Skip to content

Commit

Permalink
deps: upgrade npm to 10.2.3
Browse files Browse the repository at this point in the history
PR-URL: #50531
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Debadree Chatterjee <debadree333@gmail.com>
  • Loading branch information
npm-cli-bot authored Nov 3, 2023
1 parent 8373643 commit fd2368e
Show file tree
Hide file tree
Showing 556 changed files with 6,990 additions and 44,431 deletions.
6 changes: 6 additions & 0 deletions deps/npm/bin/node-gyp-bin/node-gyp
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
#!/usr/bin/env sh
if [ "x$npm_config_node_gyp" = "x" ]; then
node "`dirname "$0"`/../../node_modules/node-gyp/bin/node-gyp.js" "$@"
else
"$npm_config_node_gyp" "$@"
fi
5 changes: 5 additions & 0 deletions deps/npm/bin/node-gyp-bin/node-gyp.cmd
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
if not defined npm_config_node_gyp (
node "%~dp0\..\..\node_modules\node-gyp\bin\node-gyp.js" %*
) else (
node "%npm_config_node_gyp%" %*
)
4 changes: 2 additions & 2 deletions deps/npm/docs/content/commands/npm-audit.md
Original file line number Diff line number Diff line change
Expand Up @@ -83,13 +83,13 @@ The `sig` is generated using the following template: `${package.name}@${package.

Keys response:

- `expires`: null or a simplified extended <a href="https://en.wikipedia.org/wiki/ISO_8601" target="_blank">ISO 8601 format</a>: `YYYY-MM-DDTHH:mm:ss.sssZ`
- `expires`: null or a simplified extended [ISO 8601 format](https://en.wikipedia.org/wiki/ISO_8601"): `YYYY-MM-DDTHH:mm:ss.sssZ`
- `keydid`: sha256 fingerprint of the public key
- `keytype`: only `ecdsa-sha2-nistp256` is currently supported by the npm CLI
- `scheme`: only `ecdsa-sha2-nistp256` is currently supported by the npm CLI
- `key`: base64 encoded public key

See this <a href="https://registry.npmjs.org/-/npm/v1/keys" target="_blank">example key's response from the public npm registry</a>.
See this [example key's response from the public npm registry](https://registry.npmjs.org/-/npm/v1/keys").

### Audit Endpoints

Expand Down
2 changes: 1 addition & 1 deletion deps/npm/docs/content/commands/npm-ls.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ packages will *also* show the paths to the specified packages. For
example, running `npm ls promzard` in npm's source tree will show:

```bash
npm@10.2.0 /path/to/npm
npm@10.2.3 /path/to/npm
└─┬ init-package-json@0.0.4
└── promzard@0.1.5
```
Expand Down
31 changes: 23 additions & 8 deletions deps/npm/docs/content/commands/npm-rebuild.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,29 @@ alias: rb

### Description

This command runs the `npm build` command on the matched folders. This is
useful when you install a new version of node, and must recompile all your
C++ addons with the new binary. It is also useful when installing with
`--ignore-scripts` and `--no-bin-links`, to explicitly choose which
packages to build and/or link bins.

If one or more package specs are provided, then only packages with a
name and version matching one of the specifiers will be rebuilt.
This command does the following:

1. Execute lifecycle scripts (`preinstall`, `install`, `postinstall`, `prepare`)
2. Links bins depending on whether bin links are enabled

This command is particularly useful in scenarios including but not limited to:

1. Installing a new version of **node.js**, where you need to recompile all your C++ add-ons with the updated binary.
2. Installing with `--ignore-scripts` and `--no-bin-links`, to explicitly choose which packages to build and/or link bins.

If one or more package specs are provided, then only packages with a name and version matching one of the specifiers will be rebuilt.

Usually, you should not need to run `npm rebuild` as it is already done for you as part of npm install (unless you suppressed these steps with `--ignore-scripts` or `--no-bin-links`).

If there is a `binding.gyp` file in the root of your package, then npm will use a default install hook:

```
"scripts": {
"install": "node-gyp rebuild"
}
```

This default behavior is suppressed if the `package.json` has its own `install` or `preinstall` scripts. It is also suppressed if the package specifies `"gypfile": false`

### Configuration

Expand Down
2 changes: 1 addition & 1 deletion deps/npm/docs/content/commands/npm-team.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ on your `authtype`.

