diff --git a/node_modules/@npmcli/arborist/bin/lib/logging.js b/node_modules/@npmcli/arborist/bin/lib/logging.js
index a7d20a1f53647..9420bca3c320c 100644
--- a/node_modules/@npmcli/arborist/bin/lib/logging.js
+++ b/node_modules/@npmcli/arborist/bin/lib/logging.js
@@ -20,13 +20,21 @@ const levelMap = new Map(levels.reduce((set, level, index) => {
}, []))
const { inspect, format } = require('util')
+const colors = process.stderr.isTTY
+const magenta = colors ? msg => `\x1B[35m${msg}\x1B[39m` : m => m
if (loglevel !== 'silent') {
process.on('log', (level, ...args) => {
if (levelMap.get(level) < levelMap.get(loglevel))
return
- const pref = `${process.pid} ${level} `
+ const pref = `${process.pid} ${magenta(level)} `
if (level === 'warn' && args[0] === 'ERESOLVE')
- args[2] = inspect(args[2], { depth: 10 })
+ args[2] = inspect(args[2], { depth: 10, colors })
+ else {
+ args = args.map(a => {
+ return typeof a === 'string' ? a
+ : inspect(a, { depth: 10, colors })
+ })
+ }
const msg = pref + format(...args).trim().split('\n').join(`\n${pref}`)
console.error(msg)
})
diff --git a/node_modules/@npmcli/arborist/bin/lib/timers.js b/node_modules/@npmcli/arborist/bin/lib/timers.js
index 3b73c0bf6ddd3..e72217c1e4ed9 100644
--- a/node_modules/@npmcli/arborist/bin/lib/timers.js
+++ b/node_modules/@npmcli/arborist/bin/lib/timers.js
@@ -1,4 +1,5 @@
const timers = Object.create(null)
+const { format } = require('util')
process.on('time', name => {
if (timers[name])
@@ -6,17 +7,20 @@ process.on('time', name => {
timers[name] = process.hrtime()
})
+const dim = process.stderr.isTTY ? msg => `\x1B[2m${msg}\x1B[22m` : m => m
+const red = process.stderr.isTTY ? msg => `\x1B[31m${msg}\x1B[39m` : m => m
process.on('timeEnd', name => {
if (!timers[name])
throw new Error('timer not started! ' + name)
const res = process.hrtime(timers[name])
delete timers[name]
- console.error(`${process.pid} ${name}`, res[0] * 1e3 + res[1] / 1e6)
+ const msg = format(`${process.pid} ${name}`, res[0] * 1e3 + res[1] / 1e6)
+ console.error(dim(msg))
})
process.on('exit', () => {
for (const name of Object.keys(timers)) {
- console.error('Dangling timer: ', name)
+ console.error(red('Dangling timer:'), name)
process.exitCode = 1
}
})
diff --git a/node_modules/@npmcli/arborist/bin/virtual.js b/node_modules/@npmcli/arborist/bin/virtual.js
index 7f90f20cf3817..3352802c2de87 100644
--- a/node_modules/@npmcli/arborist/bin/virtual.js
+++ b/node_modules/@npmcli/arborist/bin/virtual.js
@@ -8,7 +8,8 @@ require('./lib/timers.js')
const start = process.hrtime()
new Arborist(options).loadVirtual().then(tree => {
const end = process.hrtime(start)
- print(tree)
+ if (!options.quiet)
+ print(tree)
if (options.save)
tree.meta.save()
console.error(`read ${tree.inventory.size} deps in ${end[0] * 1000 + end[1] / 1e6}ms`)
diff --git a/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js b/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js
index f836fc04d8826..293691563ee95 100644
--- a/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js
+++ b/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js
@@ -1188,6 +1188,16 @@ This is a one-time fix-up, please be patient...
}
}
+ // There is something present already, and we're not happy about it
+ // See if the thing we WOULD be happy with is also going to satisfy
+ // the other dependents on the current node.
+ const current = edge.to
+ const dep = await this[_nodeFromEdge](edge, null, null, required)
+ if (dep.canReplace(current)) {
+ await this[_nodeFromEdge](edge, node.parent, null, required)
+ continue
+ }
+
// at this point we know that there is a dep there, and
// we don't like it. always fail strictly, always allow forcibly or
// in non-strict mode if it's not our fault. don't warn here, because
diff --git a/node_modules/@npmcli/arborist/lib/arborist/index.js b/node_modules/@npmcli/arborist/lib/arborist/index.js
index 09a6f700547f2..93b9aa3829820 100644
--- a/node_modules/@npmcli/arborist/lib/arborist/index.js
+++ b/node_modules/@npmcli/arborist/lib/arborist/index.js
@@ -54,7 +54,7 @@ class Arborist extends Base {
...options,
path: options.path || '.',
cache: options.cache || `${homedir()}/.npm/_cacache`,
- packumentCache: new Map(),
+ packumentCache: options.packumentCache || new Map(),
log: options.log || procLog,
}
this.cache = resolve(this.options.cache)
diff --git a/node_modules/@npmcli/arborist/lib/arborist/load-virtual.js b/node_modules/@npmcli/arborist/lib/arborist/load-virtual.js
index 3a38905b77433..2a222249d7a48 100644
--- a/node_modules/@npmcli/arborist/lib/arborist/load-virtual.js
+++ b/node_modules/@npmcli/arborist/lib/arborist/load-virtual.js
@@ -93,7 +93,8 @@ module.exports = cls => class VirtualLoader extends cls {
this.virtualTree = root
const {links, nodes} = this[resolveNodes](s, root)
await this[resolveLinks](links, nodes)
- this[assignBundles](nodes)
+ if (!(s.originalLockfileVersion >= 2))
+ this[assignBundles](nodes)
if (this[flagsSuspect])
this[reCalcDepFlags](nodes.values())
return root
@@ -220,22 +221,24 @@ module.exports = cls => class VirtualLoader extends cls {
[assignBundles] (nodes) {
for (const [location, node] of nodes) {
// Skip assignment of parentage for the root package
- if (!location)
+ if (!location || node.target && !node.target.location)
continue
const { name, parent, package: { inBundle }} = node
+
if (!parent)
continue
// read inBundle from package because 'package' here is
// actually a v2 lockfile metadata entry.
- // If the *parent* is also bundled, though, then we assume
- // that it's being pulled in just by virtue of that.
+ // If the *parent* is also bundled, though, or if the parent has
+ // no dependency on it, then we assume that it's being pulled in
+ // just by virtue of its parent or a transitive dep being bundled.
const { package: ppkg } = parent
const { inBundle: parentBundled } = ppkg
- if (inBundle && !parentBundled) {
+ if (inBundle && !parentBundled && parent.edgesOut.has(node.name)) {
if (!ppkg.bundleDependencies)
ppkg.bundleDependencies = [name]
- else if (!ppkg.bundleDependencies.includes(name))
+ else
ppkg.bundleDependencies.push(name)
}
}
diff --git a/node_modules/@npmcli/arborist/lib/arborist/rebuild.js b/node_modules/@npmcli/arborist/lib/arborist/rebuild.js
index 9c52d009d6fd8..390d3ce42aecd 100644
--- a/node_modules/@npmcli/arborist/lib/arborist/rebuild.js
+++ b/node_modules/@npmcli/arborist/lib/arborist/rebuild.js
@@ -115,10 +115,6 @@ module.exports = cls => class Builder extends cls {
await this[_runScripts]('preinstall')
if (this[_binLinks] && type !== 'links')
await this[_linkAllBins]()
- if (!this[_ignoreScripts]) {
- await this[_runScripts]('install')
- await this[_runScripts]('postinstall')
- }
// links should also run prepare scripts and only link bins after that
if (type === 'links') {
@@ -128,6 +124,11 @@ module.exports = cls => class Builder extends cls {
await this[_linkAllBins]()
}
+ if (!this[_ignoreScripts]) {
+ await this[_runScripts]('install')
+ await this[_runScripts]('postinstall')
+ }
+
process.emit('timeEnd', `build:${type}`)
}
diff --git a/node_modules/@npmcli/arborist/lib/arborist/reify.js b/node_modules/@npmcli/arborist/lib/arborist/reify.js
index aaaa3d61c862b..64f08756263c7 100644
--- a/node_modules/@npmcli/arborist/lib/arborist/reify.js
+++ b/node_modules/@npmcli/arborist/lib/arborist/reify.js
@@ -49,7 +49,8 @@ const _loadTrees = Symbol.for('loadTrees')
const _diffTrees = Symbol.for('diffTrees')
const _createSparseTree = Symbol.for('createSparseTree')
const _loadShrinkwrapsAndUpdateTrees = Symbol.for('loadShrinkwrapsAndUpdateTrees')
-const _shrinkwrapUnpacked = Symbol('shrinkwrapUnpacked')
+const _shrinkwrapInflated = Symbol('shrinkwrapInflated')
+const _bundleUnpacked = Symbol('bundleUnpacked')
const _reifyNode = Symbol.for('reifyNode')
const _extractOrLink = Symbol('extractOrLink')
// defined by rebuild mixin
@@ -108,7 +109,7 @@ module.exports = cls => class Reifier extends cls {
this.diff = null
this[_retiredPaths] = {}
- this[_shrinkwrapUnpacked] = new Set()
+ this[_shrinkwrapInflated] = new Set()
this[_retiredUnchanged] = {}
this[_sparseTreeDirs] = new Set()
this[_sparseTreeRoots] = new Set()
@@ -316,6 +317,7 @@ module.exports = cls => class Reifier extends cls {
// find all the nodes that need to change between the actual
// and ideal trees.
this.diff = Diff.calculate({
+ shrinkwrapInflated: this[_shrinkwrapInflated],
filterNodes,
actual: this.actualTree,
ideal: this.idealTree,
@@ -423,7 +425,8 @@ module.exports = cls => class Reifier extends cls {
const dirs = this.diff.leaves
.filter(diff => {
return (diff.action === 'ADD' || diff.action === 'CHANGE') &&
- !this[_sparseTreeDirs].has(diff.ideal.path)
+ !this[_sparseTreeDirs].has(diff.ideal.path) &&
+ !diff.ideal.isLink
})
.map(diff => diff.ideal.path)
@@ -457,9 +460,9 @@ module.exports = cls => class Reifier extends cls {
// we need to unpack them, read that shrinkwrap file, and then update
// the tree by calling loadVirtual with the node as the root.
