Merge f28584cecf into 1aab8b2d5a

due the use of --min or NVM_MIN, which would show only the versions
higher than the specified min version, and/or the available minor/patch
updates for the installed versions.

.github/INCIDENT_RESPONSE_PLAN.md

@@ -0,0 +1,117 @@
+# Incident Response Process for **nvm**
+
+## Reporting a Vulnerability
+
+We take the security of **nvm** very seriously. If you believe you’ve found a security vulnerability, please inform us responsibly through coordinated disclosure.
+
+### How to Report
+
+> **Do not** report security vulnerabilities through public GitHub issues, discussions, or social media.
+
+Instead, please use one of these secure channels:
+
+1. **GitHub Security Advisories**
+    Use the **Report a vulnerability** button in the Security tab of the [nvm-sh/nvm repository](https://github.com/nvm-sh/nvm).
+
+2. **Email**
+    Follow the posted [Security Policy](https://github.com/nvm-sh/nvm/security/policy).
+
+### What to Include
+
+**Required Information:**
+- Brief description of the vulnerability type
+- Affected version(s) and components
+- Steps to reproduce the issue
+- Impact assessment (what an attacker could achieve)
+
+**Helpful Additional Details:**
+- Full paths of affected scripts or files
+- Specific commit or branch where the issue exists
+- Required configuration to reproduce
+- Proof-of-concept code (if available)
+- Suggested mitigation or fix
+
+## Our Response Process
+
+**Timeline Commitments:**
+- **Initial acknowledgment**: Within 24 hours
+- **Detailed response**: Within 3 business days
+- **Status updates**: Every 7 days until resolved
+- **Resolution target**: 90 days for most issues
+
+**What We’ll Do:**
+1. Acknowledge your report and assign a tracking ID
+2. Assess the vulnerability and determine severity
+3. Develop and test a fix
+4. Coordinate disclosure timeline with you
+5. Release a security update and publish an advisory and CVE
+6. Credit you in our security advisory (if desired)
+
+## Disclosure Policy
+
+- **Coordinated disclosure**: We’ll work with you on timing
+- **Typical timeline**: 90 days from report to public disclosure
+- **Early disclosure**: If actively exploited
+- **Delayed disclosure**: For complex issues
+
+## Scope
+
+**In Scope:**
+- **nvm** project (all supported versions)
+- Installation and update scripts (`install.sh`, `nvm.sh`)
+- Official documentation and CI/CD integrations
+- Dependencies with direct security implications
+
+**Out of Scope:**
+- Third-party forks or mirrors
+- Platform-specific installs outside core scripts
+- Social engineering or physical attacks
+- Theoretical vulnerabilities without practical exploitation
+
+## Security Measures
+
+**Our Commitments:**
+- Regular vulnerability scanning via GitHub Actions
+- Automated security checks in CI/CD pipelines
+- Secure scripting practices and mandatory code review
+- Prompt patch releases for critical issues
+
+**User Responsibilities:**
+- Keep **nvm** updated
+- Verify script downloads via PGP signatures
+- Follow secure configuration guidelines for shell environments
+
+## Legal Safe Harbor
+
+**We will NOT:**
+- Initiate legal action
+- Contact law enforcement
+- Suspend or terminate your access
+
+**You must:**
+- Only test against your own installations
+- Not access, modify, or delete user data
+- Not degrade service availability
+- Not publicly disclose before coordinated disclosure
+- Act in good faith
+
+## Recognition
+
+- **Advisory Credits**: Credit in GitHub Security Advisories (unless anonymous)
+
+## Security Updates
+
+**Stay Informed:**
+- Subscribe to GitHub releases for **nvm**
+- Enable GitHub Security Advisory notifications
+
+**Update Process:**
+- Patch releases (e.g., v0.40.3 → v0.40.4)
+- Out-of-band releases for critical issues
+- Advisories via GitHub Security Advisories
+
+## Contact Information
+
+- **Security reports**: Security tab of [nvm-sh/nvm](https://github.com/nvm-sh/nvm/security)
+- **General inquiries**: GitHub Discussions or Issues
+

.github/SECURITY.md

@@ -1,6 +1,6 @@
 # Security
 
-Please email [@ljharb](https://github.com/ljharb) or see https://tidelift.com/security if you have a potential security vulnerability to report.
+Please file a private vulnerability report via GitHub, email [@ljharb](https://github.com/ljharb), or see https://tidelift.com/security if you have a potential security vulnerability to report.
 
 ## OpenSSF CII Best Practices
 
@@ -12,16 +12,17 @@ There are three “tiers”: passing, silver, and gold.
 We meet 100% of the “passing” criteria.
 
 ### Silver
-We meet 95% of the “silver” criteria. The gaps are as follows:
-  - we do not have a DCO or a CLA process for contributions.
-  - because we only have one maintainer, the project has no way to continue if that maintainer stops being active.
-  - we do not currently document “what the user can and cannot expect in terms of security” for our project. This is planned to be completed in 2023.
+We meet 100% of the “silver” criteria.
 
