OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2025-12-06 12:20:27 +01:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

deps: upgrade npm to 8.15.1

Browse Source 
PR-URL: https://github.com/nodejs/node/pull/44013
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This commit is contained in:
npm CLI robot 2022-07-28 11:03:27 -07:00 committed by GitHub
parent a3e110820f
commit 0616eafbc8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
46 changed files with 1651 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

253
deps/npm/docs/content/commands/npm-ci.md vendored
View File

@ -84,15 +84,129 @@ cache:
<!-- AUTOGENERATED CONFIG DESCRIPTIONS START -->
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `audit`
#### `save`
* Default: `true` unless when using `npm update` where it defaults to `false`
* Type: Boolean
Save installed packages to a `package.json` file as dependencies.
When used with the `npm rm` command, removes the dependency from
`package.json`.
Will also prevent writing to `package-lock.json` if set to `false`.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `save-exact`
* Default: false
* Type: Boolean
Dependencies saved to package.json will be configured with an exact version
rather than using npm's default semver range operator.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `global`
* Default: false
* Type: Boolean
Operates in "global" mode, so that packages are installed into the `prefix`
folder instead of the current working directory. See
[folders](/configuring-npm/folders) for more on the differences in behavior.
* packages are installed into the `{prefix}/lib/node_modules` folder, instead
of the current working directory.
* bin files are linked to `{prefix}/bin`
* man pages are linked to `{prefix}/share/man`
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `global-style`
* Default: false
* Type: Boolean
Causes npm to install the package into your local `node_modules` folder with
the same layout it uses with the global `node_modules` folder. Only your
direct dependencies will show in `node_modules` and everything they depend
on will be flattened in their `node_modules` folders. This obviously will
eliminate some deduping. If used with `legacy-bundling`, `legacy-bundling`
will be preferred.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `legacy-bundling`
* Default: false
* Type: Boolean
Causes npm to install the package such that versions of npm prior to 1.4,
such as the one included with node 0.8, can install the package. This
eliminates all automatic deduping. If used with `global-style` this option
will be preferred.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `omit`
* Default: 'dev' if the `NODE_ENV` environment variable is set to
'production', otherwise empty.
* Type: "dev", "optional", or "peer" (can be set multiple times)
Dependency types to omit from the installation tree on disk.
Note that these dependencies _are_ still resolved and added to the
`package-lock.json` or `npm-shrinkwrap.json` file. They are just not
physically installed on disk.
If a package type appears in both the `--include` and `--omit` lists, then
it will be included.
If the resulting omit list includes `'dev'`, then the `NODE_ENV` environment
variable will be set to `'production'` for all lifecycle scripts.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `strict-peer-deps`
* Default: false
* Type: Boolean
If set to `true`, and `--legacy-peer-deps` is not set, then _any_
conflicting `peerDependencies` will be treated as an install failure, even
if npm could reasonably guess the appropriate resolution based on non-peer
dependency relationships.
By default, conflicting `peerDependencies` deep in the dependency graph will
be resolved using the nearest non-peer dependency specification, even if
doing so will result in some packages receiving a peer dependency outside
the range set in their package's `peerDependencies` object.
When such and override is performed, a warning is printed, explaining the
conflict and the packages involved. If `--strict-peer-deps` is set, then
this warning is treated as a failure.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `package-lock`
* Default: true
* Type: Boolean
When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes. See the
documentation for [`npm audit`](/commands/npm-audit) for details on what is
submitted.
If set to false, then ignore `package-lock.json` files when installing. This
will also prevent _writing_ `package-lock.json` if `save` is true.
This configuration does not affect `npm ci`.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
@ -127,13 +241,132 @@ will *not* run any pre- or post-scripts.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `script-shell`
#### `audit`
* Default: '/bin/sh' on POSIX systems, 'cmd.exe' on Windows
* Type: null or String
* Default: true
* Type: Boolean
The shell to use for scripts run with the `npm exec`, `npm run` and `npm
init <package-spec>` commands.
When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes. See the
documentation for [`npm audit`](/commands/npm-audit) for details on what is
submitted.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `bin-links`
* Default: true
* Type: Boolean
Tells npm to create symlinks (or `.cmd` shims on Windows) for package
executables.
Set to false to have it not do this. This can be used to work around the
fact that some file systems don't support symlinks, even on ostensibly Unix
systems.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `fund`
* Default: true
* Type: Boolean
When "true" displays the message at the end of each `npm install`
acknowledging the number of dependencies looking for funding. See [`npm
fund`](/commands/npm-fund) for details.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `dry-run`
* Default: false
* Type: Boolean
Indicates that you don't want npm to make any changes and that it should
only report what it would have done. This can be passed into any of the
commands that modify your local installation, eg, `install`, `update`,
`dedupe`, `uninstall`, as well as `pack` and `publish`.
Note: This is NOT honored by other network related commands, eg `dist-tags`,
`owner`, etc.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `workspace`
* Default:
* Type: String (can be set multiple times)
Enable running a command in the context of the configured workspaces of the
current project while filtering by running only the workspaces defined by
this configuration option.
Valid values for the `workspace` config are either:
* Workspace names
* Path to a workspace directory
* Path to a parent workspace directory (will result in selecting all
workspaces within that folder)
When set for the `npm init` command, this may be set to the folder of a
workspace which does not yet exist, to create the folder and set it up as a
brand new workspace within the project.
This value is not exported to the environment for child processes.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `workspaces`
* Default: null
* Type: null or Boolean
Set to true to run the command in the context of **all** configured
workspaces.
Explicitly setting this to false will cause commands like `install` to
ignore workspaces altogether. When not set explicitly:
- Commands that operate on the `node_modules` tree (install, update, etc.)
will link workspaces into the `node_modules` folder. - Commands that do
other things (test, exec, publish, etc.) will operate on the root project,
_unless_ one or more workspaces are specified in the `workspace` config.
This value is not exported to the environment for child processes.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `include-workspace-root`
* Default: false
* Type: Boolean
Include the workspace root when workspaces are enabled for a command.
When false, specifying individual workspaces via the `workspace` config, or
all workspaces via the `workspaces` flag, will cause npm to operate only on
the specified workspaces, and not on the root project.
This value is not exported to the environment for child processes.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `install-links`
* Default: false
* Type: Boolean
When set file: protocol dependencies that exist outside of the project root
will be packed and installed as regular dependencies instead of creating a
symlink. This option has no effect on workspaces.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->

2
deps/npm/docs/content/commands/npm-init.md vendored
View File

@ -38,6 +38,8 @@ follows:
* `npm init foo` -> `npm exec create-foo`
* `npm init @usr/foo` -> `npm exec @usr/create-foo`
* `npm init @usr` -> `npm exec @usr/create`
* `npm init @usr@2.0.0` -> `npm exec @usr/create@2.0.0`
* `npm init @usr/foo@2.0.0` -> `npm exec @usr/create-foo@2.0.0`
If the initializer is omitted (by just calling `npm init`), init will fall
back to legacy init behavior. It will ask you a bunch of questions, and

253
deps/npm/docs/content/commands/npm-install-ci-test.md vendored
View File

@ -30,15 +30,129 @@ This command runs `npm ci` followed immediately by `npm test`.
<!-- AUTOGENERATED CONFIG DESCRIPTIONS START -->
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `audit`
#### `save`
* Default: `true` unless when using `npm update` where it defaults to `false`
* Type: Boolean
Save installed packages to a `package.json` file as dependencies.
When used with the `npm rm` command, removes the dependency from
`package.json`.
Will also prevent writing to `package-lock.json` if set to `false`.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `save-exact`
* Default: false
* Type: Boolean
Dependencies saved to package.json will be configured with an exact version
rather than using npm's default semver range operator.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `global`
* Default: false
* Type: Boolean
Operates in "global" mode, so that packages are installed into the `prefix`
folder instead of the current working directory. See
[folders](/configuring-npm/folders) for more on the differences in behavior.
* packages are installed into the `{prefix}/lib/node_modules` folder, instead
of the current working directory.
* bin files are linked to `{prefix}/bin`
* man pages are linked to `{prefix}/share/man`
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `global-style`
* Default: false
* Type: Boolean
Causes npm to install the package into your local `node_modules` folder with
the same layout it uses with the global `node_modules` folder. Only your
direct dependencies will show in `node_modules` and everything they depend
on will be flattened in their `node_modules` folders. This obviously will
eliminate some deduping. If used with `legacy-bundling`, `legacy-bundling`
will be preferred.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `legacy-bundling`
* Default: false
* Type: Boolean
Causes npm to install the package such that versions of npm prior to 1.4,
such as the one included with node 0.8, can install the package. This
eliminates all automatic deduping. If used with `global-style` this option
will be preferred.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `omit`
* Default: 'dev' if the `NODE_ENV` environment variable is set to
'production', otherwise empty.
* Type: "dev", "optional", or "peer" (can be set multiple times)
Dependency types to omit from the installation tree on disk.
Note that these dependencies _are_ still resolved and added to the
`package-lock.json` or `npm-shrinkwrap.json` file. They are just not
physically installed on disk.
If a package type appears in both the `--include` and `--omit` lists, then
it will be included.
If the resulting omit list includes `'dev'`, then the `NODE_ENV` environment
variable will be set to `'production'` for all lifecycle scripts.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `strict-peer-deps`
* Default: false
* Type: Boolean
If set to `true`, and `--legacy-peer-deps` is not set, then _any_
conflicting `peerDependencies` will be treated as an install failure, even
if npm could reasonably guess the appropriate resolution based on non-peer
dependency relationships.
By default, conflicting `peerDependencies` deep in the dependency graph will
be resolved using the nearest non-peer dependency specification, even if
doing so will result in some packages receiving a peer dependency outside
the range set in their package's `peerDependencies` object.
When such and override is performed, a warning is printed, explaining the
conflict and the packages involved. If `--strict-peer-deps` is set, then
this warning is treated as a failure.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `package-lock`
* Default: true
* Type: Boolean
When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes. See the
documentation for [`npm audit`](/commands/npm-audit) for details on what is
submitted.
If set to false, then ignore `package-lock.json` files when installing. This
will also prevent _writing_ `package-lock.json` if `save` is true.
This configuration does not affect `npm ci`.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
@ -73,13 +187,132 @@ will *not* run any pre- or post-scripts.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `script-shell`
#### `audit`
* Default: '/bin/sh' on POSIX systems, 'cmd.exe' on Windows
* Type: null or String
* Default: true
* Type: Boolean
The shell to use for scripts run with the `npm exec`, `npm run` and `npm
init <package-spec>` commands.
When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes. See the
documentation for [`npm audit`](/commands/npm-audit) for details on what is
submitted.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `bin-links`
* Default: true
* Type: Boolean
Tells npm to create symlinks (or `.cmd` shims on Windows) for package
executables.
Set to false to have it not do this. This can be used to work around the
fact that some file systems don't support symlinks, even on ostensibly Unix
systems.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `fund`
* Default: true
* Type: Boolean
When "true" displays the message at the end of each `npm install`
acknowledging the number of dependencies looking for funding. See [`npm
fund`](/commands/npm-fund) for details.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `dry-run`
* Default: false
* Type: Boolean
Indicates that you don't want npm to make any changes and that it should
only report what it would have done. This can be passed into any of the
commands that modify your local installation, eg, `install`, `update`,
`dedupe`, `uninstall`, as well as `pack` and `publish`.
Note: This is NOT honored by other network related commands, eg `dist-tags`,
`owner`, etc.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `workspace`
* Default:
* Type: String (can be set multiple times)
Enable running a command in the context of the configured workspaces of the
current project while filtering by running only the workspaces defined by
this configuration option.
Valid values for the `workspace` config are either:
* Workspace names
* Path to a workspace directory
* Path to a parent workspace directory (will result in selecting all
workspaces within that folder)
When set for the `npm init` command, this may be set to the folder of a
workspace which does not yet exist, to create the folder and set it up as a
brand new workspace within the project.
This value is not exported to the environment for child processes.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `workspaces`
* Default: null
* Type: null or Boolean
Set to true to run the command in the context of **all** configured
workspaces.
Explicitly setting this to false will cause commands like `install` to
ignore workspaces altogether. When not set explicitly:
- Commands that operate on the `node_modules` tree (install, update, etc.)
will link workspaces into the `node_modules` folder. - Commands that do
other things (test, exec, publish, etc.) will operate on the root project,
_unless_ one or more workspaces are specified in the `workspace` config.
This value is not exported to the environment for child processes.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `include-workspace-root`
* Default: false
* Type: Boolean
Include the workspace root when workspaces are enabled for a command.
When false, specifying individual workspaces via the `workspace` config, or
all workspaces via the `workspaces` flag, will cause npm to operate only on
the specified workspaces, and not on the root project.
This value is not exported to the environment for child processes.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### `install-links`
* Default: false
* Type: Boolean
When set file: protocol dependencies that exist outside of the project root
will be packed and installed as regular dependencies instead of creating a
symlink. This option has no effect on workspaces.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->

