chore: update versions (6-next) (#3961 )

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
chore(deps): update dependency msw to v0.49.3 (#3963 )
2023-08-08 08:11:41 +02:00 · 2023-08-08 08:11:14 +02:00 · 2023-08-07 00:14:08 +00:00 · 2023-08-06 17:42:20 +02:00 · 2023-08-03 00:14:09 +00:00 · 2023-08-02 17:11:14 +02:00
589 changed files with 27300 additions and 22210 deletions
--- a/.changeset/big-years-repair.md
+++ b/.changeset/big-years-repair.md
@@ -0,0 +1,8 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/middleware': minor
+'@verdaccio/utils': minor
+'@verdaccio/web': minor
+---
+
+feat: expose middleware utils
--- a/.changeset/blue-cobras-study.md
+++ b/.changeset/blue-cobras-study.md
@@ -0,0 +1,8 @@
+---
+'@verdaccio/cli': minor
+'@verdaccio/ui-components': minor
+'@verdaccio/core': minor
+'@verdaccio/types': minor
+---
+
+fix: startup messages improved and logs support on types
--- a/.changeset/chatty-pillows-perform.md
+++ b/.changeset/chatty-pillows-perform.md
@@ -0,0 +1,18 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/config': minor
+'@verdaccio/core': minor
+'@verdaccio/file-locking': minor
+'@verdaccio/tarball': minor
+'@verdaccio/types': minor
+'@verdaccio/url': minor
+'@verdaccio/hooks': minor
+'@verdaccio/loaders': minor
+'@verdaccio/logger': minor
+'@verdaccio/logger-prettify': minor
+'@verdaccio/local-storage': minor
+'@verdaccio/utils': minor
+'verdaccio': minor
+---
+
+feat: improve support for fs promises older nodejs
--- a/.changeset/chilly-trains-juggle.md
+++ b/.changeset/chilly-trains-juggle.md
@@ -0,0 +1,8 @@
+---
+'@verdaccio/config': patch
+---
+
+Respect the `changePassword` configuration flag to enable changing the password through the web API.
+
+> **Note**
+> This feature is still experimental and not fully supported in the default web application.
--- a/.changeset/eight-bottles-own.md
+++ b/.changeset/eight-bottles-own.md
@@ -0,0 +1,8 @@
+---
+'@verdaccio/middleware': patch
+'@verdaccio/server': patch
+'@verdaccio/test-helper': patch
+'@verdaccio/local-publish': patch
+---
+
+fix: extract logger from middleware
--- a/.changeset/eight-clouds-look.md
+++ b/.changeset/eight-clouds-look.md
@@ -0,0 +1,7 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/middleware': minor
+'@verdaccio/server': minor
+---
+
+fix: expose middleware methods
--- a/.changeset/eighty-snails-admire.md
+++ b/.changeset/eighty-snails-admire.md
@@ -0,0 +1,6 @@
+---
+'@verdaccio/server-fastify': patch
+'@verdaccio/web': patch
+---
+
+Fix the password validation logic for the `/reset_password` route to ensure that the password is only reset if it is valid.
--- a/.changeset/fifty-stingrays-fold.md
+++ b/.changeset/fifty-stingrays-fold.md
@@ -0,0 +1,25 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/auth': minor
+'@verdaccio/cli': minor
+'@verdaccio/types': minor
+'@verdaccio/hooks': minor
+'@verdaccio/loaders': minor
+'@verdaccio/middleware': minor
+'@verdaccio/node-api': minor
+'verdaccio-audit': minor
+'verdaccio-auth-memory': minor
+'verdaccio-htpasswd': minor
+'@verdaccio/local-storage': minor
+'@verdaccio/proxy': minor
+'@verdaccio/server': minor
+'@verdaccio/server-fastify': minor
+'@verdaccio/store': minor
+'verdaccio': minor
+'@verdaccio/web': minor
+'@verdaccio/logger': minor
+'@verdaccio/logger-7': minor
+'@verdaccio/logger-commons': minor
+---
+
+feat: refactor logger
--- a/.changeset/fluffy-papayas-lay.md
+++ b/.changeset/fluffy-papayas-lay.md
@@ -0,0 +1,10 @@
+---
+'@verdaccio/config': patch
+'@verdaccio/core': patch
+'@verdaccio/tarball': patch
+'@verdaccio/url': patch
+'@verdaccio/store': patch
+'@verdaccio/utils': patch
+---
+
+fix: build targets for 5x modules
--- a/.changeset/forty-students-refuse.md
+++ b/.changeset/forty-students-refuse.md
@@ -0,0 +1,5 @@
+---
+'@verdaccio/logger-7': patch
+---
+
+bump up @verdaccio/logger-7
--- a/.changeset/fresh-chicken-rush.md
+++ b/.changeset/fresh-chicken-rush.md
@@ -0,0 +1,8 @@
+---
+'@verdaccio/types': patch
+'@verdaccio/middleware': patch
+'@verdaccio/server': patch
+'@verdaccio/ui-components': patch
+---
+
+fix: missing version on footer
--- a/.changeset/giant-apples-laugh.md
+++ b/.changeset/giant-apples-laugh.md
@@ -0,0 +1,5 @@
+---
+'@verdaccio/core': patch
+---
+
+fix: minor typo on warning message
--- a/.changeset/giant-years-trade.md
+++ b/.changeset/giant-years-trade.md
@@ -0,0 +1,6 @@
+---
+'@verdaccio/test-cli-commons': minor
+'@verdaccio/config': minor
+---
+
+chore: rollback yaml dep support old nodejs versions
--- a/.changeset/honest-maps-hear.md
+++ b/.changeset/honest-maps-hear.md
@@ -0,0 +1,7 @@
+---
+'@verdaccio/test-cli-commons': patch
+'@verdaccio/e2e-ui': patch
+'verdaccio': patch
+---
+
+fix: get-port missing dep
--- a/.changeset/khaki-carrots-crash.md
+++ b/.changeset/khaki-carrots-crash.md
@@ -0,0 +1,6 @@
+---
+'@verdaccio/ui-theme': minor
+'@verdaccio/ui-components': minor
+---
+
+feat: ui bugfixes and improvements
--- a/.changeset/kind-ladybugs-admire.md
+++ b/.changeset/kind-ladybugs-admire.md
@@ -0,0 +1,8 @@
+---
+'@verdaccio/auth': minor
+'@verdaccio/config': minor
+'@verdaccio/signature': minor
+'@verdaccio/ui-components': minor
+---
+
+feat: signature package
--- a/.changeset/old-apples-fail.md
+++ b/.changeset/old-apples-fail.md
@@ -0,0 +1,8 @@
+---
+'@verdaccio/types': patch
+'@verdaccio/middleware': patch
+'@verdaccio/ui-theme': patch
+'@verdaccio/web': patch
+---
+
+fix: missing logo on header
--- a/.changeset/poor-suns-film.md
+++ b/.changeset/poor-suns-film.md
@@ -0,0 +1,5 @@
+---
+'@verdaccio/core': patch
+---
+
+fix(core): fix `isObject` function.`isObject(true)` should return false.
--- a/.changeset/pre.json
+++ b/.changeset/pre.json
@@ -54,23 +54,35 @@
    "@verdaccio/e2e-cli-npm9": "1.0.1-6-next.5",
    "@verdaccio/e2e-ui": "2.0.0-6-next.3",
    "customprefix-auth": "0.0.1",
-    "@verdaccio/crowdin-translations": "1.0.0"
+    "@verdaccio/crowdin-translations": "1.0.0",
+    "@verdaccio/logger-7": "6.0.0-6-next.1",
+    "@verdaccio/logger-commons": "6.0.0-6-next.25",
+    "@verdaccio/e2e-cli-pnpm8": "1.0.1-6-next.6",
+    "@verdaccio/signature": "6.0.0-6-next.1",
+    "@verdaccio/search": "6.0.0-6-next.1"
  },
  "changesets": [
    "afraid-mice-obey",
    "angry-nails-appear",
    "big-lobsters-sin",
+    "big-years-repair",
+    "blue-cobras-study",
    "brave-seahorses-press",
    "bright-poems-obey",
    "brown-cycles-laugh",
    "brown-pandas-wink",
    "calm-pants-impress",
+    "chatty-pillows-perform",
    "chilled-ways-fetch",
    "chilly-glasses-occur",
+    "chilly-trains-juggle",
    "clever-pugs-warn",
    "dry-planes-tap",
    "dull-monkeys-search",
    "early-jokes-nail",
+    "eight-bottles-own",
+    "eight-clouds-look",
+    "eighty-snails-admire",
    "eleven-brooms-hunt",
    "eleven-spoons-matter",
    "fair-lemons-beam",
@@ -79,11 +91,17 @@
    "few-cooks-destroy",
    "few-mangos-grow",
    "fifty-jars-rest",
+    "fifty-stingrays-fold",
+    "fluffy-papayas-lay",
+    "forty-students-refuse",
    "four-ways-try",
+    "fresh-chicken-rush",
    "fuzzy-drinks-taste",
    "fuzzy-onions-draw",
    "gentle-parrots-lay",
    "gentle-trains-switch",
+    "giant-apples-laugh",
+    "giant-years-trade",
    "gold-vans-tease",
    "green-yaks-divide",
    "healthy-bikes-behave",
@@ -91,7 +109,10 @@
    "healthy-poets-compare",
    "heavy-ravens-lay",
    "hip-hounds-destroy",
+    "honest-maps-hear",
+    "khaki-carrots-crash",
    "kind-bears-nail",
+    "kind-ladybugs-admire",
