diff --git a/deps/npm/AUTHORS b/deps/npm/AUTHORS index 7134e67e859148..eaea11d4d13b6f 100644 --- a/deps/npm/AUTHORS +++ b/deps/npm/AUTHORS @@ -722,3 +722,6 @@ nlf zhaoxuxu liuye.adam Michaël Zasso +Gareth Jones +Jake Champion +takenspc diff --git a/deps/npm/CHANGELOG.md b/deps/npm/CHANGELOG.md index 2b22d5fbb9717c..21066d39caffc3 100644 --- a/deps/npm/CHANGELOG.md +++ b/deps/npm/CHANGELOG.md @@ -1,3 +1,42 @@ +## 7.0.3 (2020-10-20) + +### BUG FIXES + +* [`ce4724a38`](https://github.com/npm/cli/commit/ce4724a3835ded9a4a29d8d67323f925461155e5) + [#1986](https://github.com/npm/cli/pull/1986) + check `result` when determining exit code of `ls ` + ([@G-Rath](https://github.com/G-Rath)) +* [`00d926f8d`](https://github.com/npm/cli/commit/00d926f8d884872d08d9a0cd73aa9cace2acb91b) + [#1987](https://github.com/npm/cli/pull/1987) + don't suppress run output when `--silent` is passed + ([@G-Rath](https://github.com/G-Rath)) +* [`043da2347`](https://github.com/npm/cli/commit/043da234745f36d55742e827314837dead5807ab) + improve cache clear error message + ([@isaacs](https://github.com/isaacs)) + +### DOCUMENTATION + +* [`a57f5c466`](https://github.com/npm/cli/commit/a57f5c466ceae59575ef05bb7941cce8752d8c58) + update docs for: access, adduser, audit, bin, bugs, build, cache, ci, + completion, config and dedupe + ([@isaacs](https://github.com/isaacs)) +* [`5b88b72b9`](https://github.com/npm/cli/commit/5b88b72b9821f7114cc4e475bbf52726a1674e52) + remove the long-gone bundle command + ([@isaacs](https://github.com/isaacs)) +* [`ae09aa5c1`](https://github.com/npm/cli/commit/ae09aa5c1cd150727b05ccfaeaba8d45e5697e50) + [#1993](https://github.com/npm/cli/pull/1993) + document --save-peer as a common option to npm install + ([@JakeChampion](https://github.com/JakeChampion)) +* [`c9993e6b1`](https://github.com/npm/cli/commit/c9993e6b1c2918699c2d125bf9b966f44f5d3ebe) + [#1982](https://github.com/npm/cli/pull/1982) + fix url links for init-package-json/node-semver + ([@takenspc](https://github.com/takenspc)) + +### DEPENDENCIES + +* [`5d9df8395`](https://github.com/npm/cli/commit/5d9df83958d3d5e6d8acad2ebabfbe5f3fd23c13) + `node-gyp@7.1.2` + ## 7.0.2 (2020-10-16) ### DOCUMENTATION diff --git a/deps/npm/docs/content/cli-commands/npm-access.md b/deps/npm/docs/content/cli-commands/npm-access.md index f4088fe8855139..ad221c16bdaba2 100644 --- a/deps/npm/docs/content/cli-commands/npm-access.md +++ b/deps/npm/docs/content/cli-commands/npm-access.md @@ -75,11 +75,12 @@ You must have privileges to set the access of a package: * You have been given read-write privileges for a package, either as a member of a team or directly as an owner. -If you have two-factor authentication enabled then you'll have to pass in an -otp with `--otp` when making access changes. +If you have two-factor authentication enabled then you'll be prompted to +provide an otp token, or may use the `--otp=...` option to specify it on +the command line. -If your account is not paid, then attempts to publish scoped packages will fail -with an HTTP 402 status code (logically enough), unless you use +If your account is not paid, then attempts to publish scoped packages will +fail with an HTTP 402 status code (logically enough), unless you use `--access=public`. Management of teams and team memberships is done with the `npm team` command. diff --git a/deps/npm/docs/content/cli-commands/npm-adduser.md b/deps/npm/docs/content/cli-commands/npm-adduser.md index ec61cdd39acbad..abacc290566292 100644 --- a/deps/npm/docs/content/cli-commands/npm-adduser.md +++ b/deps/npm/docs/content/cli-commands/npm-adduser.md @@ -54,8 +54,8 @@ with the specified scope. See [`scope`](/using-npm/scope). You can use both at t e.g. ```bash - npm adduser --registry=http://myregistry.example.com --scope=@myco -``` +npm adduser --registry=http://myregistry.example.com --scope=@myco +``` This will set a registry for the given scope and login or create a user for that registry at the same time. @@ -69,7 +69,7 @@ registry should include authorization information. Useful for private registries. Can be used with `--registry` and / or `--scope`, e.g. ```bash - npm adduser --registry=http://private-registry.example.com --always-auth +npm adduser --registry=http://private-registry.example.com --always-auth ``` This will ensure that all requests to that registry (including for tarballs) diff --git a/deps/npm/docs/content/cli-commands/npm-audit.md b/deps/npm/docs/content/cli-commands/npm-audit.md index 8b944e94cc12e2..391537048cf1c8 100644 --- a/deps/npm/docs/content/cli-commands/npm-audit.md +++ b/deps/npm/docs/content/cli-commands/npm-audit.md @@ -17,118 +17,180 @@ npm audit fix [--force|--package-lock-only|--dry-run] common options: [--production] [--only=(dev|prod)] ``` +### Description + +The audit command submits a description of the dependencies configured in +your project to your default registry and asks for a report of known +vulnerabilities. If any vulnerabilities are found, then the impact and +appropriate remediation will be calculated. If the `fix` argument is +provided, then remediations will be applied to the package tree. + +The command will exit with a 0 exit code if no vulnerabilities were found. + +Note that some vulnerabilities cannot be fixed automatically and will +require manual intervention or review. Also note that since `npm audit +fix` runs a full-fledged `npm install` under the hood, all configs that +apply to the installer will also apply to `npm install` -- so things like +`npm audit fix --package-lock-only` will work as expected. + +By default, the audit command will exit with a non-zero code if any +vulnerability is found. It may be useful in CI environments to include the +`--audit-level` parameter to specify the minimum vulnerability level that +will cause the command to fail. This option does not filter the report +output, it simply changes the command's failure threshold. + +### Audit Endpoints + +There are two audit endpoints that npm may use to fetch vulnerability +information: the `Bulk Advisory` endpoint and the `Quick Audit` endpoint. + +#### Bulk Advisory Endpoint + +As of version 7, npm uses the much faster `Bulk Advisory` endpoint to +optimize the speed of calculating audit results. + +npm will generate a JSON payload with the name and list of versions of each +package in the tree, and POST it to the default configured registry at +the path `/-/npm/v1/security/advisories/bulk`. + +Any packages in the tree that do not have a `version` field in their +package.json file will be ignored. If any `--omit` options are specified +(either via the `--omit` config, or one of the shorthands such as +`--production`, `--only=dev`, and so on), then packages will be omitted +from the submitted payload as appropriate. + +If the registry responds with an error, or with an invalid response, then +npm will attempt to load advisory data from the `Quick Audit` endpoint. + +The expected result will contain a set of advisory objects for each +dependency that matches the advisory range. Each advisory object contains +a `name`, `url`, `id`, `severity`, `vulnerable_versions`, and `title`. + +npm then uses these advisory objects to calculate vulnerabilities and +meta-vulnerabilities of the dependencies within the tree. + +#### Quick Audit Endpoint + +If the `Bulk Advisory` endpoint returns an error, or invalid data, npm will +attempt to load advisory data from the `Quick Audit` endpoint, which is +considerably slower in most cases. + +The full package tree as found in `package-lock.json` is submitted, along +with the following pieces of additional metadata: + +* `npm_version` +* `node_version` +* `platform` +* `arch` +* `node_env` + +All packages in the tree are submitted to the Quick Audit endpoint. +Omitted dependency types are skipped when generating the report. + +#### Scrubbing + +Out of an abundance of caution, npm versions 5 and 6 would "scrub" any +packages from the submitted report if their name contained a `/` character, +so as to avoid leaking the names of potentially private packages or git +URLs. + +However, in practice, this resulted in audits often failing to properly +detect meta-vulnerabilities, because the tree would appear to be invalid +due to missing dependencies, and prevented the detection of vulnerabilities +in package trees that used git dependencies or private modules. + +This scrubbing has been removed from npm as of version 7. + +#### Calculating Meta-Vulnerabilities and Remediations + +npm uses the +[`@npmcli/metavuln-calculator`](http://npm.im/@npmcli/metavuln-calculator) +module to turn a set of security advisories into a set of "vulnerability" +objects. A "meta-vulnerability" is a dependency that is vulnerable by +virtue of dependence on vulnerable versions of a vulnerable package. + +For example, if the package `foo` is vulnerable in the range `>=1.0.2 +<2.0.0`, and the package `bar` depends on `foo@^1.1.0`, then that version +of `bar` can only be installed by installing a vulnerable version of `foo`. +In this case, `bar` is a "metavulnerability". + +Once metavulnerabilities for a given package are calculated, they are +cached in the `~/.npm` folder and only re-evaluated if the advisory range +changes, or a new version of the package is published (in which case, the +new version is checked for metavulnerable status as well). + +If the chain of metavulnerabilities extends all the way to the root +project, and it cannot be updated without changing its dependency ranges, +then `npm audit fix` will require the `--force` option to apply the +remediation. If remediations do not require changes to the dependency +ranges, then all vulnerable packages will be updated to a version that does +not have an advisory or metavulnerability posted against it. + +### Exit Code + +The `npm audit` command will exit with a 0 exit code if no vulnerabilities +were found. The `npm audit fix` command will exit with 0 exit code if no +vulnerabilities are found _or_ if the remediation is able to successfully +fix all vulnerabilities. + +If vulnerabilities were found the exit code will depend on the +`audit-level` configuration setting. + ### Examples Scan your project for vulnerabilities and automatically install any compatible updates to vulnerable dependencies: + ```bash $ npm audit fix ``` Run `audit fix` without modifying `node_modules`, but still updating the pkglock: + ```bash $ npm audit fix --package-lock-only ``` Skip updating `devDependencies`: + ```bash $ npm audit fix --only=prod ``` -Have `audit fix` install semver-major updates to toplevel dependencies, not just -semver-compatible ones: +Have `audit fix` install SemVer-major updates to toplevel dependencies, not +just SemVer-compatible ones: + ```bash $ npm audit fix --force ``` Do a dry run to get an idea of what `audit fix` will do, and _also_ output install information in JSON format: + ```bash $ npm audit fix --dry-run --json ``` -Scan your project for vulnerabilities and just show the details, without fixing -anything: +Scan your project for vulnerabilities and just show the details, without +fixing anything: + ```bash $ npm audit ``` Get the detailed audit report in JSON format: -```bash -$ npm audit --json -``` - -Get the detailed audit report in plain text result, separated by tab characters, allowing for -future reuse in scripting or command line post processing, like for example, selecting -some of the columns printed: -```bash -$ npm audit --parseable -``` -To parse columns, you can use for example `awk`, and just print some of them: ```bash -$ npm audit --parseable | awk -F $'\t' '{print $1,$4}' +$ npm audit --json ``` Fail an audit only if the results include a vulnerability with a level of moderate or higher: + ```bash $ npm audit --audit-level=moderate ``` -### Description - -The audit command submits a description of the dependencies configured in -your project to your default registry and asks for a report of known -vulnerabilities. The report returned includes instructions on how to act on -this information. The command will exit with a 0 exit code if no -vulnerabilities were found. - -You can also have npm automatically fix the vulnerabilities by running `npm -audit fix`. Note that some vulnerabilities cannot be fixed automatically and -will require manual intervention or review. Also note that since `npm audit fix` -runs a full-fledged `npm install` under the hood, all configs that apply to the -installer will also apply to `npm install` -- so things like `npm audit fix ---package-lock-only` will work as expected. - -By default, the audit command will exit with a non-zero code if any vulnerability -is found. It may be useful in CI environments to include the `--audit-level` parameter -to specify the minimum vulnerability level that will cause the command to fail. This -option does not filter the report output, it simply changes the command's failure -threshold. - -### Content Submitted - -* npm_version -* node_version -* platform -* node_env -* A scrubbed version of your package-lock.json or npm-shrinkwrap.json - -#### Scrubbing - -In order to ensure that potentially sensitive information is not included in -the audit data bundle, some dependencies may have their names (and sometimes -versions) replaced with opaque non-reversible identifiers. It is done for -the following dependency types: - -* Any module referencing a scope that is configured for a non-default - registry has its name scrubbed. (That is, a scope you did a `npm login --scope=@ourscope` for.) -* All git dependencies have their names and specifiers scrubbed. -* All remote tarball dependencies have their names and specifiers scrubbed. -* All local directory and tarball dependencies have their names and specifiers scrubbed. - -The non-reversible identifiers are a sha256 of a session-specific UUID and the -value being replaced, ensuring a consistent value within the payload that is -different between runs. - -### Exit Code - -The `npm audit` command will exit with a 0 exit code if no vulnerabilities were found. - -If vulnerabilities were found the exit code will depend on the `audit-level` -configuration setting. - ### See Also * [npm install](/cli-commands/install) diff --git a/deps/npm/docs/content/cli-commands/npm-bin.md b/deps/npm/docs/content/cli-commands/npm-bin.md index eb0912ae48a92a..33b0aa822c9d04 100644 --- a/deps/npm/docs/content/cli-commands/npm-bin.md +++ b/deps/npm/docs/content/cli-commands/npm-bin.md @@ -9,6 +9,7 @@ description: Display npm bin folder ## Display npm bin folder ### Synopsis + ```bash npm bin [-g|--global] ``` diff --git a/deps/npm/docs/content/cli-commands/npm-bugs.md b/deps/npm/docs/content/cli-commands/npm-bugs.md index 1e7272cec92493..d21e24a27e5a41 100644 --- a/deps/npm/docs/content/cli-commands/npm-bugs.md +++ b/deps/npm/docs/content/cli-commands/npm-bugs.md @@ -6,9 +6,10 @@ description: Bugs for a package in a web browser maybe # npm-bugs(1) -## Bugs for a package in a web browser maybe +## Report bugs for a package in a web browser ### Synopsis + ```bash npm bugs [ [ ...]] @@ -17,10 +18,10 @@ aliases: issues ### Description -This command tries to guess at the likely location of a package's -bug tracker URL, and then tries to open it using the `--browser` -config param. If no package name is provided, it will search for -a `package.json` in the current folder and use the `name` property. +This command tries to guess at the likely location of a package's bug +tracker URL, and then tries to open it using the `--browser` config param. +If no package name is provided, it will search for a `package.json` in the +current folder and use the `name` property. ### Configuration @@ -43,7 +44,6 @@ Set to `true` to use default system URL opener. The base URL of the npm package registry. - ### See Also * [npm docs](/cli-commands/docs) diff --git a/deps/npm/docs/content/cli-commands/npm-bundle.md b/deps/npm/docs/content/cli-commands/npm-bundle.md deleted file mode 100644 index c4fdc5e6bb0e64..00000000000000 --- a/deps/npm/docs/content/cli-commands/npm-bundle.md +++ /dev/null @@ -1,21 +0,0 @@ ---- -section: cli-commands -title: npm-bundle -description: REMOVED ---- - -# npm-bundle(1) - -## REMOVED - -### Description - -The `npm bundle` command has been removed in 1.0, for the simple reason -that it is no longer necessary, as the default behavior is now to -install packages into the local space. - -Just use `npm install` now to do what `npm bundle` used to do. - -### See Also - -* [npm install](/cli-commands/install) diff --git a/deps/npm/docs/content/cli-commands/npm-cache.md b/deps/npm/docs/content/cli-commands/npm-cache.md index 4d19749b80f2d9..e3c9d415511a72 100644 --- a/deps/npm/docs/content/cli-commands/npm-cache.md +++ b/deps/npm/docs/content/cli-commands/npm-cache.md @@ -16,7 +16,7 @@ npm cache add npm cache add npm cache add @ -npm cache clean [] +npm cache clean aliases: npm cache clear, npm cache rm npm cache verify @@ -32,41 +32,45 @@ Used to add, list, or clean the npm cache folder. add data to the local installation cache explicitly. * clean: - Delete all data out of the cache folder. + Delete all data out of the cache folder. Note that this is typically + unnecessary, as npm's cache is self-healing and resistant to data + corruption issues. * verify: - Verify the contents of the cache folder, garbage collecting any unneeded data, - and verifying the integrity of the cache index and all cached data. + Verify the contents of the cache folder, garbage collecting any unneeded + data, and verifying the integrity of the cache index and all cached data. ### Details npm stores cache data in an opaque directory within the configured `cache`, -named `_cacache`. This directory is a `cacache`-based content-addressable cache -that stores all http request data as well as other package-related data. This -directory is primarily accessed through `pacote`, the library responsible for -all package fetching as of npm@5. - -All data that passes through the cache is fully verified for integrity on both -insertion and extraction. Cache corruption will either trigger an error, or -signal to `pacote` that the data must be refetched, which it will do -automatically. For this reason, it should never be necessary to clear the cache -for any reason other than reclaiming disk space, thus why `clean` now requires -`--force` to run. - -There is currently no method exposed through npm to inspect or directly manage -the contents of this cache. In order to access it, `cacache` must be used -directly. +named `_cacache`. This directory is a +[`cacache`](http://npm.im/cacache)-based content-addressable cache that +stores all http request data as well as other package-related data. This +directory is primarily accessed through `pacote`, the library responsible +for all package fetching as of npm@5. + +All data that passes through the cache is fully verified for integrity on +both insertion and extraction. Cache corruption will either trigger an +error, or signal to `pacote` that the data must be refetched, which it will +do automatically. For this reason, it should never be necessary to clear +the cache for any reason other than reclaiming disk space, thus why `clean` +now requires `--force` to run. + +There is currently no method exposed through npm to inspect or directly +manage the contents of this cache. In order to access it, `cacache` must be +used directly. npm will not remove data by itself: the cache will grow as new packages are installed. ### A note about the cache's design -The npm cache is strictly a cache: it should not be relied upon as a persistent -and reliable data store for package data. npm makes no guarantee that a -previously-cached piece of data will be available later, and will automatically -delete corrupted contents. The primary guarantee that the cache makes is that, -if it does return data, that data will be exactly the data that was inserted. +The npm cache is strictly a cache: it should not be relied upon as a +persistent and reliable data store for package data. npm makes no guarantee +that a previously-cached piece of data will be available later, and will +automatically delete corrupted contents. The primary guarantee that the +cache makes is that, if it does return data, that data will be exactly the +data that was inserted. To run an offline verification of existing cache contents, use `npm cache verify`. @@ -89,3 +93,5 @@ The root cache folder. * [npm pack](/cli-commands/pack) * https://npm.im/cacache * https://npm.im/pacote +* https://npm.im/@npmcli/arborist +* https://npm.im/make-fetch-happen diff --git a/deps/npm/docs/content/cli-commands/npm-ci.md b/deps/npm/docs/content/cli-commands/npm-ci.md index b5b6447a485f8f..bb3bf931474477 100644 --- a/deps/npm/docs/content/cli-commands/npm-ci.md +++ b/deps/npm/docs/content/cli-commands/npm-ci.md @@ -9,10 +9,36 @@ description: Install a project with a clean slate ## Install a project with a clean slate ### Synopsis + ```bash npm ci ``` +### Description + +This command is similar to [`npm install`](/cli-commands/install), except +it's meant to be used in automated environments such as test platforms, +continuous integration, and deployment -- or any situation where you want +to make sure you're doing a clean install of your dependencies. + +`npm ci` will be significantly faster when: + +- There is a `package-lock.json` or `npm-shrinkwrap.json` file. +- The `node_modules` folder is missing or empty. + +In short, the main differences between using `npm install` and `npm ci` are: + +* The project **must** have an existing `package-lock.json` or + `npm-shrinkwrap.json`. +* If dependencies in the package lock do not match those in `package.json`, + `npm ci` will exit with an error, instead of updating the package lock. +* `npm ci` can only install entire projects at a time: individual + dependencies cannot be added with this command. +* If a `node_modules` is already present, it will be automatically removed + before `npm ci` begins its install. +* It will never write to `package.json` or any of the package-locks: + installs are essentially frozen. + ### Example Make sure you have a package-lock and an up-to-date install: @@ -43,24 +69,6 @@ cache: - "$HOME/.npm" ``` -### Description - -This command is similar to [`npm install`](/cli-commands/install), except it's meant to be used in -automated environments such as test platforms, continuous integration, and -deployment -- or any situation where you want to make sure you're doing a clean -install of your dependencies. It can be significantly faster than a regular npm -install by skipping certain user-oriented features. It is also more strict than -a regular install, which can help catch errors or inconsistencies caused by the -incrementally-installed local environments of most npm users. - -In short, the main differences between using `npm install` and `npm ci` are: - -* The project **must** have an existing `package-lock.json` or `npm-shrinkwrap.json`. -* If dependencies in the package lock do not match those in `package.json`, `npm ci` will exit with an error, instead of updating the package lock. -* `npm ci` can only install entire projects at a time: individual dependencies cannot be added with this command. -* If a `node_modules` is already present, it will be automatically removed before `npm ci` begins its install. -* It will never write to `package.json` or any of the package-locks: installs are essentially frozen. - ### See Also * [npm install](/cli-commands/install) diff --git a/deps/npm/docs/content/cli-commands/npm-completion.md b/deps/npm/docs/content/cli-commands/npm-completion.md index 59bfca503e0846..c79cf176a101f9 100644 --- a/deps/npm/docs/content/cli-commands/npm-completion.md +++ b/deps/npm/docs/content/cli-commands/npm-completion.md @@ -9,6 +9,7 @@ description: Tab Completion for npm ## Tab Completion for npm ### Synopsis + ```bash source <(npm completion) ``` diff --git a/deps/npm/docs/content/cli-commands/npm-config.md b/deps/npm/docs/content/cli-commands/npm-config.md index 68d403746fc103..0c20e493556e4f 100644 --- a/deps/npm/docs/content/cli-commands/npm-config.md +++ b/deps/npm/docs/content/cli-commands/npm-config.md @@ -9,6 +9,7 @@ description: Manage the npm configuration files ## Manage the npm configuration files ### Synopsis + ```bash npm config set [-g|--global] npm config get @@ -26,10 +27,11 @@ aliases: c npm gets its config settings from the command line, environment variables, `npmrc` files, and in some cases, the `package.json` file. -See [npmrc](/configuring-npm/npmrc) for more information about the npmrc files. +See [npmrc](/configuring-npm/npmrc) for more information about the npmrc +files. -See [config](/using-npm/config) for a more thorough discussion of the mechanisms -involved. +See [config(7)](/using-npm/config) for a more thorough explanation of the +mechanisms involved, and a full list of config options available. The `npm config` command can be used to update and edit the contents of the user and global npmrc files. @@ -39,14 +41,17 @@ of the user and global npmrc files. Config supports the following sub-commands: #### set + ```bash npm config set key value ``` + Sets the config key to the value. If value is omitted, then it sets it to "true". #### get + ```bash npm config get key ``` @@ -54,6 +59,7 @@ npm config get key Echo the config value to stdout. #### list + ```bash npm config list ``` @@ -62,6 +68,7 @@ Show all the config settings. Use `-l` to also show defaults. Use `--json` to show the settings in json format. #### delete + ```bash npm config delete key ``` @@ -69,6 +76,7 @@ npm config delete key Deletes the key from all configuration files. #### edit + ```bash npm config edit ``` diff --git a/deps/npm/docs/content/cli-commands/npm-dedupe.md b/deps/npm/docs/content/cli-commands/npm-dedupe.md index e0493f5e2c98db..84ccb772fb9bc4 100644 --- a/deps/npm/docs/content/cli-commands/npm-dedupe.md +++ b/deps/npm/docs/content/cli-commands/npm-dedupe.md @@ -9,6 +9,7 @@ description: Reduce duplication ## Reduce duplication ### Synopsis + ```bash npm dedupe npm ddp @@ -55,8 +56,6 @@ be deleted. Arguments are ignored. Dedupe always acts on the entire tree. -Modules - Note that this operation transforms the dependency tree, but will never result in new modules being installed. diff --git a/deps/npm/docs/content/cli-commands/npm-init.md b/deps/npm/docs/content/cli-commands/npm-init.md index 32b7f823019910..d88637cdf590fb 100644 --- a/deps/npm/docs/content/cli-commands/npm-init.md +++ b/deps/npm/docs/content/cli-commands/npm-init.md @@ -68,7 +68,7 @@ will create a scoped package. ### See Also -* +* * [package.json](/configuring-npm/package-json) * [npm version](/cli-commands/version) * [npm scope](/using-npm/scope) diff --git a/deps/npm/docs/content/cli-commands/npm-install.md b/deps/npm/docs/content/cli-commands/npm-install.md index 5ffb96f688b6b7..20ae45850d81ce 100644 --- a/deps/npm/docs/content/cli-commands/npm-install.md +++ b/deps/npm/docs/content/cli-commands/npm-install.md @@ -24,7 +24,7 @@ npm install npm install aliases: npm i, npm add -common options: [-P|--save-prod|-D|--save-dev|-O|--save-optional] [-E|--save-exact] [-B|--save-bundle] [--no-save] [--dry-run] +common options: [-P|--save-prod|-D|--save-dev|-O|--save-optional|--save-peer] [-E|--save-exact] [-B|--save-bundle] [--no-save] [--dry-run] ``` ### Description diff --git a/deps/npm/docs/content/configuring-npm/package-json.md b/deps/npm/docs/content/configuring-npm/package-json.md index 794c7ad7d43539..206009822f9d77 100644 --- a/deps/npm/docs/content/configuring-npm/package-json.md +++ b/deps/npm/docs/content/configuring-npm/package-json.md @@ -58,7 +58,7 @@ Changes to the package should come along with changes to the version. If you don plan to publish your package, the name and version fields are optional. Version must be parseable by -[node-semver](https://github.com/isaacs/node-semver), which is bundled +[node-semver](https://github.com/npm/node-semver), which is bundled with npm as a dependency. (`npm install semver` to use it yourself.) More on version numbers and ranges at [semver](/using-npm/semver). diff --git a/deps/npm/docs/public/cli-commands/npm-access/index.html b/deps/npm/docs/public/cli-commands/npm-access/index.html index efca31ca3fcf58..dd18a0c001b05d 100644 --- a/deps/npm/docs/public/cli-commands/npm-access/index.html +++ b/deps/npm/docs/public/cli-commands/npm-access/index.html @@ -76,7 +76,7 @@ } } }) -

