Skip to content

Commit

Permalink
deps: upgrade npm to 8.1.4
Browse files Browse the repository at this point in the history
PR-URL: nodejs#40865
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
  • Loading branch information
npm-robot authored and targos committed Nov 22, 2021
1 parent bad6526 commit 8a03482
Show file tree
Hide file tree
Showing 353 changed files with 8,547 additions and 7,424 deletions.
15 changes: 9 additions & 6 deletions deps/npm/bin/npx-cli.js
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ const removed = new Set([

const { definitions, shorthands } = require('../lib/utils/config/index.js')
const npmSwitches = Object.entries(definitions)
.filter(([key, {type}]) => type === Boolean ||
.filter(([key, { type }]) => type === Boolean ||
(Array.isArray(type) && type.includes(Boolean)))
.map(([key]) => key)

Expand Down Expand Up @@ -65,9 +65,9 @@ let i
let sawRemovedFlags = false
for (i = 3; i < process.argv.length; i++) {
const arg = process.argv[i]
if (arg === '--')
if (arg === '--') {
break
else if (/^-/.test(arg)) {
} else if (/^-/.test(arg)) {
const [key, ...v] = arg.replace(/^-+/, '').split('=')

switch (key) {
Expand All @@ -87,8 +87,9 @@ for (i = 3; i < process.argv.length; i++) {
// resolve shorthands and run again
if (shorthands[key] && !removed.has(key)) {
const a = [...shorthands[key]]
if (v.length)
if (v.length) {
a.push(v.join('='))
}
process.argv.splice(i, 1, ...a)
i--
continue
Expand All @@ -109,8 +110,9 @@ for (i = 3; i < process.argv.length; i++) {
if (removed.has(key)) {
// also remove the value for the cut key.
process.argv.splice(i + 1, 1)
} else
} else {
i++
}
}
} else {
// found a positional arg, put -- in front of it, and we're done
Expand All @@ -119,7 +121,8 @@ for (i = 3; i < process.argv.length; i++) {
}
}

if (sawRemovedFlags)
if (sawRemovedFlags) {
console.error('See `npm help exec` for more information')
}

cli(process)
2 changes: 1 addition & 1 deletion deps/npm/docs/content/commands/npm-install.md
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ into a tarball (b).

* `npm install` (in a package directory, no arguments):

Install the dependencies in the local `node_modules` folder.
Install the dependencies to the local `node_modules` folder.