2
deps/npm/docs/content/commands/npm-install.md vendored
View File

@ -311,7 +311,7 @@ into a tarball (b).
can be any valid semver range or exact version, and npm will look for
any tags or refs matching that range in the remote repository, much as
it would for a registry dependency. If neither `#<commit-ish>` or
`#semver:<semver>` is specified, then `master` is used.
`#semver:<semver>` is specified, then the default branch is used.
As with regular git dependencies, `dependencies` and `devDependencies`
will be installed if the package has a `prepare` script before the

4
deps/npm/docs/content/commands/npm-ls.md vendored
View File

@ -44,7 +44,7 @@ npm@@VERSION@ /path/to/npm
It will print out extraneous, missing, and invalid packages.
If a project specifies git urls for dependencies these are shown
in parentheses after the name@version to make it easier for users to
in parentheses after the `name@version` to make it easier for users to
recognize potential forks of a project.
The tree shown is the logical dependency tree, based on package
@ -62,7 +62,7 @@ disk would be roughly identical.
With the advent of automatic install-time deduplication of dependencies in
npm v3, the `ls` output was modified to display the logical dependency
graph as a tree structure, since this was more useful to most users.
However, without using `npm ls -l`, it became impossible show _where_ a
However, without using `npm ls -l`, it became impossible to show _where_ a
package was actually installed much of the time!
With the advent of automatic installation of `peerDependencies` in npm v7,

2
deps/npm/docs/content/configuring-npm/package-json.md vendored
View File

@ -632,7 +632,7 @@ commit. If the commit-ish has the format `#semver:<semver>`, `<semver>` can
be any valid semver range or exact version, and npm will look for any tags
or refs matching that range in the remote repository, much as it would for
a registry dependency. If neither `#<commit-ish>` or `#semver:<semver>` is
specified, then `master` is used.
specified, then the default branch is used.
Examples:

