diff --git a/node_modules/@npmcli/arborist/bin/lib/logging.js b/node_modules/@npmcli/arborist/bin/lib/logging.js index a7d20a1f53647..9420bca3c320c 100644 --- a/node_modules/@npmcli/arborist/bin/lib/logging.js +++ b/node_modules/@npmcli/arborist/bin/lib/logging.js @@ -20,13 +20,21 @@ const levelMap = new Map(levels.reduce((set, level, index) => { }, [])) const { inspect, format } = require('util') +const colors = process.stderr.isTTY +const magenta = colors ? msg => `\x1B[35m${msg}\x1B[39m` : m => m if (loglevel !== 'silent') { process.on('log', (level, ...args) => { if (levelMap.get(level) < levelMap.get(loglevel)) return - const pref = `${process.pid} ${level} ` + const pref = `${process.pid} ${magenta(level)} ` if (level === 'warn' && args[0] === 'ERESOLVE') - args[2] = inspect(args[2], { depth: 10 }) + args[2] = inspect(args[2], { depth: 10, colors }) + else { + args = args.map(a => { + return typeof a === 'string' ? a + : inspect(a, { depth: 10, colors }) + }) + } const msg = pref + format(...args).trim().split('\n').join(`\n${pref}`) console.error(msg) }) diff --git a/node_modules/@npmcli/arborist/bin/lib/timers.js b/node_modules/@npmcli/arborist/bin/lib/timers.js index 3b73c0bf6ddd3..e72217c1e4ed9 100644 --- a/node_modules/@npmcli/arborist/bin/lib/timers.js +++ b/node_modules/@npmcli/arborist/bin/lib/timers.js @@ -1,4 +1,5 @@ const timers = Object.create(null) +const { format } = require('util') process.on('time', name => { if (timers[name]) @@ -6,17 +7,20 @@ process.on('time', name => { timers[name] = process.hrtime() }) +const dim = process.stderr.isTTY ? msg => `\x1B[2m${msg}\x1B[22m` : m => m +const red = process.stderr.isTTY ? msg => `\x1B[31m${msg}\x1B[39m` : m => m process.on('timeEnd', name => { if (!timers[name]) throw new Error('timer not started! ' + name) const res = process.hrtime(timers[name]) delete timers[name] - console.error(`${process.pid} ${name}`, res[0] * 1e3 + res[1] / 1e6) + const msg = format(`${process.pid} ${name}`, res[0] * 1e3 + res[1] / 1e6) + console.error(dim(msg)) }) process.on('exit', () => { for (const name of Object.keys(timers)) { - console.error('Dangling timer: ', name) + console.error(red('Dangling timer:'), name) process.exitCode = 1 } }) diff --git a/node_modules/@npmcli/arborist/bin/virtual.js b/node_modules/@npmcli/arborist/bin/virtual.js index 7f90f20cf3817..3352802c2de87 100644 --- a/node_modules/@npmcli/arborist/bin/virtual.js +++ b/node_modules/@npmcli/arborist/bin/virtual.js @@ -8,7 +8,8 @@ require('./lib/timers.js') const start = process.hrtime() new Arborist(options).loadVirtual().then(tree => { const end = process.hrtime(start) - print(tree) + if (!options.quiet) + print(tree) if (options.save) tree.meta.save() console.error(`read ${tree.inventory.size} deps in ${end[0] * 1000 + end[1] / 1e6}ms`) diff --git a/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js b/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js index f836fc04d8826..293691563ee95 100644 --- a/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js +++ b/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js @@ -1188,6 +1188,16 @@ This is a one-time fix-up, please be patient... } } + // There is something present already, and we're not happy about it + // See if the thing we WOULD be happy with is also going to satisfy + // the other dependents on the current node. + const current = edge.to + const dep = await this[_nodeFromEdge](edge, null, null, required) + if (dep.canReplace(current)) { + await this[_nodeFromEdge](edge, node.parent, null, required) + continue + } + // at this point we know that there is a dep there, and // we don't like it. always fail strictly, always allow forcibly or // in non-strict mode if it's not our fault. don't warn here, because diff --git a/node_modules/@npmcli/arborist/lib/arborist/index.js b/node_modules/@npmcli/arborist/lib/arborist/index.js index 09a6f700547f2..93b9aa3829820 100644 --- a/node_modules/@npmcli/arborist/lib/arborist/index.js +++ b/node_modules/@npmcli/arborist/lib/arborist/index.js @@ -54,7 +54,7 @@ class Arborist extends Base { ...options, path: options.path || '.', cache: options.cache || `${homedir()}/.npm/_cacache`, - packumentCache: new Map(), + packumentCache: options.packumentCache || new Map(), log: options.log || procLog, } this.cache = resolve(this.options.cache) diff --git a/node_modules/@npmcli/arborist/lib/arborist/load-virtual.js b/node_modules/@npmcli/arborist/lib/arborist/load-virtual.js index 3a38905b77433..2a222249d7a48 100644 --- a/node_modules/@npmcli/arborist/lib/arborist/load-virtual.js +++ b/node_modules/@npmcli/arborist/lib/arborist/load-virtual.js @@ -93,7 +93,8 @@ module.exports = cls => class VirtualLoader extends cls { this.virtualTree = root const {links, nodes} = this[resolveNodes](s, root) await this[resolveLinks](links, nodes) - this[assignBundles](nodes) + if (!(s.originalLockfileVersion >= 2)) + this[assignBundles](nodes) if (this[flagsSuspect]) this[reCalcDepFlags](nodes.values()) return root @@ -220,22 +221,24 @@ module.exports = cls => class VirtualLoader extends cls { [assignBundles] (nodes) { for (const [location, node] of nodes) { // Skip assignment of parentage for the root package - if (!location) + if (!location || node.target && !node.target.location) continue const { name, parent, package: { inBundle }} = node + if (!parent) continue // read inBundle from package because 'package' here is // actually a v2 lockfile metadata entry. - // If the *parent* is also bundled, though, then we assume - // that it's being pulled in just by virtue of that. + // If the *parent* is also bundled, though, or if the parent has + // no dependency on it, then we assume that it's being pulled in + // just by virtue of its parent or a transitive dep being bundled. const { package: ppkg } = parent const { inBundle: parentBundled } = ppkg - if (inBundle && !parentBundled) { + if (inBundle && !parentBundled && parent.edgesOut.has(node.name)) { if (!ppkg.bundleDependencies) ppkg.bundleDependencies = [name] - else if (!ppkg.bundleDependencies.includes(name)) + else ppkg.bundleDependencies.push(name) } } diff --git a/node_modules/@npmcli/arborist/lib/arborist/rebuild.js b/node_modules/@npmcli/arborist/lib/arborist/rebuild.js index 9c52d009d6fd8..390d3ce42aecd 100644 --- a/node_modules/@npmcli/arborist/lib/arborist/rebuild.js +++ b/node_modules/@npmcli/arborist/lib/arborist/rebuild.js @@ -115,10 +115,6 @@ module.exports = cls => class Builder extends cls { await this[_runScripts]('preinstall') if (this[_binLinks] && type !== 'links') await this[_linkAllBins]() - if (!this[_ignoreScripts]) { - await this[_runScripts]('install') - await this[_runScripts]('postinstall') - } // links should also run prepare scripts and only link bins after that if (type === 'links') { @@ -128,6 +124,11 @@ module.exports = cls => class Builder extends cls { await this[_linkAllBins]() } + if (!this[_ignoreScripts]) { + await this[_runScripts]('install') + await this[_runScripts]('postinstall') + } + process.emit('timeEnd', `build:${type}`) } diff --git a/node_modules/@npmcli/arborist/lib/arborist/reify.js b/node_modules/@npmcli/arborist/lib/arborist/reify.js index aaaa3d61c862b..64f08756263c7 100644 --- a/node_modules/@npmcli/arborist/lib/arborist/reify.js +++ b/node_modules/@npmcli/arborist/lib/arborist/reify.js @@ -49,7 +49,8 @@ const _loadTrees = Symbol.for('loadTrees') const _diffTrees = Symbol.for('diffTrees') const _createSparseTree = Symbol.for('createSparseTree') const _loadShrinkwrapsAndUpdateTrees = Symbol.for('loadShrinkwrapsAndUpdateTrees') -const _shrinkwrapUnpacked = Symbol('shrinkwrapUnpacked') +const _shrinkwrapInflated = Symbol('shrinkwrapInflated') +const _bundleUnpacked = Symbol('bundleUnpacked') const _reifyNode = Symbol.for('reifyNode') const _extractOrLink = Symbol('extractOrLink') // defined by rebuild mixin @@ -108,7 +109,7 @@ module.exports = cls => class Reifier extends cls { this.diff = null this[_retiredPaths] = {} - this[_shrinkwrapUnpacked] = new Set() + this[_shrinkwrapInflated] = new Set() this[_retiredUnchanged] = {} this[_sparseTreeDirs] = new Set() this[_sparseTreeRoots] = new Set() @@ -316,6 +317,7 @@ module.exports = cls => class Reifier extends cls { // find all the nodes that need to change between the actual // and ideal trees. this.diff = Diff.calculate({ + shrinkwrapInflated: this[_shrinkwrapInflated], filterNodes, actual: this.actualTree, ideal: this.idealTree, @@ -423,7 +425,8 @@ module.exports = cls => class Reifier extends cls { const dirs = this.diff.leaves .filter(diff => { return (diff.action === 