 ### Gold
-We meet 65% of the “gold” criteria. The gaps are as follows:
-  - we do not yet have the “silver” badge; see all the gaps above.
+We meet 78% of the “gold” criteria. The gaps are as follows:
+  - because we only have one maintainer, the project has no way to continue if that maintainer stops being active.
   - We do not include a copyright or license statement in each source file. Efforts are underway to change this archaic practice into a suggestion instead of a hard requirement.
 
 ## Threat Model
 
-See [THREAT_MODEL.md](./THREAT_MODEL.md).
+See [THREAT_MODEL.md](.github/THREAT_MODEL.md).
+
+## Incident Response Plan
+
+Please see our [Incident Response Plan](.github/INCIDENT_RESPONSE_PLAN.md).

README.md

@@ -6,7 +6,7 @@
 </a>
 
 
-# Node Version Manager [![Build Status](https://app.travis-ci.com/nvm-sh/nvm.svg?branch=master)][3] [![nvm version](https://img.shields.io/badge/version-v0.40.1-yellow.svg)][4] [![CII Best Practices](https://bestpractices.dev/projects/684/badge)](https://bestpractices.dev/projects/684)
+# Node Version Manager [![Build Status](https://app.travis-ci.com/nvm-sh/nvm.svg?branch=master)][3] [![nvm version](https://img.shields.io/badge/version-v0.40.3-yellow.svg)][4] [![CII Best Practices](https://bestpractices.dev/projects/684/badge)](https://bestpractices.dev/projects/684)
 
 <!-- To update this table of contents, ensure you have run `npm install` then `npm run doctoc` -->
 <!-- START doctoc generated TOC please keep comment here to allow auto update -->
@@ -19,6 +19,7 @@
   - [Install & Update Script](#install--update-script)
     - [Additional Notes](#additional-notes)
     - [Installing in Docker](#installing-in-docker)
+      - [Installing in Docker for CICD-Jobs](#installing-in-docker-for-cicd-jobs)
     - [Troubleshooting on Linux](#troubleshooting-on-linux)
     - [Troubleshooting on macOS](#troubleshooting-on-macos)
     - [Ansible](#ansible)
@@ -103,10 +104,10 @@ nvm is a version manager for [node.js](https://nodejs.org/en/), designed to be i
 
 To **install** or **update** nvm, you should run the [install script][2]. To do that, you may either download and run the script manually, or use the following cURL or Wget command:
 ```sh
-curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
+curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash
 ```
 ```sh
-wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
+wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash
 ```
 
 Running either of the above commands downloads a script and runs it. The script clones the nvm repository to `~/.nvm`, and attempts to add the source lines from the snippet below to the correct profile file (`~/.bashrc`, `~/.bash_profile`, `~/.zshrc`, or `~/.profile`). If you find the install script is updating the wrong profile file, set the `$PROFILE` env var to the profile file’s path, and then rerun the installation script.
@@ -133,7 +134,7 @@ Eg: `curl ... | NVM_DIR="path/to/nvm"`. Ensure that the `NVM_DIR` does not conta
 
 - The installer can use `git`, `curl`, or `wget` to download `nvm`, whichever is available.
 
-- You can instruct the installer to not edit your shell config (for example if you already get completions via a [zsh nvm plugin](https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/nvm)) by setting `PROFILE=/dev/null` before running the `install.sh` script. Here's an example one-line command to do that: `PROFILE=/dev/null bash -c 'curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash'`
+- You can instruct the installer to not edit your shell config (for example if you already get completions via a [zsh nvm plugin](https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/nvm)) by setting `PROFILE=/dev/null` before running the `install.sh` script. Here's an example one-line command to do that: `PROFILE=/dev/null bash -c 'curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash'`
 