10
deps/npm/docs/content/using-npm/workspaces.md vendored
View File

@ -137,6 +137,8 @@ nested workspaces to be consumed elsewhere.
You can use the `workspace` configuration option to run commands in the context
of a configured workspace.
Additionally, if your current directory is in a workspace, the `workspace`
configuration is implicitly set, and `prefix` is set to the root workspace.
Following is a quick example on how to use the `npm run` command in the context
of nested workspaces. For a project containing multiple workspaces, e.g:
@ -158,7 +160,13 @@ given command in the context of that specific workspace. e.g:
npm run test --workspace=a
```
This will run the `test` script defined within the
You could also run the command within the workspace.
```
cd packages/a && npm run test
```
Either will run the `test` script defined within the
`./packages/a/package.json` file.
Please note that you can also specify this argument multiple times in the

211
deps/npm/docs/output/commands/npm-ci.html vendored
View File

@ -142,7 +142,7 @@ npm command-line interface
<section id="table_of_contents">
<h2 id="table-of-contents">Table of contents</h2>
<div id="_table_of_contents"><ul><li><a href="#synopsis">Synopsis</a></li><li><a href="#description">Description</a></li><li><a href="#example">Example</a></li><li><a href="#configuration">Configuration</a></li><ul><li><a href="#audit"><code>audit</code></a></li><li><a href="#foreground-scripts"><code>foreground-scripts</code></a></li><li><a href="#ignore-scripts"><code>ignore-scripts</code></a></li><li><a href="#script-shell"><code>script-shell</code></a></li></ul><li><a href="#see-also">See Also</a></li></ul></div>
<div id="_table_of_contents"><ul><li><a href="#synopsis">Synopsis</a></li><li><a href="#description">Description</a></li><li><a href="#example">Example</a></li><li><a href="#configuration">Configuration</a></li><ul><li><a href="#save"><code>save</code></a></li><li><a href="#save-exact"><code>save-exact</code></a></li><li><a href="#global"><code>global</code></a></li><li><a href="#global-style"><code>global-style</code></a></li><li><a href="#legacy-bundling"><code>legacy-bundling</code></a></li><li><a href="#omit"><code>omit</code></a></li><li><a href="#strict-peer-deps"><code>strict-peer-deps</code></a></li><li><a href="#package-lock"><code>package-lock</code></a></li><li><a href="#foreground-scripts"><code>foreground-scripts</code></a></li><li><a href="#ignore-scripts"><code>ignore-scripts</code></a></li><li><a href="#audit"><code>audit</code></a></li><li><a href="#bin-links"><code>bin-links</code></a></li><li><a href="#fund"><code>fund</code></a></li><li><a href="#dry-run"><code>dry-run</code></a></li><li><a href="#workspace"><code>workspace</code></a></li><li><a href="#workspaces"><code>workspaces</code></a></li><li><a href="#include-workspace-root"><code>include-workspace-root</code></a></li><li><a href="#install-links"><code>install-links</code></a></li></ul><li><a href="#see-also">See Also</a></li></ul></div>
</section>
<div id="_content"><h3 id="synopsis">Synopsis</h3>
@ -205,15 +205,108 @@ cache:
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="audit"><code>audit</code></h4>
<h4 id="save"><code>save</code></h4>
<ul>
<li>Default: <code>true</code> unless when using <code>npm update</code> where it defaults to <code>false</code></li>
<li>Type: Boolean</li>
</ul>
<p>Save installed packages to a <code>package.json</code> file as dependencies.</p>
<p>When used with the <code>npm rm</code> command, removes the dependency from
<code>package.json</code>.</p>
<p>Will also prevent writing to <code>package-lock.json</code> if set to <code>false</code>.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="save-exact"><code>save-exact</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Dependencies saved to package.json will be configured with an exact version
rather than using npm's default semver range operator.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="global"><code>global</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Operates in "global" mode, so that packages are installed into the <code>prefix</code>
folder instead of the current working directory. See
<a href="../configuring-npm/folders.html">folders</a> for more on the differences in behavior.</p>
<ul>
<li>packages are installed into the <code>{prefix}/lib/node_modules</code> folder, instead
of the current working directory.</li>
<li>bin files are linked to <code>{prefix}/bin</code></li>
<li>man pages are linked to <code>{prefix}/share/man</code></li>
</ul>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="global-style"><code>global-style</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Causes npm to install the package into your local <code>node_modules</code> folder with
the same layout it uses with the global <code>node_modules</code> folder. Only your
direct dependencies will show in <code>node_modules</code> and everything they depend
on will be flattened in their <code>node_modules</code> folders. This obviously will
eliminate some deduping. If used with <code>legacy-bundling</code>, <code>legacy-bundling</code>
will be preferred.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="legacy-bundling"><code>legacy-bundling</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Causes npm to install the package such that versions of npm prior to 1.4,
such as the one included with node 0.8, can install the package. This
eliminates all automatic deduping. If used with <code>global-style</code> this option
will be preferred.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="omit"><code>omit</code></h4>
<ul>
<li>Default: 'dev' if the <code>NODE_ENV</code> environment variable is set to
'production', otherwise empty.</li>
<li>Type: "dev", "optional", or "peer" (can be set multiple times)</li>
</ul>
<p>Dependency types to omit from the installation tree on disk.</p>
<p>Note that these dependencies <em>are</em> still resolved and added to the
<code>package-lock.json</code> or <code>npm-shrinkwrap.json</code> file. They are just not
physically installed on disk.</p>
<p>If a package type appears in both the <code>--include</code> and <code>--omit</code> lists, then
it will be included.</p>
<p>If the resulting omit list includes <code>'dev'</code>, then the <code>NODE_ENV</code> environment
variable will be set to <code>'production'</code> for all lifecycle scripts.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="strict-peer-deps"><code>strict-peer-deps</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>If set to <code>true</code>, and <code>--legacy-peer-deps</code> is not set, then <em>any</em>
conflicting <code>peerDependencies</code> will be treated as an install failure, even
if npm could reasonably guess the appropriate resolution based on non-peer
dependency relationships.</p>
<p>By default, conflicting <code>peerDependencies</code> deep in the dependency graph will
be resolved using the nearest non-peer dependency specification, even if
doing so will result in some packages receiving a peer dependency outside
the range set in their package's <code>peerDependencies</code> object.</p>
<p>When such and override is performed, a warning is printed, explaining the
conflict and the packages involved. If <code>--strict-peer-deps</code> is set, then
this warning is treated as a failure.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="package-lock"><code>package-lock</code></h4>
<ul>
<li>Default: true</li>
<li>Type: Boolean</li>
</ul>
<p>When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes. See the
documentation for <a href="../commands/npm-audit.html"><code>npm audit</code></a> for details on what is
submitted.</p>
<p>If set to false, then ignore <code>package-lock.json</code> files when installing. This
will also prevent <em>writing</em> <code>package-lock.json</code> if <code>save</code> is true.</p>
<p>This configuration does not affect <code>npm ci</code>.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="foreground-scripts"><code>foreground-scripts</code></h4>
@ -240,12 +333,110 @@ will still run their intended script if <code>ignore-scripts</code> is set, but
will <em>not</em> run any pre- or post-scripts.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="script-shell"><code>script-shell</code></h4>
<h4 id="audit"><code>audit</code></h4>
<ul>
<li>Default: '/bin/sh' on POSIX systems, 'cmd.exe' on Windows</li>
<li>Type: null or String</li>
<li>Default: true</li>
<li>Type: Boolean</li>
</ul>
<p>The shell to use for scripts run with the <code>npm exec</code>, <code>npm run</code> and <code>npm init &lt;package-spec&gt;</code> commands.</p>
<p>When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes. See the
documentation for <a href="../commands/npm-audit.html"><code>npm audit</code></a> for details on what is
submitted.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="bin-links"><code>bin-links</code></h4>
<ul>
<li>Default: true</li>
<li>Type: Boolean</li>
</ul>
<p>Tells npm to create symlinks (or <code>.cmd</code> shims on Windows) for package
executables.</p>
<p>Set to false to have it not do this. This can be used to work around the
fact that some file systems don't support symlinks, even on ostensibly Unix
systems.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="fund"><code>fund</code></h4>
<ul>
<li>Default: true</li>
<li>Type: Boolean</li>
</ul>
<p>When "true" displays the message at the end of each <code>npm install</code>
acknowledging the number of dependencies looking for funding. See <a href="../commands/npm-fund.html"><code>npm fund</code></a> for details.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="dry-run"><code>dry-run</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Indicates that you don't want npm to make any changes and that it should
only report what it would have done. This can be passed into any of the
commands that modify your local installation, eg, <code>install</code>, <code>update</code>,
<code>dedupe</code>, <code>uninstall</code>, as well as <code>pack</code> and <code>publish</code>.</p>
<p>Note: This is NOT honored by other network related commands, eg <code>dist-tags</code>,
<code>owner</code>, etc.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="workspace"><code>workspace</code></h4>
<ul>
<li>Default:</li>
<li>Type: String (can be set multiple times)</li>
</ul>
<p>Enable running a command in the context of the configured workspaces of the
current project while filtering by running only the workspaces defined by
this configuration option.</p>
<p>Valid values for the <code>workspace</code> config are either:</p>
<ul>
<li>Workspace names</li>
<li>Path to a workspace directory</li>
<li>Path to a parent workspace directory (will result in selecting all
workspaces within that folder)</li>
</ul>
<p>When set for the <code>npm init</code> command, this may be set to the folder of a
workspace which does not yet exist, to create the folder and set it up as a
brand new workspace within the project.</p>
<p>This value is not exported to the environment for child processes.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="workspaces"><code>workspaces</code></h4>