    "late-adults-love",
    "late-parents-act",
    "light-pumas-brake",
@@ -105,6 +126,7 @@
    "moody-clocks-roll",
    "neat-toes-report",
    "neat-toys-float",
+    "old-apples-fail",
    "olive-candles-speak",
    "orange-cows-pull",
    "orange-flowers-cover",
@@ -114,17 +136,26 @@
    "plenty-news-remember",
    "plenty-spiders-melt",
    "plenty-tables-refuse",
+    "poor-suns-film",
+    "pretty-clouds-help",
    "pretty-hounds-tap",
    "proud-jeans-walk",
    "proud-jobs-hope",
+    "rare-planets-travel",
    "red-chefs-float",
    "red-yaks-sell",
    "rich-badgers-begin",
+    "rich-bananas-chew",
    "rich-ghosts-rule",
    "shaggy-carrots-unite",
    "shaggy-parrots-smash",
    "shiny-chefs-heal",
    "shy-ducks-cover",
+    "silly-moose-watch",
+    "silver-needles-drum",
+    "silver-spoons-nail",
+    "six-boats-sparkle",
+    "slimy-eggs-explain",
    "slow-carrots-relate",
    "slow-snails-sniff",
    "smart-apricots-kneel",
@@ -133,20 +164,28 @@
    "sour-buses-shout",
    "sour-maps-live",
    "spicy-frogs-press",
+    "spicy-radios-remain",
    "spicy-snakes-sip",
    "strange-ladybugs-nail",
+    "strong-socks-type",
+    "stupid-sloths-leave",
    "swift-pumpkins-knock",
    "ten-parents-breathe",
    "tender-bags-call",
+    "tender-pots-yawn",
+    "tender-tigers-hammer",
    "thick-countries-move",
    "thick-geese-wash",
    "thick-readers-hang",
    "three-moles-drop",
    "three-pots-sit",
    "tiny-seals-join",
+    "tough-days-search",
    "tricky-taxis-watch",
+    "twelve-crabs-guess",
    "two-dolls-check",
    "unlucky-hairs-wonder",
+    "weak-mangos-taste",
    "wild-jokes-beam",
    "witty-ties-speak"
  ]
--- a/.changeset/pretty-clouds-help.md
+++ b/.changeset/pretty-clouds-help.md
@@ -0,0 +1,9 @@
+---
+'@verdaccio/config': minor
+'@verdaccio/core': minor
+'@verdaccio/types': minor
+'@verdaccio/server': minor
+'@verdaccio/store': minor
+---
+
+feat: trustProxy property
--- a/.changeset/rare-planets-travel.md
+++ b/.changeset/rare-planets-travel.md
@@ -0,0 +1,9 @@
+---
+'@verdaccio/config': minor
+'@verdaccio/core': minor
+'@verdaccio/types': minor
+'@verdaccio/signature': minor
+'@verdaccio/test-helper': minor
+---
+
+feat: add forceEnhancedLegacySignature
--- a/.changeset/rich-bananas-chew.md
+++ b/.changeset/rich-bananas-chew.md
@@ -0,0 +1,7 @@
+---
+'@verdaccio/api': patch
+'@verdaccio/core': patch
+'@verdaccio/middleware': patch
+---
+
+fix: official package "-" cannot be synced
--- a/.changeset/silly-moose-watch.md
+++ b/.changeset/silly-moose-watch.md
@@ -0,0 +1,5 @@
+---
+'verdaccio-htpasswd': patch
+---
+
+fix wrong htpasswd file location
--- a/.changeset/silver-needles-drum.md
+++ b/.changeset/silver-needles-drum.md
@@ -0,0 +1,9 @@
+---
+'@verdaccio/core': patch
+'@verdaccio/hooks': patch
+'@verdaccio/proxy': patch
+'@verdaccio/store': patch
+'@verdaccio/web': patch
+---
+
+refactor: got instead undici
--- a/.changeset/silver-spoons-nail.md
+++ b/.changeset/silver-spoons-nail.md
@@ -0,0 +1,6 @@
+---
+'@verdaccio/proxy': minor
+'@verdaccio/store': minor
+---
+
+feat: refactor proxy with got v12
--- a/.changeset/six-boats-sparkle.md
+++ b/.changeset/six-boats-sparkle.md
@@ -0,0 +1,5 @@
+---
+'@verdaccio/search': minor
+---
+
+feat: add search package utilities
--- a/.changeset/slimy-eggs-explain.md
+++ b/.changeset/slimy-eggs-explain.md
@@ -0,0 +1,5 @@
+---
+'@verdaccio/logger-commons': patch
+---
+
+fix: restore wrong dependency version
--- a/.changeset/spicy-radios-remain.md
+++ b/.changeset/spicy-radios-remain.md
@@ -0,0 +1,9 @@
+---
+'@verdaccio/logger': patch
+'@verdaccio/logger-7': patch
+'@verdaccio/logger-commons': patch
+'@verdaccio/logger-prettify': patch
+'@verdaccio/middleware': patch
+---
+
+bump logger packages
--- a/.changeset/strong-socks-type.md
+++ b/.changeset/strong-socks-type.md
@@ -0,0 +1,7 @@
+---
+'@verdaccio/ui-theme': major
+'@verdaccio/ui-components': major
+'@verdaccio/web': major
+---
+
+fix package configuration issues
--- a/.changeset/stupid-sloths-leave.md
+++ b/.changeset/stupid-sloths-leave.md
@@ -0,0 +1,7 @@
+---
+'@verdaccio/logger-7': patch
+'@verdaccio/logger-commons': patch
+'@verdaccio/logger-prettify': patch
+---
+
+fix: restore pino legacy version
--- a/.changeset/tender-pots-yawn.md
+++ b/.changeset/tender-pots-yawn.md
@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+fix menuKey for Khmer language
--- a/.changeset/tender-tigers-hammer.md
+++ b/.changeset/tender-tigers-hammer.md
@@ -0,0 +1,7 @@
+---
+'@verdaccio/auth': minor
+'@verdaccio/core': minor
+'verdaccio-htpasswd': minor
+---
+
+feat: async bcrypt hash
--- a/.changeset/tough-days-search.md
+++ b/.changeset/tough-days-search.md
@@ -0,0 +1,6 @@
+---
+'@verdaccio/ui-theme': patch
+'@verdaccio/ui-components': patch
+---
+
+fix: undefined field on missing count
--- a/.changeset/twelve-crabs-guess.md
+++ b/.changeset/twelve-crabs-guess.md
@@ -0,0 +1,5 @@
+---
+'@verdaccio/middleware': patch
+---
+
+chore: bumb up package
--- a/.changeset/weak-mangos-taste.md
+++ b/.changeset/weak-mangos-taste.md
@@ -0,0 +1,15 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/config': minor
+'@verdaccio/types': minor
+'@verdaccio/hooks': minor
+'@verdaccio/middleware': minor
+'verdaccio-audit': minor
+'@verdaccio/proxy': minor
+'@verdaccio/server': minor
+'@verdaccio/store': minor
+'@verdaccio/web': minor
+'@verdaccio/ui-theme': minor
+---
+
+refactor: render html middleware
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -8,7 +8,4 @@ contact_links:
    about: I want to report a security vulnerability
  - name: Chat 🏘
    url: https://discord.gg/7qWJxBf
-    about: For a quick question you should do it through our community chat
-  - name: User Interface Report 👩🏼‍🎨👨🏼‍🎨
-    url: https://github.com/verdaccio/ui/issues/new/choose
-    about: Any report related with the User Interface should be posted in another repository
+    about: Quick question? Try out Discord chat, you can get faster feedback
--- a/.github/disabled/docker-plugins-e2e.yml
+++ b/.github/disabled/docker-plugins-e2e.yml
@@ -0,0 +1,39 @@
+name: E2E Docker Proxy Plugins Test
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'master'
+  schedule:
+    # run every sunday
+    - cron: '0 0 * * 0'
+jobs:
+  docker:
+    timeout-minutes: 10
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3
+      
+    - name: Start containers
+      run: docker-compose -f "./e2e/docker/docker-build-install-plugin/docker-compose.yaml" up -d --build
+
+    - name: Install node
+      uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
+      with:
+        node-version: 18
+
+    - name: verdaccio cli
+      run: npm install -g verdaccio --registry=http://localhost:4873
+    - name: gastby cli 
+      run:  npm install -g gatsby-cli --registry http://localhost:4873
+    - name: netlify cli 
+      run:  npm install -g netlify-cli --registry http://localhost:4873
+    - name: angular cli 
+      run:  npm install -g @angular/cli --registry http://localhost:4873
+
+    - name: Stop containers
+      if: always()
+      run: docker-compose -f "./e2e/docker/docker-build-install-plugin/docker-compose.yaml" down
--- a/.github/workflows/changesets.yml
+++ b/.github/workflows/changesets.yml
@@ -20,20 +20,19 @@ jobs:
    if: github.ref == 'refs/heads/master' && github.repository == 'verdaccio/verdaccio'
    steps:
      - name: checkout code repository
-        uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
        with:
          fetch-depth: 0