'ADD' || diff.action === 'CHANGE') && - !this[_sparseTreeDirs].has(diff.ideal.path) + !this[_sparseTreeDirs].has(diff.ideal.path) && + !diff.ideal.isLink }) .map(diff => diff.ideal.path) @@ -457,9 +460,9 @@ module.exports = cls => class Reifier extends cls { // we need to unpack them, read that shrinkwrap file, and then update // the tree by calling loadVirtual with the node as the root. [_loadShrinkwrapsAndUpdateTrees] () { - const seen = this[_shrinkwrapUnpacked] + const seen = this[_shrinkwrapInflated] const shrinkwraps = this.diff.leaves - .filter(d => (d.action === 'CHANGE' || d.action === 'ADD') && + .filter(d => (d.action === 'CHANGE' || d.action === 'ADD' || !d.action) && d.ideal.hasShrinkwrap && !seen.has(d.ideal) && !this[_trashList].has(d.ideal.path)) @@ -472,7 +475,7 @@ module.exports = cls => class Reifier extends cls { return promiseAllRejectLate(shrinkwraps.map(diff => { const node = diff.ideal seen.add(node) - return this[_reifyNode](node) + return diff.action ? this[_reifyNode](node) : node })) .then(nodes => promiseAllRejectLate(nodes.map(node => new Arborist({ ...this.options, @@ -503,7 +506,7 @@ module.exports = cls => class Reifier extends cls { const { npmVersion, nodeVersion } = this.options const p = Promise.resolve() - .then(() => { + .then(async () => { // when we reify an optional node, check the engine and platform // first. be sure to ignore the --force and --engine-strict flags, // since we always want to skip any optional packages we can't install. @@ -513,11 +516,11 @@ module.exports = cls => class Reifier extends cls { checkEngine(node.package, npmVersion, nodeVersion, false) checkPlatform(node.package, false) } + await this[_checkBins](node) + await this[_extractOrLink](node) + await this[_warnDeprecated](node) + await this[_loadAncientPackageDetails](node) }) - .then(() => this[_checkBins](node)) - .then(() => this[_extractOrLink](node)) - .then(() => this[_warnDeprecated](node)) - .then(() => this[_loadAncientPackageDetails](node)) return this[_handleOptionalFailure](node, p) .then(() => { @@ -563,10 +566,11 @@ module.exports = cls => class Reifier extends cls { }) } - [_symlink] (node) { + async [_symlink] (node) { const dir = dirname(node.path) const target = node.realpath const rel = relative(dir, target) + await mkdirp(dir) return symlink(rel, node.path, 'junction') } @@ -633,8 +637,10 @@ module.exports = cls => class Reifier extends cls { [_loadBundlesAndUpdateTrees] ( depth = 0, bundlesByDepth = this[_getBundlesByDepth]() ) { - if (depth === 0) + if (depth === 0) { + this[_bundleUnpacked] = new Set() process.emit('time', 'reify:loadBundles') + } const maxBundleDepth = bundlesByDepth.get('maxBundleDepth') if (depth > maxBundleDepth) { // if we did something, then prune the tree and update the diffs @@ -650,13 +656,17 @@ module.exports = cls => class Reifier extends cls { // shallower bundle overwriting them with a bundled meta-dep. const set = (bundlesByDepth.get(depth) || []) .filter(node => node.root === this.idealTree && + node.target !== node.root && !this[_trashList].has(node.path)) if (!set.length) return this[_loadBundlesAndUpdateTrees](depth + 1, bundlesByDepth) // extract all the nodes with bundles - return promiseAllRejectLate(set.map(node => this[_reifyNode](node))) + return promiseAllRejectLate(set.map(node => { + this[_bundleUnpacked].add(node) + return this[_reifyNode](node) + })) // then load their unpacked children and move into the ideal tree .then(nodes => promiseAllRejectLate(nodes.map(node => new this.constructor({ @@ -678,8 +688,13 @@ module.exports = cls => class Reifier extends cls { tree: this.diff, visit: diff => { const node = diff.ideal - if (node && !node.isProjectRoot && node.package.bundleDependencies && - node.package.bundleDependencies.length) { + if (!node) + return + if (node.isProjectRoot || (node.target && node.target.isProjectRoot)) + return + + const { bundleDependencies } = node.package + if (bundleDependencies && bundleDependencies.length) { maxBundleDepth = Math.max(maxBundleDepth, node.depth) if (!bundlesByDepth.has(node.depth)) bundlesByDepth.set(node.depth, [node]) @@ -784,14 +799,14 @@ module.exports = cls => class Reifier extends cls { return const node = diff.ideal - const bd = node.package.bundleDependencies - const sw = this[_shrinkwrapUnpacked].has(node) + const bd = this[_bundleUnpacked].has(node) + const sw = this[_shrinkwrapInflated].has(node) // check whether we still need to unpack this one. // test the inDepBundle last, since that's potentially a tree walk. const doUnpack = node && // can't unpack if removed! !node.isRoot && // root node already exists - !(bd && bd.length) && // already unpacked to read bundle + !bd && // already unpacked to read bundle !sw && // already unpacked to read sw !node.inDepBundle // already unpacked by another dep's bundle diff --git a/node_modules/@npmcli/arborist/lib/debug.js b/node_modules/@npmcli/arborist/lib/debug.js index 5acacee69e223..aeda7229d5e8c 100644 --- a/node_modules/@npmcli/arborist/lib/debug.js +++ b/node_modules/@npmcli/arborist/lib/debug.js @@ -12,6 +12,7 @@ // run in debug mode if explicitly requested, running arborist tests, // or working in the arborist project directory. + const debug = process.env.ARBORIST_DEBUG !== '0' && ( process.env.ARBORIST_DEBUG === '1' || /\barborist\b/.test(process.env.NODE_DEBUG || '') || @@ -21,4 +22,10 @@ const debug = process.env.ARBORIST_DEBUG !== '0' && ( ) module.exports = debug ? fn => fn() : () => {} -module.exports.log = (...msg) => module.exports(() => console.error(...msg)) +const red = process.stderr.isTTY ? msg => `\x1B[31m${msg}\x1B[39m` : m => m +module.exports.log = (...msg) => module.exports(() => { + const { format } = require('util') + const prefix = `\n${process.pid} ${red(format(msg.shift()))} ` + msg = (prefix + format(...msg).trim().split('\n').join(prefix)).trim() + console.error(msg) +}) diff --git a/node_modules/@npmcli/arborist/lib/diff.js b/node_modules/@npmcli/arborist/lib/diff.js index 84a8bae412f54..ff58ea76ee784 100644 --- a/node_modules/@npmcli/arborist/lib/diff.js +++ b/node_modules/@npmcli/arborist/lib/diff.js @@ -11,8 +11,9 @@ const {existsSync} = require('fs') const ssri = require('ssri') class Diff { - constructor ({actual, ideal, filterSet}) { + constructor ({actual, ideal, filterSet, shrinkwrapInflated}) { this.filterSet = filterSet + this.shrinkwrapInflated = shrinkwrapInflated this.children = [] this.actual = actual this.ideal = ideal @@ -30,7 +31,7 @@ class Diff { this.removed = [] } - static calculate ({actual, ideal, filterNodes = []}) { + static calculate ({actual, ideal, filterNodes = [], shrinkwrapInflated = new Set()}) { // if there's a filterNode, then: // - get the path from the root to the filterNode. The root or // root.target should have an edge either to the filterNode or @@ -77,7 +78,7 @@ class Diff { } return depth({ - tree: new Diff({actual, ideal, filterSet}), + tree: new Diff({actual, ideal, filterSet, shrinkwrapInflated}), getChildren, leave, }) @@ -135,7 +136,7 @@ const allChildren = node => { // to create the diff tree const getChildren = diff => { const children = [] - const {actual, ideal, unchanged, removed, filterSet} = diff + const {actual, ideal, unchanged, removed, filterSet, shrinkwrapInflated} = diff // Note: we DON'T diff fsChildren themselves, because they are either // included in the package contents, or part of some other project, and @@ -144,11 +145,20 @@ const getChildren = diff => { // responsible for installing. const actualKids = allChildren(actual) const idealKids = allChildren(ideal) + + if (ideal && ideal.hasShrinkwrap && !shrinkwrapInflated.has(ideal)) { + // Guaranteed to get a diff.leaves here, because we always + // be called with a proper Diff object when ideal has a shrinkwrap + // that has not been inflated. + diff.leaves.push(diff) + return children + } + const paths = new Set([...actualKids.keys(), ...idealKids.keys()]) for (const path of paths) { const actual = actualKids.get(path) const ideal = idealKids.get(path) - diffNode(actual, ideal, children, unchanged, removed, filterSet) + diffNode(actual, ideal, children, unchanged, removed, filterSet, shrinkwrapInflated) } if (diff.leaves && !children.length) @@ -157,7 +167,7 @@ const getChildren = diff => { return children } -const diffNode = (actual, ideal, children, unchanged, removed, filterSet) => { +const diffNode = (actual, ideal, children, unchanged, removed, filterSet, shrinkwrapInflated) => { if (filterSet.size && !