[_loadShrinkwrapsAndUpdateTrees] () {
- const seen = this[_shrinkwrapUnpacked]
+ const seen = this[_shrinkwrapInflated]
const shrinkwraps = this.diff.leaves
- .filter(d => (d.action === 'CHANGE' || d.action === 'ADD') &&
+ .filter(d => (d.action === 'CHANGE' || d.action === 'ADD' || !d.action) &&
d.ideal.hasShrinkwrap && !seen.has(d.ideal) &&
!this[_trashList].has(d.ideal.path))
@@ -472,7 +475,7 @@ module.exports = cls => class Reifier extends cls {
return promiseAllRejectLate(shrinkwraps.map(diff => {
const node = diff.ideal
seen.add(node)
- return this[_reifyNode](node)
+ return diff.action ? this[_reifyNode](node) : node
}))
.then(nodes => promiseAllRejectLate(nodes.map(node => new Arborist({
...this.options,
@@ -503,7 +506,7 @@ module.exports = cls => class Reifier extends cls {
const { npmVersion, nodeVersion } = this.options
const p = Promise.resolve()
- .then(() => {
+ .then(async () => {
// when we reify an optional node, check the engine and platform
// first. be sure to ignore the --force and --engine-strict flags,
// since we always want to skip any optional packages we can't install.
@@ -513,11 +516,11 @@ module.exports = cls => class Reifier extends cls {
checkEngine(node.package, npmVersion, nodeVersion, false)
checkPlatform(node.package, false)
}
+ await this[_checkBins](node)
+ await this[_extractOrLink](node)
+ await this[_warnDeprecated](node)
+ await this[_loadAncientPackageDetails](node)
})
- .then(() => this[_checkBins](node))
- .then(() => this[_extractOrLink](node))
- .then(() => this[_warnDeprecated](node))
- .then(() => this[_loadAncientPackageDetails](node))
return this[_handleOptionalFailure](node, p)
.then(() => {
@@ -563,10 +566,11 @@ module.exports = cls => class Reifier extends cls {
})
}
- [_symlink] (node) {
+ async [_symlink] (node) {
const dir = dirname(node.path)
const target = node.realpath
const rel = relative(dir, target)
+ await mkdirp(dir)
return symlink(rel, node.path, 'junction')
}
@@ -633,8 +637,10 @@ module.exports = cls => class Reifier extends cls {
[_loadBundlesAndUpdateTrees] (
depth = 0, bundlesByDepth = this[_getBundlesByDepth]()
) {
- if (depth === 0)
+ if (depth === 0) {
+ this[_bundleUnpacked] = new Set()
process.emit('time', 'reify:loadBundles')
+ }
const maxBundleDepth = bundlesByDepth.get('maxBundleDepth')
if (depth > maxBundleDepth) {
// if we did something, then prune the tree and update the diffs
@@ -650,13 +656,17 @@ module.exports = cls => class Reifier extends cls {
// shallower bundle overwriting them with a bundled meta-dep.
const set = (bundlesByDepth.get(depth) || [])
.filter(node => node.root === this.idealTree &&
+ node.target !== node.root &&
!this[_trashList].has(node.path))
if (!set.length)
return this[_loadBundlesAndUpdateTrees](depth + 1, bundlesByDepth)
// extract all the nodes with bundles
- return promiseAllRejectLate(set.map(node => this[_reifyNode](node)))
+ return promiseAllRejectLate(set.map(node => {
+ this[_bundleUnpacked].add(node)
+ return this[_reifyNode](node)
+ }))
// then load their unpacked children and move into the ideal tree
.then(nodes =>
promiseAllRejectLate(nodes.map(node => new this.constructor({
@@ -678,8 +688,13 @@ module.exports = cls => class Reifier extends cls {
tree: this.diff,
visit: diff => {
const node = diff.ideal
- if (node && !node.isProjectRoot && node.package.bundleDependencies &&
- node.package.bundleDependencies.length) {
+ if (!node)
+ return
+ if (node.isProjectRoot || (node.target && node.target.isProjectRoot))
+ return
+
+ const { bundleDependencies } = node.package
+ if (bundleDependencies && bundleDependencies.length) {
maxBundleDepth = Math.max(maxBundleDepth, node.depth)
if (!bundlesByDepth.has(node.depth))
bundlesByDepth.set(node.depth, [node])
@@ -784,14 +799,14 @@ module.exports = cls => class Reifier extends cls {
return
const node = diff.ideal
- const bd = node.package.bundleDependencies
- const sw = this[_shrinkwrapUnpacked].has(node)
+ const bd = this[_bundleUnpacked].has(node)
+ const sw = this[_shrinkwrapInflated].has(node)
// check whether we still need to unpack this one.
// test the inDepBundle last, since that's potentially a tree walk.
const doUnpack = node && // can't unpack if removed!
!node.isRoot && // root node already exists
- !(bd && bd.length) && // already unpacked to read bundle
+ !bd && // already unpacked to read bundle
!sw && // already unpacked to read sw
!node.inDepBundle // already unpacked by another dep's bundle
diff --git a/node_modules/@npmcli/arborist/lib/debug.js b/node_modules/@npmcli/arborist/lib/debug.js
index 5acacee69e223..aeda7229d5e8c 100644
--- a/node_modules/@npmcli/arborist/lib/debug.js
+++ b/node_modules/@npmcli/arborist/lib/debug.js
@@ -12,6 +12,7 @@
// run in debug mode if explicitly requested, running arborist tests,
// or working in the arborist project directory.
+
const debug = process.env.ARBORIST_DEBUG !== '0' && (
process.env.ARBORIST_DEBUG === '1' ||
/\barborist\b/.test(process.env.NODE_DEBUG || '') ||
@@ -21,4 +22,10 @@ const debug = process.env.ARBORIST_DEBUG !== '0' && (
)
module.exports = debug ? fn => fn() : () => {}
-module.exports.log = (...msg) => module.exports(() => console.error(...msg))
+const red = process.stderr.isTTY ? msg => `\x1B[31m${msg}\x1B[39m` : m => m
+module.exports.log = (...msg) => module.exports(() => {
+ const { format } = require('util')
+ const prefix = `\n${process.pid} ${red(format(msg.shift()))} `
+ msg = (prefix + format(...msg).trim().split('\n').join(prefix)).trim()
+ console.error(msg)
+})
diff --git a/node_modules/@npmcli/arborist/lib/diff.js b/node_modules/@npmcli/arborist/lib/diff.js
index 84a8bae412f54..ff58ea76ee784 100644
--- a/node_modules/@npmcli/arborist/lib/diff.js
+++ b/node_modules/@npmcli/arborist/lib/diff.js
@@ -11,8 +11,9 @@ const {existsSync} = require('fs')
const ssri = require('ssri')
class Diff {
- constructor ({actual, ideal, filterSet}) {
+ constructor ({actual, ideal, filterSet, shrinkwrapInflated}) {
this.filterSet = filterSet
+ this.shrinkwrapInflated = shrinkwrapInflated
this.children = []
this.actual = actual
this.ideal = ideal
@@ -30,7 +31,7 @@ class Diff {
this.removed = []
}
- static calculate ({actual, ideal, filterNodes = []}) {
+ static calculate ({actual, ideal, filterNodes = [], shrinkwrapInflated = new Set()}) {
// if there's a filterNode, then:
// - get the path from the root to the filterNode. The root or
// root.target should have an edge either to the filterNode or
@@ -77,7 +78,7 @@ class Diff {
}
return depth({
- tree: new Diff({actual, ideal, filterSet}),
+ tree: new Diff({actual, ideal, filterSet, shrinkwrapInflated}),
getChildren,
leave,
})
@@ -135,7 +136,7 @@ const allChildren = node => {
// to create the diff tree
const getChildren = diff => {
const children = []
- const {actual, ideal, unchanged, removed, filterSet} = diff
+ const {actual, ideal, unchanged, removed, filterSet, shrinkwrapInflated} = diff
// Note: we DON'T diff fsChildren themselves, because they are either
// included in the package contents, or part of some other project, and
@@ -144,11 +145,20 @@ const getChildren = diff => {
// responsible for installing.
const actualKids = allChildren(actual)
const idealKids = allChildren(ideal)
+
+ if (ideal && ideal.hasShrinkwrap && !shrinkwrapInflated.has(ideal)) {
+ // Guaranteed to get a diff.leaves here, because we always
+ // be called with a proper Diff object when ideal has a shrinkwrap
+ // that has not been inflated.