 #### Installing in Docker
 
@@ -154,6 +155,62 @@ RUN echo node > .nvmrc
 RUN nvm install
 ```
 
+##### Installing in Docker for CICD-Jobs
+
+More robust, works in CI/CD-Jobs. Can be run in interactive and non-interactive containers.
+See https://github.com/nvm-sh/nvm/issues/3531.
+
+```Dockerfile
+FROM ubuntu:latest
+ARG NODE_VERSION=20
+
+# install curl
+RUN apt update && apt install curl -y
+
+# install nvm
+RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash
+
+# set env
+ENV NVM_DIR=/root/.nvm
+
+# install node
+RUN bash -c "source $NVM_DIR/nvm.sh && nvm install $NODE_VERSION"
+
+# set ENTRYPOINT for reloading nvm-environment
+ENTRYPOINT ["bash", "-c", "source $NVM_DIR/nvm.sh && exec \"$@\"", "--"]
+
+# set cmd to bash
+CMD ["/bin/bash"]
+
+```
+
+This example defaults to installation of nodejs version 20.x.y. Optionally you can easily override the version with docker build args like:
+```
+docker build -t nvmimage --build-arg NODE_VERSION=19 .
+```
+
+After creation of the image you can start container interactively and run commands, for example:
+```
+docker run --rm -it nvmimage
+
+root@0a6b5a237c14:/# nvm -v
+0.40.3
+
+root@0a6b5a237c14:/# node -v
+v19.9.0
+
+root@0a6b5a237c14:/# npm -v
+9.6.3
+```
+
+Noninteractive example:
+```
+user@host:/tmp/test $ docker run --rm -it nvmimage node -v
+v19.9.0
+user@host:/tmp/test $ docker run --rm -it nvmimage npm -v
+9.6.3
+```
+
 #### Troubleshooting on Linux
 
 On Linux, after running the install script, if you get `nvm: command not found` or see no feedback from your terminal after you type `command -v nvm`, simply close your current terminal, open a new terminal, and try verifying again.
@@ -200,7 +257,7 @@ You can use a task:
 ```yaml
 - name: Install nvm
   ansible.builtin.shell: >
-    curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
+    curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash
   args:
     creates: "{{ ansible_env.HOME }}/.nvm/nvm.sh"
 ```
@@ -262,7 +319,7 @@ If you have `git` installed (requires git v1.7.10+):
 
 1. clone this repo in the root of your user profile
     - `cd ~/` from anywhere then `git clone https://github.com/nvm-sh/nvm.git .nvm`
-1. `cd ~/.nvm` and check out the latest version with `git checkout v0.40.1`
+1. `cd ~/.nvm` and check out the latest version with `git checkout v0.40.3`
 1. activate `nvm` by sourcing it from your shell: `. ./nvm.sh`
 
 Now add these lines to your `~/.bashrc`, `~/.profile`, or `~/.zshrc` file to have it automatically sourced upon login:
@@ -833,7 +890,7 @@ my_alias        default        v10.22.0       v12.18.3      v14.8.0
 
 ## Compatibility Issues
 
-`nvm` will encounter some issues if you have some non-default settings set. (see [#606](https://github.com/creationix/nvm/issues/606))
+`nvm` will encounter some issues if you have some non-default settings set. (see [#606](https://github.com/nvm-sh/nvm/issues/606))
 The following are known to cause issues:
 
 Inside `~/.npmrc`:
@@ -868,13 +925,13 @@ If installing nvm on Alpine Linux *is* still what you want or need to do, you sh
 ### Alpine Linux 3.13+
 ```sh
 apk add -U curl bash ca-certificates openssl ncurses coreutils python3 make gcc g++ libgcc linux-headers grep util-linux binutils findutils
-curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
+curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash
 ```
 
 ### Alpine Linux 3.5 - 3.12
 ```sh
 apk add -U curl bash ca-certificates openssl ncurses coreutils python2 make gcc g++ libgcc linux-headers grep util-linux binutils findutils
-curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
+curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash
 ```
 
 _Note: Alpine 3.5 can only install NodeJS versions up to v6.9.5, Alpine 3.6 can only install versions up to v6.10.3, Alpine 3.7 installs versions up to v8.9.3, Alpine 3.8 installs versions up to v8.14.0, Alpine 3.9 installs versions up to v10.19.0, Alpine 3.10 installs versions up to v10.24.1, Alpine 3.11 installs versions up to v12.22.6, Alpine 3.12 installs versions up to v12.22.12, Alpine 3.13 & 3.14 install versions up to v14.20.0, Alpine 3.15 & 3.16 install versions up to v16.16.0 (**These are all versions on the main branch**). Alpine 3.5 - 3.12 required the package `python2` to build NodeJS, as they are older versions to build. Alpine 3.13+ requires `python3` to successfully build newer NodeJS versions, but you can use `python2` with Alpine 3.13+ if you need to build versions of node supported in Alpine 3.5 - 3.15, you just need to specify what version of NodeJS you need to install in the package install script._
@@ -977,9 +1034,9 @@ You have to make sure that the user directory name in `$HOME` and the user direc
 To change the user directory and/or account name follow the instructions [here](https://support.apple.com/en-us/HT201548)
 
 [1]: https://github.com/nvm-sh/nvm.git
-[2]: https://github.com/nvm-sh/nvm/blob/v0.40.1/install.sh
+[2]: https://github.com/nvm-sh/nvm/blob/v0.40.3/install.sh
 [3]: https://app.travis-ci.com/nvm-sh/nvm
-[4]: https://github.com/nvm-sh/nvm/releases/tag/v0.40.1
+[4]: https://github.com/nvm-sh/nvm/releases/tag/v0.40.3
 [Urchin]: https://git.sdf.org/tlevine/urchin
 [Fish]: https://fishshell.com
 
@@ -1037,7 +1094,7 @@ Here's what you will need to do:
   If one of these broken versions is installed on your system, the above step will likely still succeed even if you didn't include the `--shared-zlib` flag.
   However, later, when you attempt to `npm install` something using your old version of node.js, you will see `incorrect data check` errors.
   If you want to avoid the possible hassle of dealing with this, include that flag.
-  For more details, see [this issue](https://github.com/nodejs/node/issues/39313) and [this comment](https://github.com/nodejs/node/issues/39313#issuecomment-90.40.176)
+  For more details, see [this issue](https://github.com/nodejs/node/issues/39313) and [this comment](https://github.com/nodejs/node/issues/39313#issuecomment-90.40.376)
 
 - Exit back to your native shell.
 
@@ -1064,7 +1121,7 @@ Now you should be able to use node as usual.
 If you've encountered this error on WSL-2:
 
   ```sh
-  curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
+  curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash
   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                   Dload  Upload  Total   Spent    Left  Speed
   0     0    0     0    0     0      0      0 --:--:--  0:00:09 --:--:--     0curl: (6) Could not resolve host: raw.githubusercontent.com
@@ -1099,7 +1156,7 @@ Currently, the sole maintainer is [@ljharb](https://github.com/ljharb) - more ma
 
 ## Project Support
 
-Only the latest version (v0.40.1 at this time) is supported.
+Only the latest version (v0.40.3 at this time) is supported.
 