* create / destroy:
Create a new team, or destroy an existing one. Note: You cannot remove the
`developers` team, <a href="https://docs.npmjs.com/about-developers-team" target="_blank">learn more.</a>
`developers` team, [learn more.](https://docs.npmjs.com/about-developers-team)

Here's how to create a new team `newteam` under the `org` org:

Expand Down
5 changes: 2 additions & 3 deletions deps/npm/docs/content/commands/npm-unpublish.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,8 @@ description: Remove a package from the registry
npm unpublish [<package-spec>]
```

To learn more about how the npm registry treats unpublish, see our <a
href="https://docs.npmjs.com/policies/unpublish" target="_blank"
rel="noopener noreferrer"> unpublish policies</a>
To learn more about how the npm registry treats unpublish, see our
[unpublish policies](https://docs.npmjs.com/policies/unpublish).

### Warning

Expand Down
2 changes: 1 addition & 1 deletion deps/npm/docs/content/commands/npm.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ Note: This command is unaware of workspaces.

### Version

10.2.0
10.2.3

### Description

Expand Down
2 changes: 1 addition & 1 deletion deps/npm/docs/content/configuring-npm/package-lock-json.md
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ the npm registry. Lockfiles generated by npm v7 will contain
* `1`: The lockfile version used by npm v5 and v6.
* `2`: The lockfile version used by npm v7 and v8. Backwards compatible to v1
lockfiles.
* `3`: The lockfile version used by npm v9. Backwards compatible to npm v7.
* `3`: The lockfile version used by npm v9 and above. Backwards compatible to npm v7.

npm will always attempt to get whatever data it can out of a lockfile, even
if it is not a version that it was designed to support.
Expand Down
2 changes: 0 additions & 2 deletions deps/npm/docs/content/using-npm/scripts.md
Original file line number Diff line number Diff line change
Expand Up @@ -159,8 +159,6 @@ These are run from the scripts of `<pkg-name>`
* `publish`
* `postpublish`

`prepare` will not run during `--dry-run`

#### [`npm rebuild`](/commands/npm-rebuild)

* `preinstall`
Expand Down
4 changes: 2 additions & 2 deletions deps/npm/docs/output/commands/npm-audit.html
Original file line number Diff line number Diff line change
Expand Up @@ -203,13 +203,13 @@ <h3 id="audit-signatures">Audit Signatures</h3>
</code></pre>
<p>Keys response:</p>
<ul>
<li><code>expires</code>: null or a simplified extended ISO 8601 format: <code>YYYY-MM-DDTHH:mm:ss.sssZ</code></li>
<li><code>expires</code>: null or a simplified extended <a href="https://en.wikipedia.org/wiki/ISO_8601%22">ISO 8601 format</a>: <code>YYYY-MM-DDTHH:mm:ss.sssZ</code></li>
<li><code>keydid</code>: sha256 fingerprint of the public key</li>
<li><code>keytype</code>: only <code>ecdsa-sha2-nistp256</code> is currently supported by the npm CLI</li>
<li><code>scheme</code>: only <code>ecdsa-sha2-nistp256</code> is currently supported by the npm CLI</li>
<li><code>key</code>: base64 encoded public key</li>
</ul>
<p>See this example key's response from the public npm registry.</p>
<p>See this <a href="https://registry.npmjs.org/-/npm/v1/keys%22">example key's response from the public npm registry</a>.</p>
<h3 id="audit-endpoints">Audit Endpoints</h3>
<p>There are two audit endpoints that npm may use to fetch vulnerability
information: the <code>Bulk Advisory</code> endpoint and the <code>Quick Audit</code> endpoint.</p>
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/docs/output/commands/npm-ls.html
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ <h3 id="description">Description</h3>
the results to only the paths to the packages named. Note that nested
packages will <em>also</em> show the paths to the specified packages. For
example, running <code>npm ls promzard</code> in npm's source tree will show:</p>
<pre><code class="language-bash">npm@10.2.0 /path/to/npm
<pre><code class="language-bash">npm@10.2.3 /path/to/npm
└─┬ init-package-json@0.0.4
└── promzard@0.1.5
</code></pre>
Expand Down
25 changes: 18 additions & 7 deletions deps/npm/docs/output/commands/npm-rebuild.html
