Deprecating non-audit-related advisory fetch endpoints for the npmjs.com registry API

On February 16, 2022, all non-audit-related npm Advisory APIs will be deprecated. Historically these undocumented APIs have been used to programmatically access advisory data. If you don’t use these APIs, you don’t need to take any action at this time.

Why the change?

Earlier this year, all npm advisory APIs were updated to be powered by the GitHub Advisory Database. As part of this work, we have created a service that converts the GitHub Advisory entries into a format that is compatible with the npm CLI and other tools that rely on our audit APIs that manage POST requests.

All non-audit-related npm Advisory APIs will be deprecated as the data being served from them has been modified from the original source, the GitHub Advisory Database.

What do I need to do?

We recommend customers who wish to continue utilizing advisory data should switch to the GitHub Security Advisory GraphQL API.

You can now add custom parameters to your sponsorship URL in order to see what links your sponsors are coming to you from. Learn more about formatting your custom URLs and how to export the metadata in the documentation.

See more

You can manage your keyboard shortcuts using the new accessibility settings page.

Screenshot of the new accessibility settings page

You can choose to disable "character key shortcuts". This turns off keyboard shortcuts that only use single characters like s, g c, and . (the period key). Shortcuts which make use of modifier keys like command and control are not affected by this setting.

This feature prevents accidental triggering of keyboard shortcuts. This is important for people who use a keyboard and for people who use assistive technologies like voice input.

Read our documentation on managing accessibility settings.

See more