npm access

+
\ No newline at end of file +
\ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-adduser/index.html b/deps/npm/docs/public/cli-commands/npm-adduser/index.html index eef93df121d231..1b854a2e865ded 100644 --- a/deps/npm/docs/public/cli-commands/npm-adduser/index.html +++ b/deps/npm/docs/public/cli-commands/npm-adduser/index.html @@ -76,7 +76,7 @@ } } }) -

+

section: cli-commands title: npm-adduser description: Set access level on published packages

@@ -110,7 +110,7 @@

scope. You can use both at the same time, e.g.

-
    npm adduser --registry=http://myregistry.example.com --scope=@myco
+
npm adduser --registry=http://myregistry.example.com --scope=@myco

This will set a registry for the given scope and login or create a user for that registry at the same time.

always-auth

@@ -118,7 +118,7 @@

If specified, save configuration indicating that all requests to the given registry should include authorization information. Useful for private registries. Can be used with --registry and / or --scope, e.g.

-
    npm adduser --registry=http://private-registry.example.com --always-auth
+
npm adduser --registry=http://private-registry.example.com --always-auth

This will ensure that all requests to that registry (including for tarballs) include an authorization header. This setting may be necessary for use with private registries where metadata and package tarballs are stored on hosts with @@ -145,4 +145,4 @@

\ No newline at end of file +
\ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-audit/index.html b/deps/npm/docs/public/cli-commands/npm-audit/index.html index 87777f5cbee4d3..e4d8daf1bdce37 100644 --- a/deps/npm/docs/public/cli-commands/npm-audit/index.html +++ b/deps/npm/docs/public/cli-commands/npm-audit/index.html @@ -76,13 +76,103 @@ } } }) -

npm audit

+

npm audit

Run a security audit

Synopsis

npm audit [--json|--parseable|--audit-level=(low|moderate|high|critical)]
 npm audit fix [--force|--package-lock-only|--dry-run]
 
 common options: [--production] [--only=(dev|prod)]
+

Description

+

The audit command submits a description of the dependencies configured in +your project to your default registry and asks for a report of known +vulnerabilities. If any vulnerabilities are found, then the impact and +appropriate remediation will be calculated. If the fix argument is +provided, then remediations will be applied to the package tree.

+

The command will exit with a 0 exit code if no vulnerabilities were found.

+

Note that some vulnerabilities cannot be fixed automatically and will +require manual intervention or review. Also note that since npm audit +fix runs a full-fledged npm install under the hood, all configs that +apply to the installer will also apply to npm install -- so things like +npm audit fix --package-lock-only will work as expected.

+

By default, the audit command will exit with a non-zero code if any +vulnerability is found. It may be useful in CI environments to include the +--audit-level parameter to specify the minimum vulnerability level that +will cause the command to fail. This option does not filter the report +output, it simply changes the command's failure threshold.

+

Audit Endpoints

+

There are two audit endpoints that npm may use to fetch vulnerability +information: the Bulk Advisory endpoint and the Quick Audit endpoint.

+

Bulk Advisory Endpoint

+

As of version 7, npm uses the much faster Bulk Advisory endpoint to +optimize the speed of calculating audit results.

+

npm will generate a JSON payload with the name and list of versions of each +package in the tree, and POST it to the default configured registry at +the path /-/npm/v1/security/advisories/bulk.

+

Any packages in the tree that do not have a version field in their +package.json file will be ignored. If any --omit options are specified +(either via the --omit config, or one of the shorthands such as +--production, --only=dev, and so on), then packages will be omitted +from the submitted payload as appropriate.

+

If the registry responds with an error, or with an invalid response, then +npm will attempt to load advisory data from the Quick Audit endpoint.

+

The expected result will contain a set of advisory objects for each +dependency that matches the advisory range. Each advisory object contains +a name, url, id, severity, vulnerable_versions, and title.

+

npm then uses these advisory objects to calculate vulnerabilities and +meta-vulnerabilities of the dependencies within the tree.

+

Quick Audit Endpoint

+

If the Bulk Advisory endpoint returns an error, or invalid data, npm will +attempt to load advisory data from the Quick Audit endpoint, which is +considerably slower in most cases.

+

The full package tree as found in package-lock.json is submitted, along +with the following pieces of additional metadata:

+
    +
  • npm_version
  • +
  • node_version
  • +
  • platform
  • +
  • arch
  • +
  • node_env
  • +
+

All packages in the tree are submitted to the Quick Audit endpoint. +Omitted dependency types are skipped when generating the report.

+

Scrubbing

+

Out of an abundance of caution, npm versions 5 and 6 would "scrub" any +packages from the submitted report if their name contained a / character, +so as to avoid leaking the names of potentially private packages or git +URLs.

+

However, in practice, this resulted in audits often failing to properly +detect meta-vulnerabilities, because the tree would appear to be invalid +due to missing dependencies, and prevented the detection of vulnerabilities +in package trees that used git dependencies or private modules.

+

This scrubbing has been removed from npm as of version 7.

+

Calculating Meta-Vulnerabilities and Remediations

+

npm uses the +@npmcli/metavuln-calculator +module to turn a set of security advisories into a set of "vulnerability" +objects. A "meta-vulnerability" is a dependency that is vulnerable by +virtue of dependence on vulnerable versions of a vulnerable package.

+

For example, if the package foo is vulnerable in the range >=1.0.2 +<2.0.0, and the package bar depends on foo@^1.1.0, then that version +of bar can only be installed by installing a vulnerable version of foo. +In this case, bar is a "metavulnerability".

+

Once metavulnerabilities for a given package are calculated, they are +cached in the ~/.npm folder and only re-evaluated if the advisory range +changes, or a new version of the package is published (in which case, the +new version is checked for metavulnerable status as well).

+

If the chain of metavulnerabilities extends all the way to the root +project, and it cannot be updated without changing its dependency ranges, +then npm audit fix will require the --force option to apply the +remediation. If remediations do not require changes to the dependency +ranges, then all vulnerable packages will be updated to a version that does +not have an advisory or metavulnerability posted against it.

+

Exit Code

+

The npm audit command will exit with a 0 exit code if no vulnerabilities +were found. The npm audit fix command will exit with 0 exit code if no +vulnerabilities are found or if the remediation is able to successfully +fix all vulnerabilities.

+

If vulnerabilities were found the exit code will depend on the +audit-level configuration setting.

Examples

Scan your project for vulnerabilities and automatically install any compatible updates to vulnerable dependencies:

@@ -92,69 +182,19 @@

$ npm audit fix --package-lock-only

Skip updating devDependencies:

$ npm audit fix --only=prod
-

Have audit fix install semver-major updates to toplevel dependencies, not just -semver-compatible ones:

+

Have audit fix install SemVer-major updates to toplevel dependencies, not +just SemVer-compatible ones:

$ npm audit fix --force

Do a dry run to get an idea of what audit fix will do, and also output install information in JSON format:

$ npm audit fix --dry-run --json
-

Scan your project for vulnerabilities and just show the details, without fixing -anything:

+

Scan your project for vulnerabilities and just show the details, without +fixing anything:

$ npm audit

Get the detailed audit report in JSON format:

$ npm audit --json
-

Get the detailed audit report in plain text result, separated by tab characters, allowing for -future reuse in scripting or command line post processing, like for example, selecting -some of the columns printed:

-
$ npm audit --parseable
-

To parse columns, you can use for example awk, and just print some of them:

-
$ npm audit --parseable | awk -F $'\t' '{print $1,$4}'

Fail an audit only if the results include a vulnerability with a level of moderate or higher:

$ npm audit --audit-level=moderate
-

Description

-

The audit command submits a description of the dependencies configured in -your project to your default registry and asks for a report of known -vulnerabilities. The report returned includes instructions on how to act on -this information. The command will exit with a 0 exit code if no -vulnerabilities were found.

-

You can also have npm automatically fix the vulnerabilities by running npm -audit fix. Note that some vulnerabilities cannot be fixed automatically and -will require manual intervention or review. Also note that since npm audit fix -runs a full-fledged npm install under the hood, all configs that apply to the -installer will also apply to npm install -- so things like npm audit fix ---package-lock-only will work as expected.

-

By default, the audit command will exit with a non-zero code if any vulnerability -is found. It may be useful in CI environments to include the --audit-level parameter -to specify the minimum vulnerability level that will cause the command to fail. This -option does not filter the report output, it simply changes the command's failure -threshold.

-

Content Submitted

-
    -
  • npm_version
  • -
  • node_version
  • -
  • platform
  • -
  • node_env
  • -
  • A scrubbed version of your package-lock.json or npm-shrinkwrap.json
  • -
-

Scrubbing

-

In order to ensure that potentially sensitive information is not included in -the audit data bundle, some dependencies may have their names (and sometimes -versions) replaced with opaque non-reversible identifiers. It is done for -the following dependency types:

-
    -
  • Any module referencing a scope that is configured for a non-default -registry has its name scrubbed. (That is, a scope you did a npm login --scope=@ourscope for.)
  • -
  • All git dependencies have their names and specifiers scrubbed.
  • -
  • All remote tarball dependencies have their names and specifiers scrubbed.
  • -
  • All local directory and tarball dependencies have their names and specifiers scrubbed.
  • -
-

The non-reversible identifiers are a sha256 of a session-specific UUID and the -value being replaced, ensuring a consistent value within the payload that is -different between runs.