(filterSet.has(ideal) || filterSet.has(actual))) return @@ -165,10 +175,10 @@ const diffNode = (actual, ideal, children, unchanged, removed, filterSet) => { // if it's a match, then get its children // otherwise, this is the child diff node - if (action) { + if (action || (!shrinkwrapInflated.has(ideal) && ideal.hasShrinkwrap)) { if (action === 'REMOVE') removed.push(actual) - children.push(new Diff({actual, ideal, filterSet})) + children.push(new Diff({actual, ideal, filterSet, shrinkwrapInflated})) } else { unchanged.push(ideal) // !*! Weird dirty hack warning !*! @@ -199,7 +209,7 @@ const diffNode = (actual, ideal, children, unchanged, removed, filterSet) => { for (const node of bundledChildren) node.parent = ideal } - children.push(...getChildren({actual, ideal, unchanged, removed, filterSet})) + children.push(...getChildren({actual, ideal, unchanged, removed, filterSet, shrinkwrapInflated})) } } diff --git a/node_modules/@npmcli/arborist/lib/index.js b/node_modules/@npmcli/arborist/lib/index.js index fd7d8817258ed..c7b07ce28e4df 100644 --- a/node_modules/@npmcli/arborist/lib/index.js +++ b/node_modules/@npmcli/arborist/lib/index.js @@ -3,5 +3,6 @@ module.exports.Arborist = module.exports module.exports.Node = require('./node.js') module.exports.Link = require('./link.js') module.exports.Edge = require('./edge.js') +module.exports.Shrinkwrap = require('./shrinkwrap.js') // XXX export the other classes, too. shrinkwrap, diff, etc. // they're handy! diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/CHANGELOG.md deleted file mode 100644 index fc26ee1bda4ba..0000000000000 --- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/CHANGELOG.md +++ /dev/null @@ -1,384 +0,0 @@ -# Changelog - -All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. - -### [8.1.5](https://github.com/npm/registry-fetch/compare/v8.1.4...v8.1.5) (2020-10-12) - - -### Bug Fixes - -* respect publishConfig.registry when specified ([32e36ef](https://github.com/npm/registry-fetch/commit/32e36efe86302ed319973cd5b1e6ccc3f62e557e)), closes [#35](https://github.com/npm/registry-fetch/issues/35) - -### [8.1.4](https://github.com/npm/registry-fetch/compare/v8.1.3...v8.1.4) (2020-08-17) - - -### Bug Fixes - -* redact passwords from http logs ([3c294eb](https://github.com/npm/registry-fetch/commit/3c294ebbd7821725db4ff1bc5fe368c49613efcc)) - -### [8.1.3](https://github.com/npm/registry-fetch/compare/v8.1.2...v8.1.3) (2020-07-21) - -### [8.1.2](https://github.com/npm/registry-fetch/compare/v8.1.1...v8.1.2) (2020-07-11) - -### [8.1.1](https://github.com/npm/registry-fetch/compare/v8.1.0...v8.1.1) (2020-06-30) - -## [8.1.0](https://github.com/npm/registry-fetch/compare/v8.0.3...v8.1.0) (2020-05-20) - - -### Features - -* add npm-command HTTP header ([1bb4eb2](https://github.com/npm/registry-fetch/commit/1bb4eb2c66ee8a0dc62558bdcff1b548e2bb9820)) - -### [8.0.3](https://github.com/npm/registry-fetch/compare/v8.0.2...v8.0.3) (2020-05-13) - - -### Bug Fixes - -* update minipass and make-fetch-happen to latest ([3b6c5d0](https://github.com/npm/registry-fetch/commit/3b6c5d0d8ccd4c4a97862a65acef956f19aec127)), closes [#23](https://github.com/npm/registry-fetch/issues/23) - -### [8.0.2](https://github.com/npm/registry-fetch/compare/v8.0.1...v8.0.2) (2020-05-04) - - -### Bug Fixes - -* update make-fetch-happen to 8.0.6 ([226df2c](https://github.com/npm/registry-fetch/commit/226df2c32e3f9ed8ceefcfdbd11efb178181b442)) - -## [8.0.0](https://github.com/npm/registry-fetch/compare/v7.0.1...v8.0.0) (2020-02-24) - - -### ⚠ BREAKING CHANGES - -* Removes the 'opts.refer' option and the HTTP Referer -header (unless explicitly added to the 'headers' option, of course). - -PR-URL: https://github.com/npm/npm-registry-fetch/pull/25 -Credit: @isaacs - -### Bug Fixes - -* remove referer header and opts.refer ([eb8f7af](https://github.com/npm/registry-fetch/commit/eb8f7af3c102834856604c1be664b00ca0fe8ef2)), closes [#25](https://github.com/npm/registry-fetch/issues/25) - -### [7.0.1](https://github.com/npm/registry-fetch/compare/v7.0.0...v7.0.1) (2020-02-24) - -## [7.0.0](https://github.com/npm/registry-fetch/compare/v6.0.2...v7.0.0) (2020-02-18) - - -### ⚠ BREAKING CHANGES - -* figgy pudding is now nowhere to be found. -* this removes figgy-pudding, and drops several option -aliases. - -Defaults and behavior are all the same, and this module is now using the -canonical camelCase option names that npm v7 will provide to all its -deps. - -Related to: https://github.com/npm/rfcs/pull/102 - -PR-URL: https://github.com/npm/npm-registry-fetch/pull/22 -Credit: @isaacs - -### Bug Fixes - -* Remove figgy-pudding, use canonical option names ([ede3c08](https://github.com/npm/registry-fetch/commit/ede3c087007fd1808e02b1af70562220d03b18a9)), closes [#22](https://github.com/npm/registry-fetch/issues/22) - - -* update cacache, ssri, make-fetch-happen ([57fcc88](https://github.com/npm/registry-fetch/commit/57fcc889bee03edcc0a2025d96a171039108c231)) - -### [6.0.2](https://github.com/npm/registry-fetch/compare/v6.0.1...v6.0.2) (2020-02-14) - - -### Bug Fixes - -* always bypass cache when ?write=true ([83f89f3](https://github.com/npm/registry-fetch/commit/83f89f35abd2ed0507c869e37f90ed746375772c)) - -### [6.0.1](https://github.com/npm/registry-fetch/compare/v6.0.0...v6.0.1) (2020-02-14) - - -### Bug Fixes - -* use 30s default for timeout as per README ([50e8afc](https://github.com/npm/registry-fetch/commit/50e8afc6ff850542feb588f9f9c64ebae59e72a0)), closes [#20](https://github.com/npm/registry-fetch/issues/20) - -## [6.0.0](https://github.com/npm/registry-fetch/compare/v5.0.1...v6.0.0) (2019-12-17) - - -### ⚠ BREAKING CHANGES - -* This drops support for node < 10. - -There are some lint failures due to standard pushing for using WhatWG URL -objects instead of url.parse/url.resolve. However, the code in this lib -does some fancy things with the query/search portions of the parsed url -object, so it'll take a bit of care to make it work properly. - -### Bug Fixes - -* detect CI so our tests don't fail in CI ([5813da6](https://github.com/npm/registry-fetch/commit/5813da634cef73b12e40373972d7937e6934fce0)) -* Use WhatWG URLs instead of url.parse ([8ccfa8a](https://github.com/npm/registry-fetch/commit/8ccfa8a72c38cfedb0f525b7f453644fd4444f99)) - - -* normalize settings, drop old nodes, update deps ([510b125](https://github.com/npm/registry-fetch/commit/510b1255cc7ed4bb397a34e0007757dae33e2275)) - - -## [5.0.1](https://github.com/npm/registry-fetch/compare/v5.0.0...v5.0.1) (2019-11-11) - - - - -# [5.0.0](https://github.com/npm/registry-fetch/compare/v4.0.2...v5.0.0) (2019-10-04) - - -### Bug Fixes - -* prefer const in getAuth function ([90ac7b1](https://github.com/npm/registry-fetch/commit/90ac7b1)) -* use minizlib instead of core zlib ([e64702e](https://github.com/npm/registry-fetch/commit/e64702e)) - - -### Features - -* refactor to use Minipass streams ([bb37f20](https://github.com/npm/registry-fetch/commit/bb37f20)) - - -### BREAKING CHANGES - -* this replaces all core streams (except for some -PassThrough streams in a few tests) with Minipass streams, and updates -all deps to the latest and greatest Minipass versions of things. - - - - -## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04) - - -### Bug Fixes - -* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9) -* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3) - - - - -# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) - - -* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) - - -### BREAKING CHANGES - -* uid and gid are inferred from cache folder, rather than -being passed in as options. - - - - -## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) - - - - -# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) - - -### Features - -* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) - - - - -# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) - - -### Features - -* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) - - - - -# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) - - -### Features - -* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) - - - - -# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) - - -### Bug Fixes - -* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) - - -### Features - -* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) - - - - -# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) - - -### Features - -* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) - - - - -# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) - - -### Bug Fixes - -* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) - - -### Features - -* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) - - - - -# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) - - -### Bug Fixes - -* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) - - -### Features - -* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) - - - - -## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) - - -### Bug Fixes - -* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) - - - - -# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) - - -### Features - -* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) - - - - -## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) - - - - -# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) - - -### Features - -* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) - - - - -# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) - - -### Bug Fixes - -* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) -* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) - - -### BREAKING CHANGES - -* **config:** opts.config is no longer supported. Pass the options down in opts itself. - - - - -# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) - - -### Features - -* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) - - - - -# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) - - -### meta - -* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) - - -### BREAKING CHANGES - -* node@4 is no longer supported - - - - -## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) - - - - -# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) - - -### Features - -* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) - - - - -## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) - - -### Bug Fixes - -* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) - - - - -# 1.0.0 (2018-03-16) - - -### Bug Fixes - -* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) -* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) -* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) -* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) - - -### Features - -* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) -* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) -* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) -* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) -* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/LICENSE.md deleted file mode 100644 index 8d28acf866d93..0000000000000 --- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/LICENSE.md +++ /dev/null @@ -1,16 +0,0 @@ -ISC License - -Copyright (c) npm, Inc. - -Permission to use, copy, modify, and/or distribute this software for -any purpose with or without fee is hereby granted, provided that the -above copyright notice and this permission notice appear in all copies. - -THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS -ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE -COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR -CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS -OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE -USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/README.md b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/README.md deleted file mode 100644 index f5ae9cac31a03..0000000000000 --- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/README.md +++ /dev/null @@ -1,629 +0,0 @@ -# npm-registry-fetch - -[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js -library that implements a `fetch`-like API for accessing npm registry APIs -consistently. It's able to consume npm-style configuration values and has all -the necessary logic for picking registries, handling scopes, and dealing with -authentication details built-in. - -This package is meant to replace the older -[`npm-registry-client`](https://npm.im/npm-registry-client). - -## Example - -```javascript -const npmFetch = require('npm-registry-fetch') - -console.log( - await npmFetch.json('/-/ping') -) -``` - -## Table of Contents - -* [Installing](#install) -* [Example](#example) -* [Contributing](#contributing) -* [API](#api) - * [`fetch`](#fetch) - * [`fetch.json`](#fetch-json) - * [`fetch` options](#fetch-opts) - -### Install - -`$ npm install npm-registry-fetch` - -### Contributing - -The npm team enthusiastically welcomes contributions and project participation! -There's a bunch of things you can do if you want to contribute! The [Contributor -Guide](CONTRIBUTING.md) has all the information you need for everything from -reporting bugs to contributing entire new features. Please don't hesitate to -jump in if you'd like to, or even ask us questions if something isn't clear. - -All participants and maintainers in this project are expected to follow [Code of -Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. - -Please refer to the [Changelog](CHANGELOG.md) for project history details, too. - -Happy hacking! - -### API - -#### Caching and `write=true` query strings - -Before performing any PUT or DELETE operation, npm clients first make a -GET request to the registry resource being updated, which includes -the query string `?write=true`. - -The semantics of this are, effectively, "I intend to write to this thing, -and need to know the latest current value, so that my write can land -cleanly". - -The public npm registry handles these `?write=true` requests by ensuring -that the cache is re-validated before sending a response. In order to -maintain the same behavior on the client, and not get tripped up by an -overeager local cache when we intend to write data to the registry, any -request that comes through `npm-registry-fetch` that contains `write=true` -in the query string will forcibly set the `prefer-online` option to `true`, -and set both `prefer-offline` and `offline` to false, so that any local -cached value will be revalidated. - -#### `> fetch(url, [opts]) -> Promise` - -Performs a request to a given URL. - -The URL can be either a full URL, or a path to one. The appropriate registry -will be automatically picked if only a URL path is given. - -For available options, please see the section on [`fetch` options](#fetch-opts). - -##### Example - -```javascript -const res = await fetch('/-/ping') -console.log(res.headers) -res.on('data', d => console.log(d.toString('utf8'))) -``` - -#### `> fetch.json(url, [opts]) -> Promise` - -Performs a request to a given registry URL, parses the body of the response as -JSON, and returns it as its final value. This is a utility shorthand for -`fetch(url).then(res => res.json())`. - -For available options, please see the section on [`fetch` options](#fetch-opts). - -##### Example - -```javascript -const res = await fetch.json('/-/ping') -console.log(res) // Body parsed as JSON -``` - -#### `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` - -Performs a request to a given registry URL and parses the body of the response -as JSON, with each entry being emitted through the stream. - -The `jsonPath` argument is a [`JSONStream.parse()` -path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the -returned stream (unlike default `JSONStream`s), has a valid -`Symbol.asyncIterator` implementation. - -For available options, please see the section on [`fetch` options](#fetch-opts). - -##### Example - -```javascript -console.log('https://npm.im/~zkat has access to the following packages:') -for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { - console.log(`https://npm.im/${key} (perms: ${value})`) -} -``` - -#### `fetch` Options - -Fetch options are optional, and can be passed in as either a Map-like object -(one with a `.get()` method), a plain javascript object, or a -[`figgy-pudding`](https://npm.im/figgy-pudding) instance. - -##### `opts.agent` - -* Type: http.Agent -* Default: an appropriate agent based on URL protocol and proxy settings - -An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to -be shared across requests. This allows multiple concurrent `fetch` requests to -happen on the same socket. - -You do _not_ need to provide this option unless you want something particularly -specialized, since proxy configurations and http/https agents are already -automatically managed internally when this option is not passed through. - -##### `opts.body` - -* Type: Buffer | Stream | Object -* Default: null - -Request body to send through the outgoing request. Buffers and Streams will be -passed through as-is, with a default `content-type` of -`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed -and the `content-type` will default to `application/json`. - -Use [`opts.headers`](#opts-headers) to set the content-type to something