Skip to content

Commit

Permalink
deps: upgrade npm to 5.6.0
Browse files Browse the repository at this point in the history
PR-URL: #17535
Reviewed-By: Evan Lucas <[email protected]>
Reviewed-By: Ruben Bridgewater <[email protected]>
Reviewed-By: Myles Borins <[email protected]>
  • Loading branch information
zkat authored and MylesBorins committed Dec 21, 2017
1 parent 7d1d739 commit ffe1ad6
Show file tree
Hide file tree
Showing 574 changed files with 19,270 additions and 6,409 deletions.
6 changes: 4 additions & 2 deletions deps/npm/.travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ language: node_js
matrix:
include:
# LTS is our most important target
- node_js: "6"
- node_js: "8"
# DEPLOY_VERSION is used to set the couchapp setup mode for test/tap/registry.js
# only gather coverage info for LTS
env: DEPLOY_VERSION=testing COVERALLS_REPO_TOKEN="$COVERALLS_OPTIONAL_TOKEN"
Expand All @@ -17,10 +17,12 @@ matrix:
# previous LTS is next most important
- node_js: "4"
env: DEPLOY_VERSION=testing
- node_js: "6"
env: DEPLOY_VERSION=testing
- node_js: "7"
env: DEPLOY_VERSION=testing
# then master
- node_js: "8"
- node_js: "9"
env: DEPLOY_VERSION=testing
script:
- "standard"
Expand Down
10 changes: 10 additions & 0 deletions deps/npm/AUTHORS
Original file line number Diff line number Diff line change
Expand Up @@ -526,3 +526,13 @@ Carsten Brandt <[email protected]>
Marcin Szczepanski <[email protected]>
Josh Clow <[email protected]>
Jakub Holy <[email protected]>
Alexandra Ulsh <[email protected]>
Tom MacWright <[email protected]>
Felicio Mununga <[email protected]>
Gabor Szabo <[email protected]>
Andreas Müller <[email protected]>
Andrew Pitman <[email protected]>
Jacob Wejendorp <[email protected]>
Alejandro López <[email protected]>
Victor Belozyorov <[email protected]>
Bradley Farias <[email protected]>
235 changes: 235 additions & 0 deletions deps/npm/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,238 @@
## v5.6.0 (2017-11-27):

### Features!

You may have noticed this is a semver-minor bump. Wondering why? This is why!

* [`bc263c3fd`](https://github.com/npm/npm/commit/bc263c3fde6ff4b04deee132d0a9d89379e28c27)
[#19054](https://github.com/npm/npm/pull/19054)
**Fully cross-platform `package-lock.json`**. Installing a failing optional
dependency on one platform no longer removes it from the dependency tree,
meaning that `package-lock.json` should now be generated consistently across
platforms! 🎉
([@iarna](https://github.com/iarna))
* [`f94fcbc50`](https://github.com/npm/npm/commit/f94fcbc50d8aec7350164df898d1e12a1e3da77f)
[#19160](https://github.com/npm/npm/pull/19160)
Add `--package-lock-only` config option. This makes it so you can generate a
target `package-lock.json` without performing a full install of
`node_modules`.
([@alopezsanchez](https://github.com/alopezsanchez))
* [`66d18280c`](https://github.com/npm/npm/commit/66d18280ca320f880f4377cf80a8052491bbccbe)
[#19104](https://github.com/npm/npm/pull/19104)
Add new `--node-options` config to pass through a custom `NODE_OPTIONS` for
lifecycle scripts.
([@bmeck](https://github.com/bmeck))
* [`114d518c7`](https://github.com/npm/npm/commit/114d518c75732c42acbef3acab36ba1d0fd724e2)
Ignore mtime when packing tarballs: This means that doing `npm pack` on the
same repository should yield two tarballs with the same checksum. This will
also help prevent cache bloat when using git dependencies. In the future, this
will allow npm to explicitly cache git dependencies.
([@isaacs](https://github.com/isaacs))

### Performance

* [`39ba4aa74`](https://github.com/npm/npm/commit/39ba4aa7479220e61573c0c1977124c2199f49d0)
`[email protected]`: Reduce number of overall fs operations during packing/unpacking.

### Node 9

Previously, it turns out npm broke on the latest Node, `node@9`. We went ahead
and fixed it up so y'all should be able to use the latest npm again!