+ diff.leaves.push(diff)
+ return children
+ }
+
const paths = new Set([...actualKids.keys(), ...idealKids.keys()])
for (const path of paths) {
const actual = actualKids.get(path)
const ideal = idealKids.get(path)
- diffNode(actual, ideal, children, unchanged, removed, filterSet)
+ diffNode(actual, ideal, children, unchanged, removed, filterSet, shrinkwrapInflated)
}
if (diff.leaves && !children.length)
@@ -157,7 +167,7 @@ const getChildren = diff => {
return children
}
-const diffNode = (actual, ideal, children, unchanged, removed, filterSet) => {
+const diffNode = (actual, ideal, children, unchanged, removed, filterSet, shrinkwrapInflated) => {
if (filterSet.size && !(filterSet.has(ideal) || filterSet.has(actual)))
return
@@ -165,10 +175,10 @@ const diffNode = (actual, ideal, children, unchanged, removed, filterSet) => {
// if it's a match, then get its children
// otherwise, this is the child diff node
- if (action) {
+ if (action || (!shrinkwrapInflated.has(ideal) && ideal.hasShrinkwrap)) {
if (action === 'REMOVE')
removed.push(actual)
- children.push(new Diff({actual, ideal, filterSet}))
+ children.push(new Diff({actual, ideal, filterSet, shrinkwrapInflated}))
} else {
unchanged.push(ideal)
// !*! Weird dirty hack warning !*!
@@ -199,7 +209,7 @@ const diffNode = (actual, ideal, children, unchanged, removed, filterSet) => {
for (const node of bundledChildren)
node.parent = ideal
}
- children.push(...getChildren({actual, ideal, unchanged, removed, filterSet}))
+ children.push(...getChildren({actual, ideal, unchanged, removed, filterSet, shrinkwrapInflated}))
}
}
diff --git a/node_modules/@npmcli/arborist/lib/index.js b/node_modules/@npmcli/arborist/lib/index.js
index fd7d8817258ed..c7b07ce28e4df 100644
--- a/node_modules/@npmcli/arborist/lib/index.js
+++ b/node_modules/@npmcli/arborist/lib/index.js
@@ -3,5 +3,6 @@ module.exports.Arborist = module.exports
module.exports.Node = require('./node.js')
module.exports.Link = require('./link.js')
module.exports.Edge = require('./edge.js')
+module.exports.Shrinkwrap = require('./shrinkwrap.js')
// XXX export the other classes, too. shrinkwrap, diff, etc.
// they're handy!
diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/CHANGELOG.md
deleted file mode 100644
index fc26ee1bda4ba..0000000000000
--- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/CHANGELOG.md
+++ /dev/null
@@ -1,384 +0,0 @@
-# Changelog
-
-All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
-
-### [8.1.5](https://github.com/npm/registry-fetch/compare/v8.1.4...v8.1.5) (2020-10-12)
-
-
-### Bug Fixes
-
-* respect publishConfig.registry when specified ([32e36ef](https://github.com/npm/registry-fetch/commit/32e36efe86302ed319973cd5b1e6ccc3f62e557e)), closes [#35](https://github.com/npm/registry-fetch/issues/35)
-
-### [8.1.4](https://github.com/npm/registry-fetch/compare/v8.1.3...v8.1.4) (2020-08-17)
-
-
-### Bug Fixes
-
-* redact passwords from http logs ([3c294eb](https://github.com/npm/registry-fetch/commit/3c294ebbd7821725db4ff1bc5fe368c49613efcc))
-
-### [8.1.3](https://github.com/npm/registry-fetch/compare/v8.1.2...v8.1.3) (2020-07-21)
-
-### [8.1.2](https://github.com/npm/registry-fetch/compare/v8.1.1...v8.1.2) (2020-07-11)
-
-### [8.1.1](https://github.com/npm/registry-fetch/compare/v8.1.0...v8.1.1) (2020-06-30)
-
-## [8.1.0](https://github.com/npm/registry-fetch/compare/v8.0.3...v8.1.0) (2020-05-20)
-
-
-### Features
-
-* add npm-command HTTP header ([1bb4eb2](https://github.com/npm/registry-fetch/commit/1bb4eb2c66ee8a0dc62558bdcff1b548e2bb9820))
-
-### [8.0.3](https://github.com/npm/registry-fetch/compare/v8.0.2...v8.0.3) (2020-05-13)
-
-
-### Bug Fixes
-
-* update minipass and make-fetch-happen to latest ([3b6c5d0](https://github.com/npm/registry-fetch/commit/3b6c5d0d8ccd4c4a97862a65acef956f19aec127)), closes [#23](https://github.com/npm/registry-fetch/issues/23)
-
-### [8.0.2](https://github.com/npm/registry-fetch/compare/v8.0.1...v8.0.2) (2020-05-04)
-
-
-### Bug Fixes
-
-* update make-fetch-happen to 8.0.6 ([226df2c](https://github.com/npm/registry-fetch/commit/226df2c32e3f9ed8ceefcfdbd11efb178181b442))
-
-## [8.0.0](https://github.com/npm/registry-fetch/compare/v7.0.1...v8.0.0) (2020-02-24)
-
-
-### ⚠ BREAKING CHANGES
-
-* Removes the 'opts.refer' option and the HTTP Referer
-header (unless explicitly added to the 'headers' option, of course).
-
-PR-URL: https://github.com/npm/npm-registry-fetch/pull/25
-Credit: @isaacs
-
-### Bug Fixes
-
-* remove referer header and opts.refer ([eb8f7af](https://github.com/npm/registry-fetch/commit/eb8f7af3c102834856604c1be664b00ca0fe8ef2)), closes [#25](https://github.com/npm/registry-fetch/issues/25)
-
-### [7.0.1](https://github.com/npm/registry-fetch/compare/v7.0.0...v7.0.1) (2020-02-24)
-
-## [7.0.0](https://github.com/npm/registry-fetch/compare/v6.0.2...v7.0.0) (2020-02-18)
-
-
-### ⚠ BREAKING CHANGES
-
-* figgy pudding is now nowhere to be found.
-* this removes figgy-pudding, and drops several option
-aliases.
-
-Defaults and behavior are all the same, and this module is now using the
-canonical camelCase option names that npm v7 will provide to all its
-deps.
-
-Related to: https://github.com/npm/rfcs/pull/102
-
-PR-URL: https://github.com/npm/npm-registry-fetch/pull/22
-Credit: @isaacs
-
-### Bug Fixes
-
-* Remove figgy-pudding, use canonical option names ([ede3c08](https://github.com/npm/registry-fetch/commit/ede3c087007fd1808e02b1af70562220d03b18a9)), closes [#22](https://github.com/npm/registry-fetch/issues/22)
-
-
-* update cacache, ssri, make-fetch-happen ([57fcc88](https://github.com/npm/registry-fetch/commit/57fcc889bee03edcc0a2025d96a171039108c231))
-
-### [6.0.2](https://github.com/npm/registry-fetch/compare/v6.0.1...v6.0.2) (2020-02-14)
-
-
-### Bug Fixes
-
-* always bypass cache when ?write=true ([83f89f3](https://github.com/npm/registry-fetch/commit/83f89f35abd2ed0507c869e37f90ed746375772c))
-
-### [6.0.1](https://github.com/npm/registry-fetch/compare/v6.0.0...v6.0.1) (2020-02-14)
-
-
-### Bug Fixes
-
-* use 30s default for timeout as per README ([50e8afc](https://github.com/npm/registry-fetch/commit/50e8afc6ff850542feb588f9f9c64ebae59e72a0)), closes [#20](https://github.com/npm/registry-fetch/issues/20)
-
-## [6.0.0](https://github.com/npm/registry-fetch/compare/v5.0.1...v6.0.0) (2019-12-17)
-
-
-### ⚠ BREAKING CHANGES
-
-* This drops support for node < 10.
-
-There are some lint failures due to standard pushing for using WhatWG URL
-objects instead of url.parse/url.resolve. However, the code in this lib
-does some fancy things with the query/search portions of the parsed url
-object, so it'll take a bit of care to make it work properly.
