minor
-'verdaccio-htpasswd': minor
-'@verdaccio/local-storage': minor
-'@verdaccio/readme': minor
-'@verdaccio/streams': minor
-'@verdaccio/types': minor
-'@verdaccio/hooks': minor
-'@verdaccio/loaders': minor
-'@verdaccio/logger': minor
-'@verdaccio/logger-prettify': minor
-'@verdaccio/middleware': minor
-'@verdaccio/node-api': minor
-'@verdaccio/proxy': minor
-'@verdaccio/server': minor
-'@verdaccio/store': minor
-'@verdaccio/utils': minor
-'verdaccio': minor
-'@verdaccio/web': minor
---
-
-feat: add typescript project references settings
-
-Reading https://ebaytech.berlin/optimizing-multi-package-apps-with-typescript-project-references-d5c57a3b4440 I realized I can use project references to solve the issue to pre-compile modules on develop mode.
-
-It allows to navigate (IDE) trough the packages without need compile the packages.
-
-Add two `tsconfig`, one using the previous existing configuration that is able to produce declaration files (`tsconfig.build`) and a new one `tsconfig` which is enables [_projects references_](https://www.typescriptlang.org/docs/handbook/project-references.html).
--- a/.changeset/plenty-tables-refuse.md
+++ b/.changeset/plenty-tables-refuse.md
@@ -1,6 +0,0 @@
---
-'@verdaccio/cli': minor
-'@verdaccio/node-api': minor
---
-
-feat: improve cli loggin on start up
--- a/.changeset/pre.json
+++ b/.changeset/pre.json
@@ -1,150 +1,66 @@
 {
  "mode": "pre",
-  "tag": "6-next",
+  "tag": "next",
  "initialVersions": {
-    "@verdaccio/api": "6.0.0-alpha.0",
-    "@verdaccio/auth": "6.0.0-alpha.0",
-    "@verdaccio/cli": "6.0.0-alpha.0",
-    "@verdaccio/config": "6.0.0-alpha.0",
-    "@verdaccio/file-locking": "11.0.0-alpha.0",
-    "verdaccio-htpasswd": "11.0.0-alpha.0",
-    "@verdaccio/local-storage": "11.0.0-alpha.0",
-    "@verdaccio/types": "11.0.0-alpha.0",
-    "@verdaccio/hooks": "6.0.0-alpha.0",
-    "@verdaccio/loaders": "6.0.0-alpha.0",
-    "@verdaccio/logger": "6.0.0-alpha.0",
-    "@verdaccio/logger-prettify": "6.0.0-alpha.0",
-    "@verdaccio/middleware": "6.0.0-alpha.0",
-    "@verdaccio/node-api": "6.0.0-alpha.0",
-    "@verdaccio/proxy": "6.0.0-alpha.0",
-    "@verdaccio/server": "6.0.0-alpha.0",
-    "@verdaccio/store": "6.0.0-alpha.0",
-    "@verdaccio/dev-types": "6.0.0-alpha.0",
-    "@verdaccio/utils": "6.0.0-alpha.0",
-    "verdaccio": "6.0.0-alpha.0",
-    "@verdaccio/web": "6.0.0-alpha.0",
-    "@verdaccio/active-directory": "11.0.0-alpha.0",
-    "verdaccio-audit": "11.0.0-alpha.0",
-    "verdaccio-auth-memory": "11.0.0-alpha.0",
-    "verdaccio-aws-s3-storage": "11.0.0-alpha.0",
-    "verdaccio-google-cloud": "11.0.0-alpha.0",
-    "verdaccio-memory": "11.0.0-alpha.0",
-    "@verdaccio/ui-theme": "6.0.0-alpha.1",
-    "@verdaccio/cli-standalone": "6.0.0-alpha.3",
-    "@verdaccio/tarball": "11.0.0-alpha.3",
-    "@verdaccio/url": "11.0.0-alpha.3",
-    "@verdaccio/server-fastify": "6.0.0-6-next.9",
-    "@verdaccio/eslint-config": "1.0.0",
-    "@verdaccio/benchmark": "1.0.0",
-    "@verdaccio/core": "6.0.0-next.0",
-    "@verdaccio/test-helper": "1.0.0",
-    "docusaurus-plugin-contributors": "1.0.0",
-    "@verdaccio/website": "5.4.0",
-    "@verdaccio/test-cli-commons": "1.0.1-6-next.1",
-    "@verdaccio/e2e-cli-npm6": "1.0.1-6-next.1",
-    "@verdaccio/e2e-cli-npm7": "1.0.1-6-next.1",
-    "@verdaccio/e2e-cli-npm8": "1.0.1-6-next.1",
-    "@verdaccio/e2e-cli-pnpm6": "1.0.1-6-next.1",
-    "@verdaccio/e2e-cli-pnpm7": "1.0.1-6-next.1",
-    "@verdaccio/e2e-cli-yarn1": "1.0.1-6-next.1",
-    "@verdaccio/e2e-cli-yarn2": "1.0.1-6-next.1",
-    "@verdaccio/e2e-cli-yarn3": "1.0.1-6-next.1",