* [`4ca695819`](https://github.com/npm/npm/commit/4ca6958196ae41cef179473e3f7dbed9df9a32f1)
`[email protected]`: `Fix node@9` incompatibility.
([@isaacs](https://github.com/isaacs))
* [`c851bb503`](https://github.com/npm/npm/commit/c851bb503a756b7cd48d12ef0e12f39e6f30c577)
`[email protected]`: Fix `node@9` incompatibility.
([@isaacs](https://github.com/isaacs))
* [`6caf23096`](https://github.com/npm/npm/commit/6caf2309613d14ce77923ad3d1275cb89c6cf223)
Remove "unsupported" warning for Node 9 now that things are fixed.
([@iarna](https://github.com/iarna))
* [`1930b0f8c`](https://github.com/npm/npm/commit/1930b0f8c44373301edc9fb6ccdf7efcb350fa42)
Update test matrix with `node@8` LTS and `node@9`.
([@iarna](https://github.com/iarna))

### Bug Fixes

* [`b70321733`](https://github.com/npm/npm/commit/b7032173361665a12c9e4200bdc3f0eb4dee682f)
[#18881](https://github.com/npm/npm/pull/18881)
When dealing with a `node_modules` that was created with older versions of npm
(and thus older versions of npa) we need to gracefully handle older spec
entries. Failing to do so results in us treating those packages as if they
were http remote deps, which results in invalid lock files with `version` set
to tarball URLs. This should now be fixed.
([@iarna](https://github.com/iarna))
* [`2f9c5dd00`](https://github.com/npm/npm/commit/2f9c5dd0046a53ece3482e92a412413f5aed6955)
[#18880](https://github.com/npm/npm/pull/18880)
Stop overwriting version in package data on disk. This is another safeguard
against the version overwriting that's plagued some folks upgrading from older
package-locks.
([@iarna](https://github.com/iarna))
([@joshclow](https://github.com/joshclow))
* [`a93e0a51d`](https://github.com/npm/npm/commit/a93e0a51d3dafc31c809ca28cd7dfa71b2836f86)
[#18846](https://github.com/npm/npm/pull/18846)
Correctly save transitive dependencies when using `npm update` in
`package-lock.json`.
([@iarna](https://github.com/iarna))
* [`fdde7b649`](https://github.com/npm/npm/commit/fdde7b649987b2acd9a37ef203f1e263fdf6fece)
[#18825](https://github.com/npm/npm/pull/18825)
Fix typo and concatenation in error handling.
([@alulsh](https://github.com/alulsh))
* [`be67de7b9`](https://github.com/npm/npm/commit/be67de7b90790cef0a9f63f91c2f1a00942205ee)
[#18711](https://github.com/npm/npm/pull/18711)
Upgrade to bearer tokens from legacy auth when enabling 2FA.
([@iarna](https://github.com/iarna))
* [`bfdf0fd39`](https://github.com/npm/npm/commit/bfdf0fd39646b03db8e543e2bec7092da7880596)
[#19033](https://github.com/npm/npm/pull/19033)
Fix issue where files with `@` signs in their names would not get included
when packing tarballs.
([@zkat](https://github.com/zkat))
* [`b65b89bde`](https://github.com/npm/npm/commit/b65b89bdeaa65516f3e13afdb6e9aeb22d8508f4)
[#19048](https://github.com/npm/npm/pull/19048)
Fix problem where `npm login` was ignoring various networking-related options,
such as custom certs.
([@wejendorp](https://github.com/wejendorp))
* [`8c194b86e`](https://github.com/npm/npm/commit/8c194b86ec9617e2bcc31f30ee4772469a0bb440)
`[email protected]`: Include `node_modules/` directories not in the root.
([@isaacs](https://github.com/isaacs))
* [`d7ef6a20b`](https://github.com/npm/npm/commit/d7ef6a20b44e968cb92babab1beb51f99110781d)
`[email protected]`: Fix some *nix binary path escaping issues.
([@zkat](https://github.com/zkat))
* [`981828466`](https://github.com/npm/npm/commit/981828466a5936c70abcccea319b227c443e812b)
`[email protected]`: Fix fallback to `copy-concurrently` when file move fails.
This might fix permissions and such issues on platforms that were getting
weird filesystem errors during install.
([@karolba](https://github.com/karolba))
* [`a0be6bafb`](https://github.com/npm/npm/commit/a0be6bafb6dd7acb3e7b717c27c8575a2215bfff)
`[email protected]`: Includes a bunch of fixes, specially for issues around git
dependencies. Shasum-related errors should be way less common now, too.
([@zkat](https://github.com/zkat))
* [`b80d650de`](https://github.com/npm/npm/commit/b80d650def417645d2525863e9f17af57a917b42)
[#19163](https://github.com/npm/npm/pull/19163)
Fix a number of git and tarball specs and checksum errors.
([@zkat](https://github.com/zkat))
* [`cac225025`](https://github.com/npm/npm/commit/cac225025fa06cd055286e75541138cd95f52def)
[#19054](https://github.com/npm/npm/pull/19054)
Don't count failed optionals when summarizing installed packages.
([@iarna](https://github.com/iarna))