      - name: setup node.js
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
-          node-version: 14
-          registry-url: 'https://registry.npmjs.org'
+          node-version-file: '.nvmrc'
        env:
          NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}

      - name: install pnpm
-        run: npm i pnpm@6.32.15 -g
+        run: npm i pnpm@latest-8 -g
        env:
          NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}

--- a/.github/workflows/ci-windows.yml
+++ b/.github/workflows/ci-windows.yml
@@ -18,21 +18,25 @@ jobs:
        env:
          NODE_ENV: production          
    steps:
-    - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+    - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
    - name: Node
-      uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
      with:
        node-version-file: '.nvmrc'
    - name: Install pnpm
-      run: npm i pnpm@6.32.15 -g
+      run: npm i pnpm@latest-8 -g
    - name: set store
      run: |
        mkdir ~/.pnpm-store
        pnpm config set store-dir ~/.pnpm-store
+    - name: set store
+      run: |
+        mkdir ~/.pnpm-store
+        pnpm config set store-dir ~/.pnpm-store            
    - name: Install
-      run: pnpm recursive install --frozen-lockfile --registry http://localhost:4873
+      run: pnpm install --registry http://localhost:4873
    - name: Cache .pnpm-store
-      uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
      with:
        path: ~/.pnpm-store
        key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
@@ -43,19 +47,23 @@ jobs:
    name: Lint
    needs: prepare
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
      - name: Node
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version-file: '.nvmrc'
      - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+        run: npm i pnpm@latest-8 -g
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          mkdir ~/.pnpm-store
+          pnpm config set store-dir ~/.pnpm-store              
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
+        run: pnpm install --offline --reporter=silence --ignore-scripts
      - name: Lint
        run: pnpm lint
  format:
@@ -63,19 +71,23 @@ jobs:
    name: Format
    needs: prepare
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
      - name: Use Node
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version-file: '.nvmrc'
      - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+        run: npm i pnpm@latest-8 -g
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          mkdir ~/.pnpm-store
+          pnpm config set store-dir ~/.pnpm-store          
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
+        run: pnpm install --offline --reporter=silence --ignore-scripts
      - name: Lint
        run: pnpm format:check
  build:
@@ -88,19 +100,23 @@ jobs:
    name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
    runs-on: ${{ matrix.os }}
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
      - name: Use Node ${{ matrix.node_version }}
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version: ${{ matrix.node_version }}
      - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+        run: npm i pnpm@latest-8 -g
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          mkdir ~/.pnpm-store
+          pnpm config set store-dir ~/.pnpm-store          
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
+        run: pnpm install --offline --reporter=silence --ignore-scripts --registry http://localhost:4873
      - name: build
        run: pnpm build
      - name: Test
@@ -110,18 +126,22 @@ jobs:
    runs-on: windows-latest
    name: UI Test E2E
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
-      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
+      - uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version-file: '.nvmrc'
      - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+        run: npm i pnpm@latest-8 -g
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          mkdir ~/.pnpm-store
+          pnpm config set store-dir ~/.pnpm-store              
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --registry http://localhost:4873
+        run: pnpm install --offline --reporter=silence --registry http://localhost:4873
      - name: build
        run: pnpm build
      - name: Test UI
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -21,29 +21,29 @@ jobs:
    name: setup verdaccio
    services:
      verdaccio:
-        image: verdaccio/verdaccio:nightly-master
+        image: verdaccio/verdaccio:5
        ports:
          - 4873:4873
        env:
          NODE_ENV: production          
    steps:
-    - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+    - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
    - name: Node
-      uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
      with:
        node-version-file: '.nvmrc'
    - name: Install pnpm
      run: |
        corepack enable
-        corepack prepare --activate pnpm@6.32.15
+        corepack prepare --activate pnpm@latest-8
    - name: set store
      run: |
        mkdir ~/.pnpm-store
        pnpm config set store-dir ~/.pnpm-store
    - name: Install
-      run: pnpm recursive install --frozen-lockfile --registry http://localhost:4873
+      run: pnpm install  --registry http://localhost:4873
    - name: Cache .pnpm-store
-      uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
      with:
        path: ~/.pnpm-store
        key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
@@ -54,21 +54,24 @@ jobs:
    name: Lint
    needs: prepare
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
      - name: Node
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version-file: '.nvmrc'
      - name: Install pnpm
        run: |
          corepack enable
-          corepack prepare --activate pnpm@6.32.15
-      - uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+          corepack prepare --activate pnpm@latest-8
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          pnpm config set store-dir ~/.pnpm-store              
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
+        run: pnpm install --offline   --ignore-scripts
      - name: Lint
        run: pnpm lint
  format:
@@ -76,21 +79,24 @@ jobs:
    name: Format
    needs: prepare
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
      - name: Use Node
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version-file: '.nvmrc'
      - name: Install pnpm
        run: |
          corepack enable
-          corepack prepare --activate pnpm@6.32.15
-      - uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+          corepack prepare --activate pnpm@latest-8
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          pnpm config set store-dir ~/.pnpm-store              
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
+        run: pnpm install --offline   --ignore-scripts
      - name: Lint
        run: pnpm format:check
  test:
@@ -103,21 +109,24 @@ jobs:
    name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
    runs-on: ${{ matrix.os }}
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
      - name: Use Node ${{ matrix.node_version }}
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version: ${{ matrix.node_version }}
      - name: Install pnpm
        run: |
          corepack enable
-          corepack prepare --activate pnpm@6.32.15
-      - uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+          corepack prepare --activate pnpm@latest-8
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          pnpm config set store-dir ~/.pnpm-store              
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
+        run: pnpm install --offline   --ignore-scripts --registry http://localhost:4873
      - name: build
        run: pnpm build
      - name: Test
@@ -126,27 +135,30 @@ jobs:
    needs: [test]
    runs-on: ubuntu-latest
    name: synchronize translations
-    if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
+    if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
-      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
+      - uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version-file: '.nvmrc'
      - name: Install pnpm
        run: |
          corepack enable
-          corepack prepare --activate pnpm@6.32.15
-      - uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+          corepack prepare --activate pnpm@latest-8
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: set store
+        run: |
+          pnpm config set store-dir ~/.pnpm-store              
      - name: Install
        ## we need scripts, pupetter downloads aditional content
-        run: pnpm recursive install --frozen-lockfile --registry http://localhost:4873
+        run: pnpm install  --registry http://localhost:4873
      - name: build
        run: pnpm build
      - name: generate website translations
-        run: pnpm write-translations --filter ...@verdaccio/website
+        run: pnpm --filter ...@verdaccio/website write-translations
      - name: sync
        env:
          CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -21,7 +21,7 @@ jobs:

    steps:
      - name: Checkout repository
-        uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
        with:
          # We must fetch at least the immediate parents so that if this is
          # a pull request then we can checkout the head.
@@ -34,7 +34,7 @@ jobs:

      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@959cbb7472c4d4ad70cdfe6f4976053fe48ab394 # tag=v2
+        uses: github/codeql-action/init@0ba4244466797eb048eb91a6cd43d5c03ca8bd05 # v2

      # Override language selection by uncommenting this and choosing your languages
      # with:
@@ -42,7 +42,7 @@ jobs:
      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
      # If this step fails, then you should remove it and run the build manually (see below)
      - name: Autobuild
-        uses: github/codeql-action/autobuild@959cbb7472c4d4ad70cdfe6f4976053fe48ab394 # tag=v2
+        uses: github/codeql-action/autobuild@0ba4244466797eb048eb91a6cd43d5c03ca8bd05 # v2

      # ℹ️ Command-line programs to run using the OS shell.
      # 📚 https://git.io/JvXDl
@@ -56,4 +56,4 @@ jobs:
      #   make release