<ul>
<li>Default: null</li>
<li>Type: null or Boolean</li>
</ul>
<p>Set to true to run the command in the context of <strong>all</strong> configured
workspaces.</p>
<p>Explicitly setting this to false will cause commands like <code>install</code> to
ignore workspaces altogether. When not set explicitly:</p>
<ul>
<li>Commands that operate on the <code>node_modules</code> tree (install, update, etc.)
will link workspaces into the <code>node_modules</code> folder. - Commands that do
other things (test, exec, publish, etc.) will operate on the root project,
<em>unless</em> one or more workspaces are specified in the <code>workspace</code> config.</li>
</ul>
<p>This value is not exported to the environment for child processes.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="include-workspace-root"><code>include-workspace-root</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Include the workspace root when workspaces are enabled for a command.</p>
<p>When false, specifying individual workspaces via the <code>workspace</code> config, or
all workspaces via the <code>workspaces</code> flag, will cause npm to operate only on
the specified workspaces, and not on the root project.</p>
<p>This value is not exported to the environment for child processes.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="install-links"><code>install-links</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>When set file: protocol dependencies that exist outside of the project root
will be packed and installed as regular dependencies instead of creating a
symlink. This option has no effect on workspaces.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->

2
deps/npm/docs/output/commands/npm-init.html vendored
View File

@ -170,6 +170,8 @@ follows:</p>
<li><code>npm init foo</code> -&gt; <code>npm exec create-foo</code></li>
<li><code>npm init @usr/foo</code> -&gt; <code>npm exec @usr/create-foo</code></li>
<li><code>npm init @usr</code> -&gt; <code>npm exec @usr/create</code></li>
<li><code>npm init @usr@2.0.0</code> -&gt; <code>npm exec @usr/create@2.0.0</code></li>
<li><code>npm init @usr/foo@2.0.0</code> -&gt; <code>npm exec @usr/create-foo@2.0.0</code></li>
</ul>
<p>If the initializer is omitted (by just calling <code>npm init</code>), init will fall
back to legacy init behavior. It will ask you a bunch of questions, and

211
deps/npm/docs/output/commands/npm-install-ci-test.html vendored
View File

@ -142,7 +142,7 @@ npm command-line interface
<section id="table_of_contents">
<h2 id="table-of-contents">Table of contents</h2>
<div id="_table_of_contents"><ul><li><a href="#synopsis">Synopsis</a></li><li><a href="#description">Description</a></li><li><a href="#configuration">Configuration</a></li><ul><li><a href="#audit"><code>audit</code></a></li><li><a href="#foreground-scripts"><code>foreground-scripts</code></a></li><li><a href="#ignore-scripts"><code>ignore-scripts</code></a></li><li><a href="#script-shell"><code>script-shell</code></a></li></ul><li><a href="#see-also">See Also</a></li></ul></div>
<div id="_table_of_contents"><ul><li><a href="#synopsis">Synopsis</a></li><li><a href="#description">Description</a></li><li><a href="#configuration">Configuration</a></li><ul><li><a href="#save"><code>save</code></a></li><li><a href="#save-exact"><code>save-exact</code></a></li><li><a href="#global"><code>global</code></a></li><li><a href="#global-style"><code>global-style</code></a></li><li><a href="#legacy-bundling"><code>legacy-bundling</code></a></li><li><a href="#omit"><code>omit</code></a></li><li><a href="#strict-peer-deps"><code>strict-peer-deps</code></a></li><li><a href="#package-lock"><code>package-lock</code></a></li><li><a href="#foreground-scripts"><code>foreground-scripts</code></a></li><li><a href="#ignore-scripts"><code>ignore-scripts</code></a></li><li><a href="#audit"><code>audit</code></a></li><li><a href="#bin-links"><code>bin-links</code></a></li><li><a href="#fund"><code>fund</code></a></li><li><a href="#dry-run"><code>dry-run</code></a></li><li><a href="#workspace"><code>workspace</code></a></li><li><a href="#workspaces"><code>workspaces</code></a></li><li><a href="#include-workspace-root"><code>include-workspace-root</code></a></li><li><a href="#install-links"><code>install-links</code></a></li></ul><li><a href="#see-also">See Also</a></li></ul></div>
</section>
<div id="_content"><h3 id="synopsis">Synopsis</h3>
@ -162,15 +162,108 @@ alias: cit
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="audit"><code>audit</code></h4>
<h4 id="save"><code>save</code></h4>
<ul>
<li>Default: <code>true</code> unless when using <code>npm update</code> where it defaults to <code>false</code></li>
<li>Type: Boolean</li>
</ul>
<p>Save installed packages to a <code>package.json</code> file as dependencies.</p>
<p>When used with the <code>npm rm</code> command, removes the dependency from
<code>package.json</code>.</p>
<p>Will also prevent writing to <code>package-lock.json</code> if set to <code>false</code>.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="save-exact"><code>save-exact</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Dependencies saved to package.json will be configured with an exact version
rather than using npm's default semver range operator.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="global"><code>global</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Operates in "global" mode, so that packages are installed into the <code>prefix</code>
folder instead of the current working directory. See
<a href="../configuring-npm/folders.html">folders</a> for more on the differences in behavior.</p>
<ul>
<li>packages are installed into the <code>{prefix}/lib/node_modules</code> folder, instead
of the current working directory.</li>
<li>bin files are linked to <code>{prefix}/bin</code></li>
<li>man pages are linked to <code>{prefix}/share/man</code></li>
</ul>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="global-style"><code>global-style</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Causes npm to install the package into your local <code>node_modules</code> folder with
the same layout it uses with the global <code>node_modules</code> folder. Only your
direct dependencies will show in <code>node_modules</code> and everything they depend
on will be flattened in their <code>node_modules</code> folders. This obviously will
eliminate some deduping. If used with <code>legacy-bundling</code>, <code>legacy-bundling</code>
will be preferred.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="legacy-bundling"><code>legacy-bundling</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Causes npm to install the package such that versions of npm prior to 1.4,
such as the one included with node 0.8, can install the package. This
eliminates all automatic deduping. If used with <code>global-style</code> this option
will be preferred.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="omit"><code>omit</code></h4>
<ul>
<li>Default: 'dev' if the <code>NODE_ENV</code> environment variable is set to
'production', otherwise empty.</li>
<li>Type: "dev", "optional", or "peer" (can be set multiple times)</li>
</ul>
<p>Dependency types to omit from the installation tree on disk.</p>
<p>Note that these dependencies <em>are</em> still resolved and added to the
<code>package-lock.json</code> or <code>npm-shrinkwrap.json</code> file. They are just not
physically installed on disk.</p>
<p>If a package type appears in both the <code>--include</code> and <code>--omit</code> lists, then
it will be included.</p>
<p>If the resulting omit list includes <code>'dev'</code>, then the <code>NODE_ENV</code> environment
variable will be set to <code>'production'</code> for all lifecycle scripts.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="strict-peer-deps"><code>strict-peer-deps</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>If set to <code>true</code>, and <code>--legacy-peer-deps</code> is not set, then <em>any</em>
conflicting <code>peerDependencies</code> will be treated as an install failure, even
if npm could reasonably guess the appropriate resolution based on non-peer
dependency relationships.</p>
<p>By default, conflicting <code>peerDependencies</code> deep in the dependency graph will
be resolved using the nearest non-peer dependency specification, even if
doing so will result in some packages receiving a peer dependency outside
the range set in their package's <code>peerDependencies</code> object.</p>
<p>When such and override is performed, a warning is printed, explaining the
conflict and the packages involved. If <code>--strict-peer-deps</code> is set, then
this warning is treated as a failure.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="package-lock"><code>package-lock</code></h4>
<ul>
<li>Default: true</li>
<li>Type: Boolean</li>
</ul>
<p>When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes. See the
documentation for <a href="../commands/npm-audit.html"><code>npm audit</code></a> for details on what is
submitted.</p>
<p>If set to false, then ignore <code>package-lock.json</code> files when installing. This
will also prevent <em>writing</em> <code>package-lock.json</code> if <code>save</code> is true.</p>
<p>This configuration does not affect <code>npm ci</code>.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="foreground-scripts"><code>foreground-scripts</code></h4>
@ -197,12 +290,110 @@ will still run their intended script if <code>ignore-scripts</code> is set, but
will <em>not</em> run any pre- or post-scripts.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="script-shell"><code>script-shell</code></h4>
<h4 id="audit"><code>audit</code></h4>
<ul>
<li>Default: '/bin/sh' on POSIX systems, 'cmd.exe' on Windows</li>
<li>Type: null or String</li>
<li>Default: true</li>
<li>Type: Boolean</li>
</ul>
<p>The shell to use for scripts run with the <code>npm exec</code>, <code>npm run</code> and <code>npm init &lt;package-spec&gt;</code> commands.</p>
<p>When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes. See the
documentation for <a href="../commands/npm-audit.html"><code>npm audit</code></a> for details on what is
submitted.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="bin-links"><code>bin-links</code></h4>
<ul>
<li>Default: true</li>
<li>Type: Boolean</li>
</ul>
<p>Tells npm to create symlinks (or <code>.cmd</code> shims on Windows) for package
executables.</p>
<p>Set to false to have it not do this. This can be used to work around the
fact that some file systems don't support symlinks, even on ostensibly Unix
systems.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="fund"><code>fund</code></h4>
<ul>
<li>Default: true</li>
<li>Type: Boolean</li>
</ul>
<p>When "true" displays the message at the end of each <code>npm install</code>
acknowledging the number of dependencies looking for funding. See <a href="../commands/npm-fund.html"><code>npm fund</code></a> for details.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="dry-run"><code>dry-run</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Indicates that you don't want npm to make any changes and that it should