In global mode (ie, with `-g` or `--global` appended to the command),
it installs the current package context (ie, the current working
Expand Down
2 changes: 2 additions & 0 deletions deps/npm/docs/content/using-npm/developers.md
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,9 @@ need to add them to `.npmignore` explicitly:
* `._*`
* `.DS_Store`
* `.git`
* `.gitignore`
* `.hg`
* `.npmignore`
* `.npmrc`
* `.lock-wscript`
* `.svn`
Expand Down
11 changes: 6 additions & 5 deletions deps/npm/docs/output/commands/npm-access.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<html><head>
<!DOCTYPE html><html><head>
<meta charset="utf-8">
<title>npm-access</title>
<style>
body {
Expand Down Expand Up @@ -181,7 +182,7 @@ <h3 id="description">Description</h3>
<li>
<p>ls-packages:
Show all of the packages a user or a team is able to access, along with the
access level, except for read-only public packages (it wont print the whole
access level, except for read-only public packages (it won't print the whole
registry listing)</p>
</li>
<li>
Expand Down Expand Up @@ -209,7 +210,7 @@ <h3 id="details">Details</h3>
<li>You have been given read-write privileges for a package, either as a member
of a team or directly as an owner.</li>
</ul>
<p>If you have two-factor authentication enabled then youll be prompted to
<p>If you have two-factor authentication enabled then you'll be prompted to
provide an otp token, or may use the <code>--otp=...</code> option to specify it on
the command line.</p>
<p>If your account is not paid, then attempts to publish scoped packages will
Expand All @@ -222,7 +223,7 @@ <h3 id="configuration">Configuration</h3>
<!-- raw HTML omitted -->
<h4 id="registry"><code>registry</code></h4>
<ul>
<li>Default: <a href="https://registry.npmjs.org/">https://registry.npmjs.org/</a></li>
<li>Default: "<a href="https://registry.npmjs.org/">https://registry.npmjs.org/</a>"</li>
<li>Type: URL</li>
</ul>
<p>The base URL of the npm registry.</p>
Expand All @@ -233,7 +234,7 @@ <h4 id="otp"><code>otp</code></h4>
<li>Default: null</li>
<li>Type: null or String</li>
</ul>
<p>This is a one-time password from a two-factor authenticator. Its needed
<p>This is a one-time password from a two-factor authenticator. It's needed
when publishing or changing package permissions with <code>npm access</code>.</p>
<p>If not set, and a registry response fails with a challenge for a one-time
password, npm will prompt on the command line for one.</p>
Expand Down
7 changes: 4 additions & 3 deletions deps/npm/docs/output/commands/npm-adduser.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<html><head>
<!DOCTYPE html><html><head>
<meta charset="utf-8">
<title>npm-adduser</title>
<style>
body {
Expand Down Expand Up @@ -168,15 +169,15 @@ <h3 id="configuration">Configuration</h3>
<!-- raw HTML omitted -->
<h4 id="registry"><code>registry</code></h4>
<ul>
<li>Default: <a href="https://registry.npmjs.org/">https://registry.npmjs.org/</a></li>
<li>Default: "<a href="https://registry.npmjs.org/">https://registry.npmjs.org/</a>"</li>
<li>Type: URL</li>
</ul>
<p>The base URL of the npm registry.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="scope"><code>scope</code></h4>
<ul>
<li>Default: the scope of the current project, if any, or “”</li>
<li>Default: the scope of the current project, if any, or ""</li>
<li>Type: String</li>
</ul>
<p>Associate an operation with a scope for a scoped registry.</p>
Expand Down
27 changes: 14 additions & 13 deletions deps/npm/docs/output/commands/npm-audit.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<html><head>
<!DOCTYPE html><html><head>
<meta charset="utf-8">
<title>npm-audit</title>
<style>
body {
Expand Down Expand Up @@ -159,13 +160,13 @@ <h3 id="description">Description</h3>
<p>The command will exit with a 0 exit code if no vulnerabilities were found.</p>
<p>Note that some vulnerabilities cannot be fixed automatically and will
require manual intervention or review. Also note that since <code>npm audit fix</code> runs a full-fledged <code>npm install</code> under the hood, all configs that
apply to the installer will also apply to <code>npm install</code> so things like
apply to the installer will also apply to <code>npm install</code> -- so things like
<code>npm audit fix --package-lock-only</code> will work as expected.</p>
<p>By default, the audit command will exit with a non-zero code if any
vulnerability is found. It may be useful in CI environments to include the
<code>--audit-level</code> parameter to specify the minimum vulnerability level that
will cause the command to fail. This option does not filter the report
output, it simply changes the commands failure threshold.</p>
output, it simply changes the command's failure threshold.</p>
<h3 id="audit-endpoints">Audit Endpoints</h3>
<p>There are two audit endpoints that npm may use to fetch vulnerability
information: the <code>Bulk Advisory</code> endpoint and the <code>Quick Audit</code> endpoint.</p>
Expand Down Expand Up @@ -203,7 +204,7 @@ <h4 id="quick-audit-endpoint">Quick Audit Endpoint</h4>
<p>All packages in the tree are submitted to the Quick Audit endpoint.
Omitted dependency types are skipped when generating the report.</p>
<h4 id="scrubbing">Scrubbing</h4>
<p>Out of an abundance of caution, npm versions 5 and 6 would scrub any
<p>Out of an abundance of caution, npm versions 5 and 6 would "scrub" any
packages from the submitted report if their name contained a <code>/</code> character,
so as to avoid leaking the names of potentially private packages or git
URLs.</p>
Expand All @@ -215,12 +216,12 @@ <h4 id="scrubbing">Scrubbing</h4>