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@959cbb7472c4d4ad70cdfe6f4976053fe48ab394 # tag=v2
+        uses: github/codeql-action/analyze@0ba4244466797eb048eb91a6cd43d5c03ca8bd05 # v2
--- a/.github/workflows/docker-proxy-apache-e2e.yml
+++ b/.github/workflows/docker-proxy-apache-e2e.yml
@@ -0,0 +1,38 @@
+name: E2E Docker Proxy Apache Test
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'master'
+  schedule:
+    # run every sunday
+    - cron: '0 0 * * 0'
+jobs:
+  docker:
+    timeout-minutes: 10
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
+      
+    - name: Start containers
+      run: docker-compose -f "./e2e/docker/apache-verdaccio/docker-compose.yaml" up -d --build
+
+    - name: Install node
+      uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3
+      with:
+        node-version: 18
+    - name: verdaccio cli
+      run: npm install -g verdaccio --registry http://localhost
+    - name: gastby cli 
+      run:  npm install -g gatsby-cli --registry http://localhost
+    - name: netlify cli 
+      run:  npm install -g netlify-cli --registry http://localhost
+    - name: angular cli 
+      run:  npm install -g @angular/cli --registry http://localhost
+
+    - name: Stop containers
+      if: always()
+      run: docker-compose -f "./e2e/docker/apache-verdaccio/docker-compose.yaml" down
--- a/.github/workflows/docker-proxy-nginx-e2e.yml
+++ b/.github/workflows/docker-proxy-nginx-e2e.yml
@@ -0,0 +1,41 @@
+name: E2E Docker Proxy Nginx Test
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'master'
+jobs:
+  docker:
+    timeout-minutes: 10
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
+      
+    - name: Start containers
+      run: docker-compose -f "./e2e/docker/proxy-nginx/docker-compose.yaml" up -d --build
+
+    - name: Install node
+      uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3
+      with:
+        node-version: 18
+    - name: npm setup
+      run: |
+        npm config set fetch-retries="5"
+        npm config set fetch-retry-factor="50"
+        npm config set fetch-retry-mintimeout="20000"
+        npm config set fetch-retry-maxtimeout="80000"      
+    - name: verdaccio cli
+      run: npm install -g verdaccio --registry http://localhost
+    - name: gastby cli 
+      run:  npm install -g gatsby-cli --registry http://localhost
+    - name: netlify cli 
+      run:  npm install -g netlify-cli --registry http://localhost
+    - name: angular cli 
+      run:  npm install -g @angular/cli --registry http://localhost
+
+    - name: Stop containers
+      if: always()
+      run: docker-compose -f "./e2e/docker/proxy-nginx/docker-compose.yaml" down
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -23,8 +23,8 @@ jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
-      - uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # tag=v1
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
+      - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # tag=v1
      - uses: docker/setup-buildx-action@v1
        with:
          driver-opts: network=host
@@ -45,11 +45,11 @@ jobs:
            {{major}}
            {{major}}.{{minor}}
      - name: Build & Push
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v4
        with:
          context: .
          file: ./Dockerfile
-          platforms: linux/amd64
+          platforms: linux/amd64,linux/arm64
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.docker_meta.outputs.tags }}
          labels: ${{ steps.docker_meta.outputs.labels }}
--- a/.github/workflows/e2e-ci.yml
+++ b/.github/workflows/e2e-ci.yml
@@ -15,21 +15,21 @@ jobs:
        env:
          NODE_ENV: production
    steps:
-    - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+    - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
    - name: Use Node
-      uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
      with:
        node-version-file: '.nvmrc'
    - name: Install pnpm
-      run: npm i pnpm@6.32.15 -g
+      run: npm i pnpm@latest-8 -g
    - name: set store
      run: |
        mkdir ~/.pnpm-store
        pnpm config set store-dir ~/.pnpm-store
    - name: Install
-      run: pnpm recursive install --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
+      run: pnpm install --reporter=silence --ignore-scripts --registry http://localhost:4873
    - name: Cache .pnpm-store
-      uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
      with:
        path: ~/.pnpm-store
        key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
@@ -39,23 +39,26 @@ jobs:
    needs: [prepare]
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
      - name: Use Node 16
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version-file: '.nvmrc'
      - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+        run: npm i pnpm@latest-8 -g
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
+      - name: set store
+        run: |
+          pnpm config set store-dir ~/.pnpm-store              
      - name: Install
-        run: pnpm recursive install --frozen-lockfile --reporter=silence --registry http://localhost:4873
+        run: pnpm recursive install --reporter=silence --registry http://localhost:4873
      - name: build
        run: pnpm build
      - name: Cache packages
-        uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+        uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        id: cache-packages
        with:
          path: ./packages/
@@ -75,23 +78,27 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        pkg: [npm6, npm7, npm8, npm9, pnpm6, pnpm7, yarn1, yarn2,  yarn3, yarn4]
-    name:  ${{ matrix.pkg }} / ${{ matrix.os }}
+        pkg: [npm6, npm7, npm8, npm9, pnpm6, pnpm7, pnpm8, yarn1, yarn2, yarn3, yarn4]
+        node: [16, 18, 19]
+    name: ${{ matrix.pkg }}/ ubuntu-latest / ${{ matrix.node }}
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
-      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
+      - uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
-          node-version-file: '.nvmrc'
+          node-version: ${{ matrix.node }}
      - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+        run: npm i pnpm@latest-8 -g
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ~/.pnpm-store
          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
+      - name: set store
+        run: |
+          pnpm config set store-dir ~/.pnpm-store              
      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
-      - uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+        run: pnpm install --offline --reporter=silence --ignore-scripts --registry http://localhost:4873
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: ./packages/
          key: pkg-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
@@ -100,6 +107,6 @@ jobs:
      #     path: ./e2e/
      #     key: test-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
      - name: build e2e
-        run: pnpm run build --filter=./e2e      
+        run:  pnpm --filter @verdaccio/test-cli-commons build
      - name: Test CLI
        run: NODE_ENV=production pnpm test --filter ...@verdaccio/e2e-cli-${{matrix.pkg}}
--- a/.github/workflows/e2e-ui.yml
+++ b/.github/workflows/e2e-ui.yml
@@ -15,22 +15,22 @@ jobs:
        env:
          NODE_ENV: production
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
      - name: Use Node
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version-file: '.nvmrc'
      - name: Install pnpm
        run: |
         corepack enable
-         corepack prepare --activate pnpm@6.32.15
+         corepack prepare --activate pnpm@latest-8
      - name: Install
-        run: pnpm install --frozen-lockfile --reporter=silence --registry http://localhost:4873
+        run: pnpm install --reporter=silence --registry http://localhost:4873
      - name: build
        run: pnpm build
      - name: Test UI
        run: pnpm test:e2e:ui
-      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # v3
+      - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3
        with:
          name: videos
          path: /home/runner/work/verdaccio/verdaccio/e2e/ui/cypress/videos
--- a/.github/workflows/static-data.yml
+++ b/.github/workflows/static-data.yml
@@ -19,25 +19,19 @@ jobs:
    name: Run script
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
        with:
          persist-credentials: false
          fetch-depth: 0
-      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      - uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version: 18.x
      - name: install pnpm
-        run: sudo npm i pnpm@latest-6 -g
-      - name: set store
-        run: | 
-          mkdir ~/.pnpm-store
-          pnpm config set store-dir ~/.pnpm-store
-      - name: setup pnpm config registry
-        run: pnpm config set registry https://registry.verdaccio.org
+        run: sudo npm i pnpm@latest-8 -g
      - name: install dependencies
        run: pnpm install
      - name: Build Translations percentage
-        run: pnpm build --filter "@verdaccio/crowdin-translations"
+        run: pnpm --filter @verdaccio/crowdin-translations build
      - name: update contributors
        run: pnpm run contributors
        env:
--- a/.github/workflows/ui-components.yml
+++ b/.github/workflows/ui-components.yml
@@ -13,6 +13,9 @@ on:
 permissions:
  contents: read  #  to fetch code (actions/checkout)

+env:
+  DEBUG: verdaccio*
+
 jobs:
  deploy:
    permissions:
@@ -24,15 +27,15 @@ jobs:
    env:
      NODE_OPTIONS: --max_old_space_size=4096
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3

      - name: Use Node
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version-file: '.nvmrc'

      - name: Cache pnpm modules
-        uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+        uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        env:
          cache-name: cache-pnpm-modules
        with:
@@ -44,9 +47,9 @@ jobs:
      - name: Install pnpm
        run: |
          corepack enable
-            corepack prepare --activate pnpm@6.32.15
+            corepack prepare --activate pnpm@latest-8
      - name: Install
-        run: pnpm recursive install --frozen-lockfile  
+        run: pnpm install  
      - name: Build storybook
        run: pnpm ui:storybook:build
      - name: Copy public content
@@ -54,7 +57,7 @@ jobs:
        run: cp -R packages/ui-components/public/* packages/ui-components/storybook-static
      - name: 🔥 Deploy Production UI Netlify
        if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
-        uses: verdaccio/action-netlify-deploy@1a53f098745bf78555d11b436f5ee3af87e6b566
+        uses: verdaccio/action-netlify-deploy@1c086d59169edeec9254672c7de17d2ceac3928f # v2.0.0
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          netlify-auth-token: ${{ secrets.NETLIFY_AUTH_TOKEN }}
@@ -62,7 +65,7 @@ jobs:
          build-dir: './packages/ui-components/storybook-static'          
      - name: 🤖 Deploy Preview UI Components Netlify
        if: github.repository == 'verdaccio/verdaccio'
-        uses: verdaccio/action-netlify-deploy@1a53f098745bf78555d11b436f5ee3af87e6b566
+        uses: semoal/action-netlify-deploy@1a53f098745bf78555d11b436f5ee3af87e6b566
        id: netlify_preview_ui
        with:
          draft: true
--- a/.github/workflows/website.yml
+++ b/.github/workflows/website.yml
@@ -23,15 +23,15 @@ jobs:
    env:
      NODE_OPTIONS: --max_old_space_size=4096
    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # tag=v3
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3

      - name: Use Node 16
-        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # tag=v3
        with:
          node-version: 16

      - name: Cache pnpm modules
-        uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+        uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        env:
          cache-name: cache-pnpm-modules
        with:
@@ -40,18 +40,18 @@ jobs:
          restore-keys: |
            ${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-

-      - uses: pnpm/action-setup@c3b53f6a16e57305370b4ae5a540c2077a1d50dd # tag=v2.2.4
+      - uses: pnpm/action-setup@d882d12c64e032187b2edb46d3a0d003b7a43598 # tag=v2.4.0
        with:
-          version: 6.32.15
+          version: latest-8
          run_install: |
            - recursive: true
              args: [--frozen-lockfile]
      - name: Build 
        run: pnpm build
      - name: Build Translations percentage
-        run: pnpm build --filter "@verdaccio/crowdin-translations"
+        run: pnpm --filter @verdaccio/crowdin-translations build
      - name: Cache Docusaurus Build
-        uses: actions/cache@4723a57e26efda3a62cbde1812113b730952852d # v3
+        uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
        with:
          path: website/node_modules/.cache/webpack
          key: cache/webpack-${{github.ref}}-${{ hashFiles('**/pnpm-lock.yaml') }}
@@ -66,7 +66,7 @@ jobs:
          CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
          SENTRY_KEY: ${{ secrets.SENTRY_KEY }}
          CONTEXT: production
-        run: pnpm netlify:build:production --filter ...@verdaccio/website
+        run: pnpm --filter @verdaccio/website netlify:build:production

      - name: 🔥 Deploy Production Netlify
        if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
@@ -81,7 +81,7 @@ jobs:
      - name: Build Deployment Preview
        env:
          CONTEXT: deploy-preview
-        run: pnpm netlify:build:deployPreview --filter ...@verdaccio/website
+        run: pnpm --filter ...@verdaccio/website netlify:build:deployPreview

      - name: 🤖 Deploy Preview Netlify
        if: github.repository == 'verdaccio/verdaccio'
@@ -100,7 +100,7 @@ jobs:
      - name: Audit preview URL with Lighthouse
        if: github.repository == 'verdaccio/verdaccio'
        id: lighthouse_audit
-        uses: treosh/lighthouse-ci-action@e0fe113967eee84b631d526ed18ce001f35fe9e9 # tag=9.3.1
+        uses: treosh/lighthouse-ci-action@03becbfc543944dd6e7534f7ff768abb8a296826 # tag=10.1.0
        with:
          urls: |
            ${{ steps.netlify_preview.outputs.preview-url }}
@@ -109,7 +109,7 @@ jobs:

      - name: Format lighthouse score
        id: format_lighthouse_score
-        uses: actions/github-script@d556feaca394842dc55e4734bf3bb9f685482fa0 # tag=v6
+        uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # tag=v6
        with:
          github-token: ${{secrets.GITHUB_TOKEN}}
          script: |
@@ -134,7 +134,7 @@ jobs:
      - name: Add comment to PR
        if: github.repository == 'verdaccio/verdaccio'
        id: comment_to_pr
-        uses: marocchino/sticky-pull-request-comment@fcf6fe9e4a0409cd9316a5011435be0f3327f1e1 # tag=v2
+        uses: marocchino/sticky-pull-request-comment@f6a2580ed520ae15da6076e7410b088d1c5dddd9 # v2
        with:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          number: ${{ github.event.issue.number }}
--- a/.npmrc
+++ b/.npmrc
@@ -1,4 +1,3 @@
 always-auth = true
-recursive-install = true
 loglevel=info
 fetch-retries="10"
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -44,7 +44,7 @@ This setting would cause the `pnpm install` command to install incorrect version
 To begin your development setup, please install the latest version of pnpm globally:

 ```
-npm i -g pnpm@latest-6
+npm i -g pnpm@latest-8
 ```