-
-### Bug Fixes
-
-* detect CI so our tests don't fail in CI ([5813da6](https://github.com/npm/registry-fetch/commit/5813da634cef73b12e40373972d7937e6934fce0))
-* Use WhatWG URLs instead of url.parse ([8ccfa8a](https://github.com/npm/registry-fetch/commit/8ccfa8a72c38cfedb0f525b7f453644fd4444f99))
-
-
-* normalize settings, drop old nodes, update deps ([510b125](https://github.com/npm/registry-fetch/commit/510b1255cc7ed4bb397a34e0007757dae33e2275))
-
-
-## [5.0.1](https://github.com/npm/registry-fetch/compare/v5.0.0...v5.0.1) (2019-11-11)
-
-
-
-
-# [5.0.0](https://github.com/npm/registry-fetch/compare/v4.0.2...v5.0.0) (2019-10-04)
-
-
-### Bug Fixes
-
-* prefer const in getAuth function ([90ac7b1](https://github.com/npm/registry-fetch/commit/90ac7b1))
-* use minizlib instead of core zlib ([e64702e](https://github.com/npm/registry-fetch/commit/e64702e))
-
-
-### Features
-
-* refactor to use Minipass streams ([bb37f20](https://github.com/npm/registry-fetch/commit/bb37f20))
-
-
-### BREAKING CHANGES
-
-* this replaces all core streams (except for some
-PassThrough streams in a few tests) with Minipass streams, and updates
-all deps to the latest and greatest Minipass versions of things.
-
-
-
-
-## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04)
-
-
-### Bug Fixes
-
-* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9)
-* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3)
-
-
-
-
-# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15)
-
-
-* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060))
-
-
-### BREAKING CHANGES
-
-* uid and gid are inferred from cache folder, rather than
-being passed in as options.
-
-
-
-
-## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02)
-
-
-
-
-# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24)
-
-
-### Features
-
-* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c))
-
-
-
-
-# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23)
-
-
-### Features
-
-* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986))
-
-
-
-
-# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23)
-
-
-### Features
-
-* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969))
-
-
-
-
-# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22)
-
-
-### Bug Fixes
-
-* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65))
-
-
-### Features
-
-* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702))
-
-
-
-
-# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22)
-
-
-### Features
-
-* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5))
-
-
-
-
-# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22)
-
-
-### Bug Fixes
-
-* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54))
-
-
-### Features
-
-* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17))
-
-
-
-
-# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21)
-
-
-### Bug Fixes
-
-* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b))
-
-
-### Features
-
-* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194))
-
-
-
-
-## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16)
-
-
-### Bug Fixes
-
-* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040))
-
-
-
-
-# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27)
-
-
-### Features
-
-* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0))
-
-
-
-
-## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09)
-
-
-
-
-# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09)
-
-
-### Features
-
-* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b))
-
-
-
-
-# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09)
-
-
-### Bug Fixes
-
-* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f))
-* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f))
-
-
-### BREAKING CHANGES
-
-* **config:** opts.config is no longer supported. Pass the options down in opts itself.
-
-
-
-
-# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08)
-
-
-### Features
-
-* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0))
-
-
-
-
-# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08)
-
-
-### meta
-
-* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e))
-
-
-### BREAKING CHANGES
-
-* node@4 is no longer supported
-
-
-
-
-## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06)
-
-
-
-
-# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16)
-
-
-### Features
-
-* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9))
-
-
-
-
-## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16)
-
-
-### Bug Fixes
-
-* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5))
-
-
-
-
-# 1.0.0 (2018-03-16)
-
-
-### Bug Fixes
-
-* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba))
-* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31))
-* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93))
-* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a))
-
-
-### Features
-
-* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f))
-* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db))
-* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d))
-* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527))
-* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1))
diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/LICENSE.md
deleted file mode 100644
index 8d28acf866d93..0000000000000
--- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/LICENSE.md
+++ /dev/null
@@ -1,16 +0,0 @@
-ISC License
-
-Copyright (c) npm, Inc.
-
-Permission to use, copy, modify, and/or distribute this software for
-any purpose with or without fee is hereby granted, provided that the
-above copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS
-ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
-COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
-CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
-OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE
-USE OR PERFORMANCE OF THIS SOFTWARE.
diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/README.md b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/README.md
deleted file mode 100644
index f5ae9cac31a03..0000000000000
--- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/README.md
+++ /dev/null
@@ -1,629 +0,0 @@
-# npm-registry-fetch
-
-[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js
-library that implements a `fetch`-like API for accessing npm registry APIs
-consistently. It's able to consume npm-style configuration values and has all
-the necessary logic for picking registries, handling scopes, and dealing with
-authentication details built-in.
-
-This package is meant to replace the older
-[`npm-registry-client`](https://npm.im/npm-registry-client).
-
-## Example
-
-```javascript
-const npmFetch = require('npm-registry-fetch')
-
-console.log(
- await npmFetch.json('/-/ping')
-)
-```
-
-## Table of Contents
-
-* [Installing](#install)
-* [Example](#example)
-* [Contributing](#contributing)
-* [API](#api)
- * [`fetch`](#fetch)
- * [`fetch.json`](#fetch-json)
- * [`fetch` options](#fetch-opts)
-
-### Install
-
-`$ npm install npm-registry-fetch`
-
-### Contributing
-
-The npm team enthusiastically welcomes contributions and project participation!
-There's a bunch of things you can do if you want to contribute! The [Contributor
-Guide](CONTRIBUTING.md) has all the information you need for everything from
-reporting bugs to contributing entire new features. Please don't hesitate to
-jump in if you'd like to, or even ask us questions if something isn't clear.
-
-All participants and maintainers in this project are expected to follow [Code of
-Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other.
-
-Please refer to the [Changelog](CHANGELOG.md) for project history details, too.
-
-Happy hacking!
-
-### API
-
-#### Caching and `write=true` query strings
-
-Before performing any PUT or DELETE operation, npm clients first make a
-GET request to the registry resource being updated, which includes
-the query string `?write=true`.
-
-The semantics of this are, effectively, "I intend to write to this thing,
-and need to know the latest current value, so that my write can land
-cleanly".
-
-The public npm registry handles these `?write=true` requests by ensuring
-that the cache is re-validated before sending a response. In order to
-maintain the same behavior on the client, and not get tripped up by an
-overeager local cache when we intend to write data to the registry, any
-request that comes through `npm-registry-fetch` that contains `write=true`
-in the query string will forcibly set the `prefer-online` option to `true`,
-and set both `prefer-offline` and `offline` to false, so that any local
-cached value will be revalidated.
-
-#### `> fetch(url, [opts]) -> Promise`
-
-Performs a request to a given URL.
-
-The URL can be either a full URL, or a path to one. The appropriate registry
-will be automatically picked if only a URL path is given.
-
-For available options, please see the section on [`fetch` options](#fetch-opts).
-
-##### Example
-
-```javascript
-const res = await fetch('/-/ping')
-console.log(res.headers)
-res.on('data', d => console.log(d.toString('utf8')))
-```
-
-#### `> fetch.json(url, [opts]) -> Promise`
-
-Performs a request to a given registry URL, parses the body of the response as
-JSON, and returns it as its final value. This is a utility shorthand for
-`fetch(url).then(res => res.json())`.
-
-For available options, please see the section on [`fetch` options](#fetch-opts).
-
-##### Example
-
-```javascript
-const res = await fetch.json('/-/ping')
-console.log(res) // Body parsed as JSON
-```
-
-#### `> fetch.json.stream(url, jsonPath, [opts]) -> Stream`
-
-Performs a request to a given registry URL and parses the body of the response
-as JSON, with each entry being emitted through the stream.
-
-The `jsonPath` argument is a [`JSONStream.parse()`
-path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the
-returned stream (unlike default `JSONStream`s), has a valid
-`Symbol.asyncIterator` implementation.
-
-For available options, please see the section on [`fetch` options](#fetch-opts).
-
-##### Example
-
-```javascript
-console.log('https://npm.im/~zkat has access to the following packages:')
-for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) {
- console.log(`https://npm.im/${key} (perms: ${value})`)
-}
-```
-
-#### `fetch` Options
-
-Fetch options are optional, and can be passed in as either a Map-like object
-(one with a `.get()` method), a plain javascript object, or a
-[`figgy-pudding`](https://npm.im/figgy-pudding) instance.
-
-##### `opts.agent`
-
-* Type: http.Agent
-* Default: an appropriate agent based on URL protocol and proxy settings
-
-An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to
-be shared across requests. This allows multiple concurrent `fetch` requests to
-happen on the same socket.
-
-You do _not_ need to provide this option unless you want something particularly
-specialized, since proxy configurations and http/https agents are already
-automatically managed internally when this option is not passed through.
-
-##### `opts.body`
-
-* Type: Buffer | Stream | Object
-* Default: null
-
-Request body to send through the outgoing request. Buffers and Streams will be
-passed through as-is, with a default `content-type` of
-`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed
-and the `content-type` will default to `application/json`.
-
-Use [`opts.headers`](#opts-headers) to set the content-type to something else.
-
-##### `opts.ca`
-
-* Type: String, Array, or null
-* Default: null
-
-The Certificate Authority signing certificate that is trusted for SSL
-connections to the registry. Values should be in PEM format (Windows calls it
-"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For
-example:
-
-```
-{
- ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----'
-}
-```
-
-Set to `null` to only allow "known" registrars, or to a specific CA cert
-to trust only that specific signing authority.
-
-Multiple CAs can be trusted by specifying an array of certificates instead of a
-single string.
