deps: upgrade npm to 8.2.0

PR-URL: #41065
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>

deps/npm/docs/content/using-npm/config.md

@@ -1014,8 +1014,8 @@ Ideal if all users are on npm version 7 and higher.
 * Type: "silent", "error", "warn", "notice", "http", "timing", "info",
   "verbose", or "silly"
 
-What level of logs to report. On failure, *all* logs are written to
-`npm-debug.log` in the current working directory.
+What level of logs to report. All logs are written to a debug log, with the
+path to that file printed if the execution of a command fails.
 
 Any logs of a higher level than the setting are shown. The default is
 "notice".
@@ -1387,7 +1387,7 @@ Save installed packages to a package.json file as `optionalDependencies`.
 * Default: false
 * Type: Boolean
 
-Save installed packages. to a package.json file as `peerDependencies`
+Save installed packages to a package.json file as `peerDependencies`
 
 <!-- automatically generated, do not edit manually -->
 <!-- see lib/utils/config/definitions.js -->

deps/npm/docs/content/using-npm/logging.md

@@ -0,0 +1,60 @@
+---
+title: Logging
+section: 7
+description: Why, What & How we Log
+---
+
+### Description
+
+The `npm` CLI has various mechanisms for showing different levels of information back to end-users for certain commands, configurations & environments.
+
+### Setting Log Levels
+
+#### `loglevel`
+
+`loglevel` is a global argument/config that can be set to determine the type of information to be displayed.
+
+The default value of `loglevel` is `"notice"` but there are several levels/types of logs available, including:
+
+- `"silent"`
+- `"error"`
+- `"warn"`
+- `"notice"`
+- `"http"`
+- `"timing"`
+- `"info"`
+- `"verbose"`
+- `"silly"`
+
+All logs pertaining to a level proceeding the current setting will be shown.
+
+All logs are written to a debug log, with the path to that file printed if the execution of a command fails.
+
+##### Aliases
+
+The log levels listed above have various corresponding aliases, including:
+
+- `-d`: `--loglevel info`
+- `--dd`: `--loglevel verbose`
+- `--verbose`: `--loglevel verbose`
+- `--ddd`: `--loglevel silly`
+- `-q`: `--loglevel warn`
+- `--quiet`: `--loglevel warn`
+- `-s`: `--loglevel silent`
+- `--silent`: `--loglevel silent`
+
+#### `foreground-scripts`
+
+The `npm` CLI began hiding the output of lifecycle scripts for `npm install` as of `v7`. Notably, this means you will not see logs/output from packages that may be using "install scripts" to display information back to you or from your own project's scripts defined in `package.json`. If you'd like to change this behavior & log this output you can set `foreground-scripts` to `true`.
+
+### Registry Response Headers
+
+#### `npm-notice`
+
+The `npm` CLI reads from & logs any `npm-notice` headers that are returned from the configured registry. This mechanism can be used by third-party registries to provide useful information when network-dependent requests occur.
+
+This header is not cached, and will not be logged if the request is served from the cache.
+
+### See also
+
+* [config](/using-npm/config)

deps/npm/docs/content/using-npm/scripts.md

@@ -259,7 +259,7 @@ package.json file, then your package scripts would have the
 in your code with `process.env.npm_package_name` and
 `process.env.npm_package_version`, and so on for other fields.
 
-See [`package-json.md`](/configuring-npm/package-json) for more on package configs.
+See [`package.json`](/configuring-npm/package-json) for more on package configs.
 
 #### current lifecycle event
 

deps/npm/docs/content/using-npm/workspaces.md

@@ -8,7 +8,7 @@ description: Working with workspaces
 
 **Workspaces** is a generic term that refers to the set of features in the
 npm cli that provides support to managing multiple packages from your local
-files system from within a singular top-level, root package.
+file system from within a singular top-level, root package.
 