only report what it would have done. This can be passed into any of the
commands that modify your local installation, eg, <code>install</code>, <code>update</code>,
<code>dedupe</code>, <code>uninstall</code>, as well as <code>pack</code> and <code>publish</code>.</p>
<p>Note: This is NOT honored by other network related commands, eg <code>dist-tags</code>,
<code>owner</code>, etc.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="workspace"><code>workspace</code></h4>
<ul>
<li>Default:</li>
<li>Type: String (can be set multiple times)</li>
</ul>
<p>Enable running a command in the context of the configured workspaces of the
current project while filtering by running only the workspaces defined by
this configuration option.</p>
<p>Valid values for the <code>workspace</code> config are either:</p>
<ul>
<li>Workspace names</li>
<li>Path to a workspace directory</li>
<li>Path to a parent workspace directory (will result in selecting all
workspaces within that folder)</li>
</ul>
<p>When set for the <code>npm init</code> command, this may be set to the folder of a
workspace which does not yet exist, to create the folder and set it up as a
brand new workspace within the project.</p>
<p>This value is not exported to the environment for child processes.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="workspaces"><code>workspaces</code></h4>
<ul>
<li>Default: null</li>
<li>Type: null or Boolean</li>
</ul>
<p>Set to true to run the command in the context of <strong>all</strong> configured
workspaces.</p>
<p>Explicitly setting this to false will cause commands like <code>install</code> to
ignore workspaces altogether. When not set explicitly:</p>
<ul>
<li>Commands that operate on the <code>node_modules</code> tree (install, update, etc.)
will link workspaces into the <code>node_modules</code> folder. - Commands that do
other things (test, exec, publish, etc.) will operate on the root project,
<em>unless</em> one or more workspaces are specified in the <code>workspace</code> config.</li>
</ul>
<p>This value is not exported to the environment for child processes.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="include-workspace-root"><code>include-workspace-root</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>Include the workspace root when workspaces are enabled for a command.</p>
<p>When false, specifying individual workspaces via the <code>workspace</code> config, or
all workspaces via the <code>workspaces</code> flag, will cause npm to operate only on
the specified workspaces, and not on the root project.</p>
<p>This value is not exported to the environment for child processes.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h4 id="install-links"><code>install-links</code></h4>
<ul>
<li>Default: false</li>
<li>Type: Boolean</li>
</ul>
<p>When set file: protocol dependencies that exist outside of the project root
will be packed and installed as regular dependencies instead of creating a
symlink. This option has no effect on workspaces.</p>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->

2
deps/npm/docs/output/commands/npm-install.html vendored
View File

@ -408,7 +408,7 @@ commit. If the commit-ish has the format <code>#semver:&lt;semver&gt;</code>, <c
can be any valid semver range or exact version, and npm will look for
any tags or refs matching that range in the remote repository, much as
it would for a registry dependency. If neither <code>#&lt;commit-ish&gt;</code> or
<code>#semver:&lt;semver&gt;</code> is specified, then <code>master</code> is used.</p>
<code>#semver:&lt;semver&gt;</code> is specified, then the default branch is used.</p>
<p>As with regular git dependencies, <code>dependencies</code> and <code>devDependencies</code>
will be installed if the package has a <code>prepare</code> script before the
package is done installing.</p>

6
deps/npm/docs/output/commands/npm-ls.html vendored
View File

@ -166,13 +166,13 @@ tree at all, use <a href="../commands/npm-explain.html"><code>npm explain</code>
the results to only the paths to the packages named. Note that nested
packages will <em>also</em> show the paths to the specified packages. For
example, running <code>npm ls promzard</code> in npm's source tree will show:</p>
<pre lang="bash"><code>npm@8.15.0 /path/to/npm
<pre lang="bash"><code>npm@8.15.1 /path/to/npm
└─┬ init-package-json@0.0.4
└── promzard@0.1.5
</code></pre>
<p>It will print out extraneous, missing, and invalid packages.</p>
<p>If a project specifies git urls for dependencies these are shown
in parentheses after the name@version to make it easier for users to
in parentheses after the <code>name@version</code> to make it easier for users to
recognize potential forks of a project.</p>
<p>The tree shown is the logical dependency tree, based on package
dependencies, not the physical layout of your <code>node_modules</code> folder.</p>
@ -185,7 +185,7 @@ disk would be roughly identical.</p>
<p>With the advent of automatic install-time deduplication of dependencies in
npm v3, the <code>ls</code> output was modified to display the logical dependency
graph as a tree structure, since this was more useful to most users.
However, without using <code>npm ls -l</code>, it became impossible show <em>where</em> a
However, without using <code>npm ls -l</code>, it became impossible to show <em>where</em> a
package was actually installed much of the time!</p>
<p>With the advent of automatic installation of <code>peerDependencies</code> in npm v7,
this gets even more curious, as <code>peerDependencies</code> are logically

2
deps/npm/docs/output/commands/npm.html vendored
View File

@ -149,7 +149,7 @@ npm command-line interface
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h3 id="version">Version</h3>
<p>8.15.0</p>
<p>8.15.1</p>
<h3 id="description">Description</h3>
<p>npm is the package manager for the Node JavaScript platform. It puts
modules in place so that node can find them, and manages dependency

2
deps/npm/docs/output/configuring-npm/package-json.html vendored
View File

@ -622,7 +622,7 @@ commit. If the commit-ish has the format <code>#semver:&lt;semver&gt;</code>, <c
be any valid semver range or exact version, and npm will look for any tags
or refs matching that range in the remote repository, much as it would for
a registry dependency. If neither <code>#&lt;commit-ish&gt;</code> or <code>#semver:&lt;semver&gt;</code> is
specified, then <code>master</code> is used.</p>
specified, then the default branch is used.</p>
<p>Examples:</p>
<pre lang="bash"><code>git+ssh://git@github.com:npm/cli.git#v1.0.27
git+ssh://git@github.com:npm/cli#semver:^5.0

9
deps/npm/docs/output/using-npm/workspaces.html vendored
View File

@ -240,7 +240,9 @@ in such a way that is also easy to <a href="../commands/npm-publish.html">publis
nested workspaces to be consumed elsewhere.</p>
<h3 id="running-commands-in-the-context-of-workspaces">Running commands in the context of workspaces</h3>
<p>You can use the <code>workspace</code> configuration option to run commands in the context
of a configured workspace.</p>
of a configured workspace.
Additionally, if your current directory is in a workspace, the <code>workspace</code>
configuration is implicitly set, and <code>prefix</code> is set to the root workspace.</p>
<p>Following is a quick example on how to use the <code>npm run</code> command in the context
of nested workspaces. For a project containing multiple workspaces, e.g:</p>
<pre><code>.
@ -255,7 +257,10 @@ of nested workspaces. For a project containing multiple workspaces, e.g:</p>
given command in the context of that specific workspace. e.g:</p>
<pre><code>npm run test --workspace=a
</code></pre>
<p>This will run the <code>test</code> script defined within the
<p>You could also run the command within the workspace.</p>
<pre><code>cd packages/a &amp;&amp; npm run test
</code></pre>
<p>Either will run the <code>test</code> script defined within the
<code>./packages/a/package.json</code> file.</p>
<p>Please note that you can also specify this argument multiple times in the
command-line in order to target multiple workspaces, e.g:</p>

9
deps/npm/lib/commands/ci.js vendored
View File

@ -9,16 +9,13 @@ const log = require('../utils/log-shim.js')
const validateLockfile = require('../utils/validate-lockfile.js')
const ArboristWorkspaceCmd = require('../arborist-cmd.js')
const Install = require('./install.js')
class CI extends ArboristWorkspaceCmd {
static description = 'Clean install a project'
static name = 'ci'
static params = [
'audit',
'foreground-scripts',
'ignore-scripts',
'script-shell',
]
static params = Install.params
async exec () {
if (this.npm.global) {

14
deps/npm/lib/commands/diff.js vendored
View File

@ -106,7 +106,7 @@ class Diff extends BaseCommand {
const pkgName = await this.packageName(this.prefix)
return [
`${pkgName}@${this.npm.config.get('tag')}`,
`file:${this.prefix}`,
`file:${this.prefix.replace(/#/g, '%23')}`,
]
}
@ -134,7 +134,7 @@ class Diff extends BaseCommand {
}
return [
`${pkgName}@${a}`,
`file:${this.prefix}`,
`file:${this.prefix.replace(/#/g, '%23')}`,
]
}
@ -165,7 +165,7 @@ class Diff extends BaseCommand {
}
return [
`${spec.name}@${spec.fetchSpec}`,
`file:${this.prefix}`,
`file:${this.prefix.replace(/#/g, '%23')}`,
]
}
@ -178,7 +178,7 @@ class Diff extends BaseCommand {
}
}
const aSpec = `file:${node.realpath}`
const aSpec = `file:${node.realpath.replace(/#/g, '%23')}`
// finds what version of the package to compare against, if a exact
// version or tag was passed than it should use that, otherwise
@ -211,8 +211,8 @@ class Diff extends BaseCommand {
]
} else if (spec.type === 'directory') {
return [
`file:${spec.fetchSpec}`,
`file:${this.prefix}`,
`file:${spec.fetchSpec.replace(/#/g, '%23')}`,
`file:${this.prefix.replace(/#/g, '%23')}`,
]
} else {
throw this.usageError(`Spec type ${spec.type} not supported.`)
@ -279,7 +279,7 @@ class Diff extends BaseCommand {
const res = !node || !node.package || !node.package.version
? spec.fetchSpec
: `file:${node.realpath}`
: `file:${node.realpath.replace(/#/g, '%23')}`
return `${spec.name}@${res}`
})

7
deps/npm/lib/commands/init.js vendored
View File

@ -85,8 +85,13 @@ class Init extends BaseCommand {
const [initerName, ...otherArgs] = args
let packageName = initerName
// Only a scope, possibly with a version
if (/^@[^/]+$/.test(initerName)) {
packageName = initerName + '/create'
const [, scope, version] = initerName.split('@')
packageName = `@${scope}/create`
if (version) {
packageName = `${packageName}@${version}`
}
} else {
const req = npa(initerName)
if (req.type === 'git' && req.hosted) {

4
deps/npm/lib/commands/link.js vendored
View File

@ -122,7 +122,7 @@ class Link extends ArboristWorkspaceCmd {
...this.npm.flatOptions,
prune: false,
path: this.npm.prefix,
add: names.map(l => `file:${resolve(globalTop, 'node_modules', l)}`),
add: names.map(l => `file:${resolve(globalTop, 'node_modules', l).replace(/#/g, '%23')}`),
save,
workspaces: this.workspaceNames,
})
@ -133,7 +133,7 @@ class Link extends ArboristWorkspaceCmd {
async linkPkg () {
const wsp = this.workspacePaths
const paths = wsp && wsp.length ? wsp : [this.npm.prefix]