### UX

* [`b1ec2885c`](https://github.com/npm/npm/commit/b1ec2885c43f8038c4e05b83253041992fdfe382)
[#18326](https://github.com/npm/npm/pull/18326)
Stop truncating output of `npm view`. This means, for example, that you no
longer need to use `--json` when a package has a lot of versions, to see the
whole list.
([@SimenB](https://github.com/SimenB))
* [`55a124e0a`](https://github.com/npm/npm/commit/55a124e0aa6097cb46f1484f666444b2a445ba57)
[#18884](https://github.com/npm/npm/pull/18884)
Profile UX improvements: better messaging on unexpected responses, and stop
claiming we set passwords to null when resetting them.
([@iarna](https://github.com/iarna))
* [`635481c61`](https://github.com/npm/npm/commit/635481c6143bbe10a6f89747795bf4b83f75a7e9)
[#18844](https://github.com/npm/npm/pull/18844)
Improve error messaging for OTP/2FA.
([@iarna](https://github.com/iarna))
* [`52b142ed5`](https://github.com/npm/npm/commit/52b142ed5e0f13f23c99209932e8de3f7649fd47)
[#19054](https://github.com/npm/npm/pull/19054)
Stop running the same rollback multiple times. This should address issues
where Windows users saw strange failures when `fsevents` failed to install.
([@iarna](https://github.com/iarna))
* [`798428b0b`](https://github.com/npm/npm/commit/798428b0b7b6cfd6ce98041c45fc0a36396e170c)
[#19172](https://github.com/npm/npm/pull/19172)
`[email protected]`: Log the fact line endings are being changed upon install.
([@marcosscriven](https://github.com/marcosscriven))

### Refactors

Usually, we don't include internal refactor stuff in our release notes, but it's
worth calling out some of them because they're part of a larger effort the CLI
team and associates are undertaking to modularize npm itself so other package
managers and associated tools can reuse all that code!

* [`9d22c96b7`](https://github.com/npm/npm/commit/9d22c96b7160729c8126a38dcf554611b9e3ba87)
[#18500](https://github.com/npm/npm/pull/18500)
Extract bin-links and gentle-fs to a separate library. This will allow
external tools to do bin linking and certain fs operations in an
npm-compatible way!
([@mikesherov](https://github.com/mikesherov))
* [`015a7803b`](https://github.com/npm/npm/commit/015a7803b7b63bc8543882196d987b92b461932d)
[#18883](https://github.com/npm/npm/pull/18883)
Capture logging from log events on the process global. This allows npm to use
npmlog to report logging from external libraries like `npm-profile`.
([@iarna](https://github.com/iarna))
* [`c930e98ad`](https://github.com/npm/npm/commit/c930e98adc03cef357ae5716269a04d74744a852)
`[email protected]`: Use our own `node-gyp`. This means npm no longer needs
to pull some maneuvers to make sure `node-gyp` is in the right place, and that
external packages using `npm-lifecycle` will get working native builds without
having to do their own `node-gyp` maneuvers.
([@zkochan](https://github.com/zkochan))
* [`876f0c8f3`](https://github.com/npm/npm/commit/876f0c8f341f8915e338b409f4b8616bb5263500) [`829893d61`](https://github.com/npm/npm/commit/829893d617bf81bba0d1ce4ea303f76ea37a2b2d)
[#19099](https://github.com/npm/npm/pull/19099)
`[email protected]`: npm's prefix-finding logic is now a standalone
module. That is, the logic that figures out where the root of your project is
if you've `cd`'d into a subdirectory. Did you know you can run `npm install`
from these subdirectories, and it'll only affect the root? It works like git!
([@iarna](https://github.com/iarna))