 ## Enterprise Support
 

install.sh

@@ -33,7 +33,7 @@ nvm_install_dir() {
 }
 
 nvm_latest_version() {
-  nvm_echo "v0.40.1"
+  nvm_echo "v0.40.3"
 }
 
 nvm_profile_is_bash_or_zsh() {

nvm.sh

@@ -136,15 +136,17 @@ nvm_download() {
     eval "curl -q --fail ${CURL_COMPRESSED_FLAG:-} ${CURL_HEADER_FLAG:-} ${NVM_DOWNLOAD_ARGS}"
   elif nvm_has "wget"; then
     # Emulate curl with wget
-    ARGS=$(nvm_echo "$@" | command sed -e 's/--progress-bar /--progress=bar /' \
-                            -e 's/--compressed //' \
-                            -e 's/--fail //' \
-                            -e 's/-L //' \
-                            -e 's/-I /--server-response /' \
-                            -e 's/-s /-q /' \
-                            -e 's/-sS /-nv /' \
-                            -e 's/-o /-O /' \
-                            -e 's/-C - /-c /')
+    ARGS=$(nvm_echo "$@" | command sed "
+      s/--progress-bar /--progress=bar /
+      s/--compressed //
+      s/--fail //
+      s/-L //
+      s/-I /--server-response /
+      s/-s /-q /
+      s/-sS /-nv /
+      s/-o /-O /
+      s/-C - /-c /
+    ")
 
     if [ -n "${NVM_AUTH_HEADER:-}" ]; then
       ARGS="${ARGS} --header \"${NVM_AUTH_HEADER}\""
@@ -354,19 +356,19 @@ nvm_install_latest_npm() {
     if [ $NVM_IS_19_OR_ABOVE -eq 1 ] && nvm_version_greater_than_or_equal_to "${NODE_VERSION}" 20.5.0; then
       NVM_IS_20_5_OR_ABOVE=1
     fi
-    local NVM_IS_20_17_or_ABOVE
-    NVM_IS_20_17_or_ABOVE=0
-    if [ $NVM_IS_20_5_OR_ABOVE -eq 1 ] && nvm_version_greater 20.17.0 "${NODE_VERSION}"; then
-      NVM_IS_20_17_or_ABOVE=1
+    local NVM_IS_20_17_OR_ABOVE
+    NVM_IS_20_17_OR_ABOVE=0
+    if [ $NVM_IS_20_5_OR_ABOVE -eq 1 ] && nvm_version_greater_than_or_equal_to "${NODE_VERSION}" 20.17.0; then
+      NVM_IS_20_17_OR_ABOVE=1
     fi
     local NVM_IS_21_OR_ABOVE
     NVM_IS_21_OR_ABOVE=0
-    if [ $NVM_IS_20_17_or_ABOVE -eq 1 ] && nvm_version_greater 21.0.0 "${NODE_VERSION}"; then
+    if [ $NVM_IS_20_17_OR_ABOVE -eq 1 ] && nvm_version_greater_than_or_equal_to "${NODE_VERSION}" 21.0.0; then
       NVM_IS_21_OR_ABOVE=1
     fi
     local NVM_IS_22_9_OR_ABOVE
     NVM_IS_22_9_OR_ABOVE=0
-    if [ $NVM_IS_21_OR_ABOVE -eq 1 ] && nvm_version_greater 22.9.0 "${NODE_VERSION}"; then
+    if [ $NVM_IS_21_OR_ABOVE -eq 1 ] && nvm_version_greater_than_or_equal_to "${NODE_VERSION}" 22.9.0; then
       NVM_IS_22_9_OR_ABOVE=1
     fi
 
@@ -418,7 +420,7 @@ nvm_install_latest_npm() {
       nvm_echo '* `npm` `v9.x` is the last version that works on `node` `< v18.17`, `v19`, or `v20.0` - `v20.4`'
       $NVM_NPM_CMD install -g npm@9
     elif \
-      [ $NVM_IS_20_17_or_ABOVE -eq 0 ] \
+      [ $NVM_IS_20_17_OR_ABOVE -eq 0 ] \
       || { [ $NVM_IS_21_OR_ABOVE -eq 1 ] && [ $NVM_IS_22_9_OR_ABOVE -eq 0 ]; } \
     ; then
       nvm_echo '* `npm` `v10.x` is the last version that works on `node` `< v20.17`, `v21`, or `v22.0` - `v22.8`'
@@ -1413,11 +1415,11 @@ nvm_add_iojs_prefix() {
 nvm_strip_iojs_prefix() {
   local NVM_IOJS_PREFIX
   NVM_IOJS_PREFIX="$(nvm_iojs_prefix)"
-  if [ "${1-}" = "${NVM_IOJS_PREFIX}" ]; then
-    nvm_echo
-  else
-    nvm_echo "${1#"${NVM_IOJS_PREFIX}"-}"
-  fi
+
+  case "${1-}" in
+    "${NVM_IOJS_PREFIX}") nvm_echo ;;
+    *) nvm_echo "${1#"${NVM_IOJS_PREFIX}"-}" ;;
+  esac
 }
 