 This set of features makes up for a much more streamlined workflow handling
 linked packages from the local file system. Automating the linking process

deps/npm/docs/output/commands/npm-ls.html

@@ -160,7 +160,7 @@ <h3 id="description">Description</h3>
 the results to only the paths to the packages named.  Note that nested
 packages will <em>also</em> show the paths to the specified packages.  For
 example, running <code>npm ls promzard</code> in npm's source tree will show:</p>
-<pre lang="bash"><code>npm@8.1.4 /path/to/npm
+<pre lang="bash"><code>npm@8.2.0 /path/to/npm
 └─┬ init-package-json@0.0.4
   └── promzard@0.1.5
 </code></pre>

deps/npm/docs/output/commands/npm.html

@@ -149,7 +149,7 @@ <h2 id="table-of-contents">Table of contents</h2>
 <pre lang="bash"><code>npm &lt;command&gt; [args]
 </code></pre>
 <h3 id="version">Version</h3>
-<p>8.1.4</p>
+<p>8.2.0</p>
 <h3 id="description">Description</h3>
 <p>npm is the package manager for the Node JavaScript platform.  It puts
 modules in place so that node can find them, and manages dependency

deps/npm/docs/output/using-npm/config.html

@@ -962,8 +962,8 @@ <h4 id="loglevel"><code>loglevel</code></h4>
 <li>Type: "silent", "error", "warn", "notice", "http", "timing", "info",
 "verbose", or "silly"</li>
 </ul>
-<p>What level of logs to report. On failure, <em>all</em> logs are written to
-<code>npm-debug.log</code> in the current working directory.</p>
+<p>What level of logs to report. All logs are written to a debug log, with the
+path to that file printed if the execution of a command fails.</p>
 <p>Any logs of a higher level than the setting are shown. The default is
 "notice".</p>
 <p>See also the <code>foreground-scripts</code> config.</p>
@@ -1259,7 +1259,7 @@ <h4 id="save-peer"><code>save-peer</code></h4>
 <li>Default: false</li>
 <li>Type: Boolean</li>
 </ul>
-<p>Save installed packages. to a package.json file as <code>peerDependencies</code></p>
+<p>Save installed packages to a package.json file as <code>peerDependencies</code></p>
 <!-- raw HTML omitted -->
 <!-- raw HTML omitted -->
 <h4 id="save-prefix"><code>save-prefix</code></h4>

