deps: upgrade npm to 7.5.3

PR-URL: #37283 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
nodejs · Feb 9, 2021 · 730ba5c · 730ba5c
1 parent 33d3a2e
commit 730ba5c
Show file tree

Hide file tree

Showing 92 changed files with 3,403 additions and 339 deletions.
diff --git a/deps/npm/CHANGELOG.md b/deps/npm/CHANGELOG.md
@@ -1,4 +1,38 @@
-## v7.5.2 (2021-02-02
+## v7.5.3 (2021-02-08)
+
+### BUG FIXES
+
+* [`df596bf4c`](https://github.com/npm/cli/commit/df596bf4c10d6917672579cc38800f5e846002bc)
+  fix(publish): follow all configs for registry auth check
+  [#2602](https://github.com/npm/cli/issues/2602)
+  ([@wraithgar](https://github.com/wraithgar))
+* [`6d7afb03c`](https://github.com/npm/cli/commit/6d7afb03cd7602b60e709516711a2f94cd61ff25)
+  [#2613](https://github.com/npm/cli/issues/2613)
+  install script: pass -q to curl calls to disable user .curlrc files
+  ([@nlf](https://github.com/nlf))
+
+### DEPENDENCIES
+
+* [`3294fed6f`](https://github.com/npm/cli/commit/3294fed6f18626516978c21fac5f28ecfdb58124)
+  `pacote@11.2.5`
+    * prevent infinite recursion in git dep preparation
+* [`0f7a3a87c`](https://github.com/npm/cli/commit/0f7a3a87c12e30bdd2cdab596ca6511de787c969)
+  `read-package-json-fast@2.0.1`
+    * avoid duplicating optionalDependencies as dependencies in package.json
+* [`6f46b0f7f`](https://github.com/npm/cli/commit/6f46b0f7fef9891e6de4af3547c70a67cb3a7a13)
+  `init-package-json@2.0.2`
+* [`df4f65acc`](https://github.com/npm/cli/commit/df4f65acc4ceaf15db4c227670e80f94584c055c)
+  `@npmcli/arborist@2.2.0`
+* [`7038c2ff4`](https://github.com/npm/cli/commit/7038c2ff49022f8babd495d1b831b5c82d6aed05)
+  `@npmcli/run-script@1.8.2`
+* [`54cd4c87a`](https://github.com/npm/cli/commit/54cd4c87a71c9381519d8ac52e306096066dc92e)
+  `libnpmversion@1.0.8`
+* [`9ab36aae4`](https://github.com/npm/cli/commit/9ab36aae429784df754211d5f086a515012b9bdd)
+  `graceful-fs@4.2.5`
+* [`e1822cf27`](https://github.com/npm/cli/commit/e1822cf277336728f1d5696ffe0db3ea6e700d9e)
+  `@npmcli/installed-package-contents@1.0.7`
+
+## v7.5.2 (2021-02-02)
 
 ### BUG FIXES
 

diff --git a/deps/npm/README.md b/deps/npm/README.md
@@ -15,7 +15,7 @@
 You can download & install **`npm`** directly from [**npmjs**.com](https://npmjs.com/) using our custom `install.sh` script:
 
 ```bash
-curl -L https://www.npmjs.com/install.sh | sh
+curl -qL https://www.npmjs.com/install.sh | sh
 ```
 