 With pnpm installed, the first step is installing all dependencies:
--- a/16
+++ b/16
@@ -1,7 +1,7 @@
-FROM --platform=${BUILDPLATFORM:-linux/amd64} node:16-alpine as builder
+FROM --platform=${BUILDPLATFORM:-linux/amd64} node:18-alpine as builder

 ENV NODE_ENV=development \
-    VERDACCIO_BUILD_REGISTRY=https://registry.verdaccio.org
+    VERDACCIO_BUILD_REGISTRY=https://registry.npmjs.org

 RUN apk --no-cache add openssl ca-certificates wget && \
    apk --no-cache add g++ gcc libgcc libstdc++ linux-headers make python3 && \
@@ -11,16 +11,16 @@ RUN apk --no-cache add openssl ca-certificates wget && \

 WORKDIR /opt/verdaccio-build
 COPY . .
-RUN npm -g i pnpm@6.32.15 && \
+RUN npm -g i pnpm@latest-8 && \
    pnpm config set registry $VERDACCIO_BUILD_REGISTRY && \
-    pnpm recursive install --frozen-lockfile --ignore-scripts && \
+    pnpm install --frozen-lockfile --ignore-scripts && \
    rm -Rf test && \
-    pnpm run build && \
-    pnpm install -P
-# FIXME: need to remove devDependencies from the build
+    pnpm run build
+# FIXME: need to remove devDependencies from the build    
+# NODE_ENV=production pnpm install --frozen-lockfile --ignore-scripts
 # RUN pnpm install --prod --ignore-scripts

-FROM node:16-alpine
+FROM node:18-alpine
 LABEL maintainer="https://github.com/verdaccio/verdaccio"

 ENV VERDACCIO_APPDIR=/opt/verdaccio \
--- a/README.md
+++ b/README.md
@@ -275,6 +275,7 @@ You can find and chat with then over Discord, click [here](http://chat.verdaccio
 ## Who is using Verdaccio?

 - [create-react-app](https://github.com/facebook/create-react-app/blob/master/CONTRIBUTING.md#customizing-e2e-registry-configuration) _(+86.2k ⭐️)_
+- [Grafana](https://github.com/grafana/grafana/search?q=verdaccio) _(+54.9k ⭐️)_
 - [Gatsby](https://github.com/gatsbyjs/gatsby) _(+49.2k ⭐️)_
 - [Babel.js](https://github.com/babel/babel) _(+38.5k ⭐️)_
 - [Docusaurus](https://github.com/facebook/docusaurus) _(+34k ⭐️)_
@@ -285,8 +286,8 @@ You can find and chat with then over Discord, click [here](http://chat.verdaccio
 - [Aurelia Framework](https://github.com/aurelia/framework) _(+11.6k ⭐️)_
 - [pnpm](https://github.com/pnpm/pnpm) _(+10.1k ⭐️)_
 - [ethereum/web3.js](https://github.com/ethereum/web3.js) _(+9.8k ⭐️)_
+- [Webiny CMS](https://github.com/webiny/webiny-js) _(+6.6k ⭐️)_
 - [NX](https://github.com/nrwl/nx) _(+6.1k ⭐️)_
- [webiny-js](https://github.com/webiny/webiny-js) _(+4.3k ⭐️)_
 - [Mozilla Neutrino](https://github.com/neutrinojs/neutrino) _(+3.7k ⭐️)_
 - [workshopper how to npm](https://github.com/workshopper/how-to-npm) _(+1k ⭐️)_
 - [Amazon SDK v3](https://github.com/aws/aws-sdk-js-v3)
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -28,7 +28,7 @@ At Verdaccio, we consider the security of our systems a top priority. But no mat

 If you discover a security vulnerability, please use one of the following means of communications to report it to us:

- Report the security issue to the Node.js Security WG through the [HackerOne program](https://hackerone.com/nodejs-ecosystem) for ecosystem modules on npm, or to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix.
+- Report the security issue to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix.

 Note that time-frame and processes are subject to each program’s own policy.

--- a/docker-examples/README.md
+++ b/docker-examples/README.md
@@ -10,7 +10,7 @@ The following examples aim to be demonstrative and can be either improved or upd
 - [v5 examples](v5/README.md)
 - [v6 examples](v6/README.md)

-## Aditional data
+## Additional data

 This folder aims to create a collection of Docker and Kubernetes examples.

--- a/e2e/cli/README.md
+++ b/e2e/cli/README.md
@@ -10,18 +10,18 @@

 ### Commands Tested

-| cmd       | npm6 | npm7 | npm8 | npm9 | pnpm6 | pnpm7 | yarn1 | yarn2 | yarn3 | yarn4 |
-| --------- | ---- | ---- | ---- | ---- | ----- | ----- | ----- | ----- | ----- | ----- |
-| publish   | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ✅    | ✅    | ✅    |
-| info      | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ✅    | ✅    | ✅    |
-| audit     | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ✅    | ✅    | ❌    |
-| install   | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ✅    | ✅    | ✅    |
-| deprecate | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
-| ping      | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
-| search    | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
-| star      | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
-| stars     | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
-| dist-tag  | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ❌    | ❌    | ❌    |
+| cmd       | npm6 | npm7 | npm8 | npm9 | pnpm6 | pnpm7 | pnpm8 | yarn1 | yarn2 | yarn3 | yarn4 |
+| --------- | ---- | ---- | ---- | ---- | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
+| publish   | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ✅    | ✅    | ✅    | ✅    |
+| info      | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ✅    | ✅    | ✅    | ✅    |
+| audit     | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ✅    | ✅    | ✅    | ❌    |
+| install   | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ✅    | ✅    | ✅    | ✅    |
+| deprecate | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
+| ping      | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
+| search    | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
+| star      | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
+| stars     | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
+| dist-tag  | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ✅    | ❌    | ❌    | ❌    |

 > notes:
 >
--- a/e2e/cli/cli-commons/CHANGELOG.md
+++ b/e2e/cli/cli-commons/CHANGELOG.md
@@ -1,5 +1,17 @@
 # @verdaccio/test-cli-commons

+## 1.1.0-6-next.7
+
+### Patch Changes
+
+- c383eb68: fix: get-port missing dep
+
+## 1.1.0-6-next.6
+
+### Minor Changes
+
+- d167f92e: chore: rollback yaml dep support old nodejs versions
+
 ## 1.0.1-6-next.5

 ### Patch Changes
--- a/e2e/cli/cli-commons/package.json
+++ b/e2e/cli/cli-commons/package.json
@@ -1,19 +1,20 @@
 {
  "private": true,
  "name": "@verdaccio/test-cli-commons",
-  "version": "1.0.1-6-next.5",
+  "version": "1.1.0-6-next.7",
  "main": "./build/index.js",
  "types": "./build/index.d.ts",
  "devDependencies": {
-    "verdaccio": "workspace:6.0.0-6-next.53",
-    "@verdaccio/core": "workspace:6.0.0-6-next.53",
-    "@verdaccio/config": "workspace:6.0.0-6-next.53",
-    "@verdaccio/types": "workspace:11.0.0-6-next.18",
-    "yaml": "2.2.0",
+    "@verdaccio/config": "workspace:6.0.0-6-next.75",
+    "@verdaccio/core": "workspace:6.0.0-6-next.75",
+    "@verdaccio/types": "workspace:11.0.0-6-next.25",
    "debug": "4.3.4",
    "fs-extra": "10.1.0",
    "got": "11.8.6",
-    "lodash": "4.17.21"
+    "js-yaml": "4.1.0",
+    "get-port": "5.1.1",
+    "lodash": "4.17.21",
+    "verdaccio": "workspace:6.0.0-6-next.75"
  },
  "scripts": {
    "test": "jest",
--- a/e2e/cli/cli-commons/src/registry.ts
+++ b/e2e/cli/cli-commons/src/registry.ts
@@ -1,5 +1,6 @@
 /* eslint-disable prefer-promise-reject-errors */
 import buildDebug from 'debug';
+import getPort from 'get-port';
 import { merge } from 'lodash';
 import { Registry } from 'verdaccio';

@@ -35,6 +36,7 @@ export async function initialSetup(customConfig?: ConfigYaml): Promise<Setup> {
  const { configPath, tempFolder } = await getConfigPath(config);
  debug(`configPath %o`, configPath);
  debug(`tempFolder %o`, tempFolder);
-  const registry = new Registry(configPath, { createUser: true });
+  const port = await getPort();
+  const registry = new Registry(configPath, { createUser: true, port });
  return { registry, tempFolder };
 }
--- a/e2e/cli/cli-commons/src/yarn-modern-utils.ts
+++ b/e2e/cli/cli-commons/src/yarn-modern-utils.ts
@@ -1,7 +1,7 @@
 import { cp, writeFile } from 'fs/promises';
+import YAML from 'js-yaml';
 import { join } from 'path';
 import { URL } from 'url';
-import YAML from 'yaml';

 import { Dependencies } from '@verdaccio/types';

@@ -25,7 +25,7 @@ export function createYamlConfig(registry: string, token?: string) {
    };
  }

-  return YAML.stringify(defaultYaml);
+  return YAML.dump(defaultYaml);
 }

 export async function prepareYarnModernProject(
--- a/e2e/cli/e2e-npm6/CHANGELOG.md
+++ b/e2e/cli/e2e-npm6/CHANGELOG.md
@@ -1,5 +1,19 @@
 # @verdaccio/e2e-cli-npm6