 nvm_ls() {
@@ -1549,12 +1551,15 @@ nvm_ls() {
   fi
 
   if [ "${NVM_ADD_SYSTEM-}" = true ]; then
-    if [ -z "${PATTERN}" ] || [ "${PATTERN}" = 'v' ]; then
-      VERSIONS="${VERSIONS}
+    case "${PATTERN}" in
+      '' | v)
+        VERSIONS="${VERSIONS}
 system"
-    elif [ "${PATTERN}" = 'system' ]; then
-      VERSIONS="system"
-    fi
+      ;;
+      system)
+        VERSIONS="system"
+      ;;
+    esac
   fi
 
   if [ -z "${VERSIONS}" ]; then
@@ -1688,7 +1693,7 @@ EOF
     LTS="${LTS#lts/}"
   fi
 
-  VERSIONS="$({ command awk -v lts="${LTS-}" '{
+  VERSIONS="$( { command awk -v lts="${LTS-}" '{
         if (!$1) { next }
         if (lts && $10 ~ /^\-?$/) { next }
         if (lts && lts != "*" && tolower($10) !~ tolower(lts)) { next }
@@ -1878,68 +1883,84 @@ nvm_print_versions() {
   fi
 
   command awk \
-    -v remote_versions="$(printf '%s' "${1-}" | tr '\n' '|')" \
+    -v remote_versions="$(printf '%s' "${1-}" | tr '\n' '|')" -v min="${NVM_MIN:-v0}" \
     -v installed_versions="$(nvm_ls | tr '\n' '|')" -v current="$NVM_CURRENT" \
     -v installed_color="$INSTALLED_COLOR" -v system_color="$SYSTEM_COLOR" \
     -v current_color="$CURRENT_COLOR" -v default_color="$DEFAULT_COLOR" \
     -v old_lts_color="$DEFAULT_COLOR" -v has_colors="$NVM_HAS_COLORS" '
-function alen(arr, i, len) { len=0; for(i in arr) len++; return len; }
-BEGIN {
-  fmt_installed = has_colors ? (installed_color ? "\033[" installed_color "%15s\033[0m" : "%15s") : "%15s *";
-  fmt_system = has_colors ? (system_color ? "\033[" system_color "%15s\033[0m" : "%15s") : "%15s *";
-  fmt_current = has_colors ? (current_color ? "\033[" current_color "->%13s\033[0m" : "%15s") : "->%13s *";
+  function alen(arr, i, len) { len=0; for(i in arr) len++; return len; }
+  function v2a(v, a) { sub(/^(iojs-)?v/, "", v); split(v, a, "."); }
+  function v2m(v, a) { sub(/^(iojs-)?v/, "", v); split(v, a, "."); return a[1]; }
+  function vcmp(v1,v2,a1,a2,i,d) { v2a(v1,a1); v2a(v2,a2); for(i=1;i<4;i++) { d = a1[i] - a2[i]; if(d!=0) return d; } return 0; }
+  BEGIN {
+    fmt_installed = has_colors ? (installed_color ? "\033[" installed_color "%15s\033[0m" : "%15s") : "%15s *";
+    fmt_system = has_colors ? (system_color ? "\033[" system_color "%15s\033[0m" : "%15s") : "%15s *";
+    fmt_current = has_colors ? (current_color ? "\033[" current_color "->%13s\033[0m" : "%15s") : "->%13s *";
 
-  latest_lts_color = current_color;
-  sub(/0;/, "1;", latest_lts_color);
+    latest_lts_color = current_color;
+    sub(/0;/, "1;", latest_lts_color);
 
-  fmt_latest_lts = has_colors && latest_lts_color ? ("\033[" latest_lts_color " (Latest LTS: %s)\033[0m") : " (Latest LTS: %s)";
-  fmt_old_lts = has_colors && old_lts_color ? ("\033[" old_lts_color " (LTS: %s)\033[0m") : " (LTS: %s)";
+    fmt_latest_lts = has_colors && latest_lts_color ? ("\033[" latest_lts_color " (Latest LTS: %s)\033[0m") : " (Latest LTS: %s)";
+    fmt_old_lts = has_colors && old_lts_color ? ("\033[" old_lts_color " (LTS: %s)\033[0m") : " (LTS: %s)";
 
