Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v18.x backport] deps: upgrade npm to 9.2.0 #46230

Closed
wants to merge 2 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
6 changes: 3 additions & 3 deletions deps/npm/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,9 @@

One of the following versions of [Node.js](https://nodejs.org/en/download/) must be installed to run **`npm`**:

* `12.x.x` >= `12.13.0`
* `14.x.x` >= `14.15.0`
* `16.0.0` or higher
* `14.x.x` >= `14.17.0`
* `16.x.x` >= `16.13.0`
* `18.0.0` or higher

### Installation

Expand Down
2 changes: 2 additions & 0 deletions deps/npm/bin/npx-cli.js
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@ for (i = 3; i < process.argv.length; i++) {
}

if (removed.has(key)) {
// eslint-disable-next-line no-console
console.error(`npx: the --${key} argument has been removed.`)
sawRemovedFlags = true
process.argv.splice(i, 1)
Expand All @@ -122,6 +123,7 @@ for (i = 3; i < process.argv.length; i++) {
}

if (sawRemovedFlags) {
// eslint-disable-next-line no-console
console.error('See `npm help exec` for more information')
}

Expand Down
5 changes: 5 additions & 0 deletions deps/npm/docs/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# docs

[![CI - docs](https://github.com/npm/cli/actions/workflows/ci-docs.yml/badge.svg)](https://github.com/npm/cli/actions/workflows/ci-docs.yml)

Scripts to build the npm docs.
32 changes: 21 additions & 11 deletions deps/npm/docs/content/commands/npm-access.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,13 @@ description: Set access level on published packages
### Synopsis

```bash
npm access public [<package>]
npm access restricted [<package>]
npm access list packages [<user>|<scope>|<scope:team> [<package>]
npm access list collaborators [<package> [<user>]]
npm access get status [<package>]
npm access set status=public|private [<package>]
npm access set mfa=none|publish|automation [<package>]
npm access grant <read-only|read-write> <scope:team> [<package>]
npm access revoke <scope:team> [<package>]
npm access 2fa-required [<package>]
npm access 2fa-not-required [<package>]
npm access ls-packages [<user>|<scope>|<scope:team>]
npm access ls-collaborators [<package> [<user>]]
npm access edit [<package>]
```

### Description
Expand Down Expand Up @@ -79,12 +77,17 @@ Management of teams and team memberships is done with the `npm team` command.

### Configuration

#### `registry`
#### `json`

* Default: "https://registry.npmjs.org/"
* Type: URL
* Default: false
* Type: Boolean

The base URL of the npm registry.
Whether or not to output JSON data, rather than the normal output.

* In `npm pkg set` it enables parsing set values with JSON.parse() before
saving them to your `package.json`.

Not supported by all npm commands.

#### `otp`

Expand All @@ -97,6 +100,13 @@ when publishing or changing package permissions with `npm access`.
If not set, and a registry response fails with a challenge for a one-time
password, npm will prompt on the command line for one.

#### `registry`

* Default: "https://registry.npmjs.org/"
* Type: URL

The base URL of the npm registry.

### See Also

* [`libnpmaccess`](https://npm.im/libnpmaccess)
Expand Down
29 changes: 8 additions & 21 deletions deps/npm/docs/content/commands/npm-adduser.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,29 +9,19 @@ description: Add a registry user account
```bash
npm adduser

aliases: login, add-user
alias: add-user
```

Note: This command is unaware of workspaces.

### Description

Create or verify a user named `<username>` in the specified registry, and
save the credentials to the `.npmrc` file. If no registry is specified,
the default registry will be used (see [`config`](/using-npm/config)).
Create a new user in the specified registry, and save the credentials to
the `.npmrc` file. If no registry is specified, the default registry
will be used (see [`registry`](/using-npm/registry)).

The username, password, and email are read in from prompts.

To reset your password, go to <https://www.npmjs.com/forgot>

To change your email address, go to <https://www.npmjs.com/email-edit>

You may use this command multiple times with the same user account to
authorize on a new machine. When authenticating on a new machine,
the username, password and email address must all match with
your existing record.

`npm login` is an alias to `adduser` and behaves exactly the same way.
When using `legacy` for your `auth-type`, the username, password, and
email are read in from prompts.

### Configuration

Expand Down Expand Up @@ -74,11 +64,8 @@ npm init --scope=@foo --yes

#### `auth-type`

* Default: "legacy"
* Type: "legacy", "web", "sso", "saml", "oauth", or "webauthn"

NOTE: auth-type values "sso", "saml", "oauth", and "webauthn" will be
removed in a future version.
* Default: "web"
* Type: "legacy" or "web"

What authentication strategy to use with `login`.

Expand Down
16 changes: 8 additions & 8 deletions deps/npm/docs/content/commands/npm-audit.md
Original file line number Diff line number Diff line change
Expand Up @@ -100,9 +100,9 @@ the path `/-/npm/v1/security/advisories/bulk`.

Any packages in the tree that do not have a `version` field in their
package.json file will be ignored. If any `--omit` options are specified
(either via the `--omit` config, or one of the shorthands such as
`--production`, `--only=dev`, and so on), then packages will be omitted
from the submitted payload as appropriate.
(either via the [`--omit` config](/using-npm/config#omit), or one of the
shorthands such as `--production`, `--only=dev`, and so on), then packages will
be omitted from the submitted payload as appropriate.

If the registry responds with an error, or with an invalid response, then
npm will attempt to load advisory data from the `Quick Audit` endpoint.
Expand Down Expand Up @@ -179,7 +179,7 @@ vulnerabilities are found _or_ if the remediation is able to successfully
fix all vulnerabilities.