-    "@verdaccio/e2e-cli-yarn4": "1.0.1-6-next.1",
-    "@verdaccio/local-publish": "0.0.1",
-    "@verdaccio/e2e-cli-npm9": "1.0.1-6-next.5",
-    "@verdaccio/e2e-ui": "2.0.0-6-next.3",
-    "customprefix-auth": "0.0.1",
-    "@verdaccio/crowdin-translations": "1.0.0"
+    "@verdaccio/test-cli-commons": "1.1.0",
+    "@verdaccio/e2e-cli-npm6": "1.0.1",
+    "@verdaccio/e2e-cli-npm7": "1.0.1",
+    "@verdaccio/e2e-cli-npm8": "1.0.1",
+    "@verdaccio/e2e-cli-npm9": "1.0.1",
+    "@verdaccio/e2e-cli-pnpm6": "1.0.1",
+    "@verdaccio/e2e-cli-pnpm7": "1.0.1",
+    "@verdaccio/e2e-cli-pnpm8": "1.0.1",
+    "@verdaccio/e2e-cli-yarn1": "1.0.1",
+    "@verdaccio/e2e-cli-yarn2": "1.0.1",
+    "@verdaccio/e2e-cli-yarn3": "1.0.1",
+    "@verdaccio/e2e-cli-yarn4": "1.0.1",
+    "@verdaccio/e2e-ui": "2.0.0",
+    "@verdaccio/api": "6.0.0",
+    "@verdaccio/auth": "6.0.0",
+    "@verdaccio/cli": "6.0.0",
+    "@verdaccio/config": "6.0.0",
+    "@verdaccio/core": "6.0.0",
+    "@verdaccio/file-locking": "11.0.0",
+    "@verdaccio/tarball": "11.0.0",
+    "@verdaccio/types": "11.0.0",
+    "@verdaccio/url": "11.0.0",
+    "@verdaccio/hooks": "6.0.0",
+    "@verdaccio/loaders": "6.0.0",
+    "@verdaccio/logger": "6.0.0",
+    "@verdaccio/logger-7": "6.0.0",
+    "@verdaccio/logger-commons": "6.0.0",
+    "@verdaccio/logger-prettify": "6.0.0",
+    "@verdaccio/middleware": "6.0.0",
+    "@verdaccio/node-api": "6.0.0",
+    "verdaccio-audit": "11.0.0",
+    "verdaccio-auth-memory": "11.0.0",
+    "verdaccio-htpasswd": "11.0.0",
+    "@verdaccio/local-storage": "11.0.0",
+    "verdaccio-memory": "11.0.0",
+    "@verdaccio/ui-theme": "6.0.0",
+    "@verdaccio/proxy": "6.0.0",
+    "@verdaccio/search": "6.0.0",
+    "@verdaccio/server": "6.0.0",
+    "@verdaccio/server-fastify": "6.0.0",
+    "@verdaccio/signature": "6.0.0",
+    "@verdaccio/cli-standalone": "6.0.0",
+    "@verdaccio/store": "6.0.0",
+    "docusaurus-plugin-contributors": "1.0.1",
+    "@verdaccio/eslint-config": "2.0.0",
+    "@verdaccio/test-helper": "2.0.0",
+    "@verdaccio/crowdin-translations": "1.0.0",
+    "customprefix-auth": "1.0.0",
+    "@verdaccio/ui-components": "2.0.0",
+    "@verdaccio/utils": "6.0.0",
+    "verdaccio": "6.0.0",
+    "@verdaccio/web": "6.0.0",
+    "@verdaccio/website": "5.20.2",
+    "@verdaccio/local-publish": "0.0.1"
  },
  "changesets": [
-    "afraid-mice-obey",
-    "angry-nails-appear",
-    "big-lobsters-sin",
-    "bright-poems-obey",
-    "brown-cycles-laugh",
-    "brown-pandas-wink",
-    "calm-pants-impress",
-    "chilled-ways-fetch",
-    "chilly-glasses-occur",
-    "clever-pugs-warn",
-    "dry-planes-tap",
-    "dull-monkeys-search",
-    "early-jokes-nail",
-    "eleven-brooms-hunt",
-    "eleven-spoons-matter",
-    "fair-lemons-beam",
-    "famous-tigers-doubt",
-    "few-cooks-destroy",
-    "few-mangos-grow",
-    "fifty-jars-rest",
-    "four-ways-try",
-    "fuzzy-drinks-taste",
-    "fuzzy-onions-draw",
-    "gentle-parrots-lay",
-    "gentle-trains-switch",
-    "gold-vans-tease",
-    "green-yaks-divide",
-    "healthy-bikes-behave",
-    "healthy-pants-smash",
-    "healthy-poets-compare",
-    "heavy-ravens-lay",
-    "hip-hounds-destroy",
-    "kind-bears-nail",
-    "late-adults-love",
-    "late-parents-act",
-    "light-pumas-brake",
-    "light-walls-begin",
-    "little-stingrays-rule",
-    "loud-shoes-jog",
-    "lovely-drinks-argue",
-    "many-vans-care",
-    "modern-maps-lie",
-    "modern-spies-tell",
-    "moody-clocks-roll",
-    "neat-toes-report",
-    "neat-toys-float",
-    "olive-candles-speak",
-    "orange-flowers-cover",
-    "perfect-candles-clap",