Original file line number Diff line number Diff line change
Expand Up @@ -151,13 +151,24 @@ <h2 id="table-of-contents">Table of contents</h2>
alias: rb
</code></pre>
<h3 id="description">Description</h3>
<p>This command runs the <code>npm build</code> command on the matched folders. This is
useful when you install a new version of node, and must recompile all your
C++ addons with the new binary. It is also useful when installing with
<code>--ignore-scripts</code> and <code>--no-bin-links</code>, to explicitly choose which
packages to build and/or link bins.</p>
<p>If one or more package specs are provided, then only packages with a
name and version matching one of the specifiers will be rebuilt.</p>
<p>This command does the following:</p>
<ol>
<li>Execute lifecycle scripts (<code>preinstall</code>, <code>install</code>, <code>postinstall</code>, <code>prepare</code>)</li>
<li>Links bins depending on whether bin links are enabled</li>
</ol>
<p>This command is particularly useful in scenarios including but not limited to:</p>
<ol>
<li>Installing a new version of <strong>node.js</strong>, where you need to recompile all your C++ add-ons with the updated binary.</li>
<li>Installing with <code>--ignore-scripts</code> and <code>--no-bin-links</code>, to explicitly choose which packages to build and/or link bins.</li>
</ol>
<p>If one or more package specs are provided, then only packages with a name and version matching one of the specifiers will be rebuilt.</p>
<p>Usually, you should not need to run <code>npm rebuild</code> as it is already done for you as part of npm install (unless you suppressed these steps with <code>--ignore-scripts</code> or <code>--no-bin-links</code>).</p>
<p>If there is a <code>binding.gyp</code> file in the root of your package, then npm will use a default install hook:</p>
<pre><code>"scripts": {
"install": "node-gyp rebuild"
}
</code></pre>
<p>This default behavior is suppressed if the <code>package.json</code> has its own <code>install</code> or <code>preinstall</code> scripts. It is also suppressed if the package specifies <code>"gypfile": false</code></p>
<h3 id="configuration">Configuration</h3>
<h4 id="global"><code>global</code></h4>
<ul>
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/docs/output/commands/npm-team.html
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ <h3 id="description">Description</h3>
<li>
<p>create / destroy:
Create a new team, or destroy an existing one. Note: You cannot remove the
<code>developers</code> team, learn more.</p>
<code>developers</code> team, <a href="https://docs.npmjs.com/about-developers-team">learn more.</a></p>
<p>Here's how to create a new team <code>newteam</code> under the <code>org</code> org:</p>
<pre><code class="language-bash">npm team create @org:newteam
</code></pre>
Expand Down
3 changes: 2 additions & 1 deletion deps/npm/docs/output/commands/npm-unpublish.html
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,8 @@ <h2 id="table-of-contents">Table of contents</h2>
<div id="_content"><h3 id="synopsis">Synopsis</h3>
<pre><code class="language-bash">npm unpublish [&lt;package-spec&gt;]
</code></pre>
<p>To learn more about how the npm registry treats unpublish, see our unpublish policies</p>
<p>To learn more about how the npm registry treats unpublish, see our
<a href="https://docs.npmjs.com/policies/unpublish">unpublish policies</a>.</p>
<h3 id="warning">Warning</h3>
<p>Consider using the <a href="../commands/npm-deprecate.html"><code>deprecate</code></a> command instead,
if your intent is to encourage users to upgrade, or if you no longer
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/docs/output/commands/npm.html
Original file line number Diff line number Diff line change
Expand Up @@ -150,7 +150,7 @@ <h2 id="table-of-contents">Table of contents</h2>
</code></pre>
<p>Note: This command is unaware of workspaces.</p>
<h3 id="version">Version</h3>
<p>10.2.0</p>
<p>10.2.3</p>
<h3 id="description">Description</h3>
<p>npm is the package manager for the Node JavaScript platform. It puts
modules in place so that node can find them, and manages dependency
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -241,7 +241,7 @@ <h4 id="lockfileversion"><code>lockfileVersion</code></h4>
