Bump npm from 6.10.3 to 6.11.3 in /npm_and_yarn/helpers

[dependabot-preview]

Bumps npm from 6.10.3 to 6.11.3.

Release notes

Sourced from npm's releases.

v6.11.2

6.11.2 (2019-08-22):

Fix a recent Windows regression, and two long-standing Windows bugs. Also, get CI running on Windows, so these things are less likely in the future.

DEPENDENCIES

• 9778a1b87 cmd-shim@3.0.3: Fix regression where shims fail to preserve exit code (@​isaacs)
• bf93e91d8 npm-package-arg@6.1.1: Properly handle git+file: urls on Windows when a drive letter is included. (@​isaacs)

BUGFIXES

• 6cc4cc66f escape args properly on Windows Bash Despite being bash, Node.js running on windows git mingw bash still executes child processes using cmd.exe. As a result, arguments in this environment need to be escaped in the style of cmd.exe, not bash. (@​isaacs)

TESTS

• 291aba7b8 make tests pass on Windows (@​isaacs)
• fea3a023a travis: run tests on Windows as well (@​isaacs)

v6.11.1

6.11.1 (2019-08-20):

Fix a regression for windows command shim syntax.

• 37db29647 cmd-shim@3.0.2 (@​isaacs)

v6.11.0 (2019-08-20):

A few meaty bugfixes, and introducing peerDependenciesMeta.

FEATURES

• a12341088 #224 Implements peerDependenciesMeta (@​arcanis)
• 2f3b79bba #234 add new forbidden 403 error code (@​claudiahdz)

BUGFIXES

• 24acc9fc8 and 45772af0d #217 npm.community#8863 npm.community#9327 do not descend into directory deps' child modules, fix shrinkwrap files that inappropriately list child nodes of symlink packages (@​isaacs and @​salomvary)
• 50cfe113d #229 fixed typo in semver doc (@​gall0ws)
• e8fb2a1bd #231 Fix spelling mistakes in CHANGELOG-3.md (@​XhmikosR)
• 769d2e057 npm/uid-number#7 Better error on invalid --user/--group configs. This addresses the issue when people fail to install binary packages on Docker and other environments where there is no 'nobody' user. (@​isaacs)
• 8b43c9624 nodejs/node#28987 npm.community#6032 npm.community#6658 npm.community#6069 npm.community#9323 Fix the regression where random config values in a .npmrc file are not passed to lifecycle scripts, breaking build processes which rely on them. (@​isaacs)
• 8b85eaa47 save files with inferred ownership rather than relying on SUDO_UID and SUDO_GID. (@​isaacs)
• b7f6e5f02 Infer ownership of shrinkwrap files (@​isaacs)
• 54b095d77 #235 Add spec to dist-tag remove function (@​theberbie)

DEPENDENCIES

... (truncated)

Changelog

Sourced from npm's changelog.

6.11.3 (2019-09-03):

Fix npm ci regressions and npm outdated depth.

BUG FIXES

• 235ed1d28
  #239
  Don't override user specified depth in outdated
  Restores ability to update packages using --depth as suggested by npm audit.
  (@​G-Rath)
• 1fafb5151
  #242
  npm.community#9586
  Revert "install: do not descend into directory deps' child modules"
  (@​isaacs)
• cebf542e6
  #243
  npm.community#9720
  ci: pass appropriate configs for file/dir modes
  (@​isaacs)

DEPENDENCIES

• e5fbb7ed1
read-cmd-shim@1.0.4
  (@​claudiahdz)
• 23ce65616
npm-pick-manifest@3.0.2
  (@​claudiahdz)

6.11.2 (2019-08-22):

Fix a recent Windows regression, and two long-standing Windows bugs. Also,
get CI running on Windows, so these things are less likely in the future.

DEPENDENCIES

• 9778a1b87
cmd-shim@3.0.3: Fix regression where shims fail to preserve exit code
  (@​isaacs)
• bf93e91d8
npm-package-arg@6.1.1: Properly handle git+file: urls on Windows when a
  drive letter is included. (@​isaacs)

BUGFIXES

• 6cc4cc66f
  escape args properly on Windows Bash Despite being bash, Node.js running
  on windows git mingw bash still executes child processes using cmd.exe.

... (truncated)

Commits

• b4ff454 6.11.3
• 8d738b4 update AUTHORS
• 5d3aaf0 test: fix outdated-depth test
• fc5fc76 docs: change log for 6.11.3
• cebf542 ci: pass appropriate configs for file/dir modes
• 23ce656 npm-pick-manifest@3.0.2
• e5fbb7e read-cmd-shim@1.0.4
• 1fafb51 Revert "install: do not descend into directory deps' child modules"
• 235ed1d Don't override user specified depth in outdated
• bd6e5d2 6.11.2
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by claudiahdz, a new releaser for npm since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

[greysteil]

Doesn't fix https://npm.community/t/6-11-1-some-dependencies-are-no-longer-being-installed/9586, so we'll skip this.

[dependabot-preview]

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

[feelepxyz]

@greysteil you seen this version not working? Seems people are reporting this version as fixed in the issue you linked to

[greysteil]

Oh cool. Just didn't mention it in the changelog or on the forum (when I looked).

[greysteil]

@dependabot reopen

[greysteil]

@dependabot rebase
@dependabot merge

[dependabot-preview]

This PR is closed - you'll need to reopen it before merging.

[greysteil]

@dependabot merge

[dependabot-preview]

This PR is closed - you'll need to reopen it before merging.

[feelepxyz]

@greysteil nice one!

[greysteil]

@dependabot rebase

[feelepxyz]

Looks like some legit failures, will look into this.

[feelepxyz]

Seems the latest version 6.11.3 breaks updating sub-depedencies by removing the entry from the lockfile and running npm install on it to "fix it". The latest version of npm simply removes all requires of the dependency so results in a broken lockfile for these types of updates.

Looking into what exact change triggered this.

[dependabot-preview]

A newer version of npm exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

[feelepxyz]

This is currently blocked pending a fix in npm: npm/cli#265

[feelepxyz]

This has been fixed in 6.12.1 https://github.com/npm/cli/releases/tag/v6.12.1