-    "perfect-emus-clean",
-    "perfect-kangaroos-agree",
-    "plenty-news-remember",
-    "plenty-spiders-melt",
-    "plenty-tables-refuse",
-    "pretty-hounds-tap",
-    "proud-jeans-walk",
-    "proud-jobs-hope",
-    "red-chefs-float",
-    "red-yaks-sell",
-    "rich-badgers-begin",
-    "rich-ghosts-rule",
-    "shaggy-carrots-unite",
-    "shaggy-parrots-smash",
-    "shiny-chefs-heal",
-    "shy-ducks-cover",
-    "slow-carrots-relate",
-    "slow-snails-sniff",
-    "smart-apricots-kneel",
-    "smart-beds-cross",
-    "smooth-owls-pump",
-    "sour-buses-shout",
-    "sour-maps-live",
-    "spicy-frogs-press",
-    "spicy-snakes-sip",
-    "strange-ladybugs-nail",
-    "swift-pumpkins-knock",
-    "ten-parents-breathe",
-    "tender-bags-call",
-    "thick-countries-move",
-    "thick-geese-wash",
-    "thick-readers-hang",
-    "three-moles-drop",
-    "three-pots-sit",
-    "tiny-seals-join",
-    "tricky-taxis-watch",
-    "two-dolls-check",
-    "unlucky-hairs-wonder",
-    "wild-jokes-beam",
-    "witty-ties-speak"
+    "angry-trees-tie",
+    "breezy-mayflies-pull",
+    "chilled-carrots-guess",
+    "shiny-worms-retire"
  ]
 }
--- a/.changeset/pretty-hounds-tap.md
+++ b/.changeset/pretty-hounds-tap.md
@@ -1,26 +0,0 @@
---
-'@verdaccio/api': patch
-'@verdaccio/auth': patch
-'@verdaccio/cli': patch
-'@verdaccio/config': patch
-'@verdaccio/file-locking': patch
-'verdaccio-htpasswd': patch
-'@verdaccio/local-storage': patch
-'@verdaccio/readme': patch
-'@verdaccio/streams': patch
-'@verdaccio/types': patch
-'@verdaccio/hooks': patch
-'@verdaccio/loaders': patch
-'@verdaccio/logger': patch
-'@verdaccio/logger-prettify': patch
-'@verdaccio/middleware': patch
-'@verdaccio/node-api': patch
-'@verdaccio/proxy': patch
-'@verdaccio/server': patch
-'@verdaccio/store': patch
-'@verdaccio/utils': patch
-'verdaccio': patch
-'@verdaccio/web': patch
---
-
-Enable prerelease mode with **changesets**
--- a/.changeset/proud-jeans-walk.md
+++ b/.changeset/proud-jeans-walk.md
@@ -1,9 +0,0 @@
---
-'verdaccio-htpasswd': patch
-'@verdaccio/local-storage': patch
-'@verdaccio/server-fastify': patch
-'@verdaccio/hooks': patch
-'@verdaccio/node-api': patch
---
-
-Added core-js missing from dependencies though referenced in .js sources
--- a/.changeset/proud-jobs-hope.md
+++ b/.changeset/proud-jobs-hope.md
@@ -1,42 +0,0 @@
---
-'@verdaccio/api': major
-'@verdaccio/cli': major
-'@verdaccio/config': major
-'@verdaccio/core': major
-'@verdaccio/types': major
-'@verdaccio/logger': major
-'@verdaccio/node-api': major
-'verdaccio-aws-s3-storage': major
-'verdaccio-google-cloud': major
-'verdaccio-htpasswd': major
-'@verdaccio/local-storage': major
-'verdaccio-memory': major
-'@verdaccio/ui-theme': major
-'@verdaccio/proxy': major
-'@verdaccio/server': major
-'verdaccio': major
-'@verdaccio/web': major
---
-
-feat!: config.logs throw an error, logging config not longer accept array or logs property
-
-### 💥 Breaking change
-
-This is valid
-
-```yaml
-log: { type: stdout, format: pretty, level: http }
-```
-
-This is invalid
-
-```yaml
-logs: { type: stdout, format: pretty, level: http }
-```
-
-or
-
-```yaml
-logs:
-  - [{ type: stdout, format: pretty, level: http }]
-```
--- a/.changeset/red-chefs-float.md
+++ b/.changeset/red-chefs-float.md
@@ -1,11 +0,0 @@
---
-'@verdaccio/store': patch
-'@verdaccio/web': patch
---
-
-Fix the search by exact name of the package
-
-Full package name queries was not finding anithing. It was happening
-becouse of stemmer of [lunr.js](https://lunrjs.com/).
-
-To fix this, the stemmer of [lunr.js](https://lunrjs.com/) was removed from search pipeline.