 #### Node Version Managers
@@ -50,4 +50,4 @@ npm <command>
 ### Acknowledgments
 
 * `npm` is configured to use the **npm Public Registry** at [https://registry.npmjs.org](https://registry.npmjs.org) by default; Usage of this registry is subject to **Terms of Use** available at [https://npmjs.com/policies/terms](https://npmjs.com/policies/terms)
-* You can configure `npm` to use any other compatible registry you prefer. You can read more about configuring third-party registries [here](https://docs.npmjs.com/cli/v7/using-npm/registry)
+* You can configure `npm` to use any other compatible registry you prefer. You can read more about configuring third-party registries [here](https://docs.npmjs.com/cli/v7/using-npm/registry)
diff --git a/deps/npm/docs/output/commands/npm-ls.html b/deps/npm/docs/output/commands/npm-ls.html
@@ -159,7 +159,7 @@ <h3 id="description">Description</h3>
 the results to only the paths to the packages named.  Note that nested
 packages will <em>also</em> show the paths to the specified packages.  For
 example, running <code>npm ls promzard</code> in npm’s source tree will show:</p>
-<pre lang="bash"><code>npm@7.5.2 /path/to/npm
+<pre lang="bash"><code>npm@7.5.3 /path/to/npm
 └─┬ init-package-json@0.0.4
   └── promzard@0.1.5
 </code></pre>

diff --git a/deps/npm/docs/output/commands/npm.html b/deps/npm/docs/output/commands/npm.html
@@ -148,7 +148,7 @@ <h2 id="table-of-contents">Table of contents</h2>
 <pre lang="bash"><code>npm &lt;command&gt; [args]
 </code></pre>
 <h3 id="version">Version</h3>
-<p>7.5.2</p>
+<p>7.5.3</p>
 <h3 id="description">Description</h3>
 <p>npm is the package manager for the Node JavaScript platform.  It puts
 modules in place so that node can find them, and manages dependency

diff --git a/deps/npm/lib/help.js b/deps/npm/lib/help.js
@@ -8,22 +8,22 @@ help.completion = function (opts, cb) {
 }
 
 const npmUsage = require('./utils/npm-usage.js')
-var path = require('path')
-var spawn = require('./utils/spawn')
-var npm = require('./npm.js')
-var log = require('npmlog')
-var openUrl = require('./utils/open-url')
-var glob = require('glob')
-var output = require('./utils/output.js')
+const { spawn } = require('child_process')
+const path = require('path')
+const npm = require('./npm.js')
+const log = require('npmlog')
+const openUrl = require('./utils/open-url')
+const glob = require('glob')
+const output = require('./utils/output.js')
 
 const usage = require('./utils/usage.js')
 
 help.usage = usage('help', 'npm help <term> [<terms..>]')
 
 function help (args, cb) {
-  var argv = npm.config.parsedArgv.cooked
+  const argv = npm.config.parsedArgv.cooked
 
-  var argnum = 0
+  let argnum = 0
   if (args.length === 2 && ~~args[0])
     argnum = ~~args.shift()
 
@@ -34,7 +34,7 @@ function help (args, cb) {
   const affordances = {
     'find-dupes': 'dedupe',
   }
-  var section = affordances[args[0]] || npm.deref(args[0]) || args[0]
+  let section = affordances[args[0]] || npm.deref(args[0]) || args[0]
 
   // npm help <noargs>:  show basic usage
   if (!section) {
@@ -52,15 +52,12 @@ function help (args, cb) {
     return cb()
   }
 
-  var pref = [1, 5, 7]
-  if (argnum) {
-    pref = [argnum].concat(pref.filter(function (n) {
-      return n !== argnum
-    }))
-  }
+  let pref = [1, 5, 7]
+  if (argnum)
+    pref = [argnum].concat(pref.filter(n => n !== argnum))
 
   // npm help <section>: Try to find the path
-  var manroot = path.resolve(__dirname, '..', 'man')
+  const manroot = path.resolve(__dirname, '..', 'man')
 
   // legacy
   if (section === 'global')
@@ -71,18 +68,18 @@ function help (args, cb) {
   // find either /section.n or /npm-section.n
   // The glob is used in the glob.  The regexp is used much
   // further down.  Globs and regexps are different
-  var compextglob = '.+(gz|bz2|lzma|[FYzZ]|xz)'
-  var compextre = '\\.(gz|bz2|lzma|[FYzZ]|xz)$'
-  var f = '+(npm-' + section + '|' + section + ').[0-9]?(' + compextglob + ')'
-  return glob(manroot + '/*/' + f, function (er, mans) {
+  const compextglob = '.+(gz|bz2|lzma|[FYzZ]|xz)'
+  const compextre = '\\.(gz|bz2|lzma|[FYzZ]|xz)$'
+  const f = '+(npm-' + section + '|' + section + ').[0-9]?(' + compextglob + ')'
+  return glob(manroot + '/*/' + f, (er, mans) => {
     if (er)
       return cb(er)
 
     if (!mans.length)
       return npm.commands['help-search'](args, cb)
 