<h4 id="calculating-meta-vulnerabilities-and-remediations">Calculating Meta-Vulnerabilities and Remediations</h4>
<p>npm uses the
<a href="http://npm.im/@npmcli/metavuln-calculator"><code>@npmcli/metavuln-calculator</code></a>
module to turn a set of security advisories into a set of vulnerability
objects. A meta-vulnerability is a dependency that is vulnerable by
module to turn a set of security advisories into a set of "vulnerability"
objects. A "meta-vulnerability" is a dependency that is vulnerable by
virtue of dependence on vulnerable versions of a vulnerable package.</p>
<p>For example, if the package <code>foo</code> is vulnerable in the range <code>&gt;=1.0.2 &lt;2.0.0</code>, and the package <code>bar</code> depends on <code>foo@^1.1.0</code>, then that version
of <code>bar</code> can only be installed by installing a vulnerable version of <code>foo</code>.
In this case, <code>bar</code> is a metavulnerability.</p>
In this case, <code>bar</code> is a "metavulnerability".</p>
<p>Once metavulnerabilities for a given package are calculated, they are
cached in the <code>~/.npm</code> folder and only re-evaluated if the advisory range
changes, or a new version of the package is published (in which case, the
Expand Down Expand Up @@ -275,7 +276,7 @@ <h3 id="configuration">Configuration</h3>
<h4 id="audit-level"><code>audit-level</code></h4>
<ul>
<li>Default: null</li>
<li>Type: null, info”, “low”, “moderate”, “high”, “critical, or none</li>
<li>Type: null, "info", "low", "moderate", "high", "critical", or "none"</li>
</ul>
<p>The minimum level of vulnerability for <code>npm audit</code> to exit with a non-zero
exit code.</p>
Expand All @@ -286,7 +287,7 @@ <h4 id="dry-run"><code>dry-run</code></h4>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Indicates that you dont want npm to make any changes and that it should
<p>Indicates that you don't want npm to make any changes and that it should
only report what it would have done. This can be passed into any of the
commands that modify your local installation, eg, <code>install</code>, <code>update</code>,
<code>dedupe</code>, <code>uninstall</code>, as well as <code>pack</code> and <code>publish</code>.</p>
Expand Down Expand Up @@ -316,7 +317,7 @@ <h4 id="force"><code>force</code></h4>
<li>Implicitly set <code>--yes</code> during <code>npm init</code>.</li>
<li>Allow clobbering existing values in <code>npm pkg</code></li>
</ul>
<p>If you dont have a clear idea of what you want to do, it is strongly
<p>If you don't have a clear idea of what you want to do, it is strongly
recommended that you do not use this option!</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
Expand Down Expand Up @@ -348,9 +349,9 @@ <h4 id="package-lock-only"><code>package-lock-only</code></h4>
<!-- raw HTML omitted -->
<h4 id="omit"><code>omit</code></h4>
<ul>
<li>Default: dev if the <code>NODE_ENV</code> environment variable is set to
production, otherwise empty.</li>
<li>Type: dev”, “optional, or peer (can be set multiple times)</li>
<li>Default: 'dev' if the <code>NODE_ENV</code> environment variable is set to
'production', otherwise empty.</li>
<li>Type: "dev", "optional", or "peer" (can be set multiple times)</li>
</ul>
<p>Dependency types to omit from the installation tree on disk.</p>
<p>Note that these dependencies <em>are</em> still resolved and added to the
Expand Down
5 changes: 3 additions & 2 deletions deps/npm/docs/output/commands/npm-bin.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<html><head>
<!DOCTYPE html><html><head>
<meta charset="utf-8">
<title>npm-bin</title>
<style>
body {
Expand Down Expand Up @@ -159,7 +160,7 @@ <h4 id="global"><code>global</code></h4>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Operates in global mode, so that packages are installed into the <code>prefix</code>
<p>Operates in "global" mode, so that packages are installed into the <code>prefix</code>
folder instead of the current working directory. See
<a href="../configuring-npm/folders.html">folders</a> for more on the differences in behavior.</p>
<ul>
Expand Down
7 changes: 4 additions & 3 deletions deps/npm/docs/output/commands/npm-bugs.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<html><head>
<!DOCTYPE html><html><head>
<meta charset="utf-8">
<title>npm-bugs</title>
<style>
body {
Expand Down Expand Up @@ -150,7 +151,7 @@ <h2 id="table-of-contents">Table of contents</h2>
aliases: issues
</code></pre>
<h3 id="description">Description</h3>
<p>This command tries to guess at the likely location of a packages bug
<p>This command tries to guess at the likely location of a package's bug
tracker URL or the <code>mailto</code> URL of the support email, and then tries to
open it using the <code>--browser</code> config param. If no package name is provided, it
will search for a <code>package.json</code> in the current folder and use the <code>name</code> property.</p>
Expand All @@ -171,7 +172,7 @@ <h4 id="browser"><code>browser</code></h4>
<!-- raw HTML omitted -->
<h4 id="registry"><code>registry</code></h4>
<ul>
<li>Default: <a href="https://registry.npmjs.org/">https://registry.npmjs.org/</a></li>
<li>Default: "<a href="https://registry.npmjs.org/">https://registry.npmjs.org/</a>"</li>
<li>Type: URL</li>
</ul>
<p>The base URL of the npm registry.</p>
Expand Down
11 changes: 6 additions & 5 deletions deps/npm/docs/output/commands/npm-cache.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<html><head>
<!DOCTYPE html><html><head>
<meta charset="utf-8">
<title>npm-cache</title>
<style>
body {
Expand Down Expand Up @@ -141,7 +142,7 @@ <h1 id="npm-cache">npm-cache</h1>