-

Exit Code

-

The npm audit command will exit with a 0 exit code if no vulnerabilities were found.

-

If vulnerabilities were found the exit code will depend on the audit-level -configuration setting.

See Also

\ No newline at end of file +
\ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-bin/index.html b/deps/npm/docs/public/cli-commands/npm-bin/index.html index 67d060195ad756..53b99d9e084fc0 100644 --- a/deps/npm/docs/public/cli-commands/npm-bin/index.html +++ b/deps/npm/docs/public/cli-commands/npm-bin/index.html @@ -76,7 +76,7 @@ } } }) -

npm bin

+

npm bin

Display npm bin folder

Synopsis

npm bin [-g|--global]
@@ -96,4 +96,4 @@

\ No newline at end of file +
\ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-bugs/index.html b/deps/npm/docs/public/cli-commands/npm-bugs/index.html index ff06b5ed3423d0..30234870d85692 100644 --- a/deps/npm/docs/public/cli-commands/npm-bugs/index.html +++ b/deps/npm/docs/public/cli-commands/npm-bugs/index.html @@ -76,17 +76,17 @@ } } }) -

npm bugs

-

Bugs for a package in a web browser maybe

+

npm bugs

+

Report bugs for a package in a web browser

Synopsis

npm bugs [<pkgname> [<pkgname> ...]]
 
 aliases: issues

Description

-

This command tries to guess at the likely location of a package's -bug tracker URL, and then tries to open it using the --browser -config param. If no package name is provided, it will search for -a package.json in the current folder and use the name property.

+

This command tries to guess at the likely location of a package's bug +tracker URL, and then tries to open it using the --browser config param. +If no package name is provided, it will search for a package.json in the +current folder and use the name property.

Configuration

browser

    @@ -119,4 +119,4 @@

\ No newline at end of file +
\ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-bundle/index.html b/deps/npm/docs/public/cli-commands/npm-bundle/index.html deleted file mode 100644 index 323033f502cb5c..00000000000000 --- a/deps/npm/docs/public/cli-commands/npm-bundle/index.html +++ /dev/null @@ -1,96 +0,0 @@ -

npm bundle

-

REMOVED

-

Description

-

The npm bundle command has been removed in 1.0, for the simple reason -that it is no longer necessary, as the default behavior is now to -install packages into the local space.

-

Just use npm install now to do what npm bundle used to do.

-

See Also

-

👀 Found a typo? Let us know!

The current stable version of npm is here. To upgrade, run: npm install npm@latest -g

To report bugs or submit feature requests for the docs, or for any issues regarding the npm command line tool, please post on the npm/cli GitHub project.

\ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-cache/index.html b/deps/npm/docs/public/cli-commands/npm-cache/index.html index d7132981d6f971..f4ca430d165e3f 100644 --- a/deps/npm/docs/public/cli-commands/npm-cache/index.html +++ b/deps/npm/docs/public/cli-commands/npm-cache/index.html @@ -76,7 +76,7 @@ } } }) -

npm cache

+

npm cache

Manipulates packages cache

Synopsis

@@ -96,34 +96,38 @@

  • clean: -Delete all data out of the cache folder.
  • +Delete all data out of the cache folder. Note that this is typically +unnecessary, as npm's cache is self-healing and resistant to data +corruption issues.
  • verify: -Verify the contents of the cache folder, garbage collecting any unneeded data, -and verifying the integrity of the cache index and all cached data.
  • +Verify the contents of the cache folder, garbage collecting any unneeded +data, and verifying the integrity of the cache index and all cached data.

    Details

    npm stores cache data in an opaque directory within the configured cache, -named _cacache. This directory is a cacache-based content-addressable cache -that stores all http request data as well as other package-related data. This -directory is primarily accessed through pacote, the library responsible for -all package fetching as of npm@5.

    -

    All data that passes through the cache is fully verified for integrity on both -insertion and extraction. Cache corruption will either trigger an error, or -signal to pacote that the data must be refetched, which it will do -automatically. For this reason, it should never be necessary to clear the cache -for any reason other than reclaiming disk space, thus why clean now requires ---force to run.

    -

    There is currently no method exposed through npm to inspect or directly manage -the contents of this cache. In order to access it, cacache must be used -directly.

    +named _cacache. This directory is a +cacache-based content-addressable cache that +stores all http request data as well as other package-related data. This +directory is primarily accessed through pacote, the library responsible +for all package fetching as of npm@5.

    +

    All data that passes through the cache is fully verified for integrity on +both insertion and extraction. Cache corruption will either trigger an +error, or signal to pacote that the data must be refetched, which it will +do automatically. For this reason, it should never be necessary to clear +the cache for any reason other than reclaiming disk space, thus why clean +now requires --force to run.

    +

    There is currently no method exposed through npm to inspect or directly +manage the contents of this cache. In order to access it, cacache must be +used directly.

    npm will not remove data by itself: the cache will grow as new packages are installed.

    A note about the cache's design

    -

    The npm cache is strictly a cache: it should not be relied upon as a persistent -and reliable data store for package data. npm makes no guarantee that a -previously-cached piece of data will be available later, and will automatically -delete corrupted contents. The primary guarantee that the cache makes is that, -if it does return data, that data will be exactly the data that was inserted.

    +

    The npm cache is strictly a cache: it should not be relied upon as a +persistent and reliable data store for package data. npm makes no guarantee +that a previously-cached piece of data will be available later, and will +automatically delete corrupted contents. The primary guarantee that the +cache makes is that, if it does return data, that data will be exactly the +data that was inserted.

    To run an offline verification of existing cache contents, use npm cache verify.

    Configuration

    @@ -140,6 +144,8 @@

    npm pack
  • https://npm.im/cacache
  • https://npm.im/pacote
  • +
  • https://npm.im/@npmcli/arborist
  • +
  • https://npm.im/make-fetch-happen
  • 👀 Found a typo? Let us know!

    The current stable version of npm is here. To upgrade, run: npm install npm@latest -g

    To report bugs or submit feature requests for the docs, or for any issues regarding the npm command line tool, please post on the npm/cli GitHub project.

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-ci/index.html b/deps/npm/docs/public/cli-commands/npm-ci/index.html index 598c361f8206ec..30359e2258d95b 100644 --- a/deps/npm/docs/public/cli-commands/npm-ci/index.html +++ b/deps/npm/docs/public/cli-commands/npm-ci/index.html @@ -76,10 +76,33 @@ } } }) -

    npm ci

    +

    npm ci

    Install a project with a clean slate

    Synopsis

    npm ci
    +

    Description

    +

    This command is similar to npm install, except +it's meant to be used in automated environments such as test platforms, +continuous integration, and deployment -- or any situation where you want +to make sure you're doing a clean install of your dependencies.

    +

    npm ci will be significantly faster when:

    +
      +
    • There is a package-lock.json or npm-shrinkwrap.json file.
    • +
    • The node_modules folder is missing or empty.
    • +
    +

    In short, the main differences between using npm install and npm ci are:

    +
      +
    • The project must have an existing package-lock.json or +npm-shrinkwrap.json.
    • +
    • If dependencies in the package lock do not match those in package.json, +npm ci will exit with an error, instead of updating the package lock.
    • +
    • npm ci can only install entire projects at a time: individual +dependencies cannot be added with this command.
    • +
    • If a node_modules is already present, it will be automatically removed +before npm ci begins its install.
    • +
    • It will never write to package.json or any of the package-locks: +installs are essentially frozen.
    • +

    Example

    Make sure you have a package-lock and an up-to-date install:

    $ cd ./my/npm/project
    @@ -97,22 +120,6 @@ 

    "$HOME/.npm"

    -

    Description

    -

    This command is similar to npm install, except it's meant to be used in -automated environments such as test platforms, continuous integration, and -deployment -- or any situation where you want to make sure you're doing a clean -install of your dependencies. It can be significantly faster than a regular npm -install by skipping certain user-oriented features. It is also more strict than -a regular install, which can help catch errors or inconsistencies caused by the -incrementally-installed local environments of most npm users.

    -

    In short, the main differences between using npm install and npm ci are:

    -
      -
    • The project must have an existing package-lock.json or npm-shrinkwrap.json.
    • -
    • If dependencies in the package lock do not match those in package.json, npm ci will exit with an error, instead of updating the package lock.
    • -
    • npm ci can only install entire projects at a time: individual dependencies cannot be added with this command.
    • -
    • If a node_modules is already present, it will be automatically removed before npm ci begins its install.
    • -
    • It will never write to package.json or any of the package-locks: installs are essentially frozen.
    • -

    See Also

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-completion/index.html b/deps/npm/docs/public/cli-commands/npm-completion/index.html index b04eb9ec59b0b7..8a3b5a37fa736f 100644 --- a/deps/npm/docs/public/cli-commands/npm-completion/index.html +++ b/deps/npm/docs/public/cli-commands/npm-completion/index.html @@ -76,7 +76,7 @@ } } }) -

    npm completion

    +

    npm completion

    Tab Completion for npm

    Synopsis

    source <(npm completion)
    @@ -106,4 +106,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-config/index.html b/deps/npm/docs/public/cli-commands/npm-config/index.html index c63739c8207333..ffc5b95ddb73b1 100644 --- a/deps/npm/docs/public/cli-commands/npm-config/index.html +++ b/deps/npm/docs/public/cli-commands/npm-config/index.html @@ -76,7 +76,7 @@ } } }) -

    npm config

    +

    npm config

    Manage the npm configuration files

    Synopsis

    npm config set <key> <value> [-g|--global]
    @@ -91,9 +91,10 @@ 

    Description

    npm gets its config settings from the command line, environment variables, npmrc files, and in some cases, the package.json file.

    -

    See npmrc for more information about the npmrc files.

    -

    See config for a more thorough discussion of the mechanisms -involved.

    +

    See npmrc for more information about the npmrc +files.

    +

    See config(7) for a more thorough explanation of the +mechanisms involved, and a full list of config options available.

    The npm config command can be used to update and edit the contents of the user and global npmrc files.

    Sub-commands

    @@ -130,4 +131,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-dedupe/index.html b/deps/npm/docs/public/cli-commands/npm-dedupe/index.html index d4c8984937a3ef..b0145cacdfca70 100644 --- a/deps/npm/docs/public/cli-commands/npm-dedupe/index.html +++ b/deps/npm/docs/public/cli-commands/npm-dedupe/index.html @@ -76,7 +76,7 @@ } } }) -

    npm dedupe

    +
    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-deprecate/index.html b/deps/npm/docs/public/cli-commands/npm-deprecate/index.html index d8da02b0557bd1..ba444943143794 100644 --- a/deps/npm/docs/public/cli-commands/npm-deprecate/index.html +++ b/deps/npm/docs/public/cli-commands/npm-deprecate/index.html @@ -76,7 +76,7 @@ } } }) -

    npm deprecate

    +

    npm deprecate

    Deprecate a version of a package

    Synopsis

    npm deprecate <pkg>[@<version>] <message>
    @@ -102,4 +102,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-dist-tag/index.html b/deps/npm/docs/public/cli-commands/npm-dist-tag/index.html index 677bc9a9895aac..cfe098fb06bd04 100644 --- a/deps/npm/docs/public/cli-commands/npm-dist-tag/index.html +++ b/deps/npm/docs/public/cli-commands/npm-dist-tag/index.html @@ -76,7 +76,7 @@ } } }) -

    +

    section: cli-commands title: npm-dist-tag description: Modify package distribution tags

    @@ -151,4 +151,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-docs/index.html b/deps/npm/docs/public/cli-commands/npm-docs/index.html index f275a63a3a69f5..fff6b6b92bc600 100644 --- a/deps/npm/docs/public/cli-commands/npm-docs/index.html +++ b/deps/npm/docs/public/cli-commands/npm-docs/index.html @@ -76,7 +76,7 @@ } } }) -

    npm docs

    +

    npm docs

    Docs for a package in a web browser maybe

    Synopsis

    npm docs [<pkgname> [<pkgname> ...]]
    @@ -119,4 +119,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-doctor/index.html b/deps/npm/docs/public/cli-commands/npm-doctor/index.html index fbab2cc27202bb..a3968bfb28e8e6 100644 --- a/deps/npm/docs/public/cli-commands/npm-doctor/index.html +++ b/deps/npm/docs/public/cli-commands/npm-doctor/index.html @@ -76,7 +76,7 @@ } } }) -

    npm doctor

    +

    npm doctor

    Check your environments

    Synopsis

    npm doctor
    @@ -165,4 +165,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-edit/index.html b/deps/npm/docs/public/cli-commands/npm-edit/index.html index 531e94d6e12580..9fadf2b4f338ee 100644 --- a/deps/npm/docs/public/cli-commands/npm-edit/index.html +++ b/deps/npm/docs/public/cli-commands/npm-edit/index.html @@ -76,7 +76,7 @@ } } }) -

    npm edit

    +

    npm edit

    Edit an installed package

    Synopsis

    npm edit <pkg>[/<subpkg>...]
    @@ -112,4 +112,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-exec/index.html b/deps/npm/docs/public/cli-commands/npm-exec/index.html index 07f33a70a18779..bc612a2a01829c 100644 --- a/deps/npm/docs/public/cli-commands/npm-exec/index.html +++ b/deps/npm/docs/public/cli-commands/npm-exec/index.html @@ -76,7 +76,7 @@ } } }) -

    npm exec

    +

    npm exec

    Run a command from a local or remote npm package

    Synopsis

    npm exec -- <pkg>[@<version>] [args...]
    @@ -206,4 +206,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-explain/index.html b/deps/npm/docs/public/cli-commands/npm-explain/index.html index dbba17b1bea649..d1edb7b603ffa5 100644 --- a/deps/npm/docs/public/cli-commands/npm-explain/index.html +++ b/deps/npm/docs/public/cli-commands/npm-explain/index.html @@ -76,7 +76,7 @@ } } }) -

    npm explain

    +

    npm explain

    Explain installed packages

    Synopsis

    npm explain <folder | specifier>
    @@ -135,4 +135,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-explore/index.html b/deps/npm/docs/public/cli-commands/npm-explore/index.html index 012a888ffa4ab5..b00d18cca3d8b9 100644 --- a/deps/npm/docs/public/cli-commands/npm-explore/index.html +++ b/deps/npm/docs/public/cli-commands/npm-explore/index.html @@ -76,7 +76,7 @@ } } }) -

    +

    section: cli-commands title: npm-explore description: Browse an installed package

    @@ -116,4 +116,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-fund/index.html b/deps/npm/docs/public/cli-commands/npm-fund/index.html index 142adcdc1c9789..f27f0b1f0d3c2c 100644 --- a/deps/npm/docs/public/cli-commands/npm-fund/index.html +++ b/deps/npm/docs/public/cli-commands/npm-fund/index.html @@ -76,7 +76,7 @@ } } }) -

    npm fund

    +

    npm fund

    Retrieve funding information

    Synopsis

        npm fund [<pkg>]
    @@ -130,4 +130,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-help-search/index.html b/deps/npm/docs/public/cli-commands/npm-help-search/index.html index 88ddf20398d172..49cc84423352b0 100644 --- a/deps/npm/docs/public/cli-commands/npm-help-search/index.html +++ b/deps/npm/docs/public/cli-commands/npm-help-search/index.html @@ -76,7 +76,7 @@ } } }) -

    npm help-search

    +

    npm help-search

    Search npm help documentation

    Synopsis

    npm help-search <text>
    @@ -107,4 +107,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-help/index.html b/deps/npm/docs/public/cli-commands/npm-help/index.html index 662c85d27b4e5f..88c0bed25889b9 100644 --- a/deps/npm/docs/public/cli-commands/npm-help/index.html +++ b/deps/npm/docs/public/cli-commands/npm-help/index.html @@ -76,7 +76,7 @@ } } }) -

    npm help

    +

    npm help

    Get help on npm

    Synopsis

    npm help <term> [<terms..>]
    @@ -109,4 +109,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-hook/index.html b/deps/npm/docs/public/cli-commands/npm-hook/index.html index 9b0d7387aefb27..a54511f8eaf353 100644 --- a/deps/npm/docs/public/cli-commands/npm-hook/index.html +++ b/deps/npm/docs/public/cli-commands/npm-hook/index.html @@ -76,7 +76,7 @@ } } }) -

    npm hook

    +

    npm hook

    Manage registry hooks

    Synopsis

    npm hook ls [pkg]
    @@ -121,4 +121,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-init/index.html b/deps/npm/docs/public/cli-commands/npm-init/index.html index d8baf830fb8da8..8d8bcfe40f1eb6 100644 --- a/deps/npm/docs/public/cli-commands/npm-init/index.html +++ b/deps/npm/docs/public/cli-commands/npm-init/index.html @@ -76,7 +76,7 @@ } } }) -

    npm init

    +

    npm init

    create a package.json file

    Synopsis

    npm init [--force|-f|--yes|-y|--scope]
    @@ -117,7 +117,7 @@ 

    See Also

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-install-ci-test/index.html b/deps/npm/docs/public/cli-commands/npm-install-ci-test/index.html index 9f3bb52e4bca98..2e11d3e0e36fba 100644 --- a/deps/npm/docs/public/cli-commands/npm-install-ci-test/index.html +++ b/deps/npm/docs/public/cli-commands/npm-install-ci-test/index.html @@ -76,7 +76,7 @@ } } }) -

    npm install-ci-test

    +

    npm install-ci-test

    Install a project with a clean slate and run tests

    Synopsis

    npm install-ci-test
    @@ -95,4 +95,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-install-test/index.html b/deps/npm/docs/public/cli-commands/npm-install-test/index.html index 5ad19f2861239c..43a5d72676a56b 100644 --- a/deps/npm/docs/public/cli-commands/npm-install-test/index.html +++ b/deps/npm/docs/public/cli-commands/npm-install-test/index.html @@ -76,7 +76,7 @@ } } }) -