const add = paths.map(path => `file:${path}`)
const add = paths.map(path => `file:${path.replace(/#/g, '%23')}`)
const globalTop = resolve(this.npm.globalDir, '..')
const arb = new Arborist({
...this.npm.flatOptions,

10
deps/npm/lib/npm.js vendored
View File

@ -241,16 +241,18 @@ class Npm extends EventEmitter {
await this.time('npm:load:configload', () => this.config.load())
// mkdir this separately since the logs dir can be set to
// a different location. an error here should be surfaced
// right away since it will error in cacache later
// a different location. if this fails, then we don't have
// a cache dir, but we don't want to fail immediately since
// the command might not need a cache dir (like `npm --version`)
await this.time('npm:load:mkdirpcache', () =>
fs.mkdir(this.cache, { recursive: true, owner: 'inherit' }))
fs.mkdir(this.cache, { recursive: true, owner: 'inherit' })
.catch((e) => log.verbose('cache', `could not create cache: ${e}`)))
// its ok if this fails. user might have specified an invalid dir
// which we will tell them about at the end
await this.time('npm:load:mkdirplogs', () =>
fs.mkdir(this.logsDir, { recursive: true, owner: 'inherit' })
.catch((e) => log.warn('logfile', `could not create logs-dir: ${e}`)))
.catch((e) => log.verbose('logfile', `could not create logs-dir: ${e}`)))
// note: this MUST be shorter than the actual argv length, because it
// uses the same memory, so node will truncate it if it's too long.

6
deps/npm/lib/utils/log-file.js vendored
View File

@ -204,7 +204,9 @@ class LogFiles {
this.#files.push(logStream.path)
return logStream
} catch (e) {
log.warn('logfile', `could not be created: ${e}`)
// If the user has a readonly logdir then we don't want to
// warn this on every command so it should be verbose
log.verbose('logfile', `could not be created: ${e}`)
}
}
@ -226,7 +228,7 @@ class LogFiles {
)
// Always ignore the currently written files
const files = await glob(globify(logGlob), { ignore: this.#files.map(globify) })
const files = await glob(globify(logGlob), { ignore: this.#files.map(globify), silent: true })
const toDelete = files.length - this.#logsMax
if (toDelete <= 0) {

266
deps/npm/man/man1/npm-ci.1 vendored
View File

@ -80,7 +80,126 @@ cache:
.fi
.RE
.SS Configuration
.SS \fBaudit\fP
.SS \fBsave\fP
.RS 0
.IP \(bu 2
Default: \fBtrue\fP unless when using \fBnpm update\fP where it defaults to \fBfalse\fP
.IP \(bu 2
Type: Boolean
.RE
.P
Save installed packages to a \fBpackage\.json\fP file as dependencies\.
.P
When used with the \fBnpm rm\fP command, removes the dependency from
\fBpackage\.json\fP\|\.
.P
Will also prevent writing to \fBpackage\-lock\.json\fP if set to \fBfalse\fP\|\.
.SS \fBsave\-exact\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Dependencies saved to package\.json will be configured with an exact version
rather than using npm's default semver range operator\.
.SS \fBglobal\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Operates in "global" mode, so that packages are installed into the \fBprefix\fP
folder instead of the current working directory\. See
npm help folders for more on the differences in behavior\.
.RS 0
.IP \(bu 2
packages are installed into the \fB{prefix}/lib/node_modules\fP folder, instead
of the current working directory\.
.IP \(bu 2
bin files are linked to \fB{prefix}/bin\fP
.IP \(bu 2
man pages are linked to \fB{prefix}/share/man\fP
.RE
.SS \fBglobal\-style\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Causes npm to install the package into your local \fBnode_modules\fP folder with
the same layout it uses with the global \fBnode_modules\fP folder\. Only your
direct dependencies will show in \fBnode_modules\fP and everything they depend
on will be flattened in their \fBnode_modules\fP folders\. This obviously will
eliminate some deduping\. If used with \fBlegacy\-bundling\fP, \fBlegacy\-bundling\fP
will be preferred\.
.SS \fBlegacy\-bundling\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Causes npm to install the package such that versions of npm prior to 1\.4,
such as the one included with node 0\.8, can install the package\. This
eliminates all automatic deduping\. If used with \fBglobal\-style\fP this option
will be preferred\.
.SS \fBomit\fP
.RS 0
.IP \(bu 2
Default: 'dev' if the \fBNODE_ENV\fP environment variable is set to
\|'production', otherwise empty\.
.IP \(bu 2
Type: "dev", "optional", or "peer" (can be set multiple times)
.RE
.P
Dependency types to omit from the installation tree on disk\.
.P
Note that these dependencies \fIare\fR still resolved and added to the
\fBpackage\-lock\.json\fP or \fBnpm\-shrinkwrap\.json\fP file\. They are just not
physically installed on disk\.
.P
If a package type appears in both the \fB\-\-include\fP and \fB\-\-omit\fP lists, then
it will be included\.
.P
If the resulting omit list includes \fB\|'dev'\fP, then the \fBNODE_ENV\fP environment
variable will be set to \fB\|'production'\fP for all lifecycle scripts\.
.SS \fBstrict\-peer\-deps\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
If set to \fBtrue\fP, and \fB\-\-legacy\-peer\-deps\fP is not set, then \fIany\fR
conflicting \fBpeerDependencies\fP will be treated as an install failure, even
if npm could reasonably guess the appropriate resolution based on non\-peer
dependency relationships\.
.P
By default, conflicting \fBpeerDependencies\fP deep in the dependency graph will
be resolved using the nearest non\-peer dependency specification, even if
doing so will result in some packages receiving a peer dependency outside
the range set in their package's \fBpeerDependencies\fP object\.
.P
When such and override is performed, a warning is printed, explaining the
conflict and the packages involved\. If \fB\-\-strict\-peer\-deps\fP is set, then
this warning is treated as a failure\.
.SS \fBpackage\-lock\fP
.RS 0
.IP \(bu 2
Default: true
@ -89,10 +208,10 @@ Type: Boolean
.RE
.P
When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes\. See the
documentation for npm help \fBaudit\fP for details on what is
submitted\.
If set to false, then ignore \fBpackage\-lock\.json\fP files when installing\. This
will also prevent \fIwriting\fR \fBpackage\-lock\.json\fP if \fBsave\fP is true\.
.P
This configuration does not affect \fBnpm ci\fP\|\.
.SS \fBforeground\-scripts\fP
.RS 0
.IP \(bu 2
@ -123,17 +242,144 @@ Note that commands explicitly intended to run a particular script, such as
\fBnpm start\fP, \fBnpm stop\fP, \fBnpm restart\fP, \fBnpm test\fP, and \fBnpm run\-script\fP
will still run their intended script if \fBignore\-scripts\fP is set, but they
will \fInot\fR run any pre\- or post\-scripts\.
.SS \fBscript\-shell\fP
.SS \fBaudit\fP
.RS 0
.IP \(bu 2
Default: '/bin/sh' on POSIX systems, 'cmd\.exe' on Windows
Default: true
.IP \(bu 2
Type: null or String
Type: Boolean
.RE
.P
The shell to use for scripts run with the \fBnpm exec\fP, \fBnpm run\fP and \fBnpm
init <package\-spec>\fP commands\.
When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes\. See the
documentation for npm help \fBaudit\fP for details on what is
submitted\.
.SS \fBbin\-links\fP
.RS 0
.IP \(bu 2
Default: true
.IP \(bu 2
Type: Boolean
.RE
.P
Tells npm to create symlinks (or \fB\|\.cmd\fP shims on Windows) for package
executables\.
.P
Set to false to have it not do this\. This can be used to work around the
fact that some file systems don't support symlinks, even on ostensibly Unix
systems\.
.SS \fBfund\fP
.RS 0
.IP \(bu 2
Default: true
.IP \(bu 2
Type: Boolean
.RE
.P
When "true" displays the message at the end of each \fBnpm install\fP
acknowledging the number of dependencies looking for funding\. See npm help \fBnpm
fund\fP for details\.
.SS \fBdry\-run\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Indicates that you don't want npm to make any changes and that it should
only report what it would have done\. This can be passed into any of the
commands that modify your local installation, eg, \fBinstall\fP, \fBupdate\fP,
\fBdedupe\fP, \fBuninstall\fP, as well as \fBpack\fP and \fBpublish\fP\|\.
.P
Note: This is NOT honored by other network related commands, eg \fBdist\-tags\fP,
\fBowner\fP, etc\.
.SS \fBworkspace\fP
.RS 0
.IP \(bu 2
Default:
.IP \(bu 2
Type: String (can be set multiple times)
.RE
.P
Enable running a command in the context of the configured workspaces of the
current project while filtering by running only the workspaces defined by
this configuration option\.
.P
Valid values for the \fBworkspace\fP config are either:
.RS 0
.IP \(bu 2
Workspace names
.IP \(bu 2
Path to a workspace directory
.IP \(bu 2
Path to a parent workspace directory (will result in selecting all
workspaces within that folder)
.RE
.P
When set for the \fBnpm init\fP command, this may be set to the folder of a
workspace which does not yet exist, to create the folder and set it up as a
brand new workspace within the project\.
.P
This value is not exported to the environment for child processes\.
.SS \fBworkspaces\fP
.RS 0
.IP \(bu 2
Default: null
.IP \(bu 2
Type: null or Boolean
.RE
.P
Set to true to run the command in the context of \fBall\fR configured
workspaces\.
.P
Explicitly setting this to false will cause commands like \fBinstall\fP to
ignore workspaces altogether\. When not set explicitly:
.RS 0
.IP \(bu 2
Commands that operate on the \fBnode_modules\fP tree (install, update, etc\.)
will link workspaces into the \fBnode_modules\fP folder\. \- Commands that do
other things (test, exec, publish, etc\.) will operate on the root project,
\fIunless\fR one or more workspaces are specified in the \fBworkspace\fP config\.
.RE
.P
This value is not exported to the environment for child processes\.
.SS \fBinclude\-workspace\-root\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Include the workspace root when workspaces are enabled for a command\.
.P
When false, specifying individual workspaces via the \fBworkspace\fP config, or
all workspaces via the \fBworkspaces\fP flag, will cause npm to operate only on
the specified workspaces, and not on the root project\.
.P
This value is not exported to the environment for child processes\.
.SS \fBinstall\-links\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
When set file: protocol dependencies that exist outside of the project root
will be packed and installed as regular dependencies instead of creating a
symlink\. This option has no effect on workspaces\.
.SS See Also
.RS 0
.IP \(bu 2

4
deps/npm/man/man1/npm-init.1 vendored
View File

@ -30,6 +30,10 @@ follows:
\fBnpm init @usr/foo\fP \-> \fBnpm exec @usr/create\-foo\fP
.IP \(bu 2
\fBnpm init @usr\fP \-> \fBnpm exec @usr/create\fP
.IP \(bu 2
\fBnpm init @usr@2\.0\.0\fP \-> \fBnpm exec @usr/create@2\.0\.0\fP
.IP \(bu 2
\fBnpm init @usr/foo@2\.0\.0\fP \-> \fBnpm exec @usr/create\-foo@2\.0\.0\fP
.RE
.P

266
deps/npm/man/man1/npm-install-ci-test.1 vendored
View File

@ -14,7 +14,126 @@ alias: cit
.P
This command runs \fBnpm ci\fP followed immediately by \fBnpm test\fP\|\.
.SS Configuration
.SS \fBaudit\fP
.SS \fBsave\fP
.RS 0
.IP \(bu 2
Default: \fBtrue\fP unless when using \fBnpm update\fP where it defaults to \fBfalse\fP
.IP \(bu 2
Type: Boolean
.RE