--- a/.changeset/red-yaks-sell.md
+++ b/.changeset/red-yaks-sell.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/logger': patch
---
-
-Fix re-opening log files using SIGUSR2
--- a/.changeset/rich-badgers-begin.md
+++ b/.changeset/rich-badgers-begin.md
@@ -1,9 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/url': minor
-'@verdaccio/store': minor
-'@verdaccio/test-helper': minor
-'verdaccio': minor
---
-
-refactor: npm star command support reimplemented
--- a/.changeset/rich-ghosts-rule.md
+++ b/.changeset/rich-ghosts-rule.md
@@ -1,8 +0,0 @@
---
-'@verdaccio/types': major
-'@verdaccio/ui-theme': major
-'@verdaccio/web': major
-'@verdaccio/e2e-ui': major
---
-
-feat: upgrade to material ui 5
--- a/.changeset/shaggy-carrots-unite.md
+++ b/.changeset/shaggy-carrots-unite.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/logger': patch
---
-
-do not show deprecation warning on default logger config
--- a/.changeset/shaggy-parrots-smash.md
+++ b/.changeset/shaggy-parrots-smash.md
@@ -1,8 +0,0 @@
---
-'@verdaccio/cli': minor
-'@verdaccio/core': minor
-'@verdaccio/logger': minor
-'@verdaccio/node-api': minor
---
-
-feat: use warning codes for deprecation warnings
--- a/.changeset/shiny-chefs-heal.md
+++ b/.changeset/shiny-chefs-heal.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/api': patch
---
-
-testing changesets
--- a/.changeset/shiny-worms-retire.md
+++ b/.changeset/shiny-worms-retire.md
@@ -0,0 +1,5 @@
+---
+'@verdaccio/search': patch
+---
+
+fix: keyword undefined errors
--- a/.changeset/shy-ducks-cover.md
+++ b/.changeset/shy-ducks-cover.md
@@ -1,13 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/auth': minor
-'@verdaccio/config': minor
-'@verdaccio/core': minor
-'@verdaccio/types': minor
-'@verdaccio/server-fastify': minor
-'@verdaccio/store': minor
-'@verdaccio/utils': minor
-'@verdaccio/web': minor
---
-
-feat: add passwordValidationRegex property
--- a/.changeset/slow-carrots-relate.md
+++ b/.changeset/slow-carrots-relate.md
@@ -1,6 +0,0 @@
---
-'@verdaccio/config': minor
-'@verdaccio/web': minor
---
-
-feat(web): add a config item to web，let the developer can select whet……her enable the html cache
--- a/.changeset/slow-snails-sniff.md
+++ b/.changeset/slow-snails-sniff.md
@@ -1,7 +0,0 @@
---
-'@verdaccio/api': patch
-'@verdaccio/ui-theme': patch
-'@verdaccio/web': patch
---
-
-fix: improve abort request search
--- a/.changeset/smart-apricots-kneel.md
+++ b/.changeset/smart-apricots-kneel.md
@@ -1,79 +0,0 @@
---
-'@verdaccio/ui-theme': major
-'@verdaccio/cli-standalone': major
-'@verdaccio/web': major
---
-
-feat: flexible user interface generator
-
-**breaking change**
-
-The UI does not provide a pre-generated `index.html`, instead the server generates
-the body of the web application based in few parameters:
-
- Webpack manifest
- User configuration details
-
-It allows inject html tags, javascript and new CSS to make the page even more flexible.
-
-### Web new properties for dynamic template
-
-The new set of properties are made in order allow inject _html_ and _JavaScript_ scripts within the template. This
-might be useful for scenarios like Google Analytics scripts or custom html in any part of the body.
-
- metaScripts: html injected before close the `head` element.
- scriptsBodyAfter: html injected before close the `body` element.
- bodyAfter: html injected after _verdaccio_ JS scripts.
-
-```yaml
-web:
-  scriptsBodyAfter:
-    - '<script type="text/javascript" src="https://my.company.com/customJS.min.js"></script>'
-  metaScripts:
-    - '<script type="text/javascript" src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>'
-    - '<script type="text/javascript" src="https://browser.sentry-cdn.com/5.15.5/bundle.min.js"></script>'
-    - '<meta name="robots" content="noindex" />'
-  bodyBefore:
-    - '<div id="myId">html before webpack scripts</div>'
-  bodyAfter:
-    - '<div id="myId">html after webpack scripts</div>'
-```
-
-### UI plugin changes
-
- `index.html` is not longer used, template is generated based on `manifest.json` generated by webpack.
- Plugin must export:
-  - the manifest file.
-  - the manifest files: matcher (array of id that generates required scripts to run the ui)
-  - static path: The absolute path where the files are located in `node_modules`
-
-```
-exports.staticPath = path.join(__dirname, 'static');
-exports.manifest = require('./static/manifest.json');
-exports.manifestFiles = {
-  js: ['runtime.js', 'vendors.js', 'main.js'],
-  css: [],
-  ico: 'favicon.ico',
-};
-```
-
- Remove font files
- CSS is inline on JS (this will help with #2046)
-
-### Docker v5 Examples
-
- Move all current examples to v4 folder
- Remove any v3 example
- Create v5 folder with Nginx Example
-
-#### Related tickets
-
-https://github.com/verdaccio/verdaccio/issues/1523
-https://github.com/verdaccio/verdaccio/issues/1297
-https://github.com/verdaccio/verdaccio/issues/1593
-https://github.com/verdaccio/verdaccio/discussions/1539
-https://github.com/verdaccio/website/issues/264
-https://github.com/verdaccio/verdaccio/issues/1565
-https://github.com/verdaccio/verdaccio/issues/1251
-https://github.com/verdaccio/verdaccio/issues/2029
-https://github.com/verdaccio/docker-examples/issues/29
--- a/.changeset/smart-beds-cross.md
+++ b/.changeset/smart-beds-cross.md
@@ -1,20 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/config': minor
-'@verdaccio/core': minor
-'@verdaccio/types': minor
-'@verdaccio/local-storage': minor
-'@verdaccio/ui-theme': minor
-'@verdaccio/proxy': minor
-'@verdaccio/server': minor
-'@verdaccio/store': minor
-'@verdaccio/test-helper': minor
-'@verdaccio/web': minor
---
-
-feat: ui search support for remote, local and private packages
-
-The command `npm search` search globally and return all matches, with this improvement the user interface
-is powered with the same capabilities.
-
-The UI also tag where is the origin the package with a tag, also provide the latest version and description of the package.