else. - -##### `opts.ca` - -* Type: String, Array, or null -* Default: null - -The Certificate Authority signing certificate that is trusted for SSL -connections to the registry. Values should be in PEM format (Windows calls it -"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For -example: - -``` -{ - ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' -} -``` - -Set to `null` to only allow "known" registrars, or to a specific CA cert -to trust only that specific signing authority. - -Multiple CAs can be trusted by specifying an array of certificates instead of a -single string. - -See also [`opts.strictSSL`](#opts-strictSSL), [`opts.ca`](#opts-ca) and -[`opts.key`](#opts-key) - -##### `opts.cache` - -* Type: path -* Default: null - -The location of the http cache directory. If provided, certain cachable requests -will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) -rules. This will speed up future requests, as well as make the cached data -available offline if necessary/requested. - -See also [`offline`](#opts-offline), [`preferOffline`](#opts-preferOffline), -and [`preferOnline`](#opts-preferOnline). - -##### `opts.cert` - -* Type: String -* Default: null - -A client certificate to pass when accessing the registry. Values should be in -PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines -replaced by the string `'\n'`. For example: - -``` -{ - cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' -} -``` - -It is _not_ the path to a certificate file (and there is no "certfile" option). - -See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) - -##### `opts.fetchRetries` - -* Type: Number -* Default: 2 - -The "retries" config for [`retry`](https://npm.im/retry) to use when fetching -packages from the registry. - -See also [`opts.retry`](#opts-retry) to provide all retry options as a single -object. - -##### `opts.fetchRetryFactor` - -* Type: Number -* Default: 10 - -The "factor" config for [`retry`](https://npm.im/retry) to use when fetching -packages. - -See also [`opts.retry`](#opts-retry) to provide all retry options as a single -object. - -##### `opts.fetchRetryMintimeout` - -* Type: Number -* Default: 10000 (10 seconds) - -The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching -packages. - -See also [`opts.retry`](#opts-retry) to provide all retry options as a single -object. - -##### `opts.fetchRetryMaxtimeout` - -* Type: Number -* Default: 60000 (1 minute) - -The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching -packages. - -See also [`opts.retry`](#opts-retry) to provide all retry options as a single -object. - -##### `opts.forceAuth` - -* Type: Object -* Default: null - -If present, other auth-related values in `opts` will be completely ignored, -including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, -and the auth details in `opts.forceAuth` will be used instead. - -##### `opts.gzip` - -* Type: Boolean -* Default: false - -If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` -and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode -[`opts.body`](#opts-body). - -##### `opts.headers` - -* Type: Object -* Default: null - -Additional headers for the outgoing request. This option can also be used to -override headers automatically generated by `npm-registry-fetch`, such as -`Content-Type`. - -##### `opts.ignoreBody` - -* Type: Boolean -* Default: false - -If true, the **response body** will be thrown away and `res.body` set to `null`. -This will prevent dangling response sockets for requests where you don't usually -care what the response body is. - -##### `opts.integrity` - -* Type: String | [SRI object](https://npm.im/ssri) -* Default: null - -If provided, the response body's will be verified against this integrity string, -using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will -complete as normal. If verification fails, the response body will error with an -`EINTEGRITY` error. - -Body integrity is only verified if the body is actually consumed to completion -- -that is, if you use `res.json()`/`res.buffer()`, or if you consume the default -`res` stream data to its end. - -Cached data will have its integrity automatically verified using the -previously-generated integrity hash for the saved request information, so -`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if -`opts.integrity` is not passed in. - -##### `opts.isFromCI` - -* Type: Boolean -* Default: Based on environment variables - -This is used to populate the `npm-in-ci` request header sent to the registry. - -##### `opts.key` - -* Type: String -* Default: null - -A client key to pass when accessing the registry. Values should be in PEM -format with newlines replaced by the string `'\n'`. For example: - -``` -{ - key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' -} -``` - -It is _not_ the path to a key file (and there is no "keyfile" option). - -See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) - -##### `opts.localAddress` - -* Type: IP Address String -* Default: null - -The IP address of the local interface to use when making connections -to the registry. - -See also [`opts.proxy`](#opts-proxy) - -##### `opts.log` - -* Type: [`npmlog`](https://npm.im/npmlog)-like -* Default: null - -Logger object to use for logging operation details. Must have the same methods -as `npmlog`. - -##### `opts.mapJSON` - -* Type: Function -* Default: undefined - -When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down -to [`JSONStream`](https://npm.im/JSONStream) as the second argument to -`JSONStream.parse`, and can be used to transform stream data before output. - -##### `opts.maxSockets` - -* Type: Integer -* Default: 12 - -Maximum number of sockets to keep open during requests. Has no effect if -[`opts.agent`](#opts-agent) is used. - -##### `opts.method` - -* Type: String -* Default: 'GET' - -HTTP method to use for the outgoing request. Case-insensitive. - -##### `opts.noproxy` - -* Type: Boolean -* Default: process.env.NOPROXY - -If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. - -##### `opts.npmSession` - -* Type: String -* Default: null - -If provided, will be sent in the `npm-session` header. This header is used by -the npm registry to identify individual user sessions (usually individual -invocations of the CLI). - -##### `opts.npmCommand` - -* Type: String -* Default: null - -If provided, it will be sent in the `npm-command` header. This yeader is -used by the npm registry to identify the npm command that caused this -request to be made. - -##### `opts.offline` - -* Type: Boolean -* Default: false - -Force offline mode: no network requests will be done during install. To allow -`npm-registry-fetch` to fill in missing cache data, see -[`opts.preferOffline`](#opts-preferOffline). - -This option is only really useful if you're also using -[`opts.cache`](#opts-cache). - -This option is set to `true` when the request includes `write=true` in the -query string. - -##### `opts.otp` - -* Type: Number | String -* Default: null - -This is a one-time password from a two-factor authenticator. It is required for -certain registry interactions when two-factor auth is enabled for a user -account. - -##### `opts.password` - -* Alias: `_password` -* Type: String -* Default: null - -Password used for basic authentication. For the more modern authentication -method, please use the (more secure) [`opts.token`](#opts-token) - -Can optionally be scoped to a registry by using a "nerf dart" for that registry. -That is: - -``` -{ - '//registry.npmjs.org/:password': 't0k3nH34r' -} -``` - -See also [`opts.username`](#opts-username) - -##### `opts.preferOffline` - -* Type: Boolean -* Default: false - -If true, staleness checks for cached data will be bypassed, but missing data -will be requested from the server. To force full offline mode, use -[`opts.offline`](#opts-offline). - -This option is generally only useful if you're also using -[`opts.cache`](#opts-cache). - -This option is set to `false` when the request includes `write=true` in the -query string. - -##### `opts.preferOnline` - -* Type: Boolean -* Default: false - -If true, staleness checks for cached data will be forced, making the CLI look -for updates immediately even for fresh package data. - -This option is generally only useful if you're also using -[`opts.cache`](#opts-cache). - -This option is set to `true` when the request includes `write=true` in the -query string. - -##### `opts.projectScope` - -* Type: String -* Default: null - -If provided, will be sent in the `npm-scope` header. This header is used by the -npm registry to identify the