-
-See also [`opts.strictSSL`](#opts-strictSSL), [`opts.ca`](#opts-ca) and
-[`opts.key`](#opts-key)
-
-##### `opts.cache`
-
-* Type: path
-* Default: null
-
-The location of the http cache directory. If provided, certain cachable requests
-will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234)
-rules. This will speed up future requests, as well as make the cached data
-available offline if necessary/requested.
-
-See also [`offline`](#opts-offline), [`preferOffline`](#opts-preferOffline),
-and [`preferOnline`](#opts-preferOnline).
-
-##### `opts.cert`
-
-* Type: String
-* Default: null
-
-A client certificate to pass when accessing the registry. Values should be in
-PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines
-replaced by the string `'\n'`. For example:
-
-```
-{
- cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----'
-}
-```
-
-It is _not_ the path to a certificate file (and there is no "certfile" option).
-
-See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key)
-
-##### `opts.fetchRetries`
-
-* Type: Number
-* Default: 2
-
-The "retries" config for [`retry`](https://npm.im/retry) to use when fetching
-packages from the registry.
-
-See also [`opts.retry`](#opts-retry) to provide all retry options as a single
-object.
-
-##### `opts.fetchRetryFactor`
-
-* Type: Number
-* Default: 10
-
-The "factor" config for [`retry`](https://npm.im/retry) to use when fetching
-packages.
-
-See also [`opts.retry`](#opts-retry) to provide all retry options as a single
-object.
-
-##### `opts.fetchRetryMintimeout`
-
-* Type: Number
-* Default: 10000 (10 seconds)
-
-The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching
-packages.
-
-See also [`opts.retry`](#opts-retry) to provide all retry options as a single
-object.
-
-##### `opts.fetchRetryMaxtimeout`
-
-* Type: Number
-* Default: 60000 (1 minute)
-
-The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching
-packages.
-
-See also [`opts.retry`](#opts-retry) to provide all retry options as a single
-object.
-
-##### `opts.forceAuth`
-
-* Type: Object
-* Default: null
-
-If present, other auth-related values in `opts` will be completely ignored,
-including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request,
-and the auth details in `opts.forceAuth` will be used instead.
-
-##### `opts.gzip`
-
-* Type: Boolean
-* Default: false
-
-If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip`
-and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode
-[`opts.body`](#opts-body).
-
-##### `opts.headers`
-
-* Type: Object
-* Default: null
-
-Additional headers for the outgoing request. This option can also be used to
-override headers automatically generated by `npm-registry-fetch`, such as
-`Content-Type`.
-
-##### `opts.ignoreBody`
-
-* Type: Boolean
-* Default: false
-
-If true, the **response body** will be thrown away and `res.body` set to `null`.
-This will prevent dangling response sockets for requests where you don't usually
-care what the response body is.
-
-##### `opts.integrity`
-
-* Type: String | [SRI object](https://npm.im/ssri)
-* Default: null
-
-If provided, the response body's will be verified against this integrity string,
-using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will
-complete as normal. If verification fails, the response body will error with an
-`EINTEGRITY` error.
-
-Body integrity is only verified if the body is actually consumed to completion --
-that is, if you use `res.json()`/`res.buffer()`, or if you consume the default
-`res` stream data to its end.
-
-Cached data will have its integrity automatically verified using the
-previously-generated integrity hash for the saved request information, so
-`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if
-`opts.integrity` is not passed in.
-
-##### `opts.isFromCI`
-
-* Type: Boolean
-* Default: Based on environment variables
-
-This is used to populate the `npm-in-ci` request header sent to the registry.
-
-##### `opts.key`
-
-* Type: String
-* Default: null
-
-A client key to pass when accessing the registry. Values should be in PEM
-format with newlines replaced by the string `'\n'`. For example:
-
-```
-{
- key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----'
-}
-```
-
-It is _not_ the path to a key file (and there is no "keyfile" option).
-
-See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert)
-
-##### `opts.localAddress`
-
-* Type: IP Address String
-* Default: null
-
-The IP address of the local interface to use when making connections
-to the registry.
-
-See also [`opts.proxy`](#opts-proxy)
-
-##### `opts.log`
-
-* Type: [`npmlog`](https://npm.im/npmlog)-like
-* Default: null
-
-Logger object to use for logging operation details. Must have the same methods
-as `npmlog`.
-
-##### `opts.mapJSON`
-
-* Type: Function
-* Default: undefined
-
-When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down
-to [`JSONStream`](https://npm.im/JSONStream) as the second argument to
-`JSONStream.parse`, and can be used to transform stream data before output.
-
-##### `opts.maxSockets`
-
-* Type: Integer
-* Default: 12
-
-Maximum number of sockets to keep open during requests. Has no effect if
-[`opts.agent`](#opts-agent) is used.
-
-##### `opts.method`
-
-* Type: String
-* Default: 'GET'
-
-HTTP method to use for the outgoing request. Case-insensitive.
-
-##### `opts.noproxy`
-
-* Type: Boolean
-* Default: process.env.NOPROXY
-
-If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used.
-
-##### `opts.npmSession`
-
-* Type: String
-* Default: null
-
-If provided, will be sent in the `npm-session` header. This header is used by
-the npm registry to identify individual user sessions (usually individual
-invocations of the CLI).
-
-##### `opts.npmCommand`
-
-* Type: String
-* Default: null
-
-If provided, it will be sent in the `npm-command` header. This yeader is
-used by the npm registry to identify the npm command that caused this
-request to be made.
-
-##### `opts.offline`
-
-* Type: Boolean
-* Default: false
-
-Force offline mode: no network requests will be done during install. To allow
-`npm-registry-fetch` to fill in missing cache data, see
-[`opts.preferOffline`](#opts-preferOffline).
-
-This option is only really useful if you're also using
-[`opts.cache`](#opts-cache).
-
-This option is set to `true` when the request includes `write=true` in the
-query string.
-
-##### `opts.otp`
-
-* Type: Number | String
-* Default: null
-
-This is a one-time password from a two-factor authenticator. It is required for
-certain registry interactions when two-factor auth is enabled for a user
-account.
-
-##### `opts.password`
-
-* Alias: `_password`
-* Type: String
-* Default: null
-
-Password used for basic authentication. For the more modern authentication
-method, please use the (more secure) [`opts.token`](#opts-token)
-
-Can optionally be scoped to a registry by using a "nerf dart" for that registry.
-That is:
-
-```
-{
- '//registry.npmjs.org/:password': 't0k3nH34r'
-}
-```
-
-See also [`opts.username`](#opts-username)
-
-##### `opts.preferOffline`
-
-* Type: Boolean
-* Default: false
-
-If true, staleness checks for cached data will be bypassed, but missing data
-will be requested from the server. To force full offline mode, use
-[`opts.offline`](#opts-offline).
-
-This option is generally only useful if you're also using
-[`opts.cache`](#opts-cache).
-
-This option is set to `false` when the request includes `write=true` in the
-query string.
-
-##### `opts.preferOnline`
-
-* Type: Boolean
-* Default: false
-
-If true, staleness checks for cached data will be forced, making the CLI look
-for updates immediately even for fresh package data.
-
-This option is generally only useful if you're also using
-[`opts.cache`](#opts-cache).
-
-This option is set to `true` when the request includes `write=true` in the
-query string.
-
-##### `opts.projectScope`
-
-* Type: String
-* Default: null
-
-If provided, will be sent in the `npm-scope` header. This header is used by the
-npm registry to identify the toplevel package scope that a particular project
-installation is using.
-
-##### `opts.proxy`
-
-* Type: url
-* Default: null
-
-A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY`
-environment variable will be used.
-
-##### `opts.query`
-
-* Type: String | Object
-* Default: null
-
-If provided, the request URI will have a query string appended to it using this
-query. If `opts.query` is an object, it will be converted to a query string
-using
-[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options).
-
-If the request URI already has a query string, it will be merged with
-`opts.query`, preferring `opts.query` values.
-
-##### `opts.registry`
-
-* Type: URL
-* Default: `'https://registry.npmjs.org'`
-
-Registry configuration for a request. If a request URL only includes the URL
-path, this registry setting will be prepended. This configuration is also used
-to determine authentication details, so even if the request URL references a
-completely different host, `opts.registry` will be used to find the auth details
-for that request.
-
-See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and
-[`opts.:registry`](#opts-scope-registry) which can all affect the actual
-registry URL used by the outgoing request.
-
-##### `opts.retry`
-
-* Type: Object
-* Default: null
-
-Single-object configuration for request retry settings. If passed in, will
-override individually-passed `fetch-retry-*` settings.
-
-##### `opts.scope`
-
-* Type: String
-* Default: null
-
-Associate an operation with a scope for a scoped registry. This option can force
-lookup of scope-specific registries and authentication.
-
-See also [`opts.:registry`](#opts-scope-registry) and
-[`opts.spec`](#opts-spec) for interactions with this option.
-
-##### `opts.:registry`
-
-* Type: String
-* Default: null
-
-This option type can be used to configure the registry used for requests
-involving a particular scope. For example, `opts['@myscope:registry'] =
-'https://scope-specific.registry/'` will make it so requests go out to this
-registry instead of [`opts.registry`](#opts-registry) when
-[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a
-scoped package spec.