### Docs

* [`7ae12b21c`](https://github.com/npm/npm/commit/7ae12b21cc841f76417d3bb13b74f177319d4deb)
[#18823](https://github.com/npm/npm/pull/18823)
Fix spelling of the word authenticator. Because English is hard.
([@tmcw](https://github.com/tmcw))
* [`5dfc3ab7b`](https://github.com/npm/npm/commit/5dfc3ab7bc2cb0fa7d9a8c00aa95fecdd14d7ae1)
[#18742](https://github.com/npm/npm/pull/18742)
Explicitly state 'github:foo/bar' as a valid shorthand for hosted git specs.
([@felicio](https://github.com/felicio))
* [`a9dc098a6`](https://github.com/npm/npm/commit/a9dc098a6eb7a87895f52a101ac0d41492da698e)
[#18679](https://github.com/npm/npm/pull/18679)
Add some documentation about the `script-shell` config.
([@gszabo](https://github.com/gszabo))
* [`24d7734d1`](https://github.com/npm/npm/commit/24d7734d1a1e906c83c53b6d1853af8dc758a998)
[#18571](https://github.com/npm/npm/pull/18571)
Change `verboten` to `forbidden`.
([@devmount](https://github.com/devmount))
* [`a8a45668f`](https://github.com/npm/npm/commit/a8a45668fb9b8eb84234fe89234bdcdf644ead58)
[#18568](https://github.com/npm/npm/pull/18568)
Improve wording for the docs for the "engines" section of package.json files.
([@apitman](https://github.com/apitman))
* [`dbc7e5b60`](https://github.com/npm/npm/commit/dbc7e5b602870330a8cdaf63bd303cd9050f792f)
[#19118](https://github.com/npm/npm/pull/19118)
Use valid JSON in example for bundledDependencies.
([@charmander](https://github.com/charmander))
* [`779339485`](https://github.com/npm/npm/commit/779339485bab5137d0fdc68d1ed6fa987aa8965a)
[#19162](https://github.com/npm/npm/pull/19162)
Remove trailing white space from `npm access` docs.
([@WispProxy](https://github.com/WispProxy))

### Dependency Bumps

* [`0e7cac941`](https://github.com/npm/npm/commit/0e7cac9413ff1104cf242cc3006f42aa1c2ab63f)
`[email protected]`
([@petkaantonov](https://github.com/petkaantonov))
* [`c4d5887d9`](https://github.com/npm/npm/commit/c4d5887d978849ddbe2673630de657f141ae5bcf)
`[email protected]`
([@sindresorhus](https://github.com/sindresorhus))
* [`eb19a9691`](https://github.com/npm/npm/commit/eb19a9691cf76fbc9c5b66aa7aadb5d905af467a)
`[email protected]`
([@zkat](https://github.com/zkat))
* [`91d5dca96`](https://github.com/npm/npm/commit/91d5dca96772bc5c45511ddcbeeb2685c7ea68e8)
`[email protected]`
([@iarna](https://github.com/iarna))
* [`8de66c46e`](https://github.com/npm/npm/commit/8de66c46e57e4b449c9540c8ecafbc4fd58faff5)
`[email protected]`
([@zkat](https://github.com/zkat))
* [`cfbc3ea69`](https://github.com/npm/npm/commit/cfbc3ea69a8c62dc8e8543193c3ac472631dcef9)
`[email protected]`
([@rvagg](https://github.com/rvagg))
* [`60c228160`](https://github.com/npm/npm/commit/60c228160f22d41c2b36745166c9e8c2d84fee58)
`[email protected]`
([@sindresorhus](https://github.com/sindresorhus))
* [`72cad8c66`](https://github.com/npm/npm/commit/72cad8c664efd8eb1bec9a418bccd6c6ca9290de)
`[email protected]`
([@iarna](https://github.com/iarna))

## v5.5.1 (2017-10-04):

A very quick, record time, patch release, of a bug fix to a (sigh) last minute bug fix.
Expand Down
1 change: 0 additions & 1 deletion deps/npm/doc/cli/npm-access.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ subcommand.
access to a package.