.P
Save installed packages to a \fBpackage\.json\fP file as dependencies\.
.P
When used with the \fBnpm rm\fP command, removes the dependency from
\fBpackage\.json\fP\|\.
.P
Will also prevent writing to \fBpackage\-lock\.json\fP if set to \fBfalse\fP\|\.
.SS \fBsave\-exact\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Dependencies saved to package\.json will be configured with an exact version
rather than using npm's default semver range operator\.
.SS \fBglobal\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Operates in "global" mode, so that packages are installed into the \fBprefix\fP
folder instead of the current working directory\. See
npm help folders for more on the differences in behavior\.
.RS 0
.IP \(bu 2
packages are installed into the \fB{prefix}/lib/node_modules\fP folder, instead
of the current working directory\.
.IP \(bu 2
bin files are linked to \fB{prefix}/bin\fP
.IP \(bu 2
man pages are linked to \fB{prefix}/share/man\fP
.RE
.SS \fBglobal\-style\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Causes npm to install the package into your local \fBnode_modules\fP folder with
the same layout it uses with the global \fBnode_modules\fP folder\. Only your
direct dependencies will show in \fBnode_modules\fP and everything they depend
on will be flattened in their \fBnode_modules\fP folders\. This obviously will
eliminate some deduping\. If used with \fBlegacy\-bundling\fP, \fBlegacy\-bundling\fP
will be preferred\.
.SS \fBlegacy\-bundling\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Causes npm to install the package such that versions of npm prior to 1\.4,
such as the one included with node 0\.8, can install the package\. This
eliminates all automatic deduping\. If used with \fBglobal\-style\fP this option
will be preferred\.
.SS \fBomit\fP
.RS 0
.IP \(bu 2
Default: 'dev' if the \fBNODE_ENV\fP environment variable is set to
\|'production', otherwise empty\.
.IP \(bu 2
Type: "dev", "optional", or "peer" (can be set multiple times)
.RE
.P
Dependency types to omit from the installation tree on disk\.
.P
Note that these dependencies \fIare\fR still resolved and added to the
\fBpackage\-lock\.json\fP or \fBnpm\-shrinkwrap\.json\fP file\. They are just not
physically installed on disk\.
.P
If a package type appears in both the \fB\-\-include\fP and \fB\-\-omit\fP lists, then
it will be included\.
.P
If the resulting omit list includes \fB\|'dev'\fP, then the \fBNODE_ENV\fP environment
variable will be set to \fB\|'production'\fP for all lifecycle scripts\.
.SS \fBstrict\-peer\-deps\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
If set to \fBtrue\fP, and \fB\-\-legacy\-peer\-deps\fP is not set, then \fIany\fR
conflicting \fBpeerDependencies\fP will be treated as an install failure, even
if npm could reasonably guess the appropriate resolution based on non\-peer
dependency relationships\.
.P
By default, conflicting \fBpeerDependencies\fP deep in the dependency graph will
be resolved using the nearest non\-peer dependency specification, even if
doing so will result in some packages receiving a peer dependency outside
the range set in their package's \fBpeerDependencies\fP object\.
.P
When such and override is performed, a warning is printed, explaining the
conflict and the packages involved\. If \fB\-\-strict\-peer\-deps\fP is set, then
this warning is treated as a failure\.
.SS \fBpackage\-lock\fP
.RS 0
.IP \(bu 2
Default: true
@ -23,10 +142,10 @@ Type: Boolean
.RE
.P
When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes\. See the
documentation for npm help \fBaudit\fP for details on what is
submitted\.
If set to false, then ignore \fBpackage\-lock\.json\fP files when installing\. This
will also prevent \fIwriting\fR \fBpackage\-lock\.json\fP if \fBsave\fP is true\.
.P
This configuration does not affect \fBnpm ci\fP\|\.
.SS \fBforeground\-scripts\fP
.RS 0
.IP \(bu 2
@ -57,17 +176,144 @@ Note that commands explicitly intended to run a particular script, such as
\fBnpm start\fP, \fBnpm stop\fP, \fBnpm restart\fP, \fBnpm test\fP, and \fBnpm run\-script\fP
will still run their intended script if \fBignore\-scripts\fP is set, but they
will \fInot\fR run any pre\- or post\-scripts\.
.SS \fBscript\-shell\fP
.SS \fBaudit\fP
.RS 0
.IP \(bu 2
Default: '/bin/sh' on POSIX systems, 'cmd\.exe' on Windows
Default: true
.IP \(bu 2
Type: null or String
Type: Boolean
.RE
.P
The shell to use for scripts run with the \fBnpm exec\fP, \fBnpm run\fP and \fBnpm
init <package\-spec>\fP commands\.
When "true" submit audit reports alongside the current npm command to the
default registry and all registries configured for scopes\. See the
documentation for npm help \fBaudit\fP for details on what is
submitted\.
.SS \fBbin\-links\fP
.RS 0
.IP \(bu 2
Default: true
.IP \(bu 2
Type: Boolean
.RE
.P
Tells npm to create symlinks (or \fB\|\.cmd\fP shims on Windows) for package
executables\.
.P
Set to false to have it not do this\. This can be used to work around the
fact that some file systems don't support symlinks, even on ostensibly Unix
systems\.
.SS \fBfund\fP
.RS 0
.IP \(bu 2
Default: true
.IP \(bu 2
Type: Boolean
.RE
.P
When "true" displays the message at the end of each \fBnpm install\fP
acknowledging the number of dependencies looking for funding\. See npm help \fBnpm
fund\fP for details\.
.SS \fBdry\-run\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Indicates that you don't want npm to make any changes and that it should
only report what it would have done\. This can be passed into any of the
commands that modify your local installation, eg, \fBinstall\fP, \fBupdate\fP,
\fBdedupe\fP, \fBuninstall\fP, as well as \fBpack\fP and \fBpublish\fP\|\.
.P
Note: This is NOT honored by other network related commands, eg \fBdist\-tags\fP,
\fBowner\fP, etc\.
.SS \fBworkspace\fP
.RS 0
.IP \(bu 2
Default:
.IP \(bu 2
Type: String (can be set multiple times)
.RE
.P
Enable running a command in the context of the configured workspaces of the
current project while filtering by running only the workspaces defined by
this configuration option\.
.P
Valid values for the \fBworkspace\fP config are either:
.RS 0
.IP \(bu 2
Workspace names
.IP \(bu 2
Path to a workspace directory
.IP \(bu 2
Path to a parent workspace directory (will result in selecting all
workspaces within that folder)
.RE
.P
When set for the \fBnpm init\fP command, this may be set to the folder of a
workspace which does not yet exist, to create the folder and set it up as a
brand new workspace within the project\.
.P
This value is not exported to the environment for child processes\.
.SS \fBworkspaces\fP
.RS 0
.IP \(bu 2
Default: null
.IP \(bu 2
Type: null or Boolean
.RE
.P
Set to true to run the command in the context of \fBall\fR configured
workspaces\.
.P
Explicitly setting this to false will cause commands like \fBinstall\fP to
ignore workspaces altogether\. When not set explicitly:
.RS 0
.IP \(bu 2
Commands that operate on the \fBnode_modules\fP tree (install, update, etc\.)
will link workspaces into the \fBnode_modules\fP folder\. \- Commands that do
other things (test, exec, publish, etc\.) will operate on the root project,
\fIunless\fR one or more workspaces are specified in the \fBworkspace\fP config\.
.RE
.P
This value is not exported to the environment for child processes\.
.SS \fBinclude\-workspace\-root\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
Include the workspace root when workspaces are enabled for a command\.
.P
When false, specifying individual workspaces via the \fBworkspace\fP config, or
all workspaces via the \fBworkspaces\fP flag, will cause npm to operate only on
the specified workspaces, and not on the root project\.
.P
This value is not exported to the environment for child processes\.
.SS \fBinstall\-links\fP
.RS 0
.IP \(bu 2
Default: false
.IP \(bu 2
Type: Boolean
.RE
.P
When set file: protocol dependencies that exist outside of the project root
will be packed and installed as regular dependencies instead of creating a
symlink\. This option has no effect on workspaces\.
.SS See Also
.RS 0
.IP \(bu 2

2
deps/npm/man/man1/npm-install.1 vendored
View File

@ -320,7 +320,7 @@ GIT_SSH_COMMAND='ssh \-i ~/\.ssh/custom_ident' npm install git+ssh://git@github\
can be any valid semver range or exact version, and npm will look for
any tags or refs matching that range in the remote repository, much as
it would for a registry dependency\. If neither \fB#<commit\-ish>\fP or
\fB#semver:<semver>\fP is specified, then \fBmaster\fP is used\.
\fB#semver:<semver>\fP is specified, then the default branch is used\.
As with regular git dependencies, \fBdependencies\fP and \fBdevDependencies\fP
will be installed if the package has a \fBprepare\fP script before the
package is done installing\.

6
deps/npm/man/man1/npm-ls.1 vendored
View File

@ -26,7 +26,7 @@ example, running \fBnpm ls promzard\fP in npm's source tree will show:
.P
.RS 2
.nf
npm@8\.15\.0 /path/to/npm
npm@8\.15\.1 /path/to/npm
└─┬ init\-package\-json@0\.0\.4
└── promzard@0\.1\.5
.fi
@ -35,7 +35,7 @@ npm@8\.15\.0 /path/to/npm
It will print out extraneous, missing, and invalid packages\.
.P
If a project specifies git urls for dependencies these are shown
in parentheses after the name@version to make it easier for users to
in parentheses after the \fBname@version\fP to make it easier for users to
recognize potential forks of a project\.
.P
The tree shown is the logical dependency tree, based on package
@ -52,7 +52,7 @@ disk would be roughly identical\.
With the advent of automatic install\-time deduplication of dependencies in
npm v3, the \fBls\fP output was modified to display the logical dependency
graph as a tree structure, since this was more useful to most users\.
However, without using \fBnpm ls \-l\fP, it became impossible show \fIwhere\fR a
However, without using \fBnpm ls \-l\fP, it became impossible to show \fIwhere\fR a
package was actually installed much of the time!
.P
With the advent of automatic installation of \fBpeerDependencies\fP in npm v7,

2
deps/npm/man/man1/npm.1 vendored
View File

@ -4,7 +4,7 @@
.SS Synopsis
.SS Version
.P
8\.15\.0
8\.15\.1
.SS Description
.P
npm is the package manager for the Node JavaScript platform\. It puts

2
deps/npm/man/man5/package-json.5 vendored
View File

@ -709,7 +709,7 @@ commit\. If the commit\-ish has the format \fB#semver:<semver>\fP, \fB<semver>\f
be any valid semver range or exact version, and npm will look for any tags
or refs matching that range in the remote repository, much as it would for
a registry dependency\. If neither \fB#<commit\-ish>\fP or \fB#semver:<semver>\fP is
specified, then \fBmaster\fP is used\.
specified, then the default branch is used\.
.P
Examples:
.P

12
deps/npm/man/man7/workspaces.7 vendored
View File

@ -143,6 +143,8 @@ nested workspaces to be consumed elsewhere\.
.P
You can use the \fBworkspace\fP configuration option to run commands in the context
of a configured workspace\.
Additionally, if your current directory is in a workspace, the \fBworkspace\fP
configuration is implicitly set, and \fBprefix\fP is set to the root workspace\.
.P
Following is a quick example on how to use the \fBnpm run\fP command in the context