toplevel package scope that a particular project -installation is using. - -##### `opts.proxy` - -* Type: url -* Default: null - -A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` -environment variable will be used. - -##### `opts.query` - -* Type: String | Object -* Default: null - -If provided, the request URI will have a query string appended to it using this -query. If `opts.query` is an object, it will be converted to a query string -using -[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). - -If the request URI already has a query string, it will be merged with -`opts.query`, preferring `opts.query` values. - -##### `opts.registry` - -* Type: URL -* Default: `'https://registry.npmjs.org'` - -Registry configuration for a request. If a request URL only includes the URL -path, this registry setting will be prepended. This configuration is also used -to determine authentication details, so even if the request URL references a -completely different host, `opts.registry` will be used to find the auth details -for that request. - -See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and -[`opts.:registry`](#opts-scope-registry) which can all affect the actual -registry URL used by the outgoing request. - -##### `opts.retry` - -* Type: Object -* Default: null - -Single-object configuration for request retry settings. If passed in, will -override individually-passed `fetch-retry-*` settings. - -##### `opts.scope` - -* Type: String -* Default: null - -Associate an operation with a scope for a scoped registry. This option can force -lookup of scope-specific registries and authentication. - -See also [`opts.:registry`](#opts-scope-registry) and -[`opts.spec`](#opts-spec) for interactions with this option. - -##### `opts.:registry` - -* Type: String -* Default: null - -This option type can be used to configure the registry used for requests -involving a particular scope. For example, `opts['@myscope:registry'] = -'https://scope-specific.registry/'` will make it so requests go out to this -registry instead of [`opts.registry`](#opts-registry) when -[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a -scoped package spec. - -The `@` before the scope name is optional, but recommended. - -##### `opts.spec` - -* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. -* Default: null - -If provided, can be used to automatically configure [`opts.scope`](#opts-scope) -based on a specific package name. Non-registry package specs will throw an -error. - -##### `opts.strictSSL` - -* Type: Boolean -* Default: true - -Whether or not to do SSL key validation when making requests to the -registry via https. - -See also [`opts.ca`](#opts-ca). - -##### `opts.timeout` - -* Type: Milliseconds -* Default: 300000 (5 minutes) - -Time before a hanging request times out. - -##### `opts.token` - -* Alias: `opts._authToken` -* Type: String -* Default: null - -Authentication token string. - -Can be scoped to a registry by using a "nerf dart" for that registry. That is: - -``` -{ - '//registry.npmjs.org/:token': 't0k3nH34r' -} -``` - -##### `opts.userAgent` - -* Type: String -* Default: `'npm-registry-fetch@/node@+ ()'` - -User agent string to send in the `User-Agent` header. - -##### `opts.username` - -* Type: String -* Default: null - -Username used for basic authentication. For the more modern authentication -method, please use the (more secure) [`opts.token`](#opts-token) - -Can optionally be scoped to a registry by using a "nerf dart" for that registry. -That is: - -``` -{ - '//registry.npmjs.org/:username': 't0k3nH34r' -} -``` - -See also [`opts.password`](#opts-password) - -##### `opts._auth` - -* Type: String -* Default: null - -** DEPRECATED ** This is a legacy authentication token supported only for -compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/auth.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/auth.js deleted file mode 100644 index e096a6f98f9a4..0000000000000 --- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/auth.js +++ /dev/null @@ -1,55 +0,0 @@ -'use strict' - -const defaultOpts = require('./default-opts.js') -const url = require('url') - -module.exports = getAuth -function getAuth (registry, opts_ = {}) { - if (!registry) - throw new Error('registry is required') - const opts = opts_.forceAuth ? opts_.forceAuth : { ...defaultOpts, ...opts_ } - const AUTH = {} - const regKey = registry && registryKey(registry) - const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) - doKey('token') - doKey('_authToken', 'token') - doKey('username') - doKey('password') - doKey('_password', 'password') - doKey('email') - doKey('_auth') - doKey('otp') - doKey('always-auth', 'alwaysAuth') - if (AUTH.password) - AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') - - if (AUTH._auth && !(AUTH.username && AUTH.password)) { - let auth = Buffer.from(AUTH._auth, 'base64').toString() - auth = auth.split(':') - AUTH.username = auth.shift() - AUTH.password = auth.join(':') - } - AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth - return AUTH -} - -function addKey (opts, obj, scope, key, objKey) { - if (opts[key]) - obj[objKey || key] = opts[key] - - if (scope && opts[`${scope}:${key}`]) - obj[objKey || key] = opts[`${scope}:${key}`] -} - -// Called a nerf dart in the main codebase. Used as a "safe" -// key when fetching registry info from config. -function registryKey (registry) { - const parsed = new url.URL(registry) - const formatted = url.format({ - protocol: parsed.protocol, - host: parsed.host, - pathname: parsed.pathname, - slashes: true, - }) - return url.format(new url.URL('.', formatted)).replace(/^[^:]+:/, '') -} diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/check-response.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/check-response.js deleted file mode 100644 index 5154da5349f76..0000000000000 --- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/check-response.js +++ /dev/null @@ -1,128 +0,0 @@ -'use strict' - -const errors = require('./errors.js') -const LRU = require('lru-cache') -const { Response } = require('minipass-fetch') -const defaultOpts = require('./default-opts.js') - -module.exports = checkResponse -function checkResponse (method, res, registry, startTime, opts_ = {}) { - const opts = { ...defaultOpts, ...opts_ } - if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) - opts.log.notice('', res.headers.get('npm-notice')) - - checkWarnings(res, registry, opts) - if (res.status >= 400) { - logRequest(method, res, startTime, opts) - return checkErrors(method, res, startTime, opts) - } else { - res.body.on('end', () => logRequest(method, res, startTime, opts)) - if (opts.ignoreBody) { - res.body.resume() - return new Response(null, res) - } - return res - } -} - -function logRequest (method, res, startTime, opts) { - const elapsedTime = Date.now() - startTime - const attempt = res.headers.get('x-fetch-attempts') - const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' - const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' - - let urlStr - try { - const { URL } = require('url') - const url = new URL(res.url) - if (url.password) - url.password = '***' - - urlStr = url.toString() - } catch (er) { - urlStr = res.url - } - - opts.log.http( - 'fetch', - `${method.toUpperCase()} ${res.status} ${urlStr} ${elapsedTime}ms${attemptStr}${cacheStr}` - ) -} - -const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ -const BAD_HOSTS = new LRU({ max: 50 }) - -function checkWarnings (res, registry, opts) { - if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { - const warnings = {} - // note: headers.raw() will preserve case, so we might have a - // key on the object like 'WaRnInG' if that was used first - for (const [key, value] of Object.entries(res.headers.raw())) { - if (key.toLowerCase() !== 'warning') - continue - value.forEach(w => { - const match = w.match(WARNING_REGEXP) - if (match) { - warnings[match[1]] = { - code: match[1], - host: match[2], - message: match[3], - date: new Date(match[4]), - } - } - }) - } - BAD_HOSTS.set(registry, true) - if (warnings['199']) { - if (warnings['199'].message.match(/ENOTFOUND/)) - opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) - else - opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) - } - if (warnings['111']) { - // 111 Revalidation failed -- we're using stale data - opts.log.warn( - 'registry', - `Using stale data from ${registry} due to a request error during revalidation.