--- a/.changeset/smooth-owls-pump.md
+++ b/.changeset/smooth-owls-pump.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
-ui: basic grammatical fixes in the Ukraine Message
--- a/.changeset/sour-buses-shout.md
+++ b/.changeset/sour-buses-shout.md
@@ -1,10 +0,0 @@
---
-'@verdaccio/server-fastify': minor
-'@verdaccio/store': minor
-'@verdaccio/utils': minor
-'@verdaccio/web': minor
---
-
-feat: migrate web sidebar endpoint to fastify
-
-reuse utils methods between packages
--- a/.changeset/sour-maps-live.md
+++ b/.changeset/sour-maps-live.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
-Add links to "Current Tags" and sort them in descending order
--- a/.changeset/spicy-frogs-press.md
+++ b/.changeset/spicy-frogs-press.md
@@ -1,32 +0,0 @@
---
-'verdaccio-htpasswd': major
---
-
-feat: allow other password hashing algorithms (#1917)
-
-**breaking change**
-
-The current implementation of the `htpasswd` module supports multiple hash formats on verify, but only `crypt` on sign in.
-`crypt` is an insecure old format, so to improve the security of the new `verdaccio` release we introduce the support of multiple hash algorithms on sign in step.
-
-### New hashing algorithms
-
-The new possible hash algorithms to use are `bcrypt`, `md5`, `sha1`. `bcrypt` is chosen as a default, because of its customizable complexity and overall reliability. You can read more about them [here](https://httpd.apache.org/docs/2.4/misc/password_encryptions.html).
-
-Two new properties are added to `auth` section in the configuration file:
-
- `algorithm` to choose the way you want to hash passwords.
- `rounds` is used to determine `bcrypt` complexity. So one can improve security according to increasing computational power.
-
-Example of the new `auth` config file section:
-
-```yaml
-auth:
-htpasswd:
-  file: ./htpasswd
-  max_users: 1000
-  # Hash algorithm, possible options are: "bcrypt", "md5", "sha1", "crypt".
-  algorithm: bcrypt
-  # Rounds number for "bcrypt", will be ignored for other algorithms.
-  rounds: 10
-```
--- a/.changeset/spicy-snakes-sip.md
+++ b/.changeset/spicy-snakes-sip.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
-fix: specific version package detail page not showing
--- a/.changeset/strange-ladybugs-nail.md
+++ b/.changeset/strange-ladybugs-nail.md
@@ -1,9 +0,0 @@
---
-'@verdaccio/types': minor
---
-
-feat: add dist.signatures to core/types
-
-According to [`npm`](https://docs.npmjs.com/about-registry-signatures): _"Signatures are provided in the package's `packument` in each published version within the `dist` object"_
-
-Here's an [example of a package version from the public npm registry with `dist.signatures`](https://registry.npmjs.org/light-cycle/1.4.3).
--- a/.changeset/swift-pumpkins-knock.md
+++ b/.changeset/swift-pumpkins-knock.md
@@ -1,6 +0,0 @@
---
-'@verdaccio/auth': patch
-'verdaccio-htpasswd': patch
---
-
-Refactor htpasswd plugin to use the bcryptjs 'compare' api call instead of 'comparSync'. Add a new configuration value named 'slow_verify_ms' to the htpasswd plugin that when exceeded during password verification will log a warning message.
--- a/.changeset/ten-parents-breathe.md
+++ b/.changeset/ten-parents-breathe.md
@@ -1,7 +0,0 @@
---
-'@verdaccio/auth': minor
-'@verdaccio/server-fastify': minor
-'@verdaccio/web': minor
---
-
-dist tags Implementation on Fastify
--- a/.changeset/tender-bags-call.md
+++ b/.changeset/tender-bags-call.md
@@ -1,9 +0,0 @@
---
-'@verdaccio/logger': major
---
-
-logging prettifier only in development mode
-
- Verdaccio prettify `@verdaccio/logger-prettify` the logging which looks beautiful. But there are scenarios which does not make sense in production. This feature enables disable by default the prettifies if production `NODE_ENV` is enabled.
- Updates pino.js to `^6.7.0`.