    npm install-test

    +

    npm install-test

    Install package(s) and run tests

    Synopsis

    npm install-test (with no args, in package dir)
    @@ -104,4 +104,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-install/index.html b/deps/npm/docs/public/cli-commands/npm-install/index.html index 7d5aeb4c190c2b..fca0738e991680 100644 --- a/deps/npm/docs/public/cli-commands/npm-install/index.html +++ b/deps/npm/docs/public/cli-commands/npm-install/index.html @@ -76,7 +76,7 @@ } } }) -

    npm install

    +

    Description

    This command installs a package and any packages that it depends on. If the package has a package-lock, or an npm shrinkwrap file, or a yarn lock file, the @@ -457,4 +457,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-link/index.html b/deps/npm/docs/public/cli-commands/npm-link/index.html index bf777f915c69b9..8d0bad82bb95e3 100644 --- a/deps/npm/docs/public/cli-commands/npm-link/index.html +++ b/deps/npm/docs/public/cli-commands/npm-link/index.html @@ -76,7 +76,7 @@ } } }) -

    npm link

    +

    npm link

    Synopsis

    npm link (in package dir)
    @@ -136,4 +136,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-logout/index.html b/deps/npm/docs/public/cli-commands/npm-logout/index.html index 24b0938d12b4c3..0ba3e584f0c3c1 100644 --- a/deps/npm/docs/public/cli-commands/npm-logout/index.html +++ b/deps/npm/docs/public/cli-commands/npm-logout/index.html @@ -76,7 +76,7 @@ } } }) -

    npm logout

    +

    npm logout

    Log out of the registry

    Synopsis

    npm logout [--registry=<url>] [--scope=<@scope>]
    @@ -111,4 +111,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-ls/index.html b/deps/npm/docs/public/cli-commands/npm-ls/index.html index 92fbd568c1b8f3..51617902609a58 100644 --- a/deps/npm/docs/public/cli-commands/npm-ls/index.html +++ b/deps/npm/docs/public/cli-commands/npm-ls/index.html @@ -76,7 +76,7 @@ } } }) -

    npm ls

    +
    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-org/index.html b/deps/npm/docs/public/cli-commands/npm-org/index.html index 6bb2030e22f112..7b22104494e2bf 100644 --- a/deps/npm/docs/public/cli-commands/npm-org/index.html +++ b/deps/npm/docs/public/cli-commands/npm-org/index.html @@ -76,7 +76,7 @@ } } }) -

    npm org

    +

    npm org

    Manage orgs

    Synopsis

    npm org set <orgname> <username> [developer | admin | owner]
    @@ -109,4 +109,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-outdated/index.html b/deps/npm/docs/public/cli-commands/npm-outdated/index.html index 30674263625527..44d6ef902bbe7e 100644 --- a/deps/npm/docs/public/cli-commands/npm-outdated/index.html +++ b/deps/npm/docs/public/cli-commands/npm-outdated/index.html @@ -76,7 +76,7 @@ } } }) -

    npm outdated

    +

    npm outdated

    Check for outdated packages

    Synopsis

    npm outdated [[<@scope>/]<pkg> ...]
    @@ -179,4 +179,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-owner/index.html b/deps/npm/docs/public/cli-commands/npm-owner/index.html index 84cd881f2ea934..363d2ce865c6ea 100644 --- a/deps/npm/docs/public/cli-commands/npm-owner/index.html +++ b/deps/npm/docs/public/cli-commands/npm-owner/index.html @@ -76,7 +76,7 @@ } } }) -

    npm owner

    +

    npm owner

    Manage package owners

    Synopsis

    npm owner add <user> [<@scope>/]<pkg>
    @@ -116,4 +116,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-pack/index.html b/deps/npm/docs/public/cli-commands/npm-pack/index.html index 4776b37167ae78..bd5cfb95389662 100644 --- a/deps/npm/docs/public/cli-commands/npm-pack/index.html +++ b/deps/npm/docs/public/cli-commands/npm-pack/index.html @@ -76,7 +76,7 @@ } } }) -

    npm pack

    +

    npm pack

    Create a tarball from a package

    Synopsis

    npm pack [[<@scope>/]<pkg>...] [--dry-run]
    @@ -104,4 +104,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-ping/index.html b/deps/npm/docs/public/cli-commands/npm-ping/index.html index 63bf92266ceb21..8ac96300194947 100644 --- a/deps/npm/docs/public/cli-commands/npm-ping/index.html +++ b/deps/npm/docs/public/cli-commands/npm-ping/index.html @@ -76,7 +76,7 @@ } } }) -

    npm ping

    +

    npm ping

    Ping npm registry

    Synopsis

    npm ping [--registry <registry>]
    @@ -97,4 +97,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-prefix/index.html b/deps/npm/docs/public/cli-commands/npm-prefix/index.html index f85836e5138540..94d585b01a4886 100644 --- a/deps/npm/docs/public/cli-commands/npm-prefix/index.html +++ b/deps/npm/docs/public/cli-commands/npm-prefix/index.html @@ -76,7 +76,7 @@ } } }) -

    npm prefix

    +

    npm prefix

    Display prefix

    Synopsis

    npm prefix [-g]
    @@ -100,4 +100,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-profile/index.html b/deps/npm/docs/public/cli-commands/npm-profile/index.html index 355caa9156a399..03e8ce08a3b07e 100644 --- a/deps/npm/docs/public/cli-commands/npm-profile/index.html +++ b/deps/npm/docs/public/cli-commands/npm-profile/index.html @@ -76,7 +76,7 @@ } } }) -

    npm profile

    +

    npm profile

    Change settings on your registry profile

    Synopsis

    npm profile get [--json|--parseable] [<property>]
    @@ -150,4 +150,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-prune/index.html b/deps/npm/docs/public/cli-commands/npm-prune/index.html index cb06d57df8a0a1..18ab2ad10ded97 100644 --- a/deps/npm/docs/public/cli-commands/npm-prune/index.html +++ b/deps/npm/docs/public/cli-commands/npm-prune/index.html @@ -76,7 +76,7 @@ } } }) -

    npm prune

    +

    npm prune

    Remove extraneous packages

    Synopsis

    npm prune [[<@scope>/]<pkg>...] [--production] [--dry-run] [--json]
    @@ -110,4 +110,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-publish/index.html b/deps/npm/docs/public/cli-commands/npm-publish/index.html index 14bdcc1b06fc67..e8cb4ad4ea513d 100644 --- a/deps/npm/docs/public/cli-commands/npm-publish/index.html +++ b/deps/npm/docs/public/cli-commands/npm-publish/index.html @@ -76,7 +76,7 @@ } } }) -

    npm publish

    +

    npm publish

    Publish a package

    Synopsis

    npm publish [<tarball>|<folder>] [--tag <tag>] [--access <public|restricted>] [--otp otpcode] [--dry-run]
    @@ -142,4 +142,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-rebuild/index.html b/deps/npm/docs/public/cli-commands/npm-rebuild/index.html index 8bf370f34535d9..72942fa75eb565 100644 --- a/deps/npm/docs/public/cli-commands/npm-rebuild/index.html +++ b/deps/npm/docs/public/cli-commands/npm-rebuild/index.html @@ -76,7 +76,7 @@ } } }) -

    npm rebuild

    +

    npm rebuild

    Rebuild a package

    Synopsis

    npm rebuild [[<@scope>/<name>]...]
    @@ -95,4 +95,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-repo/index.html b/deps/npm/docs/public/cli-commands/npm-repo/index.html index 2a4267e0f20328..b493ce2c105744 100644 --- a/deps/npm/docs/public/cli-commands/npm-repo/index.html +++ b/deps/npm/docs/public/cli-commands/npm-repo/index.html @@ -76,7 +76,7 @@ } } }) -

    npm repo

    +

    npm repo

    Open package repository page in the browser

    Synopsis

    npm repo [<pkgname> [<pkgname> ...]]
    @@ -106,4 +106,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-restart/index.html b/deps/npm/docs/public/cli-commands/npm-restart/index.html index f57b09a90e9940..ae6c9fb4f3db85 100644 --- a/deps/npm/docs/public/cli-commands/npm-restart/index.html +++ b/deps/npm/docs/public/cli-commands/npm-restart/index.html @@ -76,7 +76,7 @@ } } }) -

    npm restart

    +

    npm restart

    Restart a package

    Synopsis

    npm restart [-- <args>]
    @@ -115,4 +115,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-root/index.html b/deps/npm/docs/public/cli-commands/npm-root/index.html index f02657d2bc9acc..02c8e7f07d31fe 100644 --- a/deps/npm/docs/public/cli-commands/npm-root/index.html +++ b/deps/npm/docs/public/cli-commands/npm-root/index.html @@ -76,7 +76,7 @@ } } }) -

    npm root

    +

    npm root

    Display npm root

    Synopsis

    npm root [-g]
    @@ -96,4 +96,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-run-script/index.html b/deps/npm/docs/public/cli-commands/npm-run-script/index.html index 89c0e561533c56..e8ffa8ab6e636c 100644 --- a/deps/npm/docs/public/cli-commands/npm-run-script/index.html +++ b/deps/npm/docs/public/cli-commands/npm-run-script/index.html @@ -76,7 +76,7 @@ } } }) -

    npm run-script

    +

    npm run-script

    Run arbitrary package scripts

    Synopsis

    npm run-script <command> [--silent] [-- <args>...]
    @@ -145,4 +145,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-search/index.html b/deps/npm/docs/public/cli-commands/npm-search/index.html index be1f823e16d2fa..db033ec6ec00fd 100644 --- a/deps/npm/docs/public/cli-commands/npm-search/index.html +++ b/deps/npm/docs/public/cli-commands/npm-search/index.html @@ -76,7 +76,7 @@ } } }) -

    npm search

    +

    npm search

    Search for packages

    Synopsis

    npm search [-l|--long] [--json] [--parseable] [--no-description] [search terms ...]
    @@ -170,4 +170,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-shrinkwrap/index.html b/deps/npm/docs/public/cli-commands/npm-shrinkwrap/index.html index 767bff8ff4492f..ad085c2b498d1a 100644 --- a/deps/npm/docs/public/cli-commands/npm-shrinkwrap/index.html +++ b/deps/npm/docs/public/cli-commands/npm-shrinkwrap/index.html @@ -76,7 +76,7 @@ } } }) -

    npm shrinkwrap

    +

    npm shrinkwrap

    Lock down dependency versions for publication

    Synopsis

    npm shrinkwrap
    @@ -103,4 +103,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-star/index.html b/deps/npm/docs/public/cli-commands/npm-star/index.html index 2502908db5ffa5..8a4caf7152a178 100644 --- a/deps/npm/docs/public/cli-commands/npm-star/index.html +++ b/deps/npm/docs/public/cli-commands/npm-star/index.html @@ -76,7 +76,7 @@ } } }) -

    npm star

    +

    npm star

    Mark your favorite packages

    Synopsis

    npm star [<pkg>...]
    @@ -98,4 +98,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-stars/index.html b/deps/npm/docs/public/cli-commands/npm-stars/index.html index a9eec5c52324ff..9968184014bbaa 100644 --- a/deps/npm/docs/public/cli-commands/npm-stars/index.html +++ b/deps/npm/docs/public/cli-commands/npm-stars/index.html @@ -76,7 +76,7 @@ } } }) -

    npm stars

    +

    npm stars

    View packages marked as favorites

    Synopsis

    npm stars [<user>]
    @@ -98,4 +98,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-start/index.html b/deps/npm/docs/public/cli-commands/npm-start/index.html index 4428ec822bb794..96e40adf7d13be 100644 --- a/deps/npm/docs/public/cli-commands/npm-start/index.html +++ b/deps/npm/docs/public/cli-commands/npm-start/index.html @@ -76,7 +76,7 @@ } } }) -

    npm start

    +

    npm start

    Start a package

    Synopsis

    npm start [-- <args>]
    @@ -100,4 +100,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-stop/index.html b/deps/npm/docs/public/cli-commands/npm-stop/index.html index 364899f04eace5..7921860763e439 100644 --- a/deps/npm/docs/public/cli-commands/npm-stop/index.html +++ b/deps/npm/docs/public/cli-commands/npm-stop/index.html @@ -76,7 +76,7 @@ } } }) -

    npm stop

    +

    npm stop

    Stop a package

    Synopsis

    npm stop [-- <args>]
    @@ -96,4 +96,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-team/index.html b/deps/npm/docs/public/cli-commands/npm-team/index.html index 0ac85e3cc367df..a23f856062f4ac 100644 --- a/deps/npm/docs/public/cli-commands/npm-team/index.html +++ b/deps/npm/docs/public/cli-commands/npm-team/index.html @@ -76,7 +76,7 @@ } } }) -

    npm team

    +

    npm team

    Manage organization teams and team memberships

    Synopsis

    npm team create <scope:team>
    @@ -127,4 +127,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-test/index.html b/deps/npm/docs/public/cli-commands/npm-test/index.html index 357a2bc29a28a3..1ec0c7b5b92f7b 100644 --- a/deps/npm/docs/public/cli-commands/npm-test/index.html +++ b/deps/npm/docs/public/cli-commands/npm-test/index.html @@ -76,7 +76,7 @@ } } }) -

    npm test

    +

    npm test

    Test a package

    Synopsis

    npm test [-- <args>]
    @@ -98,4 +98,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-token/index.html b/deps/npm/docs/public/cli-commands/npm-token/index.html index 9fe68f663dff2c..d2ded3c87b6024 100644 --- a/deps/npm/docs/public/cli-commands/npm-token/index.html +++ b/deps/npm/docs/public/cli-commands/npm-token/index.html @@ -76,7 +76,7 @@ } } }) -

    npm token

    +

    npm token

    Manage your authentication tokens

    Synopsis

      npm token list [--json|--parseable]
    @@ -135,4 +135,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-uninstall/index.html b/deps/npm/docs/public/cli-commands/npm-uninstall/index.html index bae132ad5706bd..245310e50c0a4f 100644 --- a/deps/npm/docs/public/cli-commands/npm-uninstall/index.html +++ b/deps/npm/docs/public/cli-commands/npm-uninstall/index.html @@ -76,7 +76,7 @@ } } }) -

    npm uninstall

    +

    npm uninstall

    Remove a package

    Synopsis

    npm uninstall [<@scope>/]<pkg>[@<version>]... [-S|--save|-D|--save-dev|-O|--save-optional|--no-save]
    @@ -120,4 +120,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-unpublish/index.html b/deps/npm/docs/public/cli-commands/npm-unpublish/index.html index bd89b9c762e2e5..3d99b74d919969 100644 --- a/deps/npm/docs/public/cli-commands/npm-unpublish/index.html +++ b/deps/npm/docs/public/cli-commands/npm-unpublish/index.html @@ -76,7 +76,7 @@ } } }) -

    npm unpublish

    +

    npm unpublish

    Remove a package from the registry

    Synopsis

    Unpublishing a single version of a package

    @@ -108,4 +108,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-update/index.html b/deps/npm/docs/public/cli-commands/npm-update/index.html index 2a16ed893fc294..8e06f0ec08dbac 100644 --- a/deps/npm/docs/public/cli-commands/npm-update/index.html +++ b/deps/npm/docs/public/cli-commands/npm-update/index.html @@ -76,7 +76,7 @@ } } }) -

    npm update

    +

    npm update

    Update a package

    Synopsis

    npm update [-g] [<pkg>...]
    @@ -169,4 +169,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-version/index.html b/deps/npm/docs/public/cli-commands/npm-version/index.html index c0e12677dd276f..b387c8a96b78f3 100644 --- a/deps/npm/docs/public/cli-commands/npm-version/index.html +++ b/deps/npm/docs/public/cli-commands/npm-version/index.html @@ -76,7 +76,7 @@ } } }) -

    npm version

    +

    npm version

    Bump a package version

    Synopsis

    npm version [<newversion> | major | minor | patch | premajor | preminor | prepatch | prerelease [--preid=<prerelease-id>] | from-git]
    @@ -182,4 +182,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-view/index.html b/deps/npm/docs/public/cli-commands/npm-view/index.html index 2caa4c9c4b80f1..74d311a1b555b9 100644 --- a/deps/npm/docs/public/cli-commands/npm-view/index.html +++ b/deps/npm/docs/public/cli-commands/npm-view/index.html @@ -76,7 +76,7 @@ } } }) -

    npm view

    +

    npm view

    View registry info

    Synopsis

    npm view [<@scope>/]<name>[@<version>] [<field>[.<subfield>]...]
    @@ -147,4 +147,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm-whoami/index.html b/deps/npm/docs/public/cli-commands/npm-whoami/index.html index 4027baf2365adf..61d32c5fd1ac36 100644 --- a/deps/npm/docs/public/cli-commands/npm-whoami/index.html +++ b/deps/npm/docs/public/cli-commands/npm-whoami/index.html @@ -76,7 +76,7 @@ } } }) -

    npm whoami

    +

    npm whoami

    Display npm username

    Synopsis

    npm whoami [--registry <registry>]
    @@ -94,4 +94,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npm/index.html b/deps/npm/docs/public/cli-commands/npm/index.html index 3ff90ccfd28580..a1c3f80ba9b375 100644 --- a/deps/npm/docs/public/cli-commands/npm/index.html +++ b/deps/npm/docs/public/cli-commands/npm/index.html @@ -76,12 +76,12 @@ } } }) -

    npm

    +

    npm

    javascript package manager

    Synopsis

    npm <command> [args]

    Version

    -

    7.0.2

    +

    7.0.3

    Description

    npm is the package manager for the Node JavaScript platform. It puts modules in place so that node can find them, and manages dependency @@ -213,4 +213,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/cli-commands/npx/index.html b/deps/npm/docs/public/cli-commands/npx/index.html index 3a46ef463923b6..ab41bd2d2a8e8c 100644 --- a/deps/npm/docs/public/cli-commands/npx/index.html +++ b/deps/npm/docs/public/cli-commands/npx/index.html @@ -76,7 +76,7 @@ } } }) -

    npx

    +

    npx

    Run a command from a local or remote npm package

    Synopsis

    npm exec -- <pkg>[@<version>] [args...]
    @@ -206,4 +206,4 @@ 

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/configuring-npm/folders/index.html b/deps/npm/docs/public/configuring-npm/folders/index.html index ea6a649761753c..a9f3fc953b2f89 100644 --- a/deps/npm/docs/public/configuring-npm/folders/index.html +++ b/deps/npm/docs/public/configuring-npm/folders/index.html @@ -76,7 +76,7 @@ } } }) -

    folders

    +

    folders

    Folder Structures Used by npm

    Description

    npm puts various things on your computer. That's its job.