` - ) - } - } -} - -function checkErrors (method, res, startTime, opts) { - return res.buffer() - .catch(() => null) - .then(body => { - let parsed = body - try { - parsed = JSON.parse(body.toString('utf8')) - } catch (e) {} - if (res.status === 401 && res.headers.get('www-authenticate')) { - const auth = res.headers.get('www-authenticate') - .split(/,\s*/) - .map(s => s.toLowerCase()) - if (auth.indexOf('ipaddress') !== -1) { - throw new errors.HttpErrorAuthIPAddress( - method, res, parsed, opts.spec - ) - } else if (auth.indexOf('otp') !== -1) { - throw new errors.HttpErrorAuthOTP( - method, res, parsed, opts.spec - ) - } else { - throw new errors.HttpErrorAuthUnknown( - method, res, parsed, opts.spec - ) - } - } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) { - // Heuristic for malformed OTP responses that don't include the www-authenticate header. - throw new errors.HttpErrorAuthOTP( - method, res, parsed, opts.spec - ) - } else { - throw new errors.HttpErrorGeneral( - method, res, parsed, opts.spec - ) - } - }) -} diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/default-opts.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/default-opts.js deleted file mode 100644 index fb8021d6b742f..0000000000000 --- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/default-opts.js +++ /dev/null @@ -1,22 +0,0 @@ -const pkg = require('./package.json') -const ciDetect = require('@npmcli/ci-detect') -module.exports = { - isFromCI: ciDetect(), - log: require('./silentlog.js'), - maxSockets: 12, - method: 'GET', - registry: 'https://registry.npmjs.org/', - timeout: 5 * 60 * 1000, // 5 minutes - strictSSL: true, - noProxy: process.env.NOPROXY, - userAgent: `${pkg.name - }@${ - pkg.version - }/node@${ - process.version - }+${ - process.arch - } (${ - process.platform - })`, -} diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/errors.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/errors.js deleted file mode 100644 index 69671551dc619..0000000000000 --- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/errors.js +++ /dev/null @@ -1,78 +0,0 @@ -'use strict' - -const url = require('url') - -function packageName (href) { - try { - let basePath = new url.URL(href).pathname.substr(1) - if (!basePath.match(/^-/)) { - basePath = basePath.split('/') - var index = basePath.indexOf('_rewrite') - if (index === -1) - index = basePath.length - 1 - else - index++ - return decodeURIComponent(basePath[index]) - } - } catch (_) { - // this is ok - } -} - -class HttpErrorBase extends Error { - constructor (method, res, body, spec) { - super() - this.headers = res.headers.raw() - this.statusCode = res.status - this.code = `E${res.status}` - this.method = method - this.uri = res.url - this.body = body - this.pkgid = spec ? spec.toString() : packageName(res.url) - } -} -module.exports.HttpErrorBase = HttpErrorBase - -class HttpErrorGeneral extends HttpErrorBase { - constructor (method, res, body, spec) { - super(method, res, body, spec) - this.message = `${res.status} ${res.statusText} - ${ - this.method.toUpperCase() - } ${ - this.spec || this.uri - }${ - (body && body.error) ? ' - ' + body.error : '' - }` - Error.captureStackTrace(this, HttpErrorGeneral) - } -} -module.exports.HttpErrorGeneral = HttpErrorGeneral - -class HttpErrorAuthOTP extends HttpErrorBase { - constructor (method, res, body, spec) { - super(method, res, body, spec) - this.message = 'OTP required for authentication' - this.code = 'EOTP' - Error.captureStackTrace(this, HttpErrorAuthOTP) - } -} -module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP - -class HttpErrorAuthIPAddress extends HttpErrorBase { - constructor (method, res, body, spec) { - super(method, res, body, spec) - this.message = 'Login is not allowed from your IP address' - this.code = 'EAUTHIP' - Error.captureStackTrace(this, HttpErrorAuthIPAddress) - } -} -module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress - -class HttpErrorAuthUnknown extends HttpErrorBase { - constructor (method, res, body, spec) { - super(method, res, body, spec) - this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') - Error.captureStackTrace(this, HttpErrorAuthUnknown) - } -} -module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/index.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/index.js deleted file mode 100644 index df3b49eb52969..0000000000000 --- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/index.js +++ /dev/null @@ -1,202 +0,0 @@ -'use strict' - -const checkResponse = require('./check-response.js') -const getAuth = require('./auth.js') -const fetch = require('make-fetch-happen') -const JSONStream = require('minipass-json-stream') -const npa = require('npm-package-arg') -const qs = require('querystring') -const url = require('url') -const zlib = require('minizlib') -const Minipass = require('minipass') - -const defaultOpts = require('./default-opts.js') - -// WhatWG URL throws if it's not fully resolved -const urlIsValid = u => { - try { - return !!new url.URL(u) - } catch (_) { - return false - } -} - -module.exports = regFetch -function regFetch (uri, /* istanbul ignore next */ opts_ = {}) { - const opts = { - ...defaultOpts, - ...opts_, - } - const registry = opts.registry = ( - (opts.spec && pickRegistry(opts.spec, opts)) || - opts.registry || - /* istanbul ignore next */ - 'https://registry.npmjs.org/' - ) - - if (!urlIsValid(uri)) { - uri = `${ - registry.trim().replace(/\/?$/g, '') - }/${ - uri.trim().replace(/^\//, '') - }` - } - - const method = opts.method || 'GET' - - // through that takes into account the scope, the prefix of `uri`, etc - const startTime = Date.now() - const headers = getHeaders(registry, uri, opts) - let body = opts.body - const bodyIsStream = Minipass.isStream(body) - const bodyIsPromise = body && - typeof body === 'object' && - typeof body.then === 'function' - - if (body && !bodyIsStream && !bodyIsPromise && typeof body !== 'string' && !Buffer.isBuffer(body)) { - headers['content-type'] = headers['content-type'] || 'application/json' - body = JSON.stringify(body) - } else if (body && !headers['content-type']) - headers['content-type'] = 'application/octet-stream' - - if (opts.gzip) { - headers['content-encoding'] = 'gzip' - if (bodyIsStream) { - const gz = new zlib.Gzip() - body.on('error', /* istanbul ignore next: unlikely and hard to test */ - err => gz.emit('error', err)) - body = body.pipe(gz) - } else if (!bodyIsPromise) - body = new zlib.Gzip().end(body).concat() - } - - const parsed = new url.URL(uri) - - if (opts.query) { - const q = typeof opts.query === 'string' ? qs.parse(opts.query) - : opts.query - - Object.keys(q).forEach(key => { - if (q[key] !== undefined) - parsed.searchParams.set(key, q[key]) - }) - uri = url.format(parsed) - } - - if (parsed.searchParams.get('write') === 'true' && method === 'GET') { - // do not cache, because this GET is fetching a rev that will be - // used for a subsequent PUT or DELETE, so we need to conditionally - // update cache. - opts.offline = false - opts.preferOffline = false - opts.preferOnline = true - } - - const doFetch = (body) => fetch(uri, { - agent: opts.agent, - algorithms: opts.algorithms, - body, - cache: getCacheMode(opts), - cacheManager: opts.cache, - ca: opts.ca, - cert: opts.cert, - headers, - integrity: opts.integrity, - key: opts.key, - localAddress: opts.localAddress, - maxSockets: opts.maxSockets, - memoize: opts.memoize, - method: method, - noProxy: opts.noProxy, - proxy: opts.httpsProxy || opts.proxy, - retry: opts.retry ? opts.retry : { - retries: opts.fetchRetries, - factor: opts.fetchRetryFactor, - minTimeout: opts.fetchRetryMintimeout, - maxTimeout: opts.fetchRetryMaxtimeout, - }, - strictSSL: opts.strictSSL, - timeout: opts.timeout || 30 * 1000, - }).then(res => checkResponse( - method, res, registry, startTime, opts - )) - - return Promise.resolve(body).then(doFetch) -} - -module.exports.json = fetchJSON -function fetchJSON (uri, opts) { - return regFetch(uri, opts).then(res => res.json()) -} - -module.exports.json.stream = fetchJSONStream -function fetchJSONStream (uri, jsonPath, /* istanbul ignore next */ opts_ = {}) { - const opts = { ...defaultOpts, ...opts_ } - const parser = JSONStream.parse(jsonPath, opts.mapJSON) - regFetch(uri, opts).then(res => - res.body.on('error', - /* istanbul ignore next: unlikely and difficult to test */ - er => parser.emit('error', er)).pipe(parser) - ).catch(er => parser.emit('error', er)) - return parser -} - -module.exports.pickRegistry = pickRegistry -function pickRegistry (spec, opts = {}) { - spec = npa(spec) - let registry = spec.scope && - opts[spec.scope.replace(/^@?