deps/npm/docs/output/using-npm/logging.html

@@ -0,0 +1,203 @@
+<!DOCTYPE html><html><head>
+<meta charset="utf-8">
+<title>Logging</title>
+<style>
+body {
+    background-color: #ffffff;
+    color: #24292e;
+
+    margin: 0;
+
+    line-height: 1.5;
+
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji";
+}
+#rainbar {
+    height: 10px;
+    background-image: linear-gradient(139deg, #fb8817, #ff4b01, #c12127, #e02aff);
+}
+
+a {
+    text-decoration: none;
+    color: #0366d6;
+}
+a:hover {
+    text-decoration: underline;
+}
+
+pre {
+    margin: 1em 0px;
+    padding: 1em;
+    border: solid 1px #e1e4e8;
+    border-radius: 6px;
+
+    display: block;
+    overflow: auto;
+
+    white-space: pre;
+
+    background-color: #f6f8fa;
+    color: #393a34;
+}
+code {
+    font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;
+    font-size: 85%;
+    padding: 0.2em 0.4em;
+    background-color: #f6f8fa;
+    color: #393a34;
+}
+pre > code {
+    padding: 0;
+    background-color: inherit;
+    color: inherit;
+}
+h1, h2, h3 {
+    font-weight: 600;
+}
+
+#logobar {
+    background-color: #333333;
+    margin: 0 auto;
+    padding: 1em 4em;
+}
+#logobar .logo {
+    float: left;
+}
+#logobar .title {
+    font-weight: 600;
+    color: #dddddd;
+    float: left;
+    margin: 5px 0 0 1em;
+}
+#logobar:after {
+    content: "";
+    display: block;
+    clear: both;
+}
+
+#content {
+    margin: 0 auto;
+    padding: 0 4em;
+}
+
+#table_of_contents > h2 {
+    font-size: 1.17em;
+}
+#table_of_contents ul:first-child {
+    border: solid 1px #e1e4e8;
+    border-radius: 6px;
+    padding: 1em;
+    background-color: #f6f8fa;
+    color: #393a34;
+}
+#table_of_contents ul {
+    list-style-type: none;
+    padding-left: 1.5em;
+}
+#table_of_contents li {
+    font-size: 0.9em;
+}
+#table_of_contents li a {
+    color: #000000;
+}
+
+header.title {
+    border-bottom: solid 1px #e1e4e8;
+}
+header.title > h1 {
+    margin-bottom: 0.25em;
+}
+header.title > .description {
+    display: block;
+    margin-bottom: 0.5em;
+    line-height: 1;
+}
+
+footer#edit {
+    border-top: solid 1px #e1e4e8;
+    margin: 3em 0 4em 0;
+    padding-top: 2em;
+}
+</style>
+</head>
+<body>
+<div id="banner">
+<div id="rainbar"></div>
+<div id="logobar">
+<svg class="logo" role="img" height="32" width="32" viewBox="0 0 700 700">
+<polygon fill="#cb0000" points="0,700 700,700 700,0 0,0"></polygon>
+<polygon fill="#ffffff" points="150,550 350,550 350,250 450,250 450,550 550,550 550,150 150,150"></polygon>
+</svg>
+<div class="title">
+npm command-line interface
+</div>
+</div>
+</div>
+
+<section id="content">
+<header class="title">
+<h1 id="logging">Logging</h1>
+<span class="description">Why, What &amp; How we Log</span>
+</header>
+
+<section id="table_of_contents">
+<h2 id="table-of-contents">Table of contents</h2>
+<div id="_table_of_contents"><ul><li><a href="#description">Description</a></li><li><a href="#setting-log-levels">Setting Log Levels</a></li><ul><li><a href="#loglevel"><code>loglevel</code></a></li><ul><li><a href="#aliases">Aliases</a></li></ul><li><a href="#foreground-scripts"><code>foreground-scripts</code></a></li></ul><li><a href="#registry-response-headers">Registry Response Headers</a></li><ul><li><a href="#npm-notice"><code>npm-notice</code></a></li></ul><li><a href="#see-also">See also</a></li></ul></div>
+</section>
+
+<div id="_content"><h3 id="description">Description</h3>
+<p>The <code>npm</code> CLI has various mechanisms for showing different levels of information back to end-users for certain commands, configurations &amp; environments.</p>
+<h3 id="setting-log-levels">Setting Log Levels</h3>
+<h4 id="loglevel"><code>loglevel</code></h4>
+<p><code>loglevel</code> is a global argument/config that can be set to determine the type of information to be displayed.</p>
+<p>The default value of <code>loglevel</code> is <code>"notice"</code> but there are several levels/types of logs available, including:</p>
+<ul>
+<li><code>"silent"</code></li>
+<li><code>"error"</code></li>
+<li><code>"warn"</code></li>
+<li><code>"notice"</code></li>
+<li><code>"http"</code></li>
+<li><code>"timing"</code></li>
+<li><code>"info"</code></li>
+<li><code>"verbose"</code></li>
+<li><code>"silly"</code></li>
+</ul>
+<p>All logs pertaining to a level proceeding the current setting will be shown.</p>
+<p>All logs are written to a debug log, with the path to that file printed if the execution of a command fails.</p>
+<h5 id="aliases">Aliases</h5>
+<p>The log levels listed above have various corresponding aliases, including:</p>
+<ul>
+<li><code>-d</code>: <code>--loglevel info</code></li>
+<li><code>--dd</code>: <code>--loglevel verbose</code></li>
+<li><code>--verbose</code>: <code>--loglevel verbose</code></li>
+<li><code>--ddd</code>: <code>--loglevel silly</code></li>
+<li><code>-q</code>: <code>--loglevel warn</code></li>
+<li><code>--quiet</code>: <code>--loglevel warn</code></li>
+<li><code>-s</code>: <code>--loglevel silent</code></li>
+<li><code>--silent</code>: <code>--loglevel silent</code></li>
+</ul>
+<h4 id="foreground-scripts"><code>foreground-scripts</code></h4>
+<p>The <code>npm</code> CLI began hiding the output of lifecycle scripts for <code>npm install</code> as of <code>v7</code>. Notably, this means you will not see logs/output from packages that may be using "install scripts" to display information back to you or from your own project's scripts defined in <code>package.json</code>. If you'd like to change this behavior &amp; log this output you can set <code>foreground-scripts</code> to <code>true</code>.</p>
+<h3 id="registry-response-headers">Registry Response Headers</h3>
+<h4 id="npm-notice"><code>npm-notice</code></h4>
+<p>The <code>npm</code> CLI reads from &amp; logs any <code>npm-notice</code> headers that are returned from the configured registry. This mechanism can be used by third-party registries to provide useful information when network-dependent requests occur.</p>
+<p>This header is not cached, and will not be logged if the request is served from the cache.</p>
+<h3 id="see-also">See also</h3>
+<ul>
+<li><a href="../using-npm/config.html">config</a></li>
+</ul>
+</div>
+
+<footer id="edit">
+<a href="https://github.com/npm/cli/edit/latest/docs/content/using-npm/logging.md">
+<svg role="img" viewBox="0 0 16 16" width="16" height="16" fill="currentcolor" style="vertical-align: text-bottom; margin-right: 0.3em;">
+<path fill-rule="evenodd" d="M11.013 1.427a1.75 1.75 0 012.474 0l1.086 1.086a1.75 1.75 0 010 2.474l-8.61 8.61c-.21.21-.47.364-.756.445l-3.251.93a.75.75 0 01-.927-.928l.929-3.25a1.75 1.75 0 01.445-.758l8.61-8.61zm1.414 1.06a.25.25 0 00-.354 0L10.811 3.75l1.439 1.44 1.263-1.263a.25.25 0 000-.354l-1.086-1.086zM11.189 6.25L9.75 4.81l-6.286 6.287a.25.25 0 00-.064.108l-.558 1.953 1.953-.558a.249.249 0 00.108-.064l6.286-6.286z"></path>
+</svg>
+Edit this page on GitHub
+</a>
+</footer>
+</section>
+
+
+
+</body></html>