    @@ -242,4 +242,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/configuring-npm/install/index.html b/deps/npm/docs/public/configuring-npm/install/index.html index 8082e3384f2382..3589322c0727cf 100644 --- a/deps/npm/docs/public/configuring-npm/install/index.html +++ b/deps/npm/docs/public/configuring-npm/install/index.html @@ -76,7 +76,7 @@ } } }) -

    install

    +

    install

    Download and Install npm

    Description

    To publish and install packages to and from the public npm registry, you must install Node.js and the npm command line interface using either a Node version manager or a Node installer. We strongly recommend using a Node version manager to install Node.js and npm. We do not recommend using a Node installer, since the Node installation process installs npm in a directory with local permissions and can cause permissions errors when you run npm packages globally.

    @@ -125,4 +125,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/configuring-npm/npmrc/index.html b/deps/npm/docs/public/configuring-npm/npmrc/index.html index 0064d63472956a..a8027775042323 100644 --- a/deps/npm/docs/public/configuring-npm/npmrc/index.html +++ b/deps/npm/docs/public/configuring-npm/npmrc/index.html @@ -76,7 +76,7 @@ } } }) -

    npmrc

    +

    npmrc

    The npm config files

    Description

    npm gets its config settings from the command line, environment @@ -147,4 +147,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/configuring-npm/package-json/index.html b/deps/npm/docs/public/configuring-npm/package-json/index.html index 6c7577a5e2d28f..fd7b43cfc123f3 100644 --- a/deps/npm/docs/public/configuring-npm/package-json/index.html +++ b/deps/npm/docs/public/configuring-npm/package-json/index.html @@ -76,7 +76,7 @@ } } }) -

    package.json

    +

    package.json

    Specifics of npm's package.json handling

    Description

    This document is all you need to know about what's required in your package.json @@ -119,7 +119,7 @@

    node-semver, which is bundled +node-semver, which is bundled with npm as a dependency. (npm install semver to use it yourself.)

    More on version numbers and ranges at semver.

    description

    @@ -733,4 +733,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/configuring-npm/package-lock-json/index.html b/deps/npm/docs/public/configuring-npm/package-lock-json/index.html index 398da3c5252699..e157a5ce3348c6 100644 --- a/deps/npm/docs/public/configuring-npm/package-lock-json/index.html +++ b/deps/npm/docs/public/configuring-npm/package-lock-json/index.html @@ -76,7 +76,7 @@ } } }) -

    package-lock.json

    +

    package-lock.json

    A manifestation of the manifest

    Description

    package-lock.json is automatically generated for any operations where npm @@ -188,4 +188,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/configuring-npm/package-locks/index.html b/deps/npm/docs/public/configuring-npm/package-locks/index.html index cd5c5941ae7b46..25af4d9aa73894 100644 --- a/deps/npm/docs/public/configuring-npm/package-locks/index.html +++ b/deps/npm/docs/public/configuring-npm/package-locks/index.html @@ -76,7 +76,7 @@ } } }) -

    package-locks

    +

    package-locks

    An explanation of npm lockfiles

    Description

    Conceptually, the "input" to npm install is a package.json, while its @@ -216,4 +216,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/configuring-npm/shrinkwrap-json/index.html b/deps/npm/docs/public/configuring-npm/shrinkwrap-json/index.html index aceec977e3280c..e749efeb468f72 100644 --- a/deps/npm/docs/public/configuring-npm/shrinkwrap-json/index.html +++ b/deps/npm/docs/public/configuring-npm/shrinkwrap-json/index.html @@ -76,7 +76,7 @@ } } }) -

    npm shrinkwrap.json

    +

    npm shrinkwrap.json

    A publishable lockfile

    Description

    npm-shrinkwrap.json is a file created by npm shrinkwrap. It is identical to @@ -104,4 +104,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/index.html b/deps/npm/docs/public/index.html index e22f8d4a7aa29c..cc3abe3bf9911b 100644 --- a/deps/npm/docs/public/index.html +++ b/deps/npm/docs/public/index.html @@ -130,4 +130,4 @@ } } }) -
    npm cli _
    The intelligent package manager for the Node Javascript Platform. Install stuff and get coding!
    npm cli _
    The intelligent package manager for the Node Javascript Platform. Install stuff and get coding!
    npm cli _
    The intelligent package manager for the Node Javascript Platform. Install stuff and get coding!

    The current stable version of npm is available on GitHub.

    To upgrade, run: npm install npm@latest -g

    \ No newline at end of file +
    npm cli _
    The intelligent package manager for the Node Javascript Platform. Install stuff and get coding!
    npm cli _
    The intelligent package manager for the Node Javascript Platform. Install stuff and get coding!
    npm cli _
    The intelligent package manager for the Node Javascript Platform. Install stuff and get coding!

    The current stable version of npm is available on GitHub.