<section id="table_of_contents">
<h2 id="table-of-contents">Table of contents</h2>
<div id="_table_of_contents"><ul><li><a href="#synopsis">Synopsis</a></li><li><a href="#description">Description</a></li><li><a href="#details">Details</a></li><li><a href="#a-note-about-the-caches-design">A note about the caches design</a></li><li><a href="#configuration">Configuration</a></li><ul><li><a href="#cache"><code>cache</code></a></li></ul><li><a href="#see-also">See Also</a></li></ul></div>
<div id="_table_of_contents"><ul><li><a href="#synopsis">Synopsis</a></li><li><a href="#description">Description</a></li><li><a href="#details">Details</a></li><li><a href="#a-note-about-the-caches-design">A note about the cache's design</a></li><li><a href="#configuration">Configuration</a></li><ul><li><a href="#cache"><code>cache</code></a></li></ul><li><a href="#see-also">See Also</a></li></ul></div>
</section>

<div id="_content"><h3 id="synopsis">Synopsis</h3>
Expand All @@ -168,7 +169,7 @@ <h3 id="description">Description</h3>
<li>
<p>clean:
Delete all data out of the cache folder. Note that this is typically
unnecessary, as npms cache is self-healing and resistant to data
unnecessary, as npm's cache is self-healing and resistant to data
corruption issues.</p>
</li>
<li>
Expand All @@ -195,7 +196,7 @@ <h3 id="details">Details</h3>
used directly.</p>
<p>npm will not remove data by itself: the cache will grow as new packages are
installed.</p>
<h3 id="a-note-about-the-caches-design">A note about the caches design</h3>
<h3 id="a-note-about-the-caches-design">A note about the cache's design</h3>
<p>The npm cache is strictly a cache: it should not be relied upon as a
persistent and reliable data store for package data. npm makes no guarantee
that a previously-cached piece of data will be available later, and will
Expand All @@ -212,7 +213,7 @@ <h4 id="cache"><code>cache</code></h4>
<li>Default: Windows: <code>%LocalAppData%\npm-cache</code>, Posix: <code>~/.npm</code></li>
<li>Type: Path</li>
</ul>
<p>The location of npms cache directory. See <a href="../commands/npm-cache.html"><code>npm cache</code></a></p>
<p>The location of npm's cache directory. See <a href="../commands/npm-cache.html"><code>npm cache</code></a></p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
Expand Down
13 changes: 7 additions & 6 deletions deps/npm/docs/output/commands/npm-ci.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<html><head>
<!DOCTYPE html><html><head>
<meta charset="utf-8">
<title>npm-ci</title>
<style>
body {
Expand Down Expand Up @@ -149,9 +150,9 @@ <h2 id="table-of-contents">Table of contents</h2>
</code></pre>
<h3 id="description">Description</h3>
<p>This command is similar to <a href="../commands/npm-install.html"><code>npm install</code></a>, except
its meant to be used in automated environments such as test platforms,
continuous integration, and deployment or any situation where you want
to make sure youre doing a clean install of your dependencies.</p>
it's meant to be used in automated environments such as test platforms,
continuous integration, and deployment -- or any situation where you want
to make sure you're doing a clean install of your dependencies.</p>
<p><code>npm ci</code> will be significantly faster when:</p>
<ul>
<li>There is a <code>package-lock.json</code> or <code>npm-shrinkwrap.json</code> file.</li>
Expand Down Expand Up @@ -199,7 +200,7 @@ <h4 id="audit"><code>audit</code></h4>
<li>Default: true</li>
<li>Type: Boolean</li>
</ul>
<p>When true submit audit reports alongside the current npm command to the
<p>When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes. See the
documentation for <a href="../commands/npm-audit.html"><code>npm audit</code></a> for details on what is
submitted.</p>
Expand All @@ -219,7 +220,7 @@ <h4 id="ignore-scripts"><code>ignore-scripts</code></h4>
<!-- raw HTML omitted -->
<h4 id="script-shell"><code>script-shell</code></h4>
<ul>
<li>Default: /bin/sh on POSIX systems, cmd.exe on Windows</li>
<li>Default: '/bin/sh' on POSIX systems, 'cmd.exe' on Windows</li>
<li>Type: null or String</li>
</ul>
<p>The shell to use for scripts run with the <code>npm exec</code>, <code>npm run</code> and <code>npm init &lt;pkg&gt;</code> commands.</p>
Expand Down
5 changes: 3 additions & 2 deletions deps/npm/docs/output/commands/npm-completion.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<html><head>
<!DOCTYPE html><html><head>
<meta charset="utf-8">
<title>npm-completion</title>
<style>
body {
Expand Down Expand Up @@ -162,7 +163,7 @@ <h3 id="description">Description</h3>
<code>/etc/bash_completion.d/npm</code> if you have a system that will read
that file for you.</p>
<p>When <code>COMP_CWORD</code>, <code>COMP_LINE</code>, and <code>COMP_POINT</code> are defined in the
environment, <code>npm completion</code> acts in plumbing mode, and outputs
environment, <code>npm completion</code> acts in "plumbing mode", and outputs
completions based on the arguments.</p>
<h3 id="see-also">See Also</h3>
<ul>
Expand Down
Loading

0 comments on commit 8a03482

Please sign in to comment.