deps/npm/docs/output/using-npm/scripts.html

@@ -380,7 +380,7 @@ <h4 id="packagejson-vars">package.json vars</h4>
 <code>npm_package_version</code> set to "1.2.5".  You can access these variables
 in your code with <code>process.env.npm_package_name</code> and
 <code>process.env.npm_package_version</code>, and so on for other fields.</p>
-<p>See <a href="../configuring-npm/package-json.html"><code>package-json.md</code></a> for more on package configs.</p>
+<p>See <a href="../configuring-npm/package-json.html"><code>package.json</code></a> for more on package configs.</p>
 <h4 id="current-lifecycle-event">current lifecycle event</h4>
 <p>Lastly, the <code>npm_lifecycle_event</code> environment variable is set to
 whichever stage of the cycle is being executed. So, you could have a

deps/npm/docs/output/using-npm/workspaces.html

@@ -148,7 +148,7 @@ <h2 id="table-of-contents">Table of contents</h2>
 <div id="_content"><h3 id="description">Description</h3>
 <p><strong>Workspaces</strong> is a generic term that refers to the set of features in the
 npm cli that provides support to managing multiple packages from your local
-files system from within a singular top-level, root package.</p>
+file system from within a singular top-level, root package.</p>
 <p>This set of features makes up for a much more streamlined workflow handling
 linked packages from the local file system. Automating the linking process
 as part of <code>npm install</code> and avoiding manually having to use <code>npm link</code> in

deps/npm/lib/auth/legacy.js

@@ -1,15 +1,12 @@
-const log = require('npmlog')
 const profile = require('npm-profile')
-
+const log = require('../utils/log-shim')
 const openUrl = require('../utils/open-url.js')
 const read = require('../utils/read-user-info.js')
 
 const loginPrompter = async (creds) => {
-  const opts = { log: log }
-
-  creds.username = await read.username('Username:', creds.username, opts)
+  creds.username = await read.username('Username:', creds.username)
   creds.password = await read.password('Password:', creds.password)
-  creds.email = await read.email('Email: (this IS public) ', creds.email, opts)
+  creds.email = await read.email('Email: (this IS public) ', creds.email)
 
   return creds
 }
@@ -19,7 +16,7 @@ const login = async (npm, opts) => {
 
   const requestOTP = async () => {
     const otp = await read.otp(
-      'Enter one-time password from your authenticator app: '
+      'Enter one-time password: '
     )
 
     return profile.loginCouch(

deps/npm/lib/auth/sso.js

@@ -7,10 +7,9 @@
 // CLI, we can remove this, and fold the lib/auth/legacy.js back into
 // lib/adduser.js
 
-const log = require('npmlog')
 const profile = require('npm-profile')
 const npmFetch = require('npm-registry-fetch')
-
+const log = require('../utils/log-shim')
 const openUrl = require('../utils/open-url.js')
 const otplease = require('../utils/otplease.js')