* ls-packages:

Show all of the packages a user or a team is able to access, along with the
access level, except for read-only public packages (it won't print the whole
registry listing)
Expand Down
3 changes: 3 additions & 0 deletions deps/npm/doc/cli/npm-install.md
Original file line number Diff line number Diff line change
Expand Up @@ -310,6 +310,9 @@ versions.
The `--dry-run` argument will report in the usual way what the install would
have done without actually installing anything.

The `--package-lock-only` argument will only update the `package-lock.json`,
instead of checking `node_modules` and downloading dependencies.

The `-f` or `--force` argument will force npm to fetch remote resources even if a
local copy exists on disk.

Expand Down
7 changes: 7 additions & 0 deletions deps/npm/doc/cli/npm-run-script.md
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,12 @@ instead of

to run your tests.

The actual shell your script is run within is platform dependent. By default,
on Unix-like systems it is the `/bin/sh` command, on Windows it is the `cmd.exe`.
The actual shell referred to by `/bin/sh` also depends on the system.
As of [`[email protected]`](https://github.com/npm/npm/releases/tag/v5.1.0) you can
customize the shell with the `script-shell` configuration.

Scripts are run from the root of the module, regardless of what your current
working directory is when you call `npm run`. If you want your script to
use different behavior based on what subdirectory you're in, you can use the
Expand All @@ -69,3 +75,4 @@ You can use the `--silent` flag to prevent showing `npm ERR!` output on error.
* npm-start(1)
* npm-restart(1)
* npm-stop(1)
* npm-config(7)
6 changes: 3 additions & 3 deletions deps/npm/doc/cli/npm-token.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,11 @@ npm-token(1) -- Manage your authentication tokens

npm token list [--json|--parseable]
npm token create [--read-only] [--cidr=1.1.1.1/24,2.2.2.2/16]
npm token delete <id|token>
npm token revoke <id|token>

## DESCRIPTION

This list you list, create and delete authentication tokens.
This list you list, create and revoke authentication tokens.

* `npm token list`:
Shows a table of all active authentication tokens. You can request this as
Expand Down Expand Up @@ -52,7 +52,7 @@ This list you list, create and delete authentication tokens.
+----------------+--------------------------------------+
```

* `npm token delete <token|id>`:
* `npm token revoke <token|id>`:
This removes an authentication token, making it immediately unusable. This can accept
both complete tokens (as you get back from `npm token create` and will
find in your `.npmrc`) and ids as seen in the `npm token list` output.
Expand Down
10 changes: 6 additions & 4 deletions deps/npm/doc/files/package.json.md
Original file line number Diff line number Diff line change
Expand Up @@ -373,11 +373,13 @@ shortcut syntax you use for `npm install`:

"repository": "npm/npm"

"repository": "github:user/repo"

"repository": "gist:11081aaa281"

"repository": "bitbucket:example/repo"
"repository": "bitbucket:user/repo"

"repository": "gitlab:another/repo"
"repository": "gitlab:user/repo"

## scripts

Expand Down Expand Up @@ -618,7 +620,7 @@ If we define a package.json like this:
"name": "awesome-web-framework",
"version": "1.0.0",
"bundledDependencies": [
'renderized', 'super-streams'
"renderized", "super-streams"
]
}
```
Expand Down Expand Up @@ -678,7 +680,7 @@ are capable of properly installing your program. For example:
{ "engines" : { "npm" : "~1.0.20" } }

Unless the user has set the `engine-strict` config flag, this
field is advisory only will produce warnings when your package is installed as a dependency.
field is advisory only and will only produce warnings when your package is installed as a dependency.

## engineStrict

Expand Down
2 changes: 1 addition & 1 deletion deps/npm/doc/misc/npm-coding-style.md
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,7 @@ When something is intentionally missing or removed, set it to `null`.
Don't set things to `undefined`. Reserve that value to mean "not yet
set to anything."

Boolean objects are verboten.
Boolean objects are forbidden.

## SEE ALSO

Expand Down
Loading

0 comments on commit ffe1ad6

Please sign in to comment.