-    mans = mans.map(function (man) {
-      var ext = path.extname(man)
+    mans = mans.map((man) => {
+      const ext = path.extname(man)
       if (man.match(new RegExp(compextre)))
         man = path.basename(man, ext)
 
@@ -94,14 +91,12 @@ function help (args, cb) {
 }
 
 function pickMan (mans, pref_) {
-  var nre = /([0-9]+)$/
-  var pref = {}
-  pref_.forEach(function (sect, i) {
-    pref[sect] = i
-  })
-  mans = mans.sort(function (a, b) {
-    var an = a.match(nre)[1]
-    var bn = b.match(nre)[1]
+  const nre = /([0-9]+)$/
+  const pref = {}
+  pref_.forEach((sect, i) => pref[sect] = i)
+  mans = mans.sort((a, b) => {
+    const an = a.match(nre)[1]
+    const bn = b.match(nre)[1]
     return an === bn ? (a > b ? -1 : 1)
       : pref[an] < pref[bn] ? -1
       : 1
@@ -110,48 +105,61 @@ function pickMan (mans, pref_) {
 }
 
 function viewMan (man, cb) {
-  var nre = /([0-9]+)$/
-  var num = man.match(nre)[1]
-  var section = path.basename(man, '.' + num)
+  const nre = /([0-9]+)$/
+  const num = man.match(nre)[1]
+  const section = path.basename(man, '.' + num)
 
   // at this point, we know that the specified man page exists
-  var manpath = path.join(__dirname, '..', 'man')
-  var env = {}
+  const manpath = path.join(__dirname, '..', 'man')
+  const env = {}
   Object.keys(process.env).forEach(function (i) {
     env[i] = process.env[i]
   })
   env.MANPATH = manpath
-  var viewer = npm.config.get('viewer')
+  const viewer = npm.config.get('viewer')
+
+  const opts = {
+    env,
+    stdio: 'inherit',
+  }
 
-  var conf
+  let bin = 'man'
+  const args = []
   switch (viewer) {
     case 'woman':
-      var a = ['-e', '(woman-find-file \'' + man + '\')']
-      conf = { env: env, stdio: 'inherit' }
-      var woman = spawn('emacsclient', a, conf)
-      woman.on('close', cb)
+      bin = 'emacsclient'
+      args.push('-e', `(woman-find-file '${man}')`)
       break
 
     case 'browser':
+      bin = false
       try {
-        var url = htmlMan(man)
+        const url = htmlMan(man)
+        openUrl(url, 'help available at the following URL', cb)
       } catch (err) {
         return cb(err)
       }
-      openUrl(url, 'help available at the following URL', cb)
       break
 
     default:
-      conf = { env: env, stdio: 'inherit' }
-      var manProcess = spawn('man', [num, section], conf)
-      manProcess.on('close', cb)
+      args.push(num, section)
       break
   }
+
+  if (bin) {
+    const proc = spawn(bin, args, opts)
+    proc.on('exit', (code) => {
+      if (code)
+        return cb(new Error(`help process exited with code: ${code}`))
+
+      return cb()
+    })
+  }
 }
 
 function htmlMan (man) {
-  var sect = +man.match(/([0-9]+)$/)[1]
-  var f = path.basename(man).replace(/[.]([0-9]+)$/, '')
+  let sect = +man.match(/([0-9]+)$/)[1]
+  const f = path.basename(man).replace(/[.]([0-9]+)$/, '')
   switch (sect) {
     case 1:
       sect = 'commands'
@@ -169,7 +177,7 @@ function htmlMan (man) {
 }
 