<li><code>1</code>: The lockfile version used by npm v5 and v6.</li>
<li><code>2</code>: The lockfile version used by npm v7 and v8. Backwards compatible to v1
lockfiles.</li>
<li><code>3</code>: The lockfile version used by npm v9. Backwards compatible to npm v7.</li>
<li><code>3</code>: The lockfile version used by npm v9 and above. Backwards compatible to npm v7.</li>
</ul>
<p>npm will always attempt to get whatever data it can out of a lockfile, even
if it is not a version that it was designed to support.</p>
Expand Down
1 change: 0 additions & 1 deletion deps/npm/docs/output/using-npm/scripts.html
Original file line number Diff line number Diff line change
Expand Up @@ -293,7 +293,6 @@ <h4 id="npm-publish"><a href="../commands/npm-publish.html"><code>npm publish</c
<li><code>publish</code></li>
<li><code>postpublish</code></li>
</ul>
<p><code>prepare</code> will not run during <code>--dry-run</code></p>
<h4 id="npm-rebuild"><a href="../commands/npm-rebuild.html"><code>npm rebuild</code></a></h4>
<ul>
<li><code>preinstall</code></li>
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/lib/commands/audit.js
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ class VerifySignatures {
// Didn't find any dependencies that could be verified, e.g. only local
// deps, missing version, not on a registry etc.
if (!this.auditedWithKeysCount) {
throw new Error('found no dependencies to audit that where installed from ' +
throw new Error('found no dependencies to audit that were installed from ' +
'a supported registry')
}

Expand Down
4 changes: 2 additions & 2 deletions deps/npm/lib/commands/link.js
Original file line number Diff line number Diff line change
Expand Up @@ -109,13 +109,13 @@ class Link extends ArboristWorkspaceCmd {
// using any of --save-dev or other types
const save =
Boolean(
this.npm.config.find('save') !== 'default' ||
(this.npm.config.find('save') !== 'default' &&
this.npm.config.get('save')) ||
this.npm.config.get('save-optional') ||
this.npm.config.get('save-peer') ||
this.npm.config.get('save-dev') ||
this.npm.config.get('save-prod')
)

// create a new arborist instance for the local prefix and
// reify all the pending names as symlinks there
const localArb = new Arborist({
Expand Down
12 changes: 8 additions & 4 deletions deps/npm/lib/commands/logout.js
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
const getAuth = require('npm-registry-fetch/lib/auth.js')
const npmFetch = require('npm-registry-fetch')
const { getAuth } = npmFetch
const log = require('../utils/log-shim')
const BaseCommand = require('../base-command.js')

Expand All @@ -19,10 +19,14 @@ class Logout extends BaseCommand {

const auth = getAuth(reg, this.npm.flatOptions)

const level = this.npm.config.find(`${auth.regKey}:${auth.authKey}`)

// find the config level and only delete from there
if (auth.token) {
log.verbose('logout', `clearing token for ${reg}`)
await npmFetch(`/-/user/token/${encodeURIComponent(auth.token)}`, {
...this.npm.flatOptions,
registry: reg,
method: 'DELETE',
ignoreBody: true,
})
Expand All @@ -34,12 +38,12 @@ class Logout extends BaseCommand {
}

if (scope) {
this.npm.config.delete(regRef, 'user')
this.npm.config.delete(regRef, level)
}

this.npm.config.clearCredentialsByURI(reg)
this.npm.config.clearCredentialsByURI(reg, level)

await this.npm.config.save('user')
await this.npm.config.save(level)
}
}
module.exports = Logout
2 changes: 1 addition & 1 deletion deps/npm/lib/utils/error-message.js
Original file line number Diff line number Diff line change
Expand Up @@ -182,7 +182,7 @@ const errorMessage = (er, npm) => {
])
detail.push([
'',
['To correct this please trying logging in again with:', ' npm login'].join('\n'),
['To correct this please try logging in again with:', ' npm login'].join('\n'),
])
} else if (auth.includes('Basic')) {
short.push(['', 'Incorrect or missing password.'])
Expand Down
6 changes: 1 addition & 5 deletions deps/npm/lib/utils/queryable.js
Original file line number Diff line number Diff line change
Expand Up @@ -111,13 +111,9 @@ const getter = ({ data, key }) => {
}, {})
return _data
} else {