-  split(remote_versions, lines, "|");
-  split(installed_versions, installed, "|");
-  rows = alen(lines);
-
-  for (n = 1; n <= rows; n++) {
-    split(lines[n], fields, "[[:blank:]]+");
-    cols = alen(fields);
-    version = fields[1];
-    is_installed = 0;
-
-    for (i in installed) {
-      if (version == installed[i]) {
-        is_installed = 1;
-        break;
+    split(remote_versions, lines, "|");
+    split(installed_versions, installed, "|");
+    rows = alen(lines);
+    filter_on = (vcmp("v0.0.0", min) != 0);
+    current_major = -1;
+    for (m = n = 1; n <= rows; n++) {
+      split(lines[n], fields, "[[:blank:]]+");
+      cols = alen(fields);
+      version = fields[1];
+      is_installed = 0;
+      for (i in installed) {
+        if (version == installed[i]) {
+          is_installed = 1;
+          break;
+        }
       }
+
+      if (filter_on != 0) {
+        if (is_installed) {
+          current_major = v2m(version);
+        } else if (vcmp(version, min) >= 0) {
+          filter_on = 0;
+        } else if (v2m(version) != current_major) {
+          continue;
+        }
+      }
+
+      fmt_version = "%15s";
+      if (version == current) {
+        fmt_version = fmt_current;
+      } else if (version == "system") {
+        fmt_version = fmt_system;
+      } else if (is_installed) {
+        fmt_version = fmt_installed;
+      }
+
+      padding = (is_installed && !has_colors) ? "" : "  ";
+      if (cols == 1) {
+        formatted = sprintf(fmt_version, version);
+      } else if (cols == 2) {
+        formatted = sprintf((fmt_version padding fmt_old_lts), version, fields[2]);
+      } else if (cols == 3 && fields[3] == "*") {
+        formatted = sprintf((fmt_version padding fmt_latest_lts), version, fields[2]);
+      }
+
+      output[m++] = formatted;
     }
 
-    fmt_version = "%15s";
-    if (version == current) {
-      fmt_version = fmt_current;
-    } else if (version == "system") {
-      fmt_version = fmt_system;
-    } else if (is_installed) {
-      fmt_version = fmt_installed;
+    for (n = 1; n < m; n++) {
+      print output[n]
     }
 
-    padding = (!has_colors && is_installed) ? "" : "  ";
-
-    if (cols == 1) {
-      formatted = sprintf(fmt_version, version);
-    } else if (cols == 2) {
-      formatted = sprintf((fmt_version padding fmt_old_lts), version, fields[2]);
-    } else if (cols == 3 && fields[3] == "*") {
-      formatted = sprintf((fmt_version padding fmt_latest_lts), version, fields[2]);
+    if (rows > --m) {
+      printf("[INFO] showing %d (of %d) versions.\n", m, rows) > "/dev/stderr"
     }
 
-    output[n] = formatted;
-  }
-
-  for (n = 1; n <= rows; n++) {
-    print output[n]
-  }
-
-  exit
-}'
+    exit
+  }'
 }
 
 nvm_validate_implicit_alias() {
@@ -2732,10 +2753,10 @@ nvm_npm_global_modules() {
   local NPMLIST
   local VERSION
   VERSION="$1"
-  NPMLIST=$(nvm use "${VERSION}" >/dev/null && npm list -g --depth=0 2>/dev/null | command sed 1,1d | nvm_grep -v 'UNMET PEER DEPENDENCY')
+  NPMLIST=$(nvm use "${VERSION}" >/dev/null && npm list -g --depth=0 2>/dev/null | command sed -e '1d' -e '/UNMET PEER DEPENDENCY/d')
 
   local INSTALLS
-  INSTALLS=$(nvm_echo "${NPMLIST}" | command sed -e '/ -> / d' -e '/\(empty\)/ d' -e 's/^.* \(.*@[^ ]*\).*/\1/' -e '/^npm@[^ ]*.*$/ d' | command xargs)
+  INSTALLS=$(nvm_echo "${NPMLIST}" | command sed -e '/ -> / d' -e '/\(empty\)/ d' -e 's/^.* \(.*@[^ ]*\).*/\1/' -e '/^npm@[^ ]*.*$/ d' -e '/^corepack@[^ ]*.*$/ d' | command xargs)
 
   local LINKS
   LINKS="$(nvm_echo "${NPMLIST}" | command sed -n 's/.* -> \(.*\)/\1/ p')"
@@ -3101,6 +3122,7 @@ nvm() {
         nvm_echo '  nvm ls-remote [<version>]                   List remote versions available for install, matching a given <version> if provided'
         nvm_echo '    --lts                                     When listing, only show LTS (long-term support) versions'
         nvm_echo '    --lts=<LTS name>                          When listing, only show versions for a specific LTS line'
+        nvm_echo '    --min=<version>                           When listing, only show versions greater than or equal to <version>, including minor/patch updates for installed versions'
         nvm_echo '    --no-colors                               Suppress colored output'
         nvm_echo '  nvm version <version>                       Resolve the given description to a single local version'
         nvm_echo '  nvm version-remote <version>                Resolve the given description to a single remote version'
@@ -4119,6 +4141,10 @@ nvm() {
       local NVM_LTS
       local PATTERN
       local NVM_NO_COLORS
+      local NVM_MIN_ENV
+      NVM_MIN_ENV="${NVM_MIN-}"
+      local NVM_MIN
+      NVM_MIN="${NVM_MIN_ENV-}"
 