-
-The `@` before the scope name is optional, but recommended.
-
-##### `opts.spec`
-
-* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object.
-* Default: null
-
-If provided, can be used to automatically configure [`opts.scope`](#opts-scope)
-based on a specific package name. Non-registry package specs will throw an
-error.
-
-##### `opts.strictSSL`
-
-* Type: Boolean
-* Default: true
-
-Whether or not to do SSL key validation when making requests to the
-registry via https.
-
-See also [`opts.ca`](#opts-ca).
-
-##### `opts.timeout`
-
-* Type: Milliseconds
-* Default: 300000 (5 minutes)
-
-Time before a hanging request times out.
-
-##### `opts.token`
-
-* Alias: `opts._authToken`
-* Type: String
-* Default: null
-
-Authentication token string.
-
-Can be scoped to a registry by using a "nerf dart" for that registry. That is:
-
-```
-{
- '//registry.npmjs.org/:token': 't0k3nH34r'
-}
-```
-
-##### `opts.userAgent`
-
-* Type: String
-* Default: `'npm-registry-fetch@/node@+ ()'`
-
-User agent string to send in the `User-Agent` header.
-
-##### `opts.username`
-
-* Type: String
-* Default: null
-
-Username used for basic authentication. For the more modern authentication
-method, please use the (more secure) [`opts.token`](#opts-token)
-
-Can optionally be scoped to a registry by using a "nerf dart" for that registry.
-That is:
-
-```
-{
- '//registry.npmjs.org/:username': 't0k3nH34r'
-}
-```
-
-See also [`opts.password`](#opts-password)
-
-##### `opts._auth`
-
-* Type: String
-* Default: null
-
-** DEPRECATED ** This is a legacy authentication token supported only for
-compatibility. Please use [`opts.token`](#opts-token) instead.
diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/auth.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/auth.js
deleted file mode 100644
index e096a6f98f9a4..0000000000000
--- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/auth.js
+++ /dev/null
@@ -1,55 +0,0 @@
-'use strict'
-
-const defaultOpts = require('./default-opts.js')
-const url = require('url')
-
-module.exports = getAuth
-function getAuth (registry, opts_ = {}) {
- if (!registry)
- throw new Error('registry is required')
- const opts = opts_.forceAuth ? opts_.forceAuth : { ...defaultOpts, ...opts_ }
- const AUTH = {}
- const regKey = registry && registryKey(registry)
- const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias)
- doKey('token')
- doKey('_authToken', 'token')
- doKey('username')
- doKey('password')
- doKey('_password', 'password')
- doKey('email')
- doKey('_auth')
- doKey('otp')
- doKey('always-auth', 'alwaysAuth')
- if (AUTH.password)
- AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8')
-
- if (AUTH._auth && !(AUTH.username && AUTH.password)) {
- let auth = Buffer.from(AUTH._auth, 'base64').toString()
- auth = auth.split(':')
- AUTH.username = auth.shift()
- AUTH.password = auth.join(':')
- }
- AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth
- return AUTH
-}
-
-function addKey (opts, obj, scope, key, objKey) {
- if (opts[key])
- obj[objKey || key] = opts[key]
-
- if (scope && opts[`${scope}:${key}`])
- obj[objKey || key] = opts[`${scope}:${key}`]
-}
-
-// Called a nerf dart in the main codebase. Used as a "safe"
-// key when fetching registry info from config.
-function registryKey (registry) {
- const parsed = new url.URL(registry)
- const formatted = url.format({
- protocol: parsed.protocol,
- host: parsed.host,
- pathname: parsed.pathname,
- slashes: true,
- })
- return url.format(new url.URL('.', formatted)).replace(/^[^:]+:/, '')
-}
diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/check-response.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/check-response.js
deleted file mode 100644
index 5154da5349f76..0000000000000
--- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/check-response.js
+++ /dev/null
@@ -1,128 +0,0 @@
-'use strict'
-
-const errors = require('./errors.js')
-const LRU = require('lru-cache')
-const { Response } = require('minipass-fetch')
-const defaultOpts = require('./default-opts.js')
-
-module.exports = checkResponse
-function checkResponse (method, res, registry, startTime, opts_ = {}) {
- const opts = { ...defaultOpts, ...opts_ }
- if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache'))
- opts.log.notice('', res.headers.get('npm-notice'))
-
- checkWarnings(res, registry, opts)
- if (res.status >= 400) {
- logRequest(method, res, startTime, opts)
- return checkErrors(method, res, startTime, opts)
- } else {
- res.body.on('end', () => logRequest(method, res, startTime, opts))
- if (opts.ignoreBody) {
- res.body.resume()
- return new Response(null, res)
- }
- return res
- }
-}
-
-function logRequest (method, res, startTime, opts) {
- const elapsedTime = Date.now() - startTime
- const attempt = res.headers.get('x-fetch-attempts')
- const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : ''
- const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : ''
-
- let urlStr
- try {
- const { URL } = require('url')
- const url = new URL(res.url)
- if (url.password)
- url.password = '***'
-
- urlStr = url.toString()
- } catch (er) {
- urlStr = res.url
- }
-
- opts.log.http(
- 'fetch',
- `${method.toUpperCase()} ${res.status} ${urlStr} ${elapsedTime}ms${attemptStr}${cacheStr}`
- )
-}
-
-const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/
-const BAD_HOSTS = new LRU({ max: 50 })
-
-function checkWarnings (res, registry, opts) {
- if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) {
- const warnings = {}
- // note: headers.raw() will preserve case, so we might have a
- // key on the object like 'WaRnInG' if that was used first
- for (const [key, value] of Object.entries(res.headers.raw())) {
- if (key.toLowerCase() !== 'warning')
- continue
- value.forEach(w => {
- const match = w.match(WARNING_REGEXP)
- if (match) {
- warnings[match[1]] = {
- code: match[1],
- host: match[2],
- message: match[3],
- date: new Date(match[4]),
- }
- }
- })
- }
- BAD_HOSTS.set(registry, true)
- if (warnings['199']) {
- if (warnings['199'].message.match(/ENOTFOUND/))
- opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`)
- else
- opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`)
- }
- if (warnings['111']) {
- // 111 Revalidation failed -- we're using stale data
- opts.log.warn(
- 'registry',
- `Using stale data from ${registry} due to a request error during revalidation.`
- )
- }
- }
-}
-
-function checkErrors (method, res, startTime, opts) {
- return res.buffer()
- .catch(() => null)
- .then(body => {
- let parsed = body
- try {
- parsed = JSON.parse(body.toString('utf8'))
- } catch (e) {}
- if (res.status === 401 && res.headers.get('www-authenticate')) {
- const auth = res.headers.get('www-authenticate')
- .split(/,\s*/)
- .map(s => s.toLowerCase())
- if (auth.indexOf('ipaddress') !== -1) {
- throw new errors.HttpErrorAuthIPAddress(
- method, res, parsed, opts.spec
- )
- } else if (auth.indexOf('otp') !== -1) {
- throw new errors.HttpErrorAuthOTP(
- method, res, parsed, opts.spec
- )
- } else {
- throw new errors.HttpErrorAuthUnknown(
- method, res, parsed, opts.spec
- )
- }
- } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) {
- // Heuristic for malformed OTP responses that don't include the www-authenticate header.