// if can't find any more values, it means it's just over
// and there's nothing to return
if (!_data[k]) {
if (!Object.hasOwn(_data, k)) {
return undefined
}

// otherwise sets the next value
_data = _data[k]
}

Expand Down
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm-access.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "NPM-ACCESS" "1" "October 2023" "" ""
.TH "NPM-ACCESS" "1" "November 2023" "" ""
.SH "NAME"
\fBnpm-access\fR - Set access level on published packages
.SS "Synopsis"
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm-adduser.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "NPM-ADDUSER" "1" "October 2023" "" ""
.TH "NPM-ADDUSER" "1" "November 2023" "" ""
.SH "NAME"
\fBnpm-adduser\fR - Add a registry user account
.SS "Synopsis"
Expand Down
6 changes: 3 additions & 3 deletions deps/npm/man/man1/npm-audit.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "NPM-AUDIT" "1" "October 2023" "" ""
.TH "NPM-AUDIT" "1" "November 2023" "" ""
.SH "NAME"
\fBnpm-audit\fR - Run a security audit
.SS "Synopsis"
Expand Down Expand Up @@ -78,7 +78,7 @@ Public signing keys are provided at \fBregistry-host.tld/-/npm/v1/keys\fR in the
Keys response:
.RS 0
.IP \(bu 4
\fBexpires\fR: null or a simplified extended ISO 8601 format: \fBYYYY-MM-DDTHH:mm:ss.sssZ\fR
\fBexpires\fR: null or a simplified extended \fBISO 8601 format\fR \fI\(lahttps://en.wikipedia.org/wiki/ISO_8601"\(ra\fR: \fBYYYY-MM-DDTHH:mm:ss.sssZ\fR
.IP \(bu 4
\fBkeydid\fR: sha256 fingerprint of the public key
.IP \(bu 4
Expand All @@ -90,7 +90,7 @@ Keys response:
.RE 0

.P
See this example key's response from the public npm registry.
See this \fBexample key's response from the public npm registry\fR \fI\(lahttps://registry.npmjs.org/-/npm/v1/keys"\(ra\fR.
.SS "Audit Endpoints"
.P
There are two audit endpoints that npm may use to fetch vulnerability information: the \fBBulk Advisory\fR endpoint and the \fBQuick Audit\fR endpoint.
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm-bugs.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "NPM-BUGS" "1" "October 2023" "" ""
.TH "NPM-BUGS" "1" "November 2023" "" ""
.SH "NAME"
\fBnpm-bugs\fR - Report bugs for a package in a web browser
.SS "Synopsis"
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm-cache.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "NPM-CACHE" "1" "October 2023" "" ""
.TH "NPM-CACHE" "1" "November 2023" "" ""
.SH "NAME"
\fBnpm-cache\fR - Manipulates packages cache
.SS "Synopsis"
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm-ci.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "NPM-CI" "1" "October 2023" "" ""
.TH "NPM-CI" "1" "November 2023" "" ""
.SH "NAME"
\fBnpm-ci\fR - Clean install a project
.SS "Synopsis"
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm-completion.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "NPM-COMPLETION" "1" "October 2023" "" ""
.TH "NPM-COMPLETION" "1" "November 2023" "" ""
.SH "NAME"
\fBnpm-completion\fR - Tab Completion for npm
.SS "Synopsis"
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm-config.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "NPM-CONFIG" "1" "October 2023" "" ""
.TH "NPM-CONFIG" "1" "November 2023" "" ""
.SH "NAME"
\fBnpm-config\fR - Manage the npm configuration files
.SS "Synopsis"
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm-dedupe.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "NPM-DEDUPE" "1" "October 2023" "" ""
.TH "NPM-DEDUPE" "1" "November 2023" "" ""
.SH "NAME"
\fBnpm-dedupe\fR - Reduce duplication in the package tree
.SS "Synopsis"
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm-deprecate.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "NPM-DEPRECATE" "1" "October 2023" "" ""
.TH "NPM-DEPRECATE" "1" "November 2023" "" ""
.SH "NAME"
\fBnpm-deprecate\fR - Deprecate a version of a package
.SS "Synopsis"
Expand Down
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm-diff.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "NPM-DIFF" "1" "October 2023" "" ""
.TH "NPM-DIFF" "1" "November 2023" "" ""
.SH "NAME"
\fBnpm-diff\fR - The registry diff command
.SS "Synopsis"
Expand Down
Loading

0 comments on commit fd2368e

Please sign in to comment.