    To upgrade, run: npm install npm@latest -g

    \ No newline at end of file diff --git a/deps/npm/docs/public/static/d/2496503923.json b/deps/npm/docs/public/static/d/2496503923.json index 589f21352c46db..2c5a27ba1ec98f 100644 --- a/deps/npm/docs/public/static/d/2496503923.json +++ b/deps/npm/docs/public/static/d/2496503923.json @@ -1 +1 @@ -{"data":{"allMarkdownRemark":{"nodes":[{"fields":{"slug":"/using-npm/semver"},"frontmatter":{"description":null,"section":null,"title":""}},{"fields":{"slug":"/cli-commands/npm-adduser"},"frontmatter":{"description":null,"section":null,"title":""}},{"fields":{"slug":"/cli-commands/npm-dist-tag"},"frontmatter":{"description":null,"section":null,"title":""}},{"fields":{"slug":"/cli-commands/npm-explore"},"frontmatter":{"description":null,"section":null,"title":""}},{"fields":{"slug":"/using-npm/config"},"frontmatter":{"description":"More than you probably want to know about npm configuration","section":"using-npm","title":"config"}},{"fields":{"slug":"/using-npm/developers"},"frontmatter":{"description":"Developer Guide","section":"using-npm","title":"developers"}},{"fields":{"slug":"/using-npm/disputes"},"frontmatter":{"description":"Handling Module Name Disputes","section":"using-npm","title":"disputes"}},{"fields":{"slug":"/configuring-npm/folders"},"frontmatter":{"description":"Folder Structures Used by npm","section":"configuring-npm","title":"folders"}},{"fields":{"slug":"/configuring-npm/install"},"frontmatter":{"description":"Download and install node and npm","section":"configuring-npm","title":"install"}},{"fields":{"slug":"/cli-commands/npm"},"frontmatter":{"description":"javascript package manager","section":"cli-commands","title":"npm"}},{"fields":{"slug":"/cli-commands/npm-access"},"frontmatter":{"description":"Set access level on published packages","section":"cli-commands","title":"npm-access"}},{"fields":{"slug":"/cli-commands/npm-audit"},"frontmatter":{"description":"Run a security audit","section":"cli-commands","title":"npm-audit"}},{"fields":{"slug":"/cli-commands/npm-bin"},"frontmatter":{"description":"Display npm bin folder","section":"cli-commands","title":"npm-bin"}},{"fields":{"slug":"/cli-commands/npm-bugs"},"frontmatter":{"description":"Bugs for a package in a web browser maybe","section":"cli-commands","title":"npm-bugs"}},{"fields":{"slug":"/cli-commands/npm-bundle"},"frontmatter":{"description":"REMOVED","section":"cli-commands","title":"npm-bundle"}},{"fields":{"slug":"/cli-commands/npm-cache"},"frontmatter":{"description":"Manipulates packages cache","section":"cli-commands","title":"npm-cache"}},{"fields":{"slug":"/cli-commands/npm-ci"},"frontmatter":{"description":"Install a project with a clean slate","section":"cli-commands","title":"npm-ci"}},{"fields":{"slug":"/cli-commands/npm-completion"},"frontmatter":{"description":"Tab Completion for npm","section":"cli-commands","title":"npm-completion"}},{"fields":{"slug":"/cli-commands/npm-config"},"frontmatter":{"description":"Manage the npm configuration files","section":"cli-commands","title":"npm-config"}},{"fields":{"slug":"/cli-commands/npm-dedupe"},"frontmatter":{"description":"Reduce duplication","section":"cli-commands","title":"npm-dedupe"}},{"fields":{"slug":"/cli-commands/npm-deprecate"},"frontmatter":{"description":"Deprecate a version of a package","section":"cli-commands","title":"npm-deprecate"}},{"fields":{"slug":"/cli-commands/npm-docs"},"frontmatter":{"description":"Docs for a package in a web browser maybe","section":"cli-commands","title":"npm-docs"}},{"fields":{"slug":"/cli-commands/npm-doctor"},"frontmatter":{"description":"Check your environments","section":"cli-commands","title":"npm-doctor"}},{"fields":{"slug":"/cli-commands/npm-edit"},"frontmatter":{"description":"Edit an installed package","section":"cli-commands","title":"npm-edit"}},{"fields":{"slug":"/cli-commands/npm-exec"},"frontmatter":{"description":"Run a command from a local or remote npm package","section":"cli-commands","title":"npm-exec"}},{"fields":{"slug":"/cli-commands/npm-explain"},"frontmatter":{"description":"Explain installed packages","section":"cli-commands","title":"npm-explain"}},{"fields":{"slug":"/cli-commands/npm-fund"},"frontmatter":{"description":"Retrieve funding information","section":"cli-commands","title":"npm-fund"}},{"fields":{"slug":"/cli-commands/npm-help"},"frontmatter":{"description":"Get help on npm","section":"cli-commands","title":"npm-help"}},{"fields":{"slug":"/cli-commands/npm-help-search"},"frontmatter":{"description":"Search npm help documentation","section":"cli-commands","title":"npm-help-search"}},{"fields":{"slug":"/cli-commands/npm-hook"},"frontmatter":{"description":"Manage registry hooks","section":"cli-commands","title":"npm-hook"}},{"fields":{"slug":"/cli-commands/npm-init"},"frontmatter":{"description":"create a package.json file","section":"cli-commands","title":"npm-init"}},{"fields":{"slug":"/cli-commands/npm-install"},"frontmatter":{"description":"Install a package","section":"cli-commands","title":"npm-install"}},{"fields":{"slug":"/cli-commands/npm-install-ci-test"},"frontmatter":{"description":"Install a project with a clean slate and run tests","section":"cli-commands","title":"npm-install-ci-test"}},{"fields":{"slug":"/cli-commands/npm-install-test"},"frontmatter":{"description":"Install package(s) and run tests","section":"cli-commands","title":"npm-install-test"}},{"fields":{"slug":"/cli-commands/npm-link"},"frontmatter":{"description":"Symlink a package folder","section":"cli-commands","title":"npm-link"}},{"fields":{"slug":"/cli-commands/npm-logout"},"frontmatter":{"description":"Log out of the registry","section":"cli-commands","title":"npm-logout"}},{"fields":{"slug":"/cli-commands/npm-ls"},"frontmatter":{"description":"List installed packages","section":"cli-commands","title":"npm-ls"}},{"fields":{"slug":"/cli-commands/npm-org"},"frontmatter":{"description":"Manage orgs","section":"cli-commands","title":"npm-org"}},{"fields":{"slug":"/cli-commands/npm-outdated"},"frontmatter":{"description":"Check for outdated packages","section":"cli-commands","title":"npm-outdated"}},{"fields":{"slug":"/cli-commands/npm-owner"},"frontmatter":{"description":"Manage package owners","section":"cli-commands","title":"npm-owner"}},{"fields":{"slug":"/cli-commands/npm-pack"},"frontmatter":{"description":"Create a tarball from a package","section":"cli-commands","title":"npm-pack"}},{"fields":{"slug":"/cli-commands/npm-ping"},"frontmatter":{"description":"Ping npm registry","section":"cli-commands","title":"npm-ping"}},{"fields":{"slug":"/cli-commands/npm-prefix"},"frontmatter":{"description":"Display prefix","section":"cli-commands","title":"npm-prefix"}},{"fields":{"slug":"/cli-commands/npm-profile"},"frontmatter":{"description":"Change settings on your registry profile","section":"cli-commands","title":"npm-profile"}},{"fields":{"slug":"/cli-commands/npm-prune"},"frontmatter":{"description":"Remove extraneous packages","section":"cli-commands","title":"npm-prune"}},{"fields":{"slug":"/cli-commands/npm-publish"},"frontmatter":{"description":"Publish a package","section":"cli-commands","title":"npm-publish"}},{"fields":{"slug":"/cli-commands/npm-rebuild"},"frontmatter":{"description":"Rebuild a package","section":"cli-commands","title":"npm-rebuild"}},{"fields":{"slug":"/cli-commands/npm-repo"},"frontmatter":{"description":"Open package repository page in the browser","section":"cli-commands","title":"npm-repo"}},{"fields":{"slug":"/cli-commands/npm-restart"},"frontmatter":{"description":"Restart a package","section":"cli-commands","title":"npm-restart"}},{"fields":{"slug":"/cli-commands/npm-root"},"frontmatter":{"description":"Display npm root","section":"cli-commands","title":"npm-root"}},{"fields":{"slug":"/cli-commands/npm-run-script"},"frontmatter":{"description":"Run arbitrary package scripts","section":"cli-commands","title":"npm-run-script"}},{"fields":{"slug":"/cli-commands/npm-search"},"frontmatter":{"description":"Search for packages","section":"cli-commands","title":"npm-search"}},{"fields":{"slug":"/cli-commands/npm-shrinkwrap"},"frontmatter":{"description":"Lock down dependency versions for publication","section":"cli-commands","title":"npm-shrinkwrap"}},{"fields":{"slug":"/cli-commands/npm-star"},"frontmatter":{"description":"Mark your favorite packages","section":"cli-commands","title":"npm-star"}},{"fields":{"slug":"/cli-commands/npm-stars"},"frontmatter":{"description":"View packages marked as favorites","section":"cli-commands","title":"npm-stars"}},{"fields":{"slug":"/cli-commands/npm-start"},"frontmatter":{"description":"Start a package","section":"cli-commands","title":"npm-start"}},{"fields":{"slug":"/cli-commands/npm-stop"},"frontmatter":{"description":"Stop a package","section":"cli-commands","title":"npm-stop"}},{"fields":{"slug":"/cli-commands/npm-team"},"frontmatter":{"description":"Manage organization teams and team memberships","section":"cli-commands","title":"npm-team"}},{"fields":{"slug":"/cli-commands/npm-test"},"frontmatter":{"description":"Test a package","section":"cli-commands","title":"npm-test"}},{"fields":{"slug":"/cli-commands/npm-token"},"frontmatter":{"description":"Manage your authentication tokens","section":"cli-commands","title":"npm-token"}},{"fields":{"slug":"/cli-commands/npm-uninstall"},"frontmatter":{"description":"Remove a package","section":"cli-commands","title":"npm-uninstall"}},{"fields":{"slug":"/cli-commands/npm-unpublish"},"frontmatter":{"description":"Remove a package from the registry","section":"cli-commands","title":"npm-unpublish"}},{"fields":{"slug":"/cli-commands/npm-update"},"frontmatter":{"description":"Update a package","section":"cli-commands","title":"npm-update"}},{"fields":{"slug":"/cli-commands/npm-version"},"frontmatter":{"description":"Bump a package version","section":"cli-commands","title":"npm-version"}},{"fields":{"slug":"/cli-commands/npm-view"},"frontmatter":{"description":"View registry info","section":"cli-commands","title":"npm-view"}},{"fields":{"slug":"/cli-commands/npm-whoami"},"frontmatter":{"description":"Display npm username","section":"cli-commands","title":"npm-whoami"}},{"fields":{"slug":"/configuring-npm/npmrc"},"frontmatter":{"description":"The npm config files","section":"configuring-npm","title":"npmrc"}},{"fields":{"slug":"/cli-commands/npx"},"frontmatter":{"description":"Run a command from a local or remote npm package","section":"cli-commands","title":"npx"}},{"fields":{"slug":"/using-npm/orgs"},"frontmatter":{"description":"Working with Teams & Orgs","section":"using-npm","title":"orgs"}},{"fields":{"slug":"/configuring-npm/package-lock-json"},"frontmatter":{"description":"A manifestation of the manifest","section":"configuring-npm","title":"package-lock.json"}},{"fields":{"slug":"/configuring-npm/package-locks"},"frontmatter":{"description":"An explanation of npm lockfiles","section":"configuring-npm","title":"package-locks"}},{"fields":{"slug":"/configuring-npm/package-json"},"frontmatter":{"description":"Specifics of npm's package.json handling","section":"configuring-npm","title":"package.json"}},{"fields":{"slug":"/using-npm/registry"},"frontmatter":{"description":"The JavaScript Package Registry","section":"using-npm","title":"registry"}},{"fields":{"slug":"/using-npm/removal"},"frontmatter":{"description":"Cleaning the Slate","section":"using-npm","title":"removal"}},{"fields":{"slug":"/using-npm/scope"},"frontmatter":{"description":"Scoped packages","section":"using-npm","title":"scope"}},{"fields":{"slug":"/using-npm/scripts"},"frontmatter":{"description":"How npm handles the \"scripts\" field","section":"using-npm","title":"scripts"}},{"fields":{"slug":"/configuring-npm/shrinkwrap-json"},"frontmatter":{"description":"A publishable lockfile","section":"configuring-npm","title":"shrinkwrap.json"}},{"fields":{"slug":"/using-npm/workspaces"},"frontmatter":{"description":"Working with workspaces","section":"using-npm","title":"workspaces"}}]}}} \ No newline at end of file +{"data":{"allMarkdownRemark":{"nodes":[{"fields":{"slug":"/using-npm/semver"},"frontmatter":{"description":null,"section":null,"title":""}},{"fields":{"slug":"/cli-commands/npm-adduser"},"frontmatter":{"description":null,"section":null,"title":""}},{"fields":{"slug":"/cli-commands/npm-dist-tag"},"frontmatter":{"description":null,"section":null,"title":""}},{"fields":{"slug":"/cli-commands/npm-explore"},"frontmatter":{"description":null,"section":null,"title":""}},{"fields":{"slug":"/using-npm/config"},"frontmatter":{"description":"More than you probably want to know about npm configuration","section":"using-npm","title":"config"}},{"fields":{"slug":"/using-npm/developers"},"frontmatter":{"description":"Developer Guide","section":"using-npm","title":"developers"}},{"fields":{"slug":"/using-npm/disputes"},"frontmatter":{"description":"Handling Module Name Disputes","section":"using-npm","title":"disputes"}},{"fields":{"slug":"/configuring-npm/folders"},"frontmatter":{"description":"Folder Structures Used by npm","section":"configuring-npm","title":"folders"}},{"fields":{"slug":"/configuring-npm/install"},"frontmatter":{"description":"Download and install node and npm","section":"configuring-npm","title":"install"}},{"fields":{"slug":"/cli-commands/npm"},"frontmatter":{"description":"javascript package manager","section":"cli-commands","title":"npm"}},{"fields":{"slug":"/cli-commands/npm-access"},"frontmatter":{"description":"Set access level on published packages","section":"cli-commands","title":"npm-access"}},{"fields":{"slug":"/cli-commands/npm-audit"},"frontmatter":{"description":"Run a security audit","section":"cli-commands","title":"npm-audit"}},{"fields":{"slug":"/cli-commands/npm-bin"},"frontmatter":{"description":"Display npm bin folder","section":"cli-commands","title":"npm-bin"}},{"fields":{"slug":"/cli-commands/npm-bugs"},"frontmatter":{"description":"Bugs for a package in a web browser maybe","section":"cli-commands","title":"npm-bugs"}},{"fields":{"slug":"/cli-commands/npm-cache"},"frontmatter":{"description":"Manipulates packages cache","section":"cli-commands","title":"npm-cache"}},{"fields":{"slug":"/cli-commands/npm-ci"},"frontmatter":{"description":"Install a project with a clean slate","section":"cli-commands","title":"npm-ci"}},{"fields":{"slug":"/cli-commands/npm-completion"},"frontmatter":{"description":"Tab Completion for npm","section":"cli-commands","title":"npm-completion"}},{"fields":{"slug":"/cli-commands/npm-config"},"frontmatter":{"description":"Manage the npm configuration files","section":"cli-commands","title":"npm-config"}},{"fields":{"slug":"/cli-commands/npm-dedupe"},"frontmatter":{"description":"Reduce duplication","section":"cli-commands","title":"npm-dedupe"}},{"fields":{"slug":"/cli-commands/npm-deprecate"},"frontmatter":{"description":"Deprecate a version of a package","section":"cli-commands","title":"npm-deprecate"}},{"fields":{"slug":"/cli-commands/npm-docs"},"frontmatter":{"description":"Docs for a package in a web browser maybe","section":"cli-commands","title":"npm-docs"}},{"fields":{"slug":"/cli-commands/npm-doctor"},"frontmatter":{"description":"Check your environments","section":"cli-commands","title":"npm-doctor"}},{"fields":{"slug":"/cli-commands/npm-edit"},"frontmatter":{"description":"Edit an installed package","section":"cli-commands","title":"npm-edit"}},{"fields":{"slug":"/cli-commands/npm-exec"},"frontmatter":{"description":"Run a command from a local or remote npm package","section":"cli-commands","title":"npm-exec"}},{"fields":{"slug":"/cli-commands/npm-explain"},"frontmatter":{"description":"Explain installed packages","section":"cli-commands","title":"npm-explain"}},{"fields":{"slug":"/cli-commands/npm-fund"},"frontmatter":{"description":"Retrieve funding information","section":"cli-commands","title":"npm-fund"}},{"fields":{"slug":"/cli-commands/npm-help"},"frontmatter":{"description":"Get help on npm","section":"cli-commands","title":"npm-help"}},{"fields":{"slug":"/cli-commands/npm-help-search"},"frontmatter":{"description":"Search npm help documentation","section":"cli-commands","title":"npm-help-search"}},{"fields":{"slug":"/cli-commands/npm-hook"},"frontmatter":{"description":"Manage registry hooks","section":"cli-commands","title":"npm-hook"}},{"fields":{"slug":"/cli-commands/npm-init"},"frontmatter":{"description":"create a package.json file","section":"cli-commands","title":"npm-init"}},{"fields":{"slug":"/cli-commands/npm-install"},"frontmatter":{"description":"Install a package","section":"cli-commands","title":"npm-install"}},{"fields":{"slug":"/cli-commands/npm-install-ci-test"},"frontmatter":{"description":"Install a project with a clean slate and run tests","section":"cli-commands","title":"npm-install-ci-test"}},{"fields":{"slug":"/cli-commands/npm-install-test"},"frontmatter":{"description":"Install package(s) and run tests","section":"cli-commands","title":"npm-install-test"}},{"fields":{"slug":"/cli-commands/npm-link"},"frontmatter":{"description":"Symlink a package folder","section":"cli-commands","title":"npm-link"}},{"fields":{"slug":"/cli-commands/npm-logout"},"frontmatter":{"description":"Log out of the registry","section":"cli-commands","title":"npm-logout"}},{"fields":{"slug":"/cli-commands/npm-ls"},"frontmatter":{"description":"List installed packages","section":"cli-commands","title":"npm-ls"}},{"fields":{"slug":"/cli-commands/npm-org"},"frontmatter":{"description":"Manage orgs","section":"cli-commands","title":"npm-org"}},{"fields":{"slug":"/cli-commands/npm-outdated"},"frontmatter":{"description":"Check for outdated packages","section":"cli-commands","title":"npm-outdated"}},{"fields":{"slug":"/cli-commands/npm-owner"},"frontmatter":{"description":"Manage package owners","section":"cli-commands","title":"npm-owner"}},{"fields":{"slug":"/cli-commands/npm-pack"},"frontmatter":{"description":"Create a tarball from a package","section":"cli-commands","title":"npm-pack"}},{"fields":{"slug":"/cli-commands/npm-ping"},"frontmatter":{"description":"Ping npm registry","section":"cli-commands","title":"npm-ping"}},{"fields":{"slug":"/cli-commands/npm-prefix"},"frontmatter":{"description":"Display prefix","section":"cli-commands","title":"npm-prefix"}},{"fields":{"slug":"/cli-commands/npm-profile"},"frontmatter":{"description":"Change settings on your registry profile","section":"cli-commands","title":"npm-profile"}},{"fields":{"slug":"/cli-commands/npm-prune"},"frontmatter":{"description":"Remove extraneous packages","section":"cli-commands","title":"npm-prune"}},{"fields":{"slug":"/cli-commands/npm-publish"},"frontmatter":{"description":"Publish a package","section":"cli-commands","title":"npm-publish"}},{"fields":{"slug":"/cli-commands/npm-rebuild"},"frontmatter":{"description":"Rebuild a package","section":"cli-commands","title":"npm-rebuild"}},{"fields":{"slug":"/cli-commands/npm-repo"},"frontmatter":{"description":"Open package repository page in the browser","section":"cli-commands","title":"npm-repo"}},{"fields":{"slug":"/cli-commands/npm-restart"},"frontmatter":{"description":"Restart a package","section":"cli-commands","title":"npm-restart"}},{"fields":{"slug":"/cli-commands/npm-root"},"frontmatter":{"description":"Display npm root","section":"cli-commands","title":"npm-root"}},{"fields":{"slug":"/cli-commands/npm-run-script"},"frontmatter":{"description":"Run arbitrary package scripts","section":"cli-commands","title":"npm-run-script"}},{"fields":{"slug":"/cli-commands/npm-search"},"frontmatter":{"description":"Search for packages","section":"cli-commands","title":"npm-search"}},{"fields":{"slug":"/cli-commands/npm-shrinkwrap"},"frontmatter":{"description":"Lock down dependency versions for publication","section":"cli-commands","title":"npm-shrinkwrap"}},{"fields":{"slug":"/cli-commands/npm-star"},"frontmatter":{"description":"Mark your favorite packages","section":"cli-commands","title":"npm-star"}},{"fields":{"slug":"/cli-commands/npm-stars"},"frontmatter":{"description":"View packages marked as favorites","section":"cli-commands","title":"npm-stars"}},{"fields":{"slug":"/cli-commands/npm-start"},"frontmatter":{"description":"Start a package","section":"cli-commands","title":"npm-start"}},{"fields":{"slug":"/cli-commands/npm-stop"},"frontmatter":{"description":"Stop a package","section":"cli-commands","title":"npm-stop"}},{"fields":{"slug":"/cli-commands/npm-team"},"frontmatter":{"description":"Manage organization teams and team memberships","section":"cli-commands","title":"npm-team"}},{"fields":{"slug":"/cli-commands/npm-test"},"frontmatter":{"description":"Test a package","section":"cli-commands","title":"npm-test"}},{"fields":{"slug":"/cli-commands/npm-token"},"frontmatter":{"description":"Manage your authentication tokens","section":"cli-commands","title":"npm-token"}},{"fields":{"slug":"/cli-commands/npm-uninstall"},"frontmatter":{"description":"Remove a package","section":"cli-commands","title":"npm-uninstall"}},{"fields":{"slug":"/cli-commands/npm-unpublish"},"frontmatter":{"description":"Remove a package from the registry","section":"cli-commands","title":"npm-unpublish"}},{"fields":{"slug":"/cli-commands/npm-update"},"frontmatter":{"description":"Update a package","section":"cli-commands","title":"npm-update"}},{"fields":{"slug":"/cli-commands/npm-version"},"frontmatter":{"description":"Bump a package version","section":"cli-commands","title":"npm-version"}},{"fields":{"slug":"/cli-commands/npm-view"},"frontmatter":{"description":"View registry info","section":"cli-commands","title":"npm-view"}},{"fields":{"slug":"/cli-commands/npm-whoami"},"frontmatter":{"description":"Display npm username","section":"cli-commands","title":"npm-whoami"}},{"fields":{"slug":"/configuring-npm/npmrc"},"frontmatter":{"description":"The npm config files","section":"configuring-npm","title":"npmrc"}},{"fields":{"slug":"/cli-commands/npx"},"frontmatter":{"description":"Run a command from a local or remote npm package","section":"cli-commands","title":"npx"}},{"fields":{"slug":"/using-npm/orgs"},"frontmatter":{"description":"Working with Teams & Orgs","section":"using-npm","title":"orgs"}},{"fields":{"slug":"/configuring-npm/package-lock-json"},"frontmatter":{"description":"A manifestation of the manifest","section":"configuring-npm","title":"package-lock.json"}},{"fields":{"slug":"/configuring-npm/package-locks"},"frontmatter":{"description":"An explanation of npm lockfiles","section":"configuring-npm","title":"package-locks"}},{"fields":{"slug":"/configuring-npm/package-json"},"frontmatter":{"description":"Specifics of npm's package.json handling","section":"configuring-npm","title":"package.json"}},{"fields":{"slug":"/using-npm/registry"},"frontmatter":{"description":"The JavaScript Package Registry","section":"using-npm","title":"registry"}},{"fields":{"slug":"/using-npm/removal"},"frontmatter":{"description":"Cleaning the Slate","section":"using-npm","title":"removal"}},{"fields":{"slug":"/using-npm/scope"},"frontmatter":{"description":"Scoped packages","section":"using-npm","title":"scope"}},{"fields":{"slug":"/using-npm/scripts"},"frontmatter":{"description":"How npm handles the \"scripts\" field","section":"using-npm","title":"scripts"}},{"fields":{"slug":"/configuring-npm/shrinkwrap-json"},"frontmatter":{"description":"A publishable lockfile","section":"configuring-npm","title":"shrinkwrap.json"}},{"fields":{"slug":"/using-npm/workspaces"},"frontmatter":{"description":"Working with workspaces","section":"using-npm","title":"workspaces"}}]}}} \ No newline at end of file diff --git a/deps/npm/docs/public/using-npm/config/index.html b/deps/npm/docs/public/using-npm/config/index.html index 3f5af586a0003a..8ee559c9b613a1 100644 --- a/deps/npm/docs/public/using-npm/config/index.html +++ b/deps/npm/docs/public/using-npm/config/index.html @@ -76,7 +76,7 @@ } } }) -

    config

    +

    config

    More than you probably want to know about npm configuration

    Description

    npm gets its configuration values from the following sources, sorted by priority:

    @@ -1184,4 +1184,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/using-npm/developers/index.html b/deps/npm/docs/public/using-npm/developers/index.html index 3a9cc7731dea61..e789b9b8fdf5d3 100644 --- a/deps/npm/docs/public/using-npm/developers/index.html +++ b/deps/npm/docs/public/using-npm/developers/index.html @@ -76,7 +76,7 @@ } } }) -

    developers

    +

    developers

    Developer Guide

    Description

    So, you've decided to use npm to develop (and maybe publish/deploy) @@ -261,4 +261,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/using-npm/disputes/index.html b/deps/npm/docs/public/using-npm/disputes/index.html index b1d312a64f1cd5..904d93b4b47fd8 100644 --- a/deps/npm/docs/public/using-npm/disputes/index.html +++ b/deps/npm/docs/public/using-npm/disputes/index.html @@ -76,7 +76,7 @@ } } }) -

    disputes

    +

    disputes

    Handling Module Name Disputes

    This document describes the steps that you should take to resolve module name disputes with other npm publishers. It also describes special steps you should @@ -194,4 +194,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/using-npm/orgs/index.html b/deps/npm/docs/public/using-npm/orgs/index.html index 4d05c31ac87130..2cbe4a92d98133 100644 --- a/deps/npm/docs/public/using-npm/orgs/index.html +++ b/deps/npm/docs/public/using-npm/orgs/index.html @@ -76,7 +76,7 @@ } } }) -

    orgs

    +

    orgs

    Working with Teams & Orgs

    Description

    There are three levels of org users:

    @@ -146,4 +146,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/using-npm/registry/index.html b/deps/npm/docs/public/using-npm/registry/index.html index d518d6ca45ffd4..e0a5ce49673168 100644 --- a/deps/npm/docs/public/using-npm/registry/index.html +++ b/deps/npm/docs/public/using-npm/registry/index.html @@ -76,7 +76,7 @@ } } }) -

    registry

    +

    registry

    The JavaScript Package Registry

    Description

    To resolve packages by name and version, npm talks to a registry website @@ -158,4 +158,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/using-npm/removal/index.html b/deps/npm/docs/public/using-npm/removal/index.html index d984bb73d3a67e..ee3bfaaaf0d7d5 100644 --- a/deps/npm/docs/public/using-npm/removal/index.html +++ b/deps/npm/docs/public/using-npm/removal/index.html @@ -76,7 +76,7 @@ } } }) -

    removal

    +

    removal

    Cleaning the Slate

    Synopsis

    So sad to see you go.

    @@ -118,4 +118,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/using-npm/scope/index.html b/deps/npm/docs/public/using-npm/scope/index.html index 3d1ea0bc2043b1..807cb2c33ebdb5 100644 --- a/deps/npm/docs/public/using-npm/scope/index.html +++ b/deps/npm/docs/public/using-npm/scope/index.html @@ -76,7 +76,7 @@ } } }) -

    scope

    +

    scope

    Scoped packages

    Description

    All npm packages have a name. Some package names also have a scope. A scope @@ -161,4 +161,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/using-npm/scripts/index.html b/deps/npm/docs/public/using-npm/scripts/index.html index 864f5e90a2f234..a334ac28b269de 100644 --- a/deps/npm/docs/public/using-npm/scripts/index.html +++ b/deps/npm/docs/public/using-npm/scripts/index.html @@ -76,7 +76,7 @@ } } }) -

    scripts

    +

    scripts

    How npm handles the "scripts" field

    Description

    The "scripts" property of of your package.json file supports a number of built-in scripts and their preset life cycle events as well as arbitrary scripts. These all can be executed by running npm run-script <stage> or npm run <stage> for short. Pre and post commands with matching names will be run for those as well (e.g. premyscript, myscript, postmyscript). Scripts from dependencies can be run with npm explore <pkg> -- npm run <stage>.