- throw new errors.HttpErrorAuthOTP(
- method, res, parsed, opts.spec
- )
- } else {
- throw new errors.HttpErrorGeneral(
- method, res, parsed, opts.spec
- )
- }
- })
-}
diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/default-opts.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/default-opts.js
deleted file mode 100644
index fb8021d6b742f..0000000000000
--- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/default-opts.js
+++ /dev/null
@@ -1,22 +0,0 @@
-const pkg = require('./package.json')
-const ciDetect = require('@npmcli/ci-detect')
-module.exports = {
- isFromCI: ciDetect(),
- log: require('./silentlog.js'),
- maxSockets: 12,
- method: 'GET',
- registry: 'https://registry.npmjs.org/',
- timeout: 5 * 60 * 1000, // 5 minutes
- strictSSL: true,
- noProxy: process.env.NOPROXY,
- userAgent: `${pkg.name
- }@${
- pkg.version
- }/node@${
- process.version
- }+${
- process.arch
- } (${
- process.platform
- })`,
-}
diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/errors.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/errors.js
deleted file mode 100644
index 69671551dc619..0000000000000
--- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/errors.js
+++ /dev/null
@@ -1,78 +0,0 @@
-'use strict'
-
-const url = require('url')
-
-function packageName (href) {
- try {
- let basePath = new url.URL(href).pathname.substr(1)
- if (!basePath.match(/^-/)) {
- basePath = basePath.split('/')
- var index = basePath.indexOf('_rewrite')
- if (index === -1)
- index = basePath.length - 1
- else
- index++
- return decodeURIComponent(basePath[index])
- }
- } catch (_) {
- // this is ok
- }
-}
-
-class HttpErrorBase extends Error {
- constructor (method, res, body, spec) {
- super()
- this.headers = res.headers.raw()
- this.statusCode = res.status
- this.code = `E${res.status}`
- this.method = method
- this.uri = res.url
- this.body = body
- this.pkgid = spec ? spec.toString() : packageName(res.url)
- }
-}
-module.exports.HttpErrorBase = HttpErrorBase
-
-class HttpErrorGeneral extends HttpErrorBase {
- constructor (method, res, body, spec) {
- super(method, res, body, spec)
- this.message = `${res.status} ${res.statusText} - ${
- this.method.toUpperCase()
- } ${
- this.spec || this.uri
- }${
- (body && body.error) ? ' - ' + body.error : ''
- }`
- Error.captureStackTrace(this, HttpErrorGeneral)
- }
-}
-module.exports.HttpErrorGeneral = HttpErrorGeneral
-
-class HttpErrorAuthOTP extends HttpErrorBase {
- constructor (method, res, body, spec) {
- super(method, res, body, spec)
- this.message = 'OTP required for authentication'
- this.code = 'EOTP'
- Error.captureStackTrace(this, HttpErrorAuthOTP)
- }
-}
-module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP
-
-class HttpErrorAuthIPAddress extends HttpErrorBase {
- constructor (method, res, body, spec) {
- super(method, res, body, spec)
- this.message = 'Login is not allowed from your IP address'
- this.code = 'EAUTHIP'
- Error.captureStackTrace(this, HttpErrorAuthIPAddress)
- }
-}
-module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress
-
-class HttpErrorAuthUnknown extends HttpErrorBase {
- constructor (method, res, body, spec) {
- super(method, res, body, spec)
- this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate')
- Error.captureStackTrace(this, HttpErrorAuthUnknown)
- }
-}
-module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown
diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/index.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/index.js
deleted file mode 100644
index df3b49eb52969..0000000000000
--- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/index.js
+++ /dev/null
@@ -1,202 +0,0 @@
-'use strict'
-
-const checkResponse = require('./check-response.js')
-const getAuth = require('./auth.js')
-const fetch = require('make-fetch-happen')
-const JSONStream = require('minipass-json-stream')
-const npa = require('npm-package-arg')
-const qs = require('querystring')
-const url = require('url')
-const zlib = require('minizlib')
-const Minipass = require('minipass')
-
-const defaultOpts = require('./default-opts.js')
-
-// WhatWG URL throws if it's not fully resolved
-const urlIsValid = u => {
- try {
- return !!new url.URL(u)
- } catch (_) {
- return false
- }
-}
-
-module.exports = regFetch
-function regFetch (uri, /* istanbul ignore next */ opts_ = {}) {
- const opts = {
- ...defaultOpts,
- ...opts_,
- }
- const registry = opts.registry = (
- (opts.spec && pickRegistry(opts.spec, opts)) ||
- opts.registry ||
- /* istanbul ignore next */
- 'https://registry.npmjs.org/'
- )
-
- if (!urlIsValid(uri)) {
- uri = `${
- registry.trim().replace(/\/?$/g, '')
- }/${
- uri.trim().replace(/^\//, '')
- }`
- }
-
- const method = opts.method || 'GET'
-
- // through that takes into account the scope, the prefix of `uri`, etc
- const startTime = Date.now()
- const headers = getHeaders(registry, uri, opts)
- let body = opts.body
- const bodyIsStream = Minipass.isStream(body)
- const bodyIsPromise = body &&
- typeof body === 'object' &&
- typeof body.then === 'function'
-
- if (body && !bodyIsStream && !bodyIsPromise && typeof body !== 'string' && !Buffer.isBuffer(body)) {
- headers['content-type'] = headers['content-type'] || 'application/json'
- body = JSON.stringify(body)
- } else if (body && !headers['content-type'])
- headers['content-type'] = 'application/octet-stream'
-
- if (opts.gzip) {
- headers['content-encoding'] = 'gzip'
- if (bodyIsStream) {
- const gz = new zlib.Gzip()
- body.on('error', /* istanbul ignore next: unlikely and hard to test */
- err => gz.emit('error', err))
- body = body.pipe(gz)
- } else if (!bodyIsPromise)
- body = new zlib.Gzip().end(body).concat()
- }
-
- const parsed = new url.URL(uri)
-
- if (opts.query) {
- const q = typeof opts.query === 'string' ? qs.parse(opts.query)
- : opts.query
-
- Object.keys(q).forEach(key => {
- if (q[key] !== undefined)
- parsed.searchParams.set(key, q[key])
- })
- uri = url.format(parsed)
- }
-
- if (parsed.searchParams.get('write') === 'true' && method === 'GET') {
- // do not cache, because this GET is fetching a rev that will be
- // used for a subsequent PUT or DELETE, so we need to conditionally
- // update cache.
- opts.offline = false
- opts.preferOffline = false
- opts.preferOnline = true
- }
-
- const doFetch = (body) => fetch(uri, {
- agent: opts.agent,
- algorithms: opts.algorithms,
- body,
- cache: getCacheMode(opts),
- cacheManager: opts.cache,
- ca: opts.ca,
- cert: opts.cert,
- headers,
- integrity: opts.integrity,
- key: opts.key,
- localAddress: opts.localAddress,
- maxSockets: opts.maxSockets,
- memoize: opts.memoize,
- method: method,
- noProxy: opts.noProxy,
- proxy: opts.httpsProxy || opts.proxy,
- retry: opts.retry ? opts.retry : {
- retries: opts.fetchRetries,
- factor: opts.fetchRetryFactor,
- minTimeout: opts.fetchRetryMintimeout,
- maxTimeout: opts.fetchRetryMaxtimeout,
- },
- strictSSL: opts.strictSSL,
- timeout: opts.timeout || 30 * 1000,
- }).then(res => checkResponse(
- method, res, registry, startTime, opts
- ))
-
- return Promise.resolve(body).then(doFetch)
-}
-
-module.exports.json = fetchJSON
-function fetchJSON (uri, opts) {
- return regFetch(uri, opts).then(res => res.json())
-}
-
-module.exports.json.stream = fetchJSONStream
-function fetchJSONStream (uri, jsonPath, /* istanbul ignore next */ opts_ = {}) {
- const opts = { ...defaultOpts, ...opts_ }
- const parser = JSONStream.parse(jsonPath, opts.mapJSON)
- regFetch(uri, opts).then(res =>
- res.body.on('error',
- /* istanbul ignore next: unlikely and difficult to test */
- er => parser.emit('error', er)).pipe(parser)
- ).catch(er => parser.emit('error', er))
- return parser
-}
-
-module.exports.pickRegistry = pickRegistry
-function pickRegistry (spec, opts = {}) {
- spec = npa(spec)
- let registry = spec.scope &&
- opts[spec.scope.replace(/^@?/, '@') + ':registry']
-
- if (!registry && opts.scope)
- registry = opts[opts.scope.replace(/^@?/, '@') + ':registry']
-
- if (!registry)
- registry = opts.registry || 'https://registry.npmjs.org/'
-
- return registry
-}
-
-function getCacheMode (opts) {
- return opts.offline ? 'only-if-cached'
- : opts.preferOffline ? 'force-cache'
- : opts.preferOnline ? 'no-cache'
- : 'default'
-}
-
-function getHeaders (registry, uri, opts) {
- const headers = Object.assign({