If vulnerabilities were found the exit code will depend on the
`audit-level` configuration setting.
[`audit-level` config](/using-npm/config#audit-level).

### Examples

Expand Down Expand Up @@ -408,12 +408,12 @@ This value is not exported to the environment for child processes.

#### `install-links`

* Default: false
* Default: true
* Type: Boolean

When set file: protocol dependencies that exist outside of the project root
will be packed and installed as regular dependencies instead of creating a
symlink. This option has no effect on workspaces.
When set file: protocol dependencies will be packed and installed as regular
dependencies instead of creating a symlink. This option has no effect on
workspaces.

### See Also

Expand Down
41 changes: 0 additions & 41 deletions deps/npm/docs/content/commands/npm-bin.md

This file was deleted.

5 changes: 3 additions & 2 deletions deps/npm/docs/content/commands/npm-bugs.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,9 @@ alias: issues

This command tries to guess at the likely location of a package's bug
tracker URL or the `mailto` URL of the support email, and then tries to
open it using the `--browser` config param. If no package name is provided, it
will search for a `package.json` in the current folder and use the `name` property.
open it using the [`--browser` config](/using-npm/config#browser) param. If no
package name is provided, it will search for a `package.json` in the current
folder and use the `name` property.

### Configuration

Expand Down
3 changes: 1 addition & 2 deletions deps/npm/docs/content/commands/npm-cache.md
Original file line number Diff line number Diff line change
Expand Up @@ -75,8 +75,7 @@ verify`.
* Default: Windows: `%LocalAppData%\npm-cache`, Posix: `~/.npm`
* Type: Path

The location of npm's cache directory. See [`npm
cache`](/commands/npm-cache)
The location of npm's cache directory.

### See Also

Expand Down
44 changes: 28 additions & 16 deletions deps/npm/docs/content/commands/npm-ci.md
Original file line number Diff line number Diff line change
Expand Up @@ -106,27 +106,39 @@ folder instead of the current working directory. See
* bin files are linked to `{prefix}/bin`
* man pages are linked to `{prefix}/share/man`

#### `global-style`
#### `install-strategy`

* Default: "hoisted"
* Type: "hoisted", "nested", or "shallow"

Sets the strategy for installing packages in node_modules. hoisted
(default): Install non-duplicated in top-level, and duplicated as necessary
within directory structure. nested: (formerly --legacy-bundling) install in
place, no hoisting. shallow (formerly --global-style) only install direct
deps at top-level. linked: (coming soon) install in node_modules/.store,
link in place, unhoisted.

#### `legacy-bundling`

* Default: false
* Type: Boolean
* DEPRECATED: This option has been deprecated in favor of
`--install-strategy=nested`

Causes npm to install the package into your local `node_modules` folder with
the same layout it uses with the global `node_modules` folder. Only your
direct dependencies will show in `node_modules` and everything they depend
on will be flattened in their `node_modules` folders. This obviously will
eliminate some deduping. If used with `legacy-bundling`, `legacy-bundling`
will be preferred.
Instead of hoisting package installs in `node_modules`, install packages in
the same manner that they are depended on. This may cause very deep
directory structures and duplicate package installs as there is no
de-duplicating. Sets `--install-strategy=nested`.

#### `legacy-bundling`
#### `global-style`

* Default: false
* Type: Boolean
* DEPRECATED: This option has been deprecated in favor of
`--install-strategy=shallow`

Causes npm to install the package such that versions of npm prior to 1.4,
such as the one included with node 0.8, can install the package. This
eliminates all automatic deduping. If used with `global-style` this option
will be preferred.
Only install direct dependencies in the top level `node_modules`, but hoist
on deeper dependendencies. Sets `--install-strategy=shallow`.

#### `omit`

Expand Down Expand Up @@ -298,12 +310,12 @@ This value is not exported to the environment for child processes.

#### `install-links`

* Default: false
* Default: true
* Type: Boolean

When set file: protocol dependencies that exist outside of the project root
will be packed and installed as regular dependencies instead of creating a
symlink. This option has no effect on workspaces.
When set file: protocol dependencies will be packed and installed as regular
dependencies instead of creating a symlink. This option has no effect on
workspaces.

### See Also

Expand Down
17 changes: 14 additions & 3 deletions deps/npm/docs/content/commands/npm-config.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ npm config get [<key> [<key> ...]]
npm config delete <key> [<key> ...]
npm config list [--json]
npm config edit
npm config fix

alias: c
```
Expand All @@ -26,7 +27,7 @@ variables, `npmrc` files, and in some cases, the `package.json` file.
See [npmrc](/configuring-npm/npmrc) for more information about the npmrc
files.

See [config(7)](/using-npm/config) for a more thorough explanation of the
See [config](/using-npm/config) for a more thorough explanation of the
mechanisms involved, and a full list of config options available.

The `npm config` command can be used to update and edit the contents
Expand Down Expand Up @@ -91,6 +92,16 @@ npm config edit
Opens the config file in an editor. Use the `--global` flag to edit the
global config.

#### fix

```bash
npm config fix
```

Attempts to repair invalid configuration items. Usually this means
attaching authentication config (i.e. `_auth`, `_authToken`) to the
configured `registry`.

### Configuration

#### `json`
Expand Down Expand Up @@ -121,8 +132,8 @@ folder instead of the current working directory. See

#### `editor`

* Default: The EDITOR or VISUAL environment variables, or 'notepad.exe' on
Windows, or 'vim' on Unix systems
* Default: The EDITOR or VISUAL environment variables, or
'%SYSTEMROOT%\notepad.exe' on Windows, or 'vi' on Unix systems
* Type: String

The command to run for `npm edit` and `npm config edit`.
Expand Down
Loading