- Suppress the warning when prettifier is enabled `suppressFlushSyncWarning`
--- a/.changeset/thick-countries-move.md
+++ b/.changeset/thick-countries-move.md
@@ -1,6 +0,0 @@
---
-'@verdaccio/logger': major
-'@verdaccio/logger-prettify': major
---
-
-feat: upgrade to pino v7
--- a/.changeset/thick-geese-wash.md
+++ b/.changeset/thick-geese-wash.md
@@ -1,21 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/auth': minor
-'@verdaccio/config': minor
-'@verdaccio/core': minor
-'@verdaccio/url': minor
-'@verdaccio/middleware': minor
-'@verdaccio/local-storage': minor
-'@verdaccio/web': minor
---
-
-chore: move improvements from v5 to v6
-
-Migrate improvements form v5 to v6:
-
- https://github.com/verdaccio/verdaccio/pull/3158
- https://github.com/verdaccio/verdaccio/pull/3151
- https://github.com/verdaccio/verdaccio/pull/2271
- https://github.com/verdaccio/verdaccio/pull/2787
- https://github.com/verdaccio/verdaccio/pull/2791
- https://github.com/verdaccio/verdaccio/pull/2205
--- a/.changeset/thick-readers-hang.md
+++ b/.changeset/thick-readers-hang.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
-fix: fixes some style issues on mobile, particularly related to the Ukraine support message - [@s-h-a-d-o-w](https://github.com/s-h-a-d-o-w)
--- a/.changeset/three-moles-drop.md
+++ b/.changeset/three-moles-drop.md
@@ -1,7 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/store': minor
-'@verdaccio/utils': minor
---
-
-refactor: improve versions and dist-tag filters
--- a/.changeset/three-pots-sit.md
+++ b/.changeset/three-pots-sit.md
@@ -1,30 +0,0 @@
---
-'@verdaccio/api': patch
-'@verdaccio/auth': patch
-'@verdaccio/cli': patch
-'@verdaccio/config': patch
-'@verdaccio/file-locking': patch
-'verdaccio-htpasswd': patch
-'@verdaccio/local-storage': patch
-'@verdaccio/readme': patch
-'@verdaccio/types': patch
-'@verdaccio/hooks': patch
-'@verdaccio/loaders': patch
-'@verdaccio/logger': patch
-'@verdaccio/logger-prettify': patch
-'@verdaccio/middleware': patch
-'@verdaccio/node-api': patch
-'@verdaccio/proxy': patch
-'@verdaccio/server': patch
-'@verdaccio/store': patch
-'@verdaccio/utils': patch
-'verdaccio': patch
---
-
-ESLint Warnings Fixed
-
-Related to issue #1461
-
- max-len: most of the sensible max-len errors are fixed
- no-unused-vars: most of these types of errors are fixed by deleting not needed declarations
- @typescript-eslint/no-unused-vars: same as above
--- a/.changeset/tiny-seals-join.md
+++ b/.changeset/tiny-seals-join.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': minor
---
-
-feat: improve registry info dialog and language switch
--- a/.changeset/tricky-taxis-watch.md
+++ b/.changeset/tricky-taxis-watch.md
@@ -1,28 +0,0 @@
---
-'@verdaccio/api': minor
-'@verdaccio/types': minor
-'@verdaccio/local-storage': minor
-'@verdaccio/server-fastify': minor
-'@verdaccio/store': minor
-'@verdaccio/test-helper': minor
-'@verdaccio/web': minor
---
-
-feat: implement abbreviated manifest
-
-Enable abbreviated manifest data by adding the header:
-
-```
-curl -H "Accept: application/vnd.npm.install-v1+json" https://registry.npmjs.org/verdaccio
-```
-
-It returns a filtered manifest, additionally includes the [time](https://github.com/pnpm/rfcs/pull/2) field by request.
-
-Current support for packages managers:
-
- npm: yes
- pnpm: yes
- yarn classic: yes
- yarn modern (+2.x): [no](https://github.com/yarnpkg/berry/pull/3981#issuecomment-1076566096)
-
-https://github.com/npm/registry/blob/master/docs/responses/package-metadata.md#abbreviated-metadata-format
--- a/.changeset/two-dolls-check.md
+++ b/.changeset/two-dolls-check.md
@@ -1,28 +0,0 @@
---
-'@verdaccio/cli': major
-'@verdaccio/config': major
-'@verdaccio/types': major
-'@verdaccio/logger': major
-'@verdaccio/node-api': major
-'verdaccio-google-cloud': major
-'verdaccio': major
---
-
-feat: node api new structure based on promise
-
-```js
-import { runServer } from '@verdaccio/node-api';
-// or
-import { runServer } from 'verdaccio';
-
-const app = await runServer(); // default configuration
-const app = await runServer('./config/config.yaml');
-const app = await runServer({ configuration });
-app.listen(4000, (event) => {
-  // do something
-});
-```
-
-### Breaking Change
-
-If you are using the node-api, the new structure is Promise based and less arguments.
--- a/.changeset/unlucky-hairs-wonder.md
+++ b/.changeset/unlucky-hairs-wonder.md
@@ -1,5 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
-feat: Display publication time on sidebar
--- a/.changeset/wild-jokes-beam.md
+++ b/.changeset/wild-jokes-beam.md
@@ -1,32 +0,0 @@
---
-'@verdaccio/types': minor
-'@verdaccio/ui-theme': minor
-'@verdaccio/web': minor
---
-
-web: allow ui hide package managers on sidebar
-
-If there is a package manager of preference over others, you can define the package managers to be displayed on the detail page and sidebar, just define in the `config.yaml` and web section the list of package managers to be displayed.
-
-```
-web:
-  title: Verdaccio
-  sort_packages: asc
-  primary_color: #cccccc
-  pkgManagers:
-    - pnpm
-    - yarn
-    # - npm
-```
-
-To disable all package managers, just define empty:
-
-```
-web:
-  title: Verdaccio
-  sort_packages: asc
-  primary_color: #cccccc
-  pkgManagers:
-```
-
-and the section would be hidden.