- 'npm-in-ci': !!opts.isFromCI,
- 'user-agent': opts.userAgent,
- }, opts.headers || {})
-
- if (opts.projectScope)
- headers['npm-scope'] = opts.projectScope
-
- if (opts.npmSession)
- headers['npm-session'] = opts.npmSession
-
- if (opts.npmCommand)
- headers['npm-command'] = opts.npmCommand
-
- const auth = getAuth(registry, opts)
- // If a tarball is hosted on a different place than the manifest, only send
- // credentials on `alwaysAuth`
- const shouldAuth = (
- auth.alwaysAuth ||
- new url.URL(uri).host === new url.URL(registry).host
- )
- if (shouldAuth && auth.token)
- headers.authorization = `Bearer ${auth.token}`
- else if (shouldAuth && auth.username && auth.password) {
- const encoded = Buffer.from(
- `${auth.username}:${auth.password}`, 'utf8'
- ).toString('base64')
- headers.authorization = `Basic ${encoded}`
- } else if (shouldAuth && auth._auth)
- headers.authorization = `Basic ${auth._auth}`
-
- if (shouldAuth && auth.otp)
- headers['npm-otp'] = auth.otp
-
- return headers
-}
diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/package.json b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/package.json
deleted file mode 100644
index 40e0067b4aedb..0000000000000
--- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/package.json
+++ /dev/null
@@ -1,63 +0,0 @@
-{
- "name": "npm-registry-fetch",
- "version": "9.0.0",
- "description": "Fetch-based http client for use with npm registry APIs",
- "main": "index.js",
- "files": [
- "*.js"
- ],
- "scripts": {
- "eslint": "eslint",
- "lint": "npm run eslint -- *.js test/*.js",
- "lintfix": "npm run lint -- --fix",
- "prepublishOnly": "git push origin --follow-tags",
- "preversion": "npm test",
- "postversion": "npm publish",
- "test": "tap",
- "posttest": "npm run lint"
- },
- "repository": "https://github.com/npm/npm-registry-fetch",
- "keywords": [
- "npm",
- "registry",
- "fetch"
- ],
- "author": {
- "name": "Kat Marchán",
- "email": "kzm@sykosomatic.org",
- "twitter": "maybekatz"
- },
- "license": "ISC",
- "dependencies": {
- "@npmcli/ci-detect": "^1.0.0",
- "lru-cache": "^6.0.0",
- "make-fetch-happen": "^8.0.9",
- "minipass": "^3.1.3",
- "minipass-fetch": "^1.3.0",
- "minipass-json-stream": "^1.0.1",
- "minizlib": "^2.0.0",
- "npm-package-arg": "^8.0.0"
- },
- "devDependencies": {
- "cacache": "^15.0.0",
- "eslint": "^6.8.0",
- "eslint-plugin-import": "^2.18.2",
- "eslint-plugin-node": "^10.0.0",
- "eslint-plugin-promise": "^4.2.1",
- "eslint-plugin-standard": "^4.0.1",
- "mkdirp": "^0.5.1",
- "nock": "^11.7.0",
- "npmlog": "^4.1.2",
- "require-inject": "^1.4.4",
- "rimraf": "^2.6.2",
- "ssri": "^8.0.0",
- "tap": "^14.10.7"
- },
- "tap": {
- "check-coverage": true,
- "test-ignore": "test[\\\\/](util|cache)[\\\\/]"
- },
- "engines": {
- "node": ">=10"
- }
-}
diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/silentlog.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/silentlog.js
deleted file mode 100644
index 483bd44c7086a..0000000000000
--- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/silentlog.js
+++ /dev/null
@@ -1,14 +0,0 @@
-'use strict'
-
-const noop = Function.prototype
-module.exports = {
- error: noop,
- warn: noop,
- notice: noop,
- info: noop,
- verbose: noop,
- silly: noop,
- http: noop,
- pause: noop,
- resume: noop,
-}
diff --git a/node_modules/@npmcli/arborist/package.json b/node_modules/@npmcli/arborist/package.json
index d08102ce0cf12..66a92f0d52d34 100644
--- a/node_modules/@npmcli/arborist/package.json
+++ b/node_modules/@npmcli/arborist/package.json
@@ -1,6 +1,6 @@
{
"name": "@npmcli/arborist",
- "version": "2.3.0",
+ "version": "2.4.0",
"description": "Manage node_modules trees",
"dependencies": {
"@npmcli/installed-package-contents": "^1.0.7",
@@ -19,7 +19,7 @@
"npm-install-checks": "^4.0.0",
"npm-package-arg": "^8.1.0",
"npm-pick-manifest": "^6.1.0",
- "npm-registry-fetch": "^9.0.0",
+ "npm-registry-fetch": "^10.0.0",
"pacote": "^11.2.6",
"parse-conflict-json": "^1.1.1",
"promise-all-reject-late": "^1.0.0",
@@ -41,8 +41,7 @@
"eslint-plugin-standard": "^4.0.1",
"minify-registry-metadata": "^2.1.0",
"mutate-fs": "^2.1.1",
- "require-inject": "^1.4.4",
- "tap": "^14.11.0",
+ "tap": "^15.0.4",
"tcompare": "^3.0.4"
},
"scripts": {
@@ -76,10 +75,8 @@
"arborist": "bin/index.js"
},
"tap": {
- "100": true,
"after": "test/fixtures/cleanup.js",
"coverage-map": "map.js",
- "esm": false,
"test-env": [
"NODE_OPTIONS=--no-warnings"
],
@@ -87,6 +84,6 @@
"--no-warnings",
"--no-deprecation"
],
- "timeout": "120"
+ "timeout": "240"
}
}
diff --git a/package-lock.json b/package-lock.json
index 3b044b6ad8468..86ea49a6df295 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -253,7 +253,7 @@
],
"license": "Artistic-2.0",
"dependencies": {
- "@npmcli/arborist": "^2.3.0",
+ "@npmcli/arborist": "^2.4.0",
"@npmcli/ci-detect": "^1.2.0",
"@npmcli/config": "^2.1.0",
"@npmcli/run-script": "^1.8.4",
@@ -888,9 +888,9 @@
}
},
"node_modules/@npmcli/arborist": {
- "version": "2.3.0",
- "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.3.0.tgz",
- "integrity": "sha512-4z8x8jImp/Clwol4sgmR6qdntLQZDxNFabBSbyr9EB11cyWHyqhRvBKip/1sBTcQAScIwuFT64MOu/HI4a5Nkw==",
+ "version": "2.4.0",
+ "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.4.0.tgz",
+ "integrity": "sha512-rCoRrUSmXdBDBBgL/O0oehIR53ey99Pds8dId7gztARZmx6/NBoeiUOu9RnvXSe15XZLc3JSz9sHPcbQ9NQ53Q==",
"inBundle": true,
"dependencies": {
"@npmcli/installed-package-contents": "^1.0.7",
@@ -909,7 +909,7 @@
"npm-install-checks": "^4.0.0",
"npm-package-arg": "^8.1.0",
"npm-pick-manifest": "^6.1.0",
- "npm-registry-fetch": "^9.0.0",
+ "npm-registry-fetch": "^10.0.0",
"pacote": "^11.2.6",
"parse-conflict-json": "^1.1.1",
"promise-all-reject-late": "^1.0.0",
@@ -925,25 +925,6 @@
"arborist": "bin/index.js"
}
},
- "node_modules/@npmcli/arborist/node_modules/npm-registry-fetch": {
- "version": "9.0.0",
- "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-9.0.0.tgz",
- "integrity": "sha512-PuFYYtnQ8IyVl6ib9d3PepeehcUeHN9IO5N/iCRhyg9tStQcqGQBRVHmfmMWPDERU3KwZoHFvbJ4FPXPspvzbA==",
- "inBundle": true,
- "dependencies": {
- "@npmcli/ci-detect": "^1.0.0",
- "lru-cache": "^6.0.0",
- "make-fetch-happen": "^8.0.9",
- "minipass": "^3.1.3",
- "minipass-fetch": "^1.3.0",
- "minipass-json-stream": "^1.0.1",
- "minizlib": "^2.0.0",
- "npm-package-arg": "^8.0.0"
- },
- "engines": {
- "node": ">=10"
- }
- },
"node_modules/@npmcli/ci-detect": {
"version": "1.3.0",
"resolved": "https://registry.npmjs.org/@npmcli/ci-detect/-/ci-detect-1.3.0.tgz",
@@ -11300,9 +11281,9 @@
"dev": true
},
"@npmcli/arborist": {
- "version": "2.3.0",
- "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.3.0.tgz",
- "integrity": "sha512-4z8x8jImp/Clwol4sgmR6qdntLQZDxNFabBSbyr9EB11cyWHyqhRvBKip/1sBTcQAScIwuFT64MOu/HI4a5Nkw==",
+ "version": "2.4.0",
+ "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.4.0.tgz",
+ "integrity": "sha512-rCoRrUSmXdBDBBgL/O0oehIR53ey99Pds8dId7gztARZmx6/NBoeiUOu9RnvXSe15XZLc3JSz9sHPcbQ9NQ53Q==",
"requires": {
"@npmcli/installed-package-contents": "^1.0.7",
"@npmcli/map-workspaces": "^1.0.2",
@@ -11320,7 +11301,7 @@
"npm-install-checks": "^4.0.0",
"npm-package-arg": "^8.1.0",
"npm-pick-manifest": "^6.1.0",
- "npm-registry-fetch": "^9.0.0",
+ "npm-registry-fetch": "^10.0.0",
"pacote": "^11.2.6",
"parse-conflict-json": "^1.1.1",
"promise-all-reject-late": "^1.0.0",
@@ -11331,23 +11312,6 @@
"tar": "^6.1.0",
"treeverse": "^1.0.4",
"walk-up-path": "^1.0.0"
- },
- "dependencies": {
- "npm-registry-fetch": {
- "version": "9.0.0",
- "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-9.0.0.tgz",
- "integrity": "sha512-PuFYYtnQ8IyVl6ib9d3PepeehcUeHN9IO5N/iCRhyg9tStQcqGQBRVHmfmMWPDERU3KwZoHFvbJ4FPXPspvzbA==",
- "requires": {
- "@npmcli/ci-detect": "^1.0.0",
- "lru-cache": "^6.0.0",
- "make-fetch-happen": "^8.0.9",
- "minipass": "^3.1.3",
- "minipass-fetch": "^1.3.0",
- "minipass-json-stream": "^1.0.1",
- "minizlib": "^2.0.0",
- "npm-package-arg": "^8.0.0"
- }
- }
}
},
"@npmcli/ci-detect": {
diff --git a/package.json b/package.json
index c55b86cb346bd..29790969fd48e 100644
--- a/package.json
+++ b/package.json
@@ -42,7 +42,7 @@
"./package.json": "./package.json"
},
"dependencies": {
- "@npmcli/arborist": "^2.3.0",
+ "@npmcli/arborist": "^2.4.0",
"@npmcli/ci-detect": "^1.2.0",
"@npmcli/config": "^2.1.0",
"@npmcli/run-script": "^1.8.4",