Skip to content

[pull] latest from npm:latest #119

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pull merged 3 commits into from
Dec 17, 2025
Merged

[pull] latest from npm:latest #119

pull merged 3 commits into from
Dec 17, 2025

Conversation

@pull
Copy link

@pull pull bot commented Dec 17, 2025
edited
Loading

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

Max Black and others added 3 commits December 16, 2025 11:21
@wraithgar
feat: export environment config variable names
5a444d5
@wraithgar
feat: show proxy environment variables in npm config list
545e861 
Adds proxy-related environment variables to npm config list output
to help users understand their proxy configuration. Variables are
checked case-insensitively to match the agent library behavior.

Closes #4170
@saksham-malhotra-27
fix: preserve serialNumber UUID in CycloneDX SBOM output #8837 (#8859)
c2f784d 
As mentioned in the issue #8837, BOM files in cyclonedx format created
by npm-sbom contain an invalid statically UUID value in the serialNumber
field: `"serialNumber": "urn:uuid:***"`, because it was being redacted
each time.

This change uses `output.standard()` with `{ [META]: true, redact: false
}` to bypass redaction for SBOM output, following the same pattern used
in `lib/commands/token.js` for outputting authentication tokens that
should not be redacted.
 
**Before:**
```json
"serialNumber": "urn:uuid:***"
```

**After:**
```json
"serialNumber": "urn:uuid:12345678-1234-1234-1234-123456789abc"
```
<img width="1265" height="518" alt="image"
src="https://github.com/user-attachments/assets/fc21aa65-2bef-4336-a55c-e7417ae9eebd"
/>


## Testing 

- All existing tests pass
- Verified locally that `serialNumber` now displays the complete UUID

## References
Fixes #8837
@pull pull bot locked and limited conversation to collaborators Dec 17, 2025
@pull pull bot added the ⤵️ pull label Dec 17, 2025
@pull pull bot merged commit c2f784d into LadyK-21:latest Dec 17, 2025
9 of 12 checks passed
@LadyK-21
Copy link
Owner

LadyK-21 commented Dec 17, 2025

⚠️ Snyk checks are incomplete.

Status Scanner Critical High Medium Low Total (0)
⚠️ Open Source Security 0 0 0 0 See details

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

⤵️ pull

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@LadyK-21 @saksham-malhotra-27