--- a/.changeset/witty-ties-speak.md
+++ b/.changeset/witty-ties-speak.md
@@ -1,11 +0,0 @@
---
-'@verdaccio/api': patch
-'@verdaccio/cli': patch
-'@verdaccio/core': patch
-'@verdaccio/types': patch
-'@verdaccio/store': patch
-'@verdaccio/test-helper': patch
-'@verdaccio/local-publish': patch
---
-
-fix: handle upload scoped tarball
--- a/.eslintignore
+++ b/.eslintignore
@@ -14,3 +14,7 @@ test/functional/store/*
 docker-examples/**/lib/**/*.js
 test/cli/e2e-yarn4/bin/yarn-4.0.0-rc.14.cjs
 yarn.js
+# storybook
+packages/ui-components/storybook-static
+dist.js
+bundle.js
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -8,7 +8,4 @@ contact_links:
    about: I want to report a security vulnerability
  - name: Chat 🏘
    url: https://discord.gg/7qWJxBf
-    about: For a quick question you should do it through our community chat
-  - name: User Interface Report 👩🏼‍🎨👨🏼‍🎨
-    url: https://github.com/verdaccio/ui/issues/new/choose
-    about: Any report related with the User Interface should be posted in another repository
+    about: Quick question? Try out Discord chat, you can get faster feedback
--- a/.github/disabled/docker-plugins-e2e.yml
+++ b/.github/disabled/docker-plugins-e2e.yml
@@ -0,0 +1,39 @@
+name: E2E Docker Proxy Plugins Test
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'master'
+  schedule:
+    # run every sunday
+    - cron: '0 0 * * 0'
+jobs:
+  docker:
+    timeout-minutes: 10
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3
+      
+    - name: Start containers
+      run: docker-compose -f "./e2e/docker/docker-build-install-plugin/docker-compose.yaml" up -d --build
+
+    - name: Install node
+      uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
+      with:
+        node-version: 18
+
+    - name: verdaccio cli
+      run: npm install -g verdaccio --registry=http://localhost:4873
+    - name: gastby cli 
+      run:  npm install -g gatsby-cli --registry http://localhost:4873
+    - name: netlify cli 
+      run:  npm install -g netlify-cli --registry http://localhost:4873
+    - name: angular cli 
+      run:  npm install -g @angular/cli --registry http://localhost:4873
+
+    - name: Stop containers
+      if: always()
+      run: docker-compose -f "./e2e/docker/docker-build-install-plugin/docker-compose.yaml" down
--- a/.github/workflows/benchmark.yml
+++ b/.github/workflows/benchmark.yml
@@ -1,174 +0,0 @@
---
-name: ci - benchmark
-
-on:
-  workflow_dispatch:
-  schedule:
-    # 1 time peer week
-    # collecting enough data to draw some graphics
-    - cron: '0 1 * * 1'
-  # push:
-  #   branches:
-  #     - master
-permissions:
-  contents: read
-
-jobs:
-  prepare: 
-    name: Prepare build
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
-      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
-        with:
-          node-version: 16.x
-      - name: install pnpm
-        run: sudo npm i pnpm@latest-6 -g
-      - name: set store
-        run: | 
-          mkdir ~/.pnpm-store
-          pnpm config set store-dir ~/.pnpm-store     
-      - name: setup pnpm config registry
-        run: pnpm config set registry https://registry.verdaccio.org
-      - name: install dependencies
-        run: pnpm install
-      - name: Cache .pnpm-store
-        uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-          restore-keys: |
-            pnpm-              
-      - name: build
-        run: pnpm build
-      - name: tar packages
-        run: |      
-          tar -czvf ${{ github.workspace }}/pkg.tar.gz -C ${{ github.workspace }}/packages .
-      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # tag=v3
-        with:
-          name: verdaccio-artifact
-          path: pkg.tar.gz
-  benchmark-autocannon:
-    needs: prepare
-    strategy:
-      fail-fast: false
-      matrix:
-        benchmark:
-          - info
-          - tarball
-        verdaccioVersion:
-          # - local
-          - 3.13.1
-          - 4.12.2
-          - 5.10.2
-          - 6.0.0-6-next.40
-    name: Benchmark autocannon
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
-      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
-        with:
-          node-version: 16.x
-      - uses: actions/download-artifact@9782bd6a9848b53b110e712e20e42d89988822b7 # tag=v3
-        with:
-          name: verdaccio-artifact
-      - name: untar packages
-        run: tar -xzvf pkg.tar.gz -C ${{ github.workspace }}/packages          
-      - name: install pnpm
-        # require fixed version
-        run: sudo npm i pnpm@latest-6 -g
-      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}   
-      - name: install dependencies
-        run: pnpm install    
-      - name: start registry
-        run: ./scripts/benchmark-prepare.sh ${{matrix.verdaccioVersion}}        
-      - name: benchmark        
-        run: pnpm benchmark:api -- -v ${{matrix.verdaccioVersion}} -f ${{matrix.benchmark}}       
-        shell: bash
-        env:
-          DEBUG: metrics*
-      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # tag=v3
-        with:
-          name: verdaccio-metrics-api
-          path: ./api-results-${{matrix.verdaccioVersion}}-${{matrix.benchmark}}.json  
-          if-no-files-found: error
-          retention-days: 10 
-      - name: submit metrics
-        run: pnpm benchmark:submit
-        env:
-          DEBUG: metrics
-          METRICS_SOURCE: autocannon
-          METRICS_URL: ${{ secrets.METRICS_URL }}
-          METRICS_TOKEN: ${{ secrets.METRICS_TOKEN }}
-          METRICS_BENCHMARK: ${{matrix.benchmark}}
-          METRICS_VERSION: ${{matrix.verdaccioVersion}}
-          METRICS_COMMIT_HASH: ${{ github.sha }}
-          METRICS_FILE_NAME: 'api-results'   
-  benchmark:
-    needs: prepare
-    strategy:
-      fail-fast: false
-      matrix:
-        benchmark:
-          - info
-          - tarball
-        verdaccioVersion:
-          # future 6.x (wip)
-          # - local (master branch)
-          # old versions to compare same test along previous releases
-          - 3.13.1
-          - 4.12.2
-          - 5.10.2
-          - 6.0.0-6-next.40
-    name: Benchmark hyperfine
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
-      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
-        with:
-          node-version: 16.x
-      - uses: actions/download-artifact@9782bd6a9848b53b110e712e20e42d89988822b7 # tag=v3
-        with:
-          name: verdaccio-artifact
-      - name: untar packages
-        run: tar -xzvf pkg.tar.gz -C ${{ github.workspace }}/packages          