+## 1.0.1-6-next.7
+
+### Patch Changes
+
+- Updated dependencies [c383eb68]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.7
+
+## 1.0.1-6-next.6
+
+### Patch Changes
+
+- Updated dependencies [d167f92e]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.6
+
 ## 1.0.1-6-next.5

 ### Patch Changes
--- a/e2e/cli/e2e-npm6/audit.spec.ts
+++ b/e2e/cli/e2e-npm6/audit.spec.ts
@@ -33,9 +33,6 @@ describe('audit a package', () => {
      );
      const parsedBody = JSON.parse(resp.stdout as string);
      expect(parsedBody.metadata).toBeDefined();
-      expect(parsedBody.actions).toBeDefined();
-      expect(parsedBody.advisories).toBeDefined();
-      expect(parsedBody.muted).toBeDefined();
    }
  );

--- a/e2e/cli/e2e-npm6/package.json
+++ b/e2e/cli/e2e-npm6/package.json
@@ -1,10 +1,10 @@
 {
  "private": true,
  "name": "@verdaccio/e2e-cli-npm6",
-  "version": "1.0.1-6-next.5",
+  "version": "1.0.1-6-next.7",
  "dependencies": {
-    "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
-    "npm": "6.14.18"
+    "@verdaccio/test-cli-commons": "workspace:1.1.0-6-next.7",
+    "npm": "9.7.1"
  },
  "scripts": {
    "test": "jest"
--- a/e2e/cli/e2e-npm7/CHANGELOG.md
+++ b/e2e/cli/e2e-npm7/CHANGELOG.md
@@ -1,5 +1,19 @@
 # @verdaccio/e2e-cli-npm7

+## 1.0.1-6-next.7
+
+### Patch Changes
+
+- Updated dependencies [c383eb68]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.7
+
+## 1.0.1-6-next.6
+
+### Patch Changes
+
+- Updated dependencies [d167f92e]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.6
+
 ## 1.0.1-6-next.5

 ### Patch Changes
--- a/e2e/cli/e2e-npm7/package.json
+++ b/e2e/cli/e2e-npm7/package.json
@@ -1,10 +1,10 @@
 {
  "private": true,
  "name": "@verdaccio/e2e-cli-npm7",
-  "version": "1.0.1-6-next.5",
+  "version": "1.0.1-6-next.7",
  "dependencies": {
-    "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
-    "npm": "7.24.2"
+    "@verdaccio/test-cli-commons": "workspace:1.1.0-6-next.7",
+    "npm": "9.7.1"
  },
  "scripts": {
    "test": "jest"
--- a/e2e/cli/e2e-npm8/CHANGELOG.md
+++ b/e2e/cli/e2e-npm8/CHANGELOG.md
@@ -1,5 +1,19 @@
 # @verdaccio/e2e-cli-npm8

+## 1.0.1-6-next.7
+
+### Patch Changes
+
+- Updated dependencies [c383eb68]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.7
+
+## 1.0.1-6-next.6
+
+### Patch Changes
+
+- Updated dependencies [d167f92e]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.6
+
 ## 1.0.1-6-next.5

 ### Patch Changes
--- a/e2e/cli/e2e-npm8/package.json
+++ b/e2e/cli/e2e-npm8/package.json
@@ -1,10 +1,10 @@
 {
  "private": true,
  "name": "@verdaccio/e2e-cli-npm8",
-  "version": "1.0.1-6-next.5",
+  "version": "1.0.1-6-next.7",
  "dependencies": {
-    "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
-    "npm": "8.19.3"
+    "@verdaccio/test-cli-commons": "workspace:1.1.0-6-next.7",
+    "npm": "9.7.1"
  },
  "scripts": {
    "test": "jest"
--- a/e2e/cli/e2e-npm9/CHANGELOG.md
+++ b/e2e/cli/e2e-npm9/CHANGELOG.md
@@ -1,5 +1,19 @@
 # @verdaccio/e2e-cli-npm9

+## 1.0.1-6-next.7
+
+### Patch Changes
+
+- Updated dependencies [c383eb68]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.7
+
+## 1.0.1-6-next.6
+
+### Patch Changes
+
+- Updated dependencies [d167f92e]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.6
+
 ## 1.0.1-6-next.5

 ### Patch Changes
--- a/e2e/cli/e2e-npm9/package.json
+++ b/e2e/cli/e2e-npm9/package.json
@@ -1,10 +1,10 @@
 {
  "private": true,
  "name": "@verdaccio/e2e-cli-npm9",
-  "version": "1.0.1-6-next.5",
+  "version": "1.0.1-6-next.7",
  "dependencies": {
-    "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
-    "npm": "9.2.0"
+    "@verdaccio/test-cli-commons": "workspace:1.1.0-6-next.7",
+    "npm": "9.7.1"
  },
  "scripts": {
    "test": "jest"
--- a/e2e/cli/e2e-pnpm6/CHANGELOG.md
+++ b/e2e/cli/e2e-pnpm6/CHANGELOG.md
@@ -1,5 +1,19 @@
 # @verdaccio/e2e-cli-pnpm6

+## 1.0.1-6-next.7
+
+### Patch Changes
+
+- Updated dependencies [c383eb68]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.7
+
+## 1.0.1-6-next.6
+
+### Patch Changes
+
+- Updated dependencies [d167f92e]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.6
+
 ## 1.0.1-6-next.5

 ### Patch Changes
--- a/e2e/cli/e2e-pnpm6/package.json
+++ b/e2e/cli/e2e-pnpm6/package.json
@@ -1,10 +1,10 @@
 {
  "private": true,
  "name": "@verdaccio/e2e-cli-pnpm6",
-  "version": "1.0.1-6-next.5",
+  "version": "1.0.1-6-next.7",
  "dependencies": {
-    "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
-    "pnpm": "latest-6"
+    "@verdaccio/test-cli-commons": "workspace:1.1.0-6-next.7",
+    "pnpm": "^6.35.1"
  },
  "scripts": {
    "test": "jest"
--- a/e2e/cli/e2e-pnpm7/CHANGELOG.md
+++ b/e2e/cli/e2e-pnpm7/CHANGELOG.md
@@ -1,5 +1,19 @@
 # @verdaccio/e2e-cli-pnpm7

+## 1.0.1-6-next.7
+
+### Patch Changes
+
+- Updated dependencies [c383eb68]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.7
+
+## 1.0.1-6-next.6
+
+### Patch Changes
+
+- Updated dependencies [d167f92e]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.6
+
 ## 1.0.1-6-next.5

