Bump npm from 7.5.4 to 7.6.0

[dependabot]

Bumps npm from 7.5.4 to 7.6.0.

Release notes

Sourced from npm's releases.

v7.5.6 (2021-02-22

BUG FIXES

• 4e58274ed #2742 Do not print error banner for shell proxy commands (@​isaacs)

DOCS

• 3c72ab441 #2749 Capitalize Package in a Heading (@​MrBrain295)

DEPENDENCIES

• f3ae6ed0d read-package-json@3.0.1, read-package-json-fast@2.0.2
• 9b311fe52 #2736 @npmcli/arborist@2.2.4:
  • Do not rely on underscore fields in package.json files
  • Do not remove global packages when updating by name
  • Keep yarn.lock and package-lock.json more in sync

v7.5.5 (2021-02-22)

BUG FIXES

• 49c95375a #2688 fix shrinkwrap in node v10.0 (@​ljharb)
• 00afa3161 #2718 restore the prefix on output from npm version <inc> (@​nlf)
• 69e0c4e8c #2716 throw an error when trying to dedupe in global mode (@​nlf)
• b018eb842 #2719 obey silent loglevel in run-script (@​wraithgar)

DEPENDENCIES

• 8c36697df @npmcli/arborist@2.2.3
  • #1875 arborist#230 Set default advisory severity/vulnerable_range when missing from audit endpoint data (@​isaacs)
  • npm/arborist#231 skip optional deps with mismatched platform or engine (@​nlf)
  • #2251 Unpack shrinkwrapped deps not already unpacked (@​isaacs, @​nlf)
  • #2714 Do not write package.json if nothing changed (@​isaacs)
  • npm/rfcs#324 Prefer peer over prod dep, if both specified (@​isaacs)
  • npm/arborist#236 Fix additional peerOptional conflict cases (@​isaacs)
• d865b101f libnpmpack@2.0.1
  • respect silent loglevel
• e606953e5 libnpmversion@1.0.11
  • respect silent loglevel
• 9c51005a1 npm-package-arg@8.1.1
  • do a better job of detecting git specifiers like git@github.com:npm/cli
• 8b6bf0db4 pacote@11.2.7
  • respect silent loglevel
  • fix INVALID_URL errors for certain git dependencies

TESTS

• 80c2ac995 #2717 refactor publish tests (@​wraithgar)
• 9d81e0ceb #2729 fix typo in shrinkwrap tests (@​eltociear)

DOCUMENTATION

... (truncated)

Changelog

Sourced from npm's changelog.

v7.6.0 (2021-02-25)

FEATURES

• 983d218f7 #2750 feat(explain): mark when dependency is bundled (@​kumavis)

DEPENDENCIES

• b9fa7e32a chore(package-lock): resetdeps and eslint@7.20.0 (@​wraithgar)
• 28d036ae9 arborist@2.2.5
  • fix: hidden lockfiles were not respected on Node v10.0-10.12

DOCUMENTATION

• ba1adef42 #2760 chore(docs): capitalize all Instaces of "package" (@​MrBrain295)
• 8bfa05fa1 #2775 chore(docs): add navigation configuration (@​ethomson)
• 238e474a4 #2778 chore(docs):update unpublish cooldown (@​christoflemke)

v7.5.6 (2021-02-22)

BUG FIXES

• 4e58274ed #2742 Do not print error banner for shell proxy commands (@​isaacs)

DOCS

• 3c72ab441 #2749 Capitalize Package in a Heading (@​MrBrain295)

DEPENDENCIES

... (truncated)

Commits

• 0c881fc 7.6.0
• a1c6a15 update AUTHORS
• 12c57c7 docs: changelog for v7.6.0
• 7906410 fix(test): update hidden package-lock mtime in ls
• bb2f4b3 chore(docs):update unpublish cooldown
• e45242c chore(docs): add navigation configuration
• b7e37f6 chore(docs): capitalize all Instaces of "package"
• 113b131 chore(refactor): promisify completion scripts
• 881a855 feat(explain): mark when dependency is bundled
• 28d036a arborist@2.2.5
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #18.