       while [ $# -gt 0 ]; do
         case "${1-}" in
@@ -4129,6 +4155,9 @@ nvm() {
           --lts=*)
             NVM_LTS="${1##--lts=}"
           ;;
+          --min=*)
+            NVM_MIN="${1##--min=}"
+          ;;
           --no-colors) NVM_NO_COLORS="${1}" ;;
           --*)
             nvm_err "Unsupported option \"${1}\"."
@@ -4433,7 +4462,7 @@ nvm() {
       NVM_VERSION_ONLY=true NVM_LTS="${NVM_LTS-}" nvm_remote_version "${PATTERN:-node}"
     ;;
     "--version" | "-v")
-      nvm_echo '0.40.1'
+      nvm_echo '0.40.3'
     ;;
     "unload")
       nvm deactivate >/dev/null 2>&1

package.json

@@ -1,6 +1,6 @@
 {
   "name": "nvm",
-  "version": "0.40.1",
+  "version": "0.40.3",
   "description": "Node Version Manager - Simple bash script to manage multiple active node.js versions",
   "directories": {
     "test": "test"
@@ -45,9 +45,9 @@
     "dockerfile_lint": "^0.3.4",
     "doctoc": "^2.2.1",
     "eclint": "^2.8.1",
-    "markdown-link-check": "^3.12.2",
+    "markdown-link-check": "^3.13.7",
     "replace": "^1.2.2",
-    "semver": "^7.6.3",
+    "semver": "^7.7.1",
     "urchin": "^0.0.5"
   }
 }

test/fast/Unit tests/nvm_print_versions

@@ -0,0 +1,146 @@
+#!/bin/sh
+
+# shellcheck disable=SC2317
+
+die () { echo "$@" ; cleanup ; exit 1; }
+
+cleanup() {
+  unset -f nvm_remote_versions nvm_ls nvm_ls_current
+  if [ -n "$TEMP_NVM_MIN" ]; then
+    export NVM_MIN="$TEMP_NVM_MIN"
+    unset TEMP_NVM_MIN
+  fi
+}
+
+\. ../../../nvm.sh
+
+
+if [ -n "$NVM_MIN" ]; then
+  TEMP_NVM_MIN="$NVM_MIN"
+  unset NVM_MIN
+fi
+
+# mock currently installed versions
+nvm_ls() {
+  echo "v16.20.2
+v18.20.3
+system"
+}
+
+# mock currently active version
+nvm_ls_current() {
+  echo "v18.20.3"
+}
+
+nvm_remote_versions() {
+  echo "v16.0.0
+v16.20.2 Gallium
+v16.20.3 Gallium *
+v17.0.0
+v17.9.1
+v18.0.0
+v18.1.0
+v18.20.2 Hydrogen
+v18.20.3 Hydrogen *
+v19.0.0
+v19.9.0
+v20.0.0
+v20.8.1
+v20.9.0 Iron *
+v21.0.0
+v21.1.0"
+}
+
+
+# nvm_print_versions should print all versions from nvm_remote_versions
+OUTPUT="$(NVM_NO_COLORS='--no-colors' nvm_print_versions "$(nvm_remote_versions)" | sed -r 's/^[ \t]+//')"
+EXPECTED_OUTPUT="v16.0.0
+v16.20.2 * (LTS: Gallium)
+v16.20.3   (Latest LTS: Gallium)
+v17.0.0
+v17.9.1
+v18.0.0
+v18.1.0
+v18.20.2   (LTS: Hydrogen)
+->     v18.20.3 * (Latest LTS: Hydrogen)
+v19.0.0
+v19.9.0
+v20.0.0
+v20.8.1
+v20.9.0   (Latest LTS: Iron)
+v21.0.0
+v21.1.0"
+
+[ "_$OUTPUT" = "_$EXPECTED_OUTPUT" ] || die "(1) nvm_print_versions did not output all expected versions; got $OUTPUT"
+
+
+# versions lower than 18 should be filtered out, but v16.20.2 should be kept since it's installed
+OUTPUT="$(NVM_NO_COLORS='--no-colors' NVM_MIN=v18 nvm_print_versions "$(nvm_remote_versions)" | sed -r 's/^[ \t]+//')"
+EXPECTED_OUTPUT="v16.20.2 * (LTS: Gallium)
+v16.20.3   (Latest LTS: Gallium)
+v18.0.0
+v18.1.0
+v18.20.2   (LTS: Hydrogen)
+->     v18.20.3 * (Latest LTS: Hydrogen)
+v19.0.0
+v19.9.0
+v20.0.0
+v20.8.1
+v20.9.0   (Latest LTS: Iron)
+v21.0.0
+v21.1.0"
+
+[ "_$OUTPUT" = "_$EXPECTED_OUTPUT" ] || die "(2) NVM_MIN=18 nvm_print_versions did not output all expected versions; got $OUTPUT"
+
+
+# versions lower than 19 should be filtered out
+OUTPUT="$(NVM_NO_COLORS='--no-colors' NVM_MIN=19 nvm_print_versions "$(nvm_remote_versions)" | sed -r 's/^[ \t]+//')"
+EXPECTED_OUTPUT="v16.20.2 * (LTS: Gallium)
+v16.20.3   (Latest LTS: Gallium)
+->     v18.20.3 * (Latest LTS: Hydrogen)
+v19.0.0
+v19.9.0
+v20.0.0
+v20.8.1
+v20.9.0   (Latest LTS: Iron)
+v21.0.0
+v21.1.0"
+
+[ "_$OUTPUT" = "_$EXPECTED_OUTPUT" ] || die "(3) NVM_MIN=19 nvm_print_versions did not output all expected versions; got $OUTPUT"
+
+
+# versions lower than 20.1 should be filtered out, so v20.0.0 is out
+OUTPUT="$(NVM_NO_COLORS='--no-colors' NVM_MIN=v20.1 nvm_print_versions "$(nvm_remote_versions)" | sed -r 's/^[ \t]+//')"
+EXPECTED_OUTPUT="v16.20.2 * (LTS: Gallium)
+v16.20.3   (Latest LTS: Gallium)
+->     v18.20.3 * (Latest LTS: Hydrogen)
+v20.8.1
+v20.9.0   (Latest LTS: Iron)
+v21.0.0
+v21.1.0"
+
+[ "_$OUTPUT" = "_$EXPECTED_OUTPUT" ] || die "(4) NVM_MIN=20.1 nvm_print_versions did not output all expected versions; got $OUTPUT"
+
+
+# assume v18.20.3 is NOT installed, so now it should be filtered out
+nvm_ls() {
+  echo "v16.20.2
+system"
+}
+
+nvm_ls_current() {
+  echo "v16.20.2"
+}
+
+OUTPUT="$(NVM_NO_COLORS='--no-colors' NVM_MIN=20.1 nvm_print_versions "$(nvm_remote_versions)" | sed -r 's/^[ \t]+//')"
+EXPECTED_OUTPUT="->     v16.20.2 * (LTS: Gallium)
+v16.20.3   (Latest LTS: Gallium)
+v20.8.1
+v20.9.0   (Latest LTS: Iron)
+v21.0.0
+v21.1.0"
+
+[ "_$OUTPUT" = "_$EXPECTED_OUTPUT" ] || die "(5) NVM_MIN=20.1 nvm_print_versions did not output all expected versions; got $OUTPUT"
+
+
+cleanup