 function getSections (cb) {
-  var g = path.resolve(__dirname, '../man/man[0-9]/*.[0-9]')
+  const g = path.resolve(__dirname, '../man/man[0-9]/*.[0-9]')
   glob(g, function (er, files) {
     if (er)
       return cb(er)

diff --git a/deps/npm/lib/ls.js b/deps/npm/lib/ls.js
@@ -163,7 +163,10 @@ const getJsonOutputItem = (node, { global, long }) => {
     Object.assign(item, packageInfo)
     item.extraneous = false
     item.path = node.path
-    item._dependencies = node.package.dependencies || {}
+    item._dependencies = {
+      ...node.package.dependencies,
+      ...node.package.optionalDependencies,
+    }
     item.devDependencies = node.package.devDependencies || {}
     item.peerDependencies = node.package.peerDependencies || {}
   }

diff --git a/deps/npm/lib/publish.js b/deps/npm/lib/publish.js
@@ -6,6 +6,7 @@ const libpub = require('libnpmpublish').publish
 const runScript = require('@npmcli/run-script')
 const pacote = require('pacote')
 const npa = require('npm-package-arg')
+const npmFetch = require('npm-registry-fetch')
 
 const npm = require('./npm.js')
 const output = require('./utils/output.js')
@@ -71,27 +72,12 @@ const publish_ = async (arg, opts) => {
   // you can publish name@version, ./foo.tgz, etc.
   // even though the default is the 'file:.' cwd.
   const spec = npa(arg)
-  const manifest = await getManifest(spec, opts)
+
+  let manifest = await getManifest(spec, opts)
 
   if (manifest.publishConfig)
     Object.assign(opts, publishConfigToOpts(manifest.publishConfig))
 
-  const { registry } = opts
-  if (!registry) {
-    throw Object.assign(new Error('No registry specified.'), {
-      code: 'ENOREGISTRY',
-    })
-  }
-
-  if (!dryRun) {
-    const creds = npm.config.getCredentialsByURI(registry)
-    if (!creds.token && !creds.username) {
-      throw Object.assign(new Error('This command requires you to be logged in.'), {
-        code: 'ENEEDAUTH',
-      })
-    }
-  }
-
   // only run scripts for directory type publishes
   if (spec.type === 'directory') {
     await runScript({
@@ -105,18 +91,27 @@ const publish_ = async (arg, opts) => {
   const tarballData = await pack(spec, opts)
   const pkgContents = await getContents(manifest, tarballData)
 
+  // The purpose of re-reading the manifest is in case it changed,
+  // so that we send the latest and greatest thing to the registry
+  // note that publishConfig might have changed as well!
+  manifest = await getManifest(spec, opts)
+  if (manifest.publishConfig)
+    Object.assign(opts, publishConfigToOpts(manifest.publishConfig))
+
   // note that logTar calls npmlog.notice(), so if we ARE in silent mode,
   // this will do nothing, but we still want it in the debuglog if it fails.
   if (!json)
     logTar(pkgContents, { log, unicode })
 
   if (!dryRun) {
-    // The purpose of re-reading the manifest is in case it changed,
-    // so that we send the latest and greatest thing to the registry
-    // note that publishConfig might have changed as well!
-    const manifest = await getManifest(spec, opts)
-    if (manifest.publishConfig)
-      Object.assign(opts, publishConfigToOpts(manifest.publishConfig))
+    const resolved = npa.resolve(manifest.name, manifest.version)
+    const registry = npmFetch.pickRegistry(resolved, opts)
+    const creds = npm.config.getCredentialsByURI(registry)
+    if (!creds.token && !creds.username) {
+      throw Object.assign(new Error('This command requires you to be logged in.'), {
+        code: 'ENEEDAUTH',
+      })
+    }
     await otplease(opts, opts => libpub(manifest, tarballData, opts))
   }
 

diff --git a/deps/npm/lib/utils/no-progress-while-running.js b/deps/npm/lib/utils/no-progress-while-running.js