-      - name: install pnpm
-        # require fixed version
-        run: sudo npm i pnpm@latest-6 -g
-      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}   
-      - name: install dependencies
-        run: pnpm install
-      - name: install hyperfine
-        run: |
-          wget https://github.com/sharkdp/hyperfine/releases/download/v1.11.0/hyperfine_1.11.0_amd64.deb
-          sudo dpkg -i hyperfine_1.11.0_amd64.deb
-      - name: start registry
-        run: ./scripts/benchmark-prepare.sh ${{matrix.verdaccioVersion}}
-      - name: benchmark        
-        run: ./scripts/benchmark-run.sh ${{matrix.benchmark}}
-        # https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#using-a-specific-shell
-        shell: bash
-      - name: rename
-        run: mv ./hyper-results.json ./hyper-results-${{matrix.verdaccioVersion}}-${{matrix.benchmark}}.json
-      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # tag=v3
-        with:
-          name: verdaccio-metrics
-          path: ./hyper-results-${{matrix.verdaccioVersion}}-${{matrix.benchmark}}.json  
-          if-no-files-found: error
-          retention-days: 10 
-      - name: submit metrics
-        run: pnpm benchmark:submit
-        env:
-          DEBUG: metrics
-          METRICS_SOURCE: hyperfine
-          METRICS_URL: ${{ secrets.METRICS_URL }}
-          METRICS_TOKEN: ${{ secrets.METRICS_TOKEN }}
-          METRICS_BENCHMARK: ${{matrix.benchmark}}
-          METRICS_VERSION: ${{matrix.verdaccioVersion}}
-          METRICS_COMMIT_HASH: ${{ github.sha }}
--- a/.github/workflows/changesets.yml
+++ b/.github/workflows/changesets.yml
@@ -20,20 +20,19 @@ jobs:
    if: github.ref == 'refs/heads/master' && github.repository == 'verdaccio/verdaccio'
    steps:
      - name: checkout code repository
-        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
        with:
          fetch-depth: 0

      - name: setup node.js
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
        with:
-          node-version: 14
-          registry-url: 'https://registry.npmjs.org'
+          node-version-file: '.nvmrc'
        env:
          NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}

      - name: install pnpm
-        run: npm i pnpm@6.32.15 -g
+        run: npm i pnpm@latest-8 -g
        env:
          NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}

--- a/.github/workflows/ci-windows.yml
+++ b/.github/workflows/ci-windows.yml
@@ -18,21 +18,25 @@ jobs:
        env:
          NODE_ENV: production          
    steps:
-    - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+    - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
    - name: Node
-      uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
      with:
        node-version-file: '.nvmrc'
    - name: Install pnpm
-      run: npm i pnpm@6.32.15 -g
+      run: npm i pnpm@latest-8 -g
    - name: set store
      run: |
        mkdir ~/.pnpm-store
        pnpm config set store-dir ~/.pnpm-store
+    - name: set store
+      run: |
+        mkdir ~/.pnpm-store
+        pnpm config set store-dir ~/.pnpm-store            
    - name: Install
-      run: pnpm recursive install --frozen-lockfile --registry http://localhost:4873
+      run: pnpm install --registry http://localhost:4873
    - name: Cache .pnpm-store
-      uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
      with:
        path: ~/.pnpm-store
        key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
@@ -43,19 +47,23 @@ jobs:
    name: Lint
    needs: prepare
    steps:
-      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
      - name: Node
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
        with:
          node-version-file: '.nvmrc'
      - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        run: npm i pnpm@latest-8 -g
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          mkdir ~/.pnpm-store
+          pnpm config set store-dir ~/.pnpm-store              
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
+        run: pnpm install --offline --reporter=silence --ignore-scripts
      - name: Lint
        run: pnpm lint
  format:
@@ -63,19 +71,23 @@ jobs:
    name: Format
    needs: prepare
    steps:
-      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
      - name: Use Node
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
        with:
          node-version-file: '.nvmrc'
      - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        run: npm i pnpm@latest-8 -g
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          mkdir ~/.pnpm-store
+          pnpm config set store-dir ~/.pnpm-store          
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
+        run: pnpm install --offline --reporter=silence --ignore-scripts
      - name: Lint
        run: pnpm format:check
  build:
@@ -88,19 +100,23 @@ jobs:
    name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
    runs-on: ${{ matrix.os }}
    steps:
-      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
      - name: Use Node ${{ matrix.node_version }}
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
        with:
          node-version: ${{ matrix.node_version }}
      - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        run: npm i pnpm@latest-8 -g
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          mkdir ~/.pnpm-store
+          pnpm config set store-dir ~/.pnpm-store          
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
+        run: pnpm install --offline --reporter=silence --ignore-scripts --registry http://localhost:4873
      - name: build
        run: pnpm build
      - name: Test
@@ -110,18 +126,22 @@ jobs:
    runs-on: windows-latest
    name: UI Test E2E
    steps:
-      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
-      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
+      - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
        with:
          node-version-file: '.nvmrc'
      - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        run: npm i pnpm@latest-8 -g
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          mkdir ~/.pnpm-store
+          pnpm config set store-dir ~/.pnpm-store              
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --registry http://localhost:4873
+        run: pnpm install --offline --reporter=silence --registry http://localhost:4873
      - name: build
        run: pnpm build
      - name: Test UI
--- a/Show More
+++ b/Show More