/, '@') + ':registry'] - - if (!registry && opts.scope) - registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] - - if (!registry) - registry = opts.registry || 'https://registry.npmjs.org/' - - return registry -} - -function getCacheMode (opts) { - return opts.offline ? 'only-if-cached' - : opts.preferOffline ? 'force-cache' - : opts.preferOnline ? 'no-cache' - : 'default' -} - -function getHeaders (registry, uri, opts) { - const headers = Object.assign({ - 'npm-in-ci': !!opts.isFromCI, - 'user-agent': opts.userAgent, - }, opts.headers || {}) - - if (opts.projectScope) - headers['npm-scope'] = opts.projectScope - - if (opts.npmSession) - headers['npm-session'] = opts.npmSession - - if (opts.npmCommand) - headers['npm-command'] = opts.npmCommand - - const auth = getAuth(registry, opts) - // If a tarball is hosted on a different place than the manifest, only send - // credentials on `alwaysAuth` - const shouldAuth = ( - auth.alwaysAuth || - new url.URL(uri).host === new url.URL(registry).host - ) - if (shouldAuth && auth.token) - headers.authorization = `Bearer ${auth.token}` - else if (shouldAuth && auth.username && auth.password) { - const encoded = Buffer.from( - `${auth.username}:${auth.password}`, 'utf8' - ).toString('base64') - headers.authorization = `Basic ${encoded}` - } else if (shouldAuth && auth._auth) - headers.authorization = `Basic ${auth._auth}` - - if (shouldAuth && auth.otp) - headers['npm-otp'] = auth.otp - - return headers -} diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/package.json b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/package.json deleted file mode 100644 index 40e0067b4aedb..0000000000000 --- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/package.json +++ /dev/null @@ -1,63 +0,0 @@ -{ - "name": "npm-registry-fetch", - "version": "9.0.0", - "description": "Fetch-based http client for use with npm registry APIs", - "main": "index.js", - "files": [ - "*.js" - ], - "scripts": { - "eslint": "eslint", - "lint": "npm run eslint -- *.js test/*.js", - "lintfix": "npm run lint -- --fix", - "prepublishOnly": "git push origin --follow-tags", - "preversion": "npm test", - "postversion": "npm publish", - "test": "tap", - "posttest": "npm run lint" - }, - "repository": "https://github.com/npm/npm-registry-fetch", - "keywords": [ - "npm", - "registry", - "fetch" - ], - "author": { - "name": "Kat Marchán", - "email": "kzm@sykosomatic.org", - "twitter": "maybekatz" - }, - "license": "ISC", - "dependencies": { - "@npmcli/ci-detect": "^1.0.0", - "lru-cache": "^6.0.0", - "make-fetch-happen": "^8.0.9", - "minipass": "^3.1.3", - "minipass-fetch": "^1.3.0", - "minipass-json-stream": "^1.0.1", - "minizlib": "^2.0.0", - "npm-package-arg": "^8.0.0" - }, - "devDependencies": { - "cacache": "^15.0.0", - "eslint": "^6.8.0", - "eslint-plugin-import": "^2.18.2", - "eslint-plugin-node": "^10.0.0", - "eslint-plugin-promise": "^4.2.1", - "eslint-plugin-standard": "^4.0.1", - "mkdirp": "^0.5.1", - "nock": "^11.7.0", - "npmlog": "^4.1.2", - "require-inject": "^1.4.4", - "rimraf": "^2.6.2", - "ssri": "^8.0.0", - "tap": "^14.10.7" - }, - "tap": { - "check-coverage": true, - "test-ignore": "test[\\\\/](util|cache)[\\\\/]" - }, - "engines": { - "node": ">=10" - } -} diff --git a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/silentlog.js b/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/silentlog.js deleted file mode 100644 index 483bd44c7086a..0000000000000 --- a/node_modules/@npmcli/arborist/node_modules/npm-registry-fetch/silentlog.js +++ /dev/null @@ -1,14 +0,0 @@ -'use strict' - -const noop = Function.prototype -module.exports = { - error: noop, - warn: noop, - notice: noop, - info: noop, - verbose: noop, - silly: noop, - http: noop, - pause: noop, - resume: noop, -} diff --git a/node_modules/@npmcli/arborist/package.json b/node_modules/@npmcli/arborist/package.json index d08102ce0cf12..66a92f0d52d34 100644 --- a/node_modules/@npmcli/arborist/package.json +++ b/node_modules/@npmcli/arborist/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/arborist", - "version": "2.3.0", + "version": "2.4.0", "description": "Manage node_modules trees", "dependencies": { "@npmcli/installed-package-contents": "^1.0.7", @@ -19,7 +19,7 @@ "npm-install-checks": "^4.0.0", "npm-package-arg": "^8.1.0", "npm-pick-manifest": "^6.1.0", - "npm-registry-fetch": "^9.0.0", + "npm-registry-fetch": "^10.0.0", "pacote": "^11.2.6", "parse-conflict-json": "^1.1.1", "promise-all-reject-late": "^1.0.0", @@ -41,8 +41,7 @@ "eslint-plugin-standard": "^4.0.1", "minify-registry-metadata": "^2.1.0", "mutate-fs": "^2.1.1", - "require-inject": "^1.4.4", - "tap": "^14.11.0", + "tap": "^15.0.4", "tcompare": "^3.0.4" }, "scripts": { @@ -76,10 +75,8 @@ "arborist": "bin/index.js" }, "tap": { - "100": true, "after": "test/fixtures/cleanup.js", "coverage-map": "map.js", - "esm": false, "test-env": [ "NODE_OPTIONS=--no-warnings" ], @@ -87,6 +84,6 @@ "--no-warnings", "--no-deprecation" ], - "timeout": "120" + "timeout": "240" } } diff --git a/package-lock.json b/package-lock.json index 3b044b6ad8468..86ea49a6df295 100644 --- a/package-lock.json +++ b/package-lock.json @@ -253,7 +253,7 @@ ], "license": "Artistic-2.0", "dependencies": { - "@npmcli/arborist": "^2.3.0", + "@npmcli/arborist": "^2.4.0", "@npmcli/ci-detect": "^1.2.0", "@npmcli/config": "^2.1.0", "@npmcli/run-script": "^1.8.4", @@ -888,9 +888,9 @@ } }, "node_modules/@npmcli/arborist": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.3.0.tgz", - "integrity": "sha512-4z8x8jImp/Clwol4sgmR6qdntLQZDxNFabBSbyr9EB11cyWHyqhRvBKip/1sBTcQAScIwuFT64MOu/HI4a5Nkw==", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.4.0.tgz", + "integrity": "sha512-rCoRrUSmXdBDBBgL/O0oehIR53ey99Pds8dId7gztARZmx6/NBoeiUOu9RnvXSe15XZLc3JSz9sHPcbQ9NQ53Q==", "inBundle": true, "dependencies": { "@npmcli/installed-package-contents": "^1.0.7", @@ -909,7 +909,7 @@ "npm-install-checks": "^4.0.0", "npm-package-arg": "^8.1.0", "npm-pick-manifest": "^6.1.0", - "npm-registry-fetch": "^9.0.0", + "npm-registry-fetch": "^10.0.0", "pacote": "^11.2.6", "parse-conflict-json": "^1.1.1", "promise-all-reject-late": "^1.0.0", @@ -925,25 +925,6 @@ "arborist": "bin/index.js" } }, - "node_modules/@npmcli/arborist/node_modules/npm-registry-fetch": { - "version": "9.0.0", - "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-9.0.0.tgz", - "integrity": "sha512-PuFYYtnQ8IyVl6ib9d3PepeehcUeHN9IO5N/iCRhyg9tStQcqGQBRVHmfmMWPDERU3KwZoHFvbJ4FPXPspvzbA==", - "inBundle": true, - "dependencies": { - "@npmcli/ci-detect": "^1.0.0", - "lru-cache": "^6.0.0", - "make-fetch-happen": "^8.0.9", - "minipass": "^3.1.3", - "minipass-fetch": "^1.3.0", - "minipass-json-stream": "^1.0.1", - "minizlib": "^2.0.0", - "npm-package-arg": "^8.0.0" - }, - "engines": { - "node": ">=10" - } - }, "node_modules/@npmcli/ci-detect": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/@npmcli/ci-detect/-/ci-detect-1.3.0.tgz", @@ -11300,9 +11281,9 @@ "dev": true }, "@npmcli/arborist": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.3.0.tgz", - "integrity": "sha512-4z8x8jImp/Clwol4sgmR6qdntLQZDxNFabBSbyr9EB11cyWHyqhRvBKip/1sBTcQAScIwuFT64MOu/HI4a5Nkw==", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.4.0.tgz", + "integrity": "sha512-rCoRrUSmXdBDBBgL/O0oehIR53ey99Pds8dId7gztARZmx6/NBoeiUOu9RnvXSe15XZLc3JSz9sHPcbQ9NQ53Q==", "requires": { "@npmcli/installed-package-contents": "^1.0.7", "@npmcli/map-workspaces": "^1.0.2", @@ -11320,7 +11301,7 @@ "npm-install-checks": "^4.0.0", "npm-package-arg": "^8.1.0", "npm-pick-manifest": "^6.1.0", - "npm-registry-fetch": "^9.0.0", + "npm-registry-fetch": "^10.0.0", "pacote": "^11.2.6", "parse-conflict-json": "^1.1.1", "promise-all-reject-late": "^1.0.0", @@ -11331,23 +11312,6 @@ "tar": "^6.1.0", "treeverse": "^1.0.4", "walk-up-path": "^1.0.0" - }, - "dependencies": { - "npm-registry-fetch": { - "version": "9.0.0", - "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-9.0.0.tgz", - "integrity": "sha512-PuFYYtnQ8IyVl6ib9d3PepeehcUeHN9IO5N/iCRhyg9tStQcqGQBRVHmfmMWPDERU3KwZoHFvbJ4FPXPspvzbA==", - "requires": { - "@npmcli/ci-detect": "^1.0.0", - "lru-cache": "^6.0.0", - "make-fetch-happen": "^8.0.9", - "minipass": "^3.1.3", - "minipass-fetch": "^1.3.0", - "minipass-json-stream": "^1.0.1", - "minizlib": "^2.0.0", - "npm-package-arg": "^8.0.0" - } - } } }, "@npmcli/ci-detect": { diff --git a/package.json b/package.json index c55b86cb346bd..29790969fd48e 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,7 @@ "./package.json": "./package.json" }, "dependencies": { - "@npmcli/arborist": "^2.3.0", + "@npmcli/arborist": "^2.4.0", "@npmcli/ci-detect": "^1.2.0", "@npmcli/config": "^2.1.0", "@npmcli/run-script": "^1.8.4",