test/slow/nvm reinstall-packages/should work as expected

@@ -16,7 +16,7 @@ EXPECTED_PACKAGES_INSTALL="autoprefixer bower david@11 grunt-cli grunth-cli http
 echo "$EXPECTED_PACKAGES_INSTALL" | sed -e 's/test-npmlink //' | xargs npm install -g --quiet
 
 get_packages() {
-  npm list -g --depth=0 | \sed -e '1 d' -e 's/^.* \(.*\)@.*/\1/' -e '/^npm$/ d' | xargs
+  npm list -g --depth=0 | \sed -e '1 d' -e 's/^.* \(.*\)@.*/\1/' -e '/^npm$/ d' -e '/^corepack$/ d' | xargs
 }
 
 nvm use 0.10.29

test/slow/nvm reinstall-packages/works with no installs

@@ -5,7 +5,7 @@ die () { echo "$@" ; exit 1; }
 \. ../../../nvm.sh
 
 get_packages() {
-  npm list -g --depth=0 | \sed -e '1 d' -e 's/^.* \(.*\)@.*/\1/' -e '/^npm$/ d' | xargs
+  npm list -g --depth=0 | \sed -e '1 d' -e 's/^.* \(.*\)@.*/\1/' -e '/^npm$/ d' -e '/^corepack$/ d' | xargs
 }
 
 nvm use 4.7.2
@@ -14,5 +14,14 @@ ORIGINAL_PACKAGES=$(get_packages)
 nvm reinstall-packages 4.7.1
 FINAL_PACKAGES=$(get_packages)
 
-[ -z "${ORIGINAL_PACKAGES}" ] || die "original packages were not empty: ${ORIGINAL_PACKAGES}"
-[ -z "${FINAL_PACKAGES}" ] || die "final packages were not empty: ${FINAL_PACKAGES}"
+[ -z "${ORIGINAL_PACKAGES}" ] || die "v4: original packages were not empty: ${ORIGINAL_PACKAGES}"
+[ -z "${FINAL_PACKAGES}" ] || die "v4: final packages were not empty: ${FINAL_PACKAGES}"
+
+nvm use 23.8.20
+ORIGINAL_PACKAGES=$(get_packages)
+
+nvm reinstall-packages 23.8.0
+FINAL_PACKAGES=$(get_packages)
+
+[ -z "${ORIGINAL_PACKAGES}" ] || die "v23: original packages were not empty: ${ORIGINAL_PACKAGES}"
+[ -z "${FINAL_PACKAGES}" ] || die "v23: final packages were not empty: ${FINAL_PACKAGES}"