    @@ -325,4 +325,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/using-npm/semver/index.html b/deps/npm/docs/public/using-npm/semver/index.html index 40e9d2ea6cf068..cf026b62f32bae 100644 --- a/deps/npm/docs/public/using-npm/semver/index.html +++ b/deps/npm/docs/public/using-npm/semver/index.html @@ -76,7 +76,7 @@ } } }) -

    semver(7) -- The semantic versioner for npm

    +

    semver(7) -- The semantic versioner for npm

    Install

    npm install --save semver

    Usage

    @@ -437,4 +437,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/docs/public/using-npm/workspaces/index.html b/deps/npm/docs/public/using-npm/workspaces/index.html index 54f92e26279eb9..f22c01be4d811a 100644 --- a/deps/npm/docs/public/using-npm/workspaces/index.html +++ b/deps/npm/docs/public/using-npm/workspaces/index.html @@ -76,7 +76,7 @@ } } }) -

    scope

    +

    scope

    Workspaces

    Description

    Workspaces is a generic term that refers to the set of features in the @@ -147,4 +147,4 @@

    \ No newline at end of file +
    \ No newline at end of file diff --git a/deps/npm/lib/cache.js b/deps/npm/lib/cache.js index 3a4681b2af107f..dc3a6de727846c 100644 --- a/deps/npm/lib/cache.js +++ b/deps/npm/lib/cache.js @@ -56,14 +56,20 @@ const clean = async (args) => { } const cachePath = path.join(npm.cache, '_cacache') if (!npm.flatOptions.force) { - throw new Error('As of npm@5, the npm cache self-heals from corruption ' + - 'issues and data extracted from the cache is guaranteed to be valid. ' + - 'If you want to make sure everything is consistent, use `npm cache ' + - 'verify` instead. On the other hand, if you\'re debugging an issue ' + - 'with the installer, you can use `npm install --cache /tmp/empty-cache` ' + - 'to use a temporary cache instead of nuking the actual one.\n\n' + - 'If you\'re sure you want to delete the entire cache, rerun this ' + - 'command with --force.') + throw new Error(`As of npm@5, the npm cache self-heals from corruption issues +by treating integrity mismatches as cache misses. As a result, +data extracted from the cache is guaranteed to be valid. If you +want to make sure everything is consistent, use \`npm cache verify\` +instead. Deleting the cache can only make npm go slower, and is +not likely to correct any problems you may be encountering! + +On the other hand, if you're debugging an issue with the installer, +or race conditions that depend on the timing of writing to an empty +cache, you can use \`npm install --cache /tmp/empty-cache\` to use a +temporary cache instead of nuking the actual one. + +If you're sure you want to delete the entire cache, rerun this command +with --force.`) } return rimraf(cachePath) } diff --git a/deps/npm/lib/install.js b/deps/npm/lib/install.js index 68778d45a14690..b2ab753bcd9fc6 100644 --- a/deps/npm/lib/install.js +++ b/deps/npm/lib/install.js @@ -83,7 +83,7 @@ const usage = usageUtil( '\nnpm install ' + '\nnpm install ' + '\nnpm install /', - '[--save-prod|--save-dev|--save-optional] [--save-exact] [--no-save]' + '[--save-prod|--save-dev|--save-optional|--save-peer] [--save-exact] [--no-save]' ) const completion = async (opts, cb) => { diff --git a/deps/npm/lib/ls.js b/deps/npm/lib/ls.js index d55cdfb455cba0..2dd6e4d4e8ac30 100644 --- a/deps/npm/lib/ls.js +++ b/deps/npm/lib/ls.js @@ -488,7 +488,7 @@ const ls = async (args) => { ) // if filtering items, should exit with error code on no results - if (!tree[_include] && args.length) { + if (result && !result[_include] && args.length) { process.exitCode = 1 } diff --git a/deps/npm/lib/run-script.js b/deps/npm/lib/run-script.js index 90f11270c65d1e..989936f2546a96 100644 --- a/deps/npm/lib/run-script.js +++ b/deps/npm/lib/run-script.js @@ -69,7 +69,7 @@ const runScript = async (args) => { path, args, scriptShell, - stdio: log.level === 'silent' ? 'pipe' : 'inherit', + stdio: 'inherit', stdioString: true, pkg } diff --git a/deps/npm/man/man1/npm-access.1 b/deps/npm/man/man1/npm-access.1 index df3429c6078ed4..0e372f729d4867 100644 --- a/deps/npm/man/man1/npm-access.1 +++ b/deps/npm/man/man1/npm-access.1 @@ -76,11 +76,12 @@ of a team or directly as an owner\. .RE .P -If you have two\-factor authentication enabled then you'll have to pass in an -otp with \fB\-\-otp\fP when making access changes\. +If you have two\-factor authentication enabled then you'll be prompted to +provide an otp token, or may use the \fB\-\-otp=\.\.\.\fP option to specify it on +the command line\. .P -If your account is not paid, then attempts to publish scoped packages will fail -with an HTTP 402 status code (logically enough), unless you use +If your account is not paid, then attempts to publish scoped packages will +fail with an HTTP 402 status code (logically enough), unless you use \fB\-\-access=public\fP\|\. .P Management of teams and team memberships is done with the \fBnpm team\fP command\. diff --git a/deps/npm/man/man1/npm-adduser.1 b/deps/npm/man/man1/npm-adduser.1 index ce66d8301a8f32..8d434920c57589 100644 --- a/deps/npm/man/man1/npm-adduser.1 +++ b/deps/npm/man/man1/npm-adduser.1 @@ -52,7 +52,7 @@ e\.g\. .P .RS 2 .nf - npm adduser \-\-registry=http://myregistry\.example\.com \-\-scope=@myco +npm adduser \-\-registry=http://myregistry\.example\.com \-\-scope=@myco .fi .RE .P @@ -68,7 +68,7 @@ registries\. Can be used with \fB\-\-registry\fP and / or \fB\-\-scope\fP, e\.g\ .P .RS 2 .nf - npm adduser \-\-registry=http://private\-registry\.example\.com \-\-always\-auth +npm adduser \-\-registry=http://private\-registry\.example\.com \-\-always\-auth .fi .RE .P diff --git a/deps/npm/man/man1/npm-audit.1 b/deps/npm/man/man1/npm-audit.1 index b69dc654ac3823..d6e70e864b0fe5 100644 --- a/deps/npm/man/man1/npm-audit.1 +++ b/deps/npm/man/man1/npm-audit.1 @@ -11,6 +11,125 @@ npm audit fix [\-\-force|\-\-package\-lock\-only|\-\-dry\-run] common options: [\-\-production] [\-\-only=(dev|prod)] .fi .RE +.SS Description +.P +The audit command submits a description of the dependencies configured in +your project to your default registry and asks for a report of known +vulnerabilities\. If any vulnerabilities are found, then the impact and +appropriate remediation will be calculated\. If the \fBfix\fP argument is +provided, then remediations will be applied to the package tree\. +.P +The command will exit with a 0 exit code if no vulnerabilities were found\. +.P +Note that some vulnerabilities cannot be fixed automatically and will +require manual intervention or review\. Also note that since \fBnpm audit +fix\fP runs a full\-fledged \fBnpm install\fP under the hood, all configs that +apply to the installer will also apply to \fBnpm install\fP \-\- so things like +\fBnpm audit fix \-\-package\-lock\-only\fP will work as expected\. +.P +By default, the audit command will exit with a non\-zero code if any +vulnerability is found\. It may be useful in CI environments to include the +\fB\-\-audit\-level\fP parameter to specify the minimum vulnerability level that +will cause the command to fail\. This option does not filter the report +output, it simply changes the command's failure threshold\. +.SS Audit Endpoints +.P +There are two audit endpoints that npm may use to fetch vulnerability +information: the \fBBulk Advisory\fP endpoint and the \fBQuick Audit\fP endpoint\. +.SS Bulk Advisory Endpoint +.P +As of version 7, npm uses the much faster \fBBulk Advisory\fP endpoint to +optimize the speed of calculating audit results\. +.P +npm will generate a JSON payload with the name and list of versions of each +package in the tree, and POST it to the default configured registry at +the path \fB/\-/npm/v1/security/advisories/bulk\fP\|\. +.P +Any packages in the tree that do not have a \fBversion\fP field in their +package\.json file will be ignored\. If any \fB\-\-omit\fP options are specified +(either via the \fB\-\-omit\fP config, or one of the shorthands such as +\fB\-\-production\fP, \fB\-\-only=dev\fP, and so on), then packages will be omitted +from the submitted payload as appropriate\. +.P +If the registry responds with an error, or with an invalid response, then +npm will attempt to load advisory data from the \fBQuick Audit\fP endpoint\. +.P +The expected result will contain a set of advisory objects for each +dependency that matches the advisory range\. Each advisory object contains +a \fBname\fP, \fBurl\fP, \fBid\fP, \fBseverity\fP, \fBvulnerable_versions\fP, and \fBtitle\fP\|\. +.P +npm then uses these advisory objects to calculate vulnerabilities and +meta\-vulnerabilities of the dependencies within the tree\. +.SS Quick Audit Endpoint +.P +If the \fBBulk Advisory\fP endpoint returns an error, or invalid data, npm will +attempt to load advisory data from the \fBQuick Audit\fP endpoint, which is +considerably slower in most cases\. +.P +The full package tree as found in \fBpackage\-lock\.json\fP is submitted, along +with the following pieces of additional metadata: +.RS 0 +.IP \(bu 2 +\fBnpm_version\fP +.IP \(bu 2 +\fBnode_version\fP +.IP \(bu 2 +\fBplatform\fP +.IP \(bu 2 +\fBarch\fP +.IP \(bu 2 +\fBnode_env\fP + +.RE +.P +All packages in the tree are submitted to the Quick Audit endpoint\. +Omitted dependency types are skipped when generating the report\. +.SS Scrubbing +.P +Out of an abundance of caution, npm versions 5 and 6 would "scrub" any +packages from the submitted report if their name contained a \fB/\fP character, +so as to avoid leaking the names of potentially private packages or git +URLs\. +.P +However, in practice, this resulted in audits often failing to properly +detect meta\-vulnerabilities, because the tree would appear to be invalid +due to missing dependencies, and prevented the detection of vulnerabilities +in package trees that used git dependencies or private modules\. +.P +This scrubbing has been removed from npm as of version 7\. +.SS Calculating Meta\-Vulnerabilities and Remediations +.P +npm uses the +\fB@npmcli/metavuln\-calculator\fP \fIhttp://npm\.im/@npmcli/metavuln\-calculator\fR +module to turn a set of security advisories into a set of "vulnerability" +objects\. A "meta\-vulnerability" is a dependency that is vulnerable by +virtue of dependence on vulnerable versions of a vulnerable package\. +.P +For example, if the package \fBfoo\fP is vulnerable in the range \fB>=1\.0\.2 +<2\.0\.0\fP, and the package \fBbar\fP depends on \fBfoo@^1\.1\.0\fP, then that version +of \fBbar\fP can only be installed by installing a vulnerable version of \fBfoo\fP\|\. +In this case, \fBbar\fP is a "metavulnerability"\. +.P +Once metavulnerabilities for a given package are calculated, they are +cached in the \fB~/\.npm\fP folder and only re\-evaluated if the advisory range +changes, or a new version of the package is published (in which case, the +new version is checked for metavulnerable status as well)\. +.P +If the chain of metavulnerabilities extends all the way to the root +project, and it cannot be updated without changing its dependency ranges, +then \fBnpm audit fix\fP will require the \fB\-\-force\fP option to apply the +remediation\. If remediations do not require changes to the dependency +ranges, then all vulnerable packages will be updated to a version that does +not have an advisory or metavulnerability posted against it\. +.SS Exit Code +.P +The \fBnpm audit\fP command will exit with a 0 exit code if no vulnerabilities +were found\. The \fBnpm audit fix\fP command will exit with 0 exit code if no +vulnerabilities are found \fIor\fR if the remediation is able to successfully +fix all vulnerabilities\. +.P +If vulnerabilities were found the exit code will depend on the +\fBaudit\-level\fP configuration setting\. .SS Examples .P Scan your project for vulnerabilities and automatically install any compatible @@ -39,8 +158,8 @@ $ npm audit fix \-\-only=prod .fi .RE .P -Have \fBaudit fix\fP install semver\-major updates to toplevel dependencies, not just -semver\-compatible ones: +Have \fBaudit fix\fP install SemVer\-major updates to toplevel dependencies, not +just SemVer\-compatible ones: .P .RS 2 .nf @@ -57,8 +176,8 @@ $ npm audit fix \-\-dry\-run \-\-json .fi .RE .P -Scan your project for vulnerabilities and just show the details, without fixing -anything: +Scan your project for vulnerabilities and just show the details, without +fixing anything: .P .RS 2 .nf @@ -74,24 +193,6 @@ $ npm audit \-\-json .fi .RE .P -Get the detailed audit report in plain text result, separated by tab characters, allowing for -future reuse in scripting or command line post processing, like for example, selecting -some of the columns printed: -.P -.RS 2 -.nf -$ npm audit \-\-parseable -.fi -.RE -.P -To parse columns, you can use for example \fBawk\fP, and just print some of them: -.P -.RS 2 -.nf -$ npm audit \-\-parseable | awk \-F $'\\t' '{print $1,$4}' -.fi -.RE -.P Fail an audit only if the results include a vulnerability with a level of moderate or higher: .P .RS 2 @@ -99,68 +200,6 @@ Fail an audit only if the results include a vulnerability with a level of modera $ npm audit \-\-audit\-level=moderate .fi .RE -.SS Description -.P -The audit command submits a description of the dependencies configured in -your project to your default registry and asks for a report of known -vulnerabilities\. The report returned includes instructions on how to act on -this information\. The command will exit with a 0 exit code if no -vulnerabilities were found\. -.P -You can also have npm automatically fix the vulnerabilities by running \fBnpm -audit fix\fP\|\. Note that some vulnerabilities cannot be fixed automatically and -will require manual intervention or review\. Also note that since \fBnpm audit fix\fP -runs a full\-fledged \fBnpm install\fP under the hood, all configs that apply to the -installer will also apply to \fBnpm install\fP \-\- so things like \fBnpm audit fix -\-\-package\-lock\-only\fP will work as expected\. -.P -By default, the audit command will exit with a non\-zero code if any vulnerability -is found\. It may be useful in CI environments to include the \fB\-\-audit\-level\fP parameter -to specify the minimum vulnerability level that will cause the command to fail\. This -option does not filter the report output, it simply changes the command's failure -threshold\. -.SS Content Submitted -.RS 0 -.IP \(bu 2 -npm_version -.IP \(bu 2 -node_version -.IP \(bu 2 -platform -.IP \(bu 2 -node_env -.IP \(bu 2 -A scrubbed version of your package\-lock\.json or npm\-shrinkwrap\.json - -.RE -.SS Scrubbing -.P -In order to ensure that potentially sensitive information is not included in -the audit data bundle, some dependencies may have their names (and sometimes -versions) replaced with opaque non\-reversible identifiers\. It is done for -the following dependency types: -.RS 0 -.IP \(bu 2 -Any module referencing a scope that is configured for a non\-default -registry has its name scrubbed\. (That is, a scope you did a \fBnpm login \-\-scope=@ourscope\fP for\.) -.IP \(bu 2 -All git dependencies have their names and specifiers scrubbed\. -.IP \(bu 2 -All remote tarball dependencies have their names and specifiers scrubbed\. -.IP \(bu 2 -All local directory and tarball dependencies have their names and specifiers scrubbed\. - -.RE -.P -The non\-reversible identifiers are a sha256 of a session\-specific UUID and the -value being replaced, ensuring a consistent value within the payload that is -different between runs\. -.SS Exit Code -.P -The \fBnpm audit\fP command will exit with a 0 exit code if no vulnerabilities were found\. -.P -If vulnerabilities were found the exit code will depend on the \fBaudit\-level\fP -configuration setting\. .SS See Also .RS 0 .IP \(bu 2 diff --git a/deps/npm/man/man1/npm-bugs.1 b/deps/npm/man/man1/npm-bugs.1 index 31c1da17b36311..9f2b3e0b572898 100644 --- a/deps/npm/man/man1/npm-bugs.1 +++ b/deps/npm/man/man1/npm-bugs.1 @@ -1,6 +1,6 @@ .TH "NPM\-BUGS" "1" "October 2020" "" "" .SH "NAME" -\fBnpm-bugs\fR \- Bugs for a package in a web browser maybe +\fBnpm-bugs\fR \- Report bugs for a package in a web browser .SS Synopsis .P .RS 2 @@ -12,10 +12,10 @@ aliases: issues .RE .SS Description .P -This command tries to guess at the likely location of a package's -bug tracker URL, and then tries to open it using the \fB\-\-browser\fP -config param\. If no package name is provided, it will search for -a \fBpackage\.json\fP in the current folder and use the \fBname\fP property\. +This command tries to guess at the likely location of a package's bug +tracker URL, and then tries to open it using the \fB\-\-browser\fP config param\. +If no package name is provided, it will search for a \fBpackage\.json\fP in the +current folder and use the \fBname\fP property\. .SS Configuration .SS browser .RS 0 diff --git a/deps/npm/man/man1/npm-bundle.1 b/deps/npm/man/man1/npm-bundle.1 deleted file mode 100644 index 7fef018422c7b8..00000000000000 --- a/deps/npm/man/man1/npm-bundle.1 +++ /dev/null @@ -1,16 +0,0 @@ -.TH "NPM\-BUNDLE" "1" "October 2020" "" "" -.SH "NAME" -\fBnpm-bundle\fR \- REMOVED -.SS Description -.P -The \fBnpm bundle\fP command has been removed in 1\.0, for the simple reason -that it is no longer necessary, as the default behavior is now to -install packages into the local space\. -.P -Just use \fBnpm install\fP now to do what \fBnpm bundle\fP used to do\. -.SS See Also -.RS 0 -.IP \(bu 2 -npm help install - -.RE diff --git a/deps/npm/man/man1/npm-cache.1 b/deps/npm/man/man1/npm-cache.1 index 69eaabba2f53fe..a7c3be23902eb5 100644 --- a/deps/npm/man/man1/npm-cache.1 +++ b/deps/npm/man/man1/npm-cache.1 @@ -10,7 +10,7 @@ npm cache add npm cache add npm cache add @ -npm cache clean [] +npm cache clean aliases: npm cache clear, npm cache rm npm cache verify @@ -27,41 +27,45 @@ intended to be used internally by npm, but it can provide a way to add data to the local installation cache explicitly\. .IP \(bu 2 clean: -Delete all data out of the cache folder\. +Delete all data out of the cache folder\. Note that this is typically +unnecessary, as npm's cache is self\-healing and resistant to data +corruption issues\. .IP \(bu 2 verify: -Verify the contents of the cache folder, garbage collecting any unneeded data, -and verifying the integrity of the cache index and all cached data\. +Verify the contents of the cache folder, garbage collecting any unneeded +data, and verifying the integrity of the cache index and all cached data\. .RE .SS Details .P npm stores cache data in an opaque directory within the configured \fBcache\fP, -named \fB_cacache\fP\|\. This directory is a \fBcacache\fP\-based content\-addressable cache -that stores all http request data as well as other package\-related data\. This -directory is primarily accessed through \fBpacote\fP, the library responsible for -all package fetching as of npm@5\. +named \fB_cacache\fP\|\. This directory is a +\fBcacache\fP \fIhttp://npm\.im/cacache\fR\-based content\-addressable cache that +stores all http request data as well as other package\-related data\. This +directory is primarily accessed through \fBpacote\fP, the library responsible +for all package fetching as of npm@5\. .P -All data that passes through the cache is fully verified for integrity on both -insertion and extraction\. Cache corruption will either trigger an error, or -signal to \fBpacote\fP that the data must be refetched, which it will do -automatically\. For this reason, it should never be necessary to clear the cache -for any reason other than reclaiming disk space, thus why \fBclean\fP now requires -\fB\-\-force\fP to run\. +All data that passes through the cache is fully verified for integrity on +both insertion and extraction\. Cache corruption will either trigger an +error, or signal to \fBpacote\fP that the data must be refetched, which it will +do automatically\. For this reason, it should never be necessary to clear +the cache for any reason other than reclaiming disk space, thus why \fBclean\fP +now requires \fB\-\-force\fP to run\. .P -There is currently no method exposed through npm to inspect or directly manage -the contents of this cache\. In order to access it, \fBcacache\fP must be used -directly\. +There is currently no method exposed through npm to inspect or directly +manage the contents of this cache\. In order to access it, \fBcacache\fP must be +used directly\. .P npm will not remove data by itself: the cache will grow as new packages are installed\. .SS A note about the cache's design .P -The npm cache is strictly a cache: it should not be relied upon as a persistent -and reliable data store for package data\. npm makes no guarantee that a -previously\-cached piece of data will be available later, and will automatically -delete corrupted contents\. The primary guarantee that the cache makes is that, -if it does return data, that data will be exactly the data that was inserted\. +The npm cache is strictly a cache: it should not be relied upon as a +persistent and reliable data store for package data\. npm makes no guarantee +that a previously\-cached piece of data will be available later, and will +automatically delete corrupted contents\. The primary guarantee that the +cache makes is that, if it does return data, that data will be exactly the +data that was inserted\. .P To run an offline verification of existing cache contents, use \fBnpm cache verify\fP\|\. @@ -89,5 +93,9 @@ npm help pack https://npm\.im/cacache .IP \(bu 2 https://npm\.im/pacote +.IP \(bu 2 +https://npm\.im/@npmcli/arborist +.IP \(bu 2 +https://npm\.im/make\-fetch\-happen .RE diff --git a/deps/npm/man/man1/npm-ci.1 b/deps/npm/man/man1/npm-ci.1 index 9d47aeaa300ad9..56eb9ae6e95aa9 100644 --- a/deps/npm/man/man1/npm-ci.1 +++ b/deps/npm/man/man1/npm-ci.1 @@ -7,6 +7,41 @@ .nf npm ci .fi +.RE +.SS Description +.P +This command is similar to npm help \fBinstall\fP, except +it's meant to be used in automated environments such as test platforms, +continuous integration, and deployment \-\- or any situation where you want +to make sure you're doing a clean install of your dependencies\. +.P +\fBnpm ci\fP will be significantly faster when: +.RS 0 +.IP \(bu 2 +There is a \fBpackage\-lock\.json\fP or \fBnpm\-shrinkwrap\.json\fP file\. +.IP \(bu 2 +The \fBnode_modules\fP folder is missing or empty\. + +.RE +.P +In short, the main differences between using \fBnpm install\fP and \fBnpm ci\fP are: +.RS 0 +.IP \(bu 2 +The project \fBmust\fR have an existing \fBpackage\-lock\.json\fP or +\fBnpm\-shrinkwrap\.json\fP\|\. +.IP \(bu 2 +If dependencies in the package lock do not match those in \fBpackage\.json\fP, +\fBnpm ci\fP will exit with an error, instead of updating the package lock\. +.IP \(bu 2 +\fBnpm ci\fP can only install entire projects at a time: individual +dependencies cannot be added with this command\. +.IP \(bu 2 +If a \fBnode_modules\fP is already present, it will be automatically removed +before \fBnpm ci\fP begins its install\. +.IP \(bu 2 +It will never write to \fBpackage\.json\fP or any of the package\-locks: +installs are essentially frozen\. + .RE .SS Example .P @@ -42,30 +77,6 @@ cache: directories: \- "$HOME/\.npm" .fi -.RE -.SS Description -.P -This command is similar to npm help \fBinstall\fP, except it's meant to be used in -automated environments such as test platforms, continuous integration, and -deployment \-\- or any situation where you want to make sure you're doing a clean -install of your dependencies\. It can be significantly faster than a regular npm -install by skipping certain user\-oriented features\. It is also more strict than -a regular install, which can help catch errors or inconsistencies caused by the -incrementally\-installed local environments of most npm users\. -.P -In short, the main differences between using \fBnpm install\fP and \fBnpm ci\fP are: -.RS 0 -.IP \(bu 2 -The project \fBmust\fR have an existing \fBpackage\-lock\.json\fP or \fBnpm\-shrinkwrap\.json\fP\|\. -.IP \(bu 2 -If dependencies in the package lock do not match those in \fBpackage\.json\fP, \fBnpm ci\fP will exit with an error, instead of updating the package lock\. -.IP \(bu 2 -\fBnpm ci\fP can only install entire projects at a time: individual dependencies cannot be added with this command\. -.IP \(bu 2 -If a \fBnode_modules\fP is already present, it will be automatically removed before \fBnpm ci\fP begins its install\. -.IP \(bu 2 -It will never write to \fBpackage\.json\fP or any of the package\-locks: installs are essentially frozen\. - .RE .SS See Also .RS 0 diff --git a/deps/npm/man/man1/npm-config.1 b/deps/npm/man/man1/npm-config.1 index f53e960ecc1d96..01706fc3527b1b 100644 --- a/deps/npm/man/man1/npm-config.1 +++ b/deps/npm/man/man1/npm-config.1 @@ -21,10 +21,11 @@ aliases: c npm gets its config settings from the command line, environment variables, \fBnpmrc\fP files, and in some cases, the \fBpackage\.json\fP file\. .P -See npm help npmrc for more information about the npmrc files\. +See npm help npmrc for more information about the npmrc +files\. .P -See npm help config for a more thorough discussion of the mechanisms -involved\. +See npm help config(7) for a more thorough explanation of the +mechanisms involved, and a full list of config options available\. .P The \fBnpm config\fP command can be used to update and edit the contents of the user and global npmrc files\. diff --git a/deps/npm/man/man1/npm-dedupe.1 b/deps/npm/man/man1/npm-dedupe.1 index ef0eb25b0c264b..09888a6b9b3252 100644 --- a/deps/npm/man/man1/npm-dedupe.1 +++ b/deps/npm/man/man1/npm-dedupe.1 @@ -54,8 +54,6 @@ be deleted\. .P Arguments are ignored\. Dedupe always acts on the entire tree\. .P -Modules -.P Note that this operation transforms the dependency tree, but will never result in new modules being installed\. .P diff --git a/deps/npm/man/man1/npm-init.1 b/deps/npm/man/man1/npm-init.1 index 98368ceef93e98..84ec79cf1b9d11 100644 --- a/deps/npm/man/man1/npm-init.1 +++ b/deps/npm/man/man1/npm-init.1 @@ -79,7 +79,7 @@ will create a scoped package\. .SS See Also .RS 0 .IP \(bu 2 -https://github\.com/isaacs/init\-package\-json +https://github\.com/npm/init\-package\-json .IP \(bu 2 npm help package\.json .IP \(bu 2 diff --git a/deps/npm/man/man1/npm-install.1 b/deps/npm/man/man1/npm-install.1 index 622f43eccfe229..c4422d0fa82279 100644 --- a/deps/npm/man/man1/npm-install.1 +++ b/deps/npm/man/man1/npm-install.1 @@ -18,7 +18,7 @@ npm install npm install aliases: npm i, npm add -common options: [\-P|\-\-save\-prod|\-D|\-\-save\-dev|\-O|\-\-save\-optional] [\-E|\-\-save\-exact] [\-B|\-\-save\-bundle] [\-\-no\-save] [\-\-dry\-run] +common options: [\-P|\-\-save\-prod|\-D|\-\-save\-dev|\-O|\-\-save\-optional|\-\-save\-peer] [\-E|\-\-save\-exact] [\-B|\-\-save\-bundle] [\-\-no\-save] [\-\-dry\-run] .fi .RE .SS Description diff --git a/deps/npm/man/man1/npm-ls.1 b/deps/npm/man/man1/npm-ls.1 index 60574632dbbf29..7cc942293d34f4 100644 --- a/deps/npm/man/man1/npm-ls.1 +++ b/deps/npm/man/man1/npm-ls.1 @@ -22,7 +22,7 @@ For example, running \fBnpm ls promzard\fP in npm's source tree will show: .P .RS 2 .nf - npm@7\.0\.2 /path/to/npm + npm@7\.0\.3 /path/to/npm └─┬ init\-package\-json@0\.0\.4 └── promzard@0\.1\.5 .fi diff --git a/deps/npm/man/man1/npm.1 b/deps/npm/man/man1/npm.1 index e236d2a9396aa3..175d1ee4c221c7 100644 --- a/deps/npm/man/man1/npm.1 +++ b/deps/npm/man/man1/npm.1 @@ -10,7 +10,7 @@ npm [args] .RE .SS Version .P -7\.0\.2 +7\.0\.3 .SS Description .P npm is the package manager for the Node JavaScript platform\. It puts diff --git a/deps/npm/man/man5/package-json.5 b/deps/npm/man/man5/package-json.5 index a0d3a854451919..586003d82d536b 100644 --- a/deps/npm/man/man5/package-json.5 +++ b/deps/npm/man/man5/package-json.5 @@ -61,7 +61,7 @@ Changes to the package should come along with changes to the version\. If you do plan to publish your package, the name and version fields are optional\. .P Version must be parseable by -node\-semver \fIhttps://github\.com/isaacs/node\-semver\fR, which is bundled +node\-semver \fIhttps://github\.com/npm/node\-semver\fR, which is bundled with npm as a dependency\. (\fBnpm install semver\fP to use it yourself\.) .P More on version numbers and ranges at npm help semver\. diff --git a/deps/npm/node_modules/node-gyp/CHANGELOG.md b/deps/npm/node_modules/node-gyp/CHANGELOG.md index dd357e32f1b3e0..733a4b5dd6ad31 100644 --- a/deps/npm/node_modules/node-gyp/CHANGELOG.md +++ b/deps/npm/node_modules/node-gyp/CHANGELOG.md @@ -1,3 +1,9 @@ +v7.1.2 2020-10-17 +================= + +* [[`096e3aded5`](https://github.com/nodejs/node-gyp/commit/096e3aded5)] - **gyp**: update gyp to 0.6.2 (Myles Borins) [#2241](https://github.com/nodejs/node-gyp/pull/2241) +* [[`54f97cd243`](https://github.com/nodejs/node-gyp/commit/54f97cd243)] - **doc**: add cmd to reset `xcode-select` to initial state (Valera Rozuvan) [#2235](https://github.com/nodejs/node-gyp/pull/2235) + v7.1.1 2020-10-15 ================= diff --git a/deps/npm/node_modules/node-gyp/CONTRIBUTING.md b/deps/npm/node_modules/node-gyp/CONTRIBUTING.md new file mode 100644 index 00000000000000..c1c50eab4e58b7 --- /dev/null +++ b/deps/npm/node_modules/node-gyp/CONTRIBUTING.md @@ -0,0 +1,34 @@ +# Contributing to node-gyp + +## Code of Conduct + +Please read the +[Code of Conduct](https://github.com/nodejs/admin/blob/master/CODE_OF_CONDUCT.md) +which explains the minimum behavior expectations for node-gyp contributors. + + +## Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. diff --git a/deps/npm/node_modules/node-gyp/gyp/.github/workflows/release-please.yml b/deps/npm/node_modules/node-gyp/gyp/.github/workflows/release-please.yml new file mode 100644 index 00000000000000..a414c10e156360 --- /dev/null +++ b/deps/npm/node_modules/node-gyp/gyp/.github/workflows/release-please.yml @@ -0,0 +1,16 @@ +on: + push: + branches: + - master + +name: release-please +jobs: + release-please: + runs-on: ubuntu-latest + steps: + - uses: GoogleCloudPlatform/release-please-action@v2.5.6 + with: + token: ${{ secrets.GITHUB_TOKEN }} + release-type: python + package-name: gyp-next + bump-minor-pre-major: Yes diff --git a/deps/npm/node_modules/node-gyp/gyp/CODE_OF_CONDUCT.md b/deps/npm/node_modules/node-gyp/gyp/CODE_OF_CONDUCT.md new file mode 100644 index 00000000000000..4c211405596cb4 --- /dev/null +++ b/deps/npm/node_modules/node-gyp/gyp/CODE_OF_CONDUCT.md @@ -0,0 +1,4 @@ +# Code of Conduct + +* [Node.js Code of Conduct](https://github.com/nodejs/admin/blob/master/CODE_OF_CONDUCT.md) +* [Node.js Moderation Policy](https://github.com/nodejs/admin/blob/master/Moderation-Policy.md) diff --git a/deps/npm/node_modules/node-gyp/gyp/CONTRIBUTING.md b/deps/npm/node_modules/node-gyp/gyp/CONTRIBUTING.md new file mode 100644 index 00000000000000..f9dd574a47cd9d --- /dev/null +++ b/deps/npm/node_modules/node-gyp/gyp/CONTRIBUTING.md @@ -0,0 +1,32 @@ +# Contributing to gyp-next + +## Code of Conduct + +This project is bound to the [Node.js Code of Conduct](https://github.com/nodejs/admin/blob/master/CODE_OF_CONDUCT.md). + + +## Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. diff --git a/deps/npm/node_modules/node-gyp/macOS_Catalina.md b/deps/npm/node_modules/node-gyp/macOS_Catalina.md index 79bf6ff50be09b..ca2fd234733dd1 100644 --- a/deps/npm/node_modules/node-gyp/macOS_Catalina.md +++ b/deps/npm/node_modules/node-gyp/macOS_Catalina.md @@ -89,12 +89,13 @@ There are three ways to install the Xcode libraries `node-gyp` needs on macOS. P ### I did all that and the acid test still does not pass :-( 1. `sudo rm -rf $(xcode-select -print-path)` # Enter root password. No output is normal. 2. `sudo rm -rf /Library/Developer/CommandLineTools` # Enter root password. -2. `xcode-select --install` -3. If the [_acid test_ steps above](#The-acid-test) still does _not_ pass then... -4. `npm explore npm -g -- npm install node-gyp@latest` -5. `npm explore npm -g -- npm explore npm-lifecycle -- npm install node-gyp@latest` -6. If the _acid test_ still does _not_ pass then... -7. Add a comment to https://github.com/nodejs/node-gyp/issues/1927 so we can improve. +3. `xcode-select --reset` +4. `xcode-select --install` +5. If the [_acid test_ steps above](#The-acid-test) still does _not_ pass then... +6. `npm explore npm -g -- npm install node-gyp@latest` +7. `npm explore npm -g -- npm explore npm-lifecycle -- npm install node-gyp@latest` +8. If the _acid test_ still does _not_ pass then... +9. Add a comment to https://github.com/nodejs/node-gyp/issues/1927 so we can improve. Lessons learned from: * https://github.com/nodejs/node-gyp/issues/1779 diff --git a/deps/npm/node_modules/node-gyp/package.json b/deps/npm/node_modules/node-gyp/package.json index b50ceb42bea871..8e256f01702f02 100644 --- a/deps/npm/node_modules/node-gyp/package.json +++ b/deps/npm/node_modules/node-gyp/package.json @@ -11,7 +11,7 @@ "bindings", "gyp" ], - "version": "7.1.1", + "version": "7.1.2", "installVersion": 9, "author": "Nathan Rajlich (http://tootallnate.net)", "repository": { diff --git a/deps/npm/package.json b/deps/npm/package.json index 04803063a6535d..176329a2578aeb 100644 --- a/deps/npm/package.json +++ b/deps/npm/package.json @@ -1,5 +1,5 @@ { - "version": "7.0.2", + "version": "7.0.3", "name": "npm", "description": "a package manager for JavaScript", "keywords": [ @@ -81,7 +81,7 @@ "mkdirp": "^1.0.4", "mkdirp-infer-owner": "^2.0.0", "ms": "^2.1.2", - "node-gyp": "^7.1.1", + "node-gyp": "^7.1.2", "nopt": "^5.0.0", "normalize-package-data": "^3.0.0", "npm-audit-report": "^2.1.4", diff --git a/deps/npm/test/lib/ls.js b/deps/npm/test/lib/ls.js index db4ba81eecc17f..6a91e8c3520cd0 100644 --- a/deps/npm/test/lib/ls.js +++ b/deps/npm/test/lib/ls.js @@ -2476,6 +2476,11 @@ t.test('ls --json', (t) => { }, 'should output json contaning only occurences of filtered by package' ) + t.equal( + process.exitCode, + 0, + 'should exit with error code 0' + ) t.end() }) }) diff --git a/deps/npm/test/lib/run-script.js b/deps/npm/test/lib/run-script.js index 0bb0c056b006b8..9f48b8f59bbebe 100644 --- a/deps/npm/test/lib/run-script.js +++ b/deps/npm/test/lib/run-script.js @@ -284,13 +284,13 @@ t.test('run silent', async t => { t.match(RUN_SCRIPTS, [ { event: 'preenv', - stdio: 'pipe' + stdio: 'inherit' }, { path: npm.localPrefix, args: [], scriptShell: undefined, - stdio: 'pipe', + stdio: 'inherit', stdioString: true, pkg: { name: 'x', version: '1.2.3', _id: 'x@1.2.3', scripts: { env: 'env' @@ -299,7 +299,7 @@ t.test('run silent', async t => { }, { event: 'postenv', - stdio: 'pipe' + stdio: 'inherit' } ]) })