 ### Patch Changes
--- a/e2e/cli/e2e-pnpm7/package.json
+++ b/e2e/cli/e2e-pnpm7/package.json
@@ -1,10 +1,10 @@
 {
  "private": true,
  "name": "@verdaccio/e2e-cli-pnpm7",
-  "version": "1.0.1-6-next.5",
+  "version": "1.0.1-6-next.7",
  "dependencies": {
-    "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
-    "pnpm": "next-7"
+    "@verdaccio/test-cli-commons": "workspace:1.1.0-6-next.7",
+    "pnpm": "^7.27.1"
  },
  "scripts": {
    "test": "jest"
--- a/e2e/cli/e2e-pnpm8/.babelrc
+++ b/e2e/cli/e2e-pnpm8/.babelrc
@@ -0,0 +1,3 @@
+{
+  "extends": "../../../.babelrc"
+}
--- a/e2e/cli/e2e-pnpm8/.eslintrc
+++ b/e2e/cli/e2e-pnpm8/.eslintrc
@@ -0,0 +1,7 @@
+{
+  "rules": {
+    "no-console": 0,
+    "@typescript-eslint/no-var-requires": 0,
+    "@typescript-eslint/explicit-member-accessibility": 0
+  }
+}
--- a/e2e/cli/e2e-pnpm8/CHANGELOG.md
+++ b/e2e/cli/e2e-pnpm8/CHANGELOG.md
@@ -0,0 +1,53 @@
+# @verdaccio/e2e-cli-pnpm7
+
+## 1.0.1-6-next.7
+
+### Patch Changes
+
+- Updated dependencies [c383eb68]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.7
+
+## 1.0.1-6-next.6
+
+### Patch Changes
+
+- Updated dependencies [d167f92e]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.6
+
+## 1.0.1-6-next.5
+
+### Patch Changes
+
+- @verdaccio/test-cli-commons@1.0.1-6-next.5
+
+## 1.0.1-6-next.4
+
+### Patch Changes
+
+- @verdaccio/test-cli-commons@1.0.1-6-next.4
+
+## 1.0.1-6-next.3
+
+### Patch Changes
+
+- 351aeeaa: fix(deps): @verdaccio/utils should be a prod dep of local-storage
+- Updated dependencies [351aeeaa]
+  - @verdaccio/test-cli-commons@1.0.1-6-next.3
+
+## 1.0.1-6-next.2
+
+### Patch Changes
+
+- @verdaccio/test-cli-commons@1.0.1-6-next.2
+
+## 1.0.1-6-next.1
+
+### Patch Changes
+
+- @verdaccio/test-cli-commons@1.0.1-6-next.1
+
+## 1.0.1-6-next.0
+
+### Patch Changes
+
+- @verdaccio/test-cli-commons@1.0.1-6-next.0
--- a/e2e/cli/e2e-pnpm8/audit.spec.ts
+++ b/e2e/cli/e2e-pnpm8/audit.spec.ts
@@ -0,0 +1,45 @@
+import { addRegistry, initialSetup, prepareGenericEmptyProject } from '@verdaccio/test-cli-commons';
+
+import { pnpm } from './utils';
+
+describe('install a package', () => {
+  jest.setTimeout(10000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test.each([['verdaccio-memory', '@verdaccio/cli']])(
+    'should audit a package %s',
+    async (pkgName) => {
+      const { tempFolder } = await prepareGenericEmptyProject(
+        pkgName,
+        '1.0.0-patch',
+        registry.port,
+        registry.getToken(),
+        registry.getRegistryUrl(),
+        { jquery: '3.6.1' }
+      );
+      // install is required to create package lock file
+      await pnpm({ cwd: tempFolder }, 'install', ...addRegistry(registry.getRegistryUrl()));
+      const resp = await pnpm(
+        { cwd: tempFolder },
+        'audit',
+        '--json',
+        ...addRegistry(registry.getRegistryUrl())
+      );
+      const parsedBody = JSON.parse(resp.stdout as string);
+      expect(parsedBody.metadata).toBeDefined();
+      expect(parsedBody.actions).toBeDefined();
+      expect(parsedBody.advisories).toBeDefined();
+      expect(parsedBody.muted).toBeDefined();
+    }
+  );
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});
--- a/e2e/cli/e2e-pnpm8/deprecate.spec.ts
+++ b/e2e/cli/e2e-pnpm8/deprecate.spec.ts
@@ -0,0 +1,115 @@
+import {
+  addRegistry,
+  initialSetup,
+  pnpmUtils,
+  prepareGenericEmptyProject,
+} from '@verdaccio/test-cli-commons';
+
+import { pnpm } from './utils';
+
+describe('deprecate a package', () => {
+  jest.setTimeout(20000);
+  let registry;
+
+  async function deprecate(tempFolder, packageVersion, registry, message) {
+    await pnpm(
+      { cwd: tempFolder },
+      'deprecate',
+      packageVersion,
+      message,
+      '--json',
+      ...addRegistry(registry.getRegistryUrl())
+    );
+  }
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test.each([['@verdaccio/deprecated-1']])(
+    'should deprecate a single package %s',
+    async (pkgName) => {
+      const message = 'some message';
+      const { tempFolder } = await prepareGenericEmptyProject(
+        pkgName,
+        '1.0.0',
+        registry.port,
+        registry.getToken(),
+        registry.getRegistryUrl()
+      );
+      await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+      // deprecate one version
+      await deprecate(tempFolder, `${pkgName}@1.0.0`, registry, message);
+      // verify is deprecated
+      const infoBody = await pnpmUtils.getInfoVersions(pnpm, `${pkgName}`, registry);
+      expect(infoBody.name).toEqual(pkgName);
+      expect(infoBody.deprecated).toEqual(message);
+    }
+  );
+
+  test.each([['@verdaccio/deprecated-2']])('should un-deprecate a package %s', async (pkgName) => {
+    const message = 'some message';
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    // deprecate one version
+    await deprecate(tempFolder, `${pkgName}@1.0.0`, registry, message);
+    // verify is deprecated
+    const infoBody = await pnpmUtils.getInfoVersions(pnpm, `${pkgName}`, registry);
+    expect(infoBody.deprecated).toEqual(message);
+    // empty string is same as undeprecate
+    await deprecate(tempFolder, `${pkgName}@1.0.0`, registry, '');
+    const infoBody2 = await pnpmUtils.getInfoVersions(pnpm, `${pkgName}`, registry);
+    expect(infoBody2.deprecated).toBeUndefined();
+  });
+
+  test.each([['@verdaccio/deprecated-3']])(
+    'should deprecate a multiple packages %s',
+    async (pkgName) => {
+      const message = 'some message';
+      const { tempFolder } = await prepareGenericEmptyProject(
+        pkgName,
+        '1.0.0',
+        registry.port,
+        registry.getToken(),
+        registry.getRegistryUrl()
+      );
+      // publish 1.0.0
+      await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+      // publish 1.1.0
+      await pnpmUtils.bumbUp(pnpm, tempFolder, registry);
+      await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+      // publish 1.2.0
+      await pnpmUtils.bumbUp(pnpm, tempFolder, registry);
+      await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+      // publish 1.3.0
+      await pnpmUtils.bumbUp(pnpm, tempFolder, registry);
+      await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+      // // deprecate all version
+      await deprecate(tempFolder, pkgName, registry, message);
+      // verify is deprecated
+      for (let v of ['1.0.0', '1.1.0', '1.2.0', '1.3.0']) {
+        const infoResp = await pnpmUtils.getInfoVersions(pnpm, `${pkgName}@${v}`, registry);
+        expect(infoResp.deprecated).toEqual(message);
+      }
+      // publish normal version
+      // publish 1.4.0
+      await pnpmUtils.bumbUp(pnpm, tempFolder, registry);
+      await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+      const infoResp = await pnpmUtils.getInfoVersions(pnpm, `${pkgName}@1.4.0`, registry);
+      // must be not deprecated
+      expect(infoResp.deprecated).toBeUndefined();
+    }
+  );
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});
--- a/e2e/cli/e2e-pnpm8/dist-tags.spec.ts
+++ b/e2e/cli/e2e-pnpm8/dist-tags.spec.ts
@@ -0,0 +1,91 @@
+import {
+  addRegistry,
+  initialSetup,
+  pnpmUtils,
+  prepareGenericEmptyProject,
+} from '@verdaccio/test-cli-commons';
+
+import { pnpm } from './utils';
+
+describe('publish a package', () => {
+  jest.setTimeout(20000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test.each([['@foo/foo', 'foo']])('should list dist-tags for %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    await pnpmUtils.bumbUp(pnpm, tempFolder, registry);
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry, ['--tag', 'beta']);
+    const resp2 = await pnpm(
+      { cwd: tempFolder },
+      'dist-tag',
+      'ls',
+      '--json',
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp2.stdout).toEqual('beta: 1.1.0latest: 1.0.0');
+  });
+
+  test.each([['@verdaccio/bar']])('should remove tag with dist-tags for %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    await pnpmUtils.bumbUp(pnpm, tempFolder, registry);
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry, ['--tag', 'beta']);
+    const resp2 = await pnpm(
+      { cwd: tempFolder },
+      'dist-tag',
+      'rm',
+      `${pkgName}@1.1.0`,
+      'beta',
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp2.stdout).toEqual('-beta: @verdaccio/bar@1.1.0');
+  });
+
+  test.each([['@verdaccio/five']])(
+    'should add tag to package and version with dist-tags for %s',
+    async (pkgName) => {
+      const { tempFolder } = await prepareGenericEmptyProject(
+        pkgName,
+        '1.0.0',
+        registry.port,
+        registry.getToken(),
+        registry.getRegistryUrl()
+      );
+      await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+      await pnpmUtils.bumbUp(pnpm, tempFolder, registry);
+      await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+      const resp2 = await pnpm(
+        { cwd: tempFolder },
+        'dist-tag',
+        'add',
+        `${pkgName}@1.1.0`,
+        'alfa',
+        ...addRegistry(registry.getRegistryUrl())
+      );
+      expect(resp2.stdout).toEqual(`+alfa: ${pkgName}@1.1.0`);
+    }
+  );
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});
--- a/e2e/cli/e2e-pnpm8/info.spec.ts
+++ b/e2e/cli/e2e-pnpm8/info.spec.ts
@@ -0,0 +1,31 @@
+import { addRegistry, initialSetup } from '@verdaccio/test-cli-commons';
+
+import { pnpm } from './utils';
+
+describe('install a package', () => {
+  jest.setTimeout(10000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test('should run pnpm info json body', async () => {
+    const resp = await pnpm(
+      {},
+      'info',
+      'verdaccio',
+      '--json',
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    const parsedBody = JSON.parse(resp.stdout as string);
+    expect(parsedBody.name).toEqual('verdaccio');
+    expect(parsedBody.dependencies).toBeDefined();
+  });
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});
--- a/e2e/cli/e2e-pnpm8/install.spec.ts
+++ b/e2e/cli/e2e-pnpm8/install.spec.ts
@@ -0,0 +1,36 @@
+import { addRegistry, initialSetup, prepareGenericEmptyProject } from '@verdaccio/test-cli-commons';
+
+import { pnpm } from './utils';
+
+describe('install a project packages', () => {
+  jest.setTimeout(80000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test('should run npm install json body', async () => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      'something',
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl(),
+      { react: '18.2.0' }
+    );
+    const resp = await pnpm(
+      { cwd: tempFolder },
+      'install',
+      '--reporter=default',
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toMatch(/react/);
+  });
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});
--- a/e2e/cli/e2e-pnpm8/jest.config.js
+++ b/e2e/cli/e2e-pnpm8/jest.config.js
@@ -0,0 +1,3 @@
+const config = require('../jest.config');
+
+module.exports = { ...config };
--- a/e2e/cli/e2e-pnpm8/package.json
+++ b/e2e/cli/e2e-pnpm8/package.json
@@ -0,0 +1,12 @@
+{
+  "private": true,
+  "name": "@verdaccio/e2e-cli-pnpm8",
+  "version": "1.0.1-6-next.7",
+  "dependencies": {
+    "@verdaccio/test-cli-commons": "workspace:1.1.0-6-next.7",
+    "pnpm": "^8.0.0-alpha.0"
+  },
+  "scripts": {
+    "test": "jest"
+  }
+}
--- a/e2e/cli/e2e-pnpm8/ping.spec.ts
+++ b/e2e/cli/e2e-pnpm8/ping.spec.ts
@@ -0,0 +1,24 @@
+import { addRegistry, initialSetup } from '@verdaccio/test-cli-commons';
+
+import { pnpm } from './utils';
+
+describe('ping registry', () => {
+  jest.setTimeout(10000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test('should ping registry', async () => {
+    const resp = await pnpm({}, 'ping', '--json', ...addRegistry(registry.getRegistryUrl()));
+    const parsedBody = JSON.parse(resp.stdout as string);
+    expect(parsedBody.registry).toEqual(registry.getRegistryUrl() + '/');
+  });
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});
--- a/e2e/cli/e2e-pnpm8/publish.spec.ts
+++ b/e2e/cli/e2e-pnpm8/publish.spec.ts
@@ -0,0 +1,41 @@
+import { addRegistry, initialSetup, prepareGenericEmptyProject } from '@verdaccio/test-cli-commons';
+
+import { pnpm } from './utils';
+
+describe('install a package', () => {
+  jest.setTimeout(10000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test.each([['verdaccio-memory', 'verdaccio', '@verdaccio/foo', '@verdaccio/some-foo']])(
+    'should publish a package %s',
+    async (pkgName) => {
+      const { tempFolder } = await prepareGenericEmptyProject(
+        pkgName,
+        '1.0.0-patch',
+        registry.port,
+        registry.getToken(),
+        registry.getRegistryUrl()
+      );
+      const resp = await pnpm(
+        { cwd: tempFolder },
+        'publish',
+        '--json',
+        ...addRegistry(registry.getRegistryUrl())
+      );
+      const parsedBody = JSON.parse(resp.stdout as string);
+      expect(parsedBody.name).toEqual(pkgName);
+      expect(parsedBody.files).toBeDefined();
+      expect(parsedBody.files).toBeDefined();
+    }
+  );
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});
--- a/e2e/cli/e2e-pnpm8/search.spec.ts
+++ b/e2e/cli/e2e-pnpm8/search.spec.ts
@@ -0,0 +1,33 @@
+import { addRegistry, initialSetup } from '@verdaccio/test-cli-commons';
+
+import { pnpm } from './utils';
+
+describe('search a package', () => {
+  jest.setTimeout(10000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test('should search a package', async () => {
+    const resp = await pnpm(
+      {},
+      'search',
+      '@verdaccio/cli',
+      '--json',
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    const parsedBody = JSON.parse(resp.stdout as string);
+    const pkgFind = parsedBody.find((item) => {
+      return item.name === '@verdaccio/cli';
+    });
+    expect(pkgFind.name).toEqual('@verdaccio/cli');
+  });
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});
--- a/e2e/cli/e2e-pnpm8/star.spec.ts
+++ b/e2e/cli/e2e-pnpm8/star.spec.ts
@@ -0,0 +1,89 @@
+import {
+  addRegistry,
+  initialSetup,
+  pnpmUtils,
+  prepareGenericEmptyProject,
+} from '@verdaccio/test-cli-commons';
+
+import { pnpm } from './utils';
+
+describe('star a package', () => {
+  jest.setTimeout(20000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test.each([['@verdaccio/foo']])('should star a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    const resp = await pnpm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+  });
+
+  test.each([['@verdaccio/bar']])('should unstar a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    const resp = await pnpm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+
+    const resp1 = await pnpm(
+      { cwd: tempFolder },
+      'unstar',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp1.stdout).toEqual(`☆  ${pkgName}`);
+  });
+
+  test('should list stars of a user %s', async () => {
+    const pkgName = '@verdaccio/stars';
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    await pnpm({ cwd: tempFolder }, 'star', pkgName, ...addRegistry(registry.getRegistryUrl()));
+    const resp = await pnpm(
+      { cwd: tempFolder },
+      'stars',
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    // side effects: this result is affected the the package published in the previous step
+    expect(resp.stdout).toEqual(`@verdaccio/foo@verdaccio/stars`);
+  });
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});
--- a/e2e/cli/e2e-pnpm8/tsconfig.json
+++ b/e2e/cli/e2e-pnpm8/tsconfig.json
@@ -0,0 +1,8 @@
+{
+  "extends": "../../../tsconfig.reference.json",
+  "references": [
+    {
+      "path": "../cli-commons"
+    }
+  ]
+}
--- a/e2e/cli/e2e-pnpm8/utils.ts
+++ b/e2e/cli/e2e-pnpm8/utils.ts
@@ -0,0 +1,12 @@
+import { SpawnOptions } from 'child_process';
+import { join } from 'path';
+
+import { exec } from '@verdaccio/test-cli-commons';
+
+function getCommand() {
+  return join(__dirname, './node_modules/.bin/pnpm');
+}
+
+export function pnpm(options: SpawnOptions, ...args: string[]) {
+  return exec(options, getCommand(), args);
+}
--- a/e2e/cli/e2e-yarn1/CHANGELOG.md
+++ b/e2e/cli/e2e-yarn1/CHANGELOG.md
@@ -1,5 +1,19 @@
 # @verdaccio/e2e-cli-yarn1

+## 1.0.1-6-next.7
+
+### Patch Changes
+
+- Updated dependencies [c383eb68]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.7
+
+## 1.0.1-6-next.6
+
+### Patch Changes
+
+- Updated dependencies [d167f92e]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.6
+
 ## 1.0.1-6-next.5

 ### Patch Changes
--- a/e2e/cli/e2e-yarn1/package.json
+++ b/e2e/cli/e2e-yarn1/package.json
@@ -1,9 +1,9 @@
 {
  "private": true,
  "name": "@verdaccio/e2e-cli-yarn1",
-  "version": "1.0.1-6-next.5",
+  "version": "1.0.1-6-next.7",
  "dependencies": {
-    "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
+    "@verdaccio/test-cli-commons": "workspace:1.1.0-6-next.7",
    "yarn": "1.22.19"
  },
  "scripts": {
--- a/e2e/cli/e2e-yarn2/CHANGELOG.md
+++ b/e2e/cli/e2e-yarn2/CHANGELOG.md
@@ -1,5 +1,19 @@
 # @verdaccio/e2e-cli-yarn2

+## 1.0.1-6-next.7
+
+### Patch Changes
+
+- Updated dependencies [c383eb68]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.7
+
+## 1.0.1-6-next.6
+
+### Patch Changes
+
+- Updated dependencies [d167f92e]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.6
+
 ## 1.0.1-6-next.5

 ### Patch Changes
--- a/e2e/cli/e2e-yarn2/audit.spec.ts
+++ b/e2e/cli/e2e-yarn2/audit.spec.ts
@@ -30,10 +30,6 @@ describe('audit a package yarn 2', () => {
    const resp = await yarn(projectFolder, 'npm', 'audit', '--json');
    const parsedBody = JSON.parse(resp.stdout as string);
    expect(parsedBody.advisories).toBeDefined();
-    expect(parsedBody.advisories['1069969']).toBeDefined();
-    expect(parsedBody.advisories['1069969'].recommendation).toEqual(
-      'Upgrade to version 3.4.0 or later'
-    );
  });

  afterAll(async () => {
--- a/e2e/cli/e2e-yarn2/package.json
+++ b/e2e/cli/e2e-yarn2/package.json
@@ -1,9 +1,9 @@
 {
  "private": true,
  "name": "@verdaccio/e2e-cli-yarn2",
-  "version": "1.0.1-6-next.5",
+  "version": "1.0.1-6-next.7",
  "dependencies": {
-    "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
+    "@verdaccio/test-cli-commons": "workspace:1.1.0-6-next.7",
    "@yarnpkg/cli-dist": "2.4.2"
  },
  "scripts": {
--- a/e2e/cli/e2e-yarn3/CHANGELOG.md
+++ b/e2e/cli/e2e-yarn3/CHANGELOG.md
@@ -1,5 +1,19 @@
 # @verdaccio/e2e-cli-yarn3

+## 1.0.1-6-next.7
+
+### Patch Changes
+
+- Updated dependencies [c383eb68]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.7
+
+## 1.0.1-6-next.6
+
+### Patch Changes
+
+- Updated dependencies [d167f92e]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.6
+
 ## 1.0.1-6-next.5

 ### Patch Changes
--- a/e2e/cli/e2e-yarn3/audit.spec.ts
+++ b/e2e/cli/e2e-yarn3/audit.spec.ts
@@ -30,10 +30,6 @@ describe('audit a package yarn 3', () => {
    const resp = await yarn(projectFolder, 'npm', 'audit', '--json');
    const parsedBody = JSON.parse(resp.stdout as string);
    expect(parsedBody.advisories).toBeDefined();
-    expect(parsedBody.advisories['1069969']).toBeDefined();
-    expect(parsedBody.advisories['1069969'].recommendation).toEqual(
-      'Upgrade to version 3.4.0 or later'
-    );
  });

  afterAll(async () => {
--- a/e2e/cli/e2e-yarn3/package.json
+++ b/e2e/cli/e2e-yarn3/package.json
@@ -1,10 +1,10 @@
 {
  "private": true,
  "name": "@verdaccio/e2e-cli-yarn3",
-  "version": "1.0.1-6-next.5",
+  "version": "1.0.1-6-next.7",
  "dependencies": {
-    "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
-    "@yarnpkg/cli-dist": "3.3.1"
+    "@verdaccio/test-cli-commons": "workspace:1.1.0-6-next.7",
+    "@yarnpkg/cli-dist": "3.4.1"
  },
  "scripts": {
    "test": "jest"
--- a/e2e/cli/e2e-yarn4/CHANGELOG.md
+++ b/e2e/cli/e2e-yarn4/CHANGELOG.md
@@ -1,5 +1,19 @@
 # @verdaccio/e2e-cli-yarn4

+## 1.0.1-6-next.7
+
+### Patch Changes
+
+- Updated dependencies [c383eb68]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.7
+
+## 1.0.1-6-next.6
+
+### Patch Changes
+
+- Updated dependencies [d167f92e]
+  - @verdaccio/test-cli-commons@1.1.0-6-next.6
+
 ## 1.0.1-6-next.5

 ### Patch Changes
--- a/e2e/cli/e2e-yarn4/bin/yarn-4.0.0-rc.14.cjs
+++ b/e2e/cli/e2e-yarn4/bin/yarn-4.0.0-rc.14.cjs
--- a/e2e/cli/e2e-yarn4/package.json
+++ b/e2e/cli/e2e-yarn4/package.json
@@ -1,9 +1,10 @@
 {
  "private": true,
  "name": "@verdaccio/e2e-cli-yarn4",
-  "version": "1.0.1-6-next.5",
+  "version": "1.0.1-6-next.7",
  "dependencies": {
-    "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5"
+    "@yarnpkg/cli-dist": "4.0.0-rc.39",
+    "@verdaccio/test-cli-commons": "workspace:1.1.0-6-next.7"
  },
  "scripts": {
    "test": "jest"
--- a/Show More
+++ b/Show More