of nested workspaces\. For a project containing multiple workspaces, e\.g:
@ -168,7 +170,15 @@ npm run test \-\-workspace=a
.fi
.RE
.P
This will run the \fBtest\fP script defined within the
You could also run the command within the workspace\.
.P
.RS 2
.nf
cd packages/a && npm run test
.fi
.RE
.P
Either will run the \fBtest\fP script defined within the
\fB\|\./packages/a/package\.json\fP file\.
.P
Please note that you can also specify this argument multiple times in the

4
deps/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js generated vendored
View File

@ -484,7 +484,7 @@ Try using the package name instead, e.g:
.catch(/* istanbul ignore next */ er => null)
if (st && st.isSymbolicLink()) {
const target = await readlink(dir)
const real = resolve(dirname(dir), target)
const real = resolve(dirname(dir), target).replace(/#/g, '%23')
tree.package.dependencies[name] = `file:${real}`
} else {
tree.package.dependencies[name] = '*'
@ -603,7 +603,7 @@ Try using the package name instead, e.g:
if (filepath) {
const { name } = spec
const tree = this.idealTree.target
spec = npa(`file:${relpath(tree.path, filepath)}`, tree.path)
spec = npa(`file:${relpath(tree.path, filepath).replace(/#/g, '%23')}`, tree.path)
spec.name = name
}
return spec

2
deps/npm/node_modules/@npmcli/arborist/lib/arborist/load-actual.js generated vendored
View File

@ -196,7 +196,7 @@ module.exports = cls => class ActualLoader extends cls {
const actualRoot = tree.isLink ? tree.target : tree
const { dependencies = {} } = actualRoot.package
for (const [name, kid] of actualRoot.children.entries()) {
const def = kid.isLink ? `file:${kid.realpath}` : '*'
const def = kid.isLink ? `file:${kid.realpath.replace(/#/g, '%23')}` : '*'
dependencies[name] = dependencies[name] || def
}
actualRoot.package = { ...actualRoot.package, dependencies }

2
deps/npm/node_modules/@npmcli/arborist/lib/arborist/load-virtual.js generated vendored
View File

@ -162,7 +162,7 @@ module.exports = cls => class VirtualLoader extends cls {
lockfile: s.data,
})
for (const [name, path] of workspaces.entries()) {
lockWS.push(['workspace', name, `file:${path}`])
lockWS.push(['workspace', name, `file:${path.replace(/#/g, '%23')}`])
}
const lockEdges = [

2
deps/npm/node_modules/@npmcli/arborist/lib/arborist/reify.js generated vendored
View File

@ -1241,7 +1241,7 @@ module.exports = cls => class Reifier extends cls {
// path initially, in which case we can end up with the wrong
// thing, so just get the ultimate fetchSpec and relativize it.
const p = req.fetchSpec.replace(/^file:/, '')
const rel = relpath(addTree.realpath, p)
const rel = relpath(addTree.realpath, p).replace(/#/g, '%23')
newSpec = `file:${rel}`
}
} else {

4
deps/npm/node_modules/@npmcli/arborist/lib/consistent-resolve.js generated vendored
View File

@ -20,8 +20,8 @@ const consistentResolve = (resolved, fromPath, toPath, relPaths = false) => {
raw,
} = npa(resolved, fromPath)
const isPath = type === 'file' || type === 'directory'
return isPath && !relPaths ? `file:${fetchSpec}`
: isPath ? 'file:' + (toPath ? relpath(toPath, fetchSpec) : fetchSpec)
return isPath && !relPaths ? `file:${fetchSpec.replace(/#/g, '%23')}`
: isPath ? 'file:' + (toPath ? relpath(toPath, fetchSpec.replace(/#/g, '%23')) : fetchSpec.replace(/#/g, '%23'))
: hosted ? `git+${
hosted.auth ? hosted.https(hostedOpt) : hosted.sshurl(hostedOpt)
}`

2
deps/npm/node_modules/@npmcli/arborist/lib/link.js generated vendored
View File

@ -118,7 +118,7 @@ class Link extends Node {
// the path/realpath guard is there for the benefit of setting
// these things in the "wrong" order
return this.path && this.realpath
? `file:${relpath(dirname(this.path), this.realpath)}`
? `file:${relpath(dirname(this.path), this.realpath).replace(/#/g, '%23')}`
: null
}

2
deps/npm/node_modules/@npmcli/arborist/lib/node.js generated vendored
View File

@ -824,7 +824,7 @@ class Node {
}
for (const [name, path] of this[_workspaces].entries()) {
new Edge({ from: this, name, spec: `file:${path}`, type: 'workspace' })
new Edge({ from: this, name, spec: `file:${path.replace(/#/g, '%23')}`, type: 'workspace' })
}
}

6
deps/npm/node_modules/@npmcli/arborist/lib/shrinkwrap.js generated vendored
View File

@ -815,7 +815,7 @@ class Shrinkwrap {
const pathFixed = !resolved ? null
: !/^file:/.test(resolved) ? resolved
// resolve onto the metadata path
: `file:${resolve(this.path, resolved.slice(5))}`
: `file:${resolve(this.path, resolved.slice(5)).replace(/#/g, '%23')}`
// if we have one, only set the other if it matches
// otherwise it could be for a completely different thing.
@ -996,7 +996,7 @@ class Shrinkwrap {
: npa.resolve(node.name, edge.spec, edge.from.realpath)
if (node.isLink) {
lock.version = `file:${relpath(this.path, node.realpath)}`
lock.version = `file:${relpath(this.path, node.realpath).replace(/#/g, '%23')}`
} else if (spec && (spec.type === 'file' || spec.type === 'remote')) {
lock.version = spec.saveSpec
} else if (spec && spec.type === 'git' || rSpec.type === 'git') {
@ -1074,7 +1074,7 @@ class Shrinkwrap {
// this especially shows up with workspace edges when the root
// node is also a workspace in the set.
const p = resolve(node.realpath, spec.slice('file:'.length))
set[k] = `file:${relpath(node.realpath, p)}`
set[k] = `file:${relpath(node.realpath, p).replace(/#/g, '%23')}`
} else {
set[k] = spec
}

2
deps/npm/node_modules/@npmcli/arborist/package.json generated vendored
View File

@ -1,6 +1,6 @@
{
"name": "@npmcli/arborist",
"version": "5.3.0",
"version": "5.3.1",
"description": "Manage node_modules trees",
"dependencies": {
"@isaacs/string-locale-compare": "^1.1.0",

2
deps/npm/package.json vendored
View File

@ -1,5 +1,5 @@
{
"version": "8.15.0",
"version": "8.15.1",
"name": "npm",
"description": "a package manager for JavaScript",
"workspaces": [

5
deps/npm/tap-snapshots/test/lib/commands/link.js.test.cjs vendored
View File

@ -5,6 +5,11 @@
* Make sure to inspect the output below. Do not ignore changes!
*/
'use strict'
exports[`test/lib/commands/link.js TAP hash character in working directory path > should create a global link to current pkg, even within path with hash 1`] = `
{CWD}/test/lib/commands/tap-testdir-link-hash-character-in-working-directory-path/global-prefix/lib/node_modules/test-pkg-link -> {CWD}/test/lib/commands/tap-testdir-link-hash-character-in-working-directory-path/i_like_#_in_my_paths/test-pkg-link
`
exports[`test/lib/commands/link.js TAP link global linked pkg to local nm when using args > should create a local symlink to global pkg 1`] = `
{CWD}/test/lib/commands/tap-testdir-link-link-global-linked-pkg-to-local-nm-when-using-args/my-project/node_modules/@myscope/bar -> {CWD}/test/lib/commands/tap-testdir-link-link-global-linked-pkg-to-local-nm-when-using-args/global-prefix/lib/node_modules/@myscope/bar
{CWD}/test/lib/commands/tap-testdir-link-link-global-linked-pkg-to-local-nm-when-using-args/my-project/node_modules/@myscope/linked -> {CWD}/test/lib/commands/tap-testdir-link-link-global-linked-pkg-to-local-nm-when-using-args/scoped-linked

18
deps/npm/tap-snapshots/test/lib/load-all-commands.js.test.cjs vendored
View File

@ -116,8 +116,13 @@ Usage:
npm ci
Options:
[--no-audit] [--foreground-scripts] [--ignore-scripts]
[--script-shell <script-shell>]
[-S|--save|--no-save|--save-prod|--save-dev|--save-optional|--save-peer|--save-bundle]
[-E|--save-exact] [-g|--global] [--global-style] [--legacy-bundling]
[--omit <dev|optional|peer> [--omit <dev|optional|peer> ...]]
[--strict-peer-deps] [--no-package-lock] [--foreground-scripts]
[--ignore-scripts] [--no-audit] [--no-bin-links] [--no-fund] [--dry-run]
[-w|--workspace <workspace-name> [-w|--workspace <workspace-name> ...]]
[-ws|--workspaces] [--include-workspace-root] [--install-links]
aliases: clean-install, ic, install-clean, isntall-clean
@ -425,8 +430,13 @@ Usage:
npm install-ci-test
Options:
[--no-audit] [--foreground-scripts] [--ignore-scripts]
[--script-shell <script-shell>]
[-S|--save|--no-save|--save-prod|--save-dev|--save-optional|--save-peer|--save-bundle]
[-E|--save-exact] [-g|--global] [--global-style] [--legacy-bundling]
[--omit <dev|optional|peer> [--omit <dev|optional|peer> ...]]
[--strict-peer-deps] [--no-package-lock] [--foreground-scripts]
[--ignore-scripts] [--no-audit] [--no-bin-links] [--no-fund] [--dry-run]
[-w|--workspace <workspace-name> [-w|--workspace <workspace-name> ...]]
[-ws|--workspaces] [--include-workspace-root] [--install-links]
alias: cit

18
deps/npm/tap-snapshots/test/lib/npm.js.test.cjs vendored
View File

@ -254,8 +254,13 @@ All commands:
npm ci
Options:
[--no-audit] [--foreground-scripts] [--ignore-scripts]
[--script-shell <script-shell>]
[-S|--save|--no-save|--save-prod|--save-dev|--save-optional|--save-peer|--save-bundle]
[-E|--save-exact] [-g|--global] [--global-style] [--legacy-bundling]
[--omit <dev|optional|peer> [--omit <dev|optional|peer> ...]]
[--strict-peer-deps] [--no-package-lock] [--foreground-scripts]
[--ignore-scripts] [--no-audit] [--no-bin-links] [--no-fund] [--dry-run]
[-w|--workspace <workspace-name> [-w|--workspace <workspace-name> ...]]
[-ws|--workspaces] [--include-workspace-root] [--install-links]
aliases: clean-install, ic, install-clean, isntall-clean
@ -511,8 +516,13 @@ All commands:
npm install-ci-test
Options:
[--no-audit] [--foreground-scripts] [--ignore-scripts]
[--script-shell <script-shell>]
[-S|--save|--no-save|--save-prod|--save-dev|--save-optional|--save-peer|--save-bundle]
[-E|--save-exact] [-g|--global] [--global-style] [--legacy-bundling]
[--omit <dev|optional|peer> [--omit <dev|optional|peer> ...]]
[--strict-peer-deps] [--no-package-lock] [--foreground-scripts]
[--ignore-scripts] [--no-audit] [--no-bin-links] [--no-fund] [--dry-run]
[-w|--workspace <workspace-name> [-w|--workspace <workspace-name> ...]]
[-ws|--workspaces] [--include-workspace-root] [--install-links]
alias: cit

36
deps/npm/test/fixtures/mock-npm.js vendored
View File

@ -108,17 +108,20 @@ const LoadMockNpm = async (t, {
cache: cacheDir,
global: globalPrefixDir,
})
const prefix = path.join(dir, 'prefix')
const cache = path.join(dir, 'cache')
const globalPrefix = path.join(dir, 'global')
const home = path.join(dir, 'home')
const dirs = {
testdir: dir,
prefix: path.join(dir, 'prefix'),
cache: path.join(dir, 'cache'),
globalPrefix: path.join(dir, 'global'),
home: path.join(dir, 'home'),
}
// Set cache to testdir via env var so it is available when load is run
// XXX: remove this for a solution where cache argv is passed in
mockGlobals(t, {
'process.env.HOME': home,
'process.env.npm_config_cache': cache,
...(globals ? result(globals, { prefix, cache, home }) : {}),
'process.env.HOME': dirs.home,
'process.env.npm_config_cache': dirs.cache,
...(globals ? result(globals, { ...dirs }) : {}),
// Some configs don't work because they can't be set via npm.config.set until
// config is loaded. But some config items are needed before that. So this is
// an explicit set of configs that must be loaded as env vars.
@ -126,7 +129,8 @@ const LoadMockNpm = async (t, {
...Object.entries(config)
.filter(([k]) => envConfigKeys.includes(k))
.reduce((acc, [k, v]) => {
acc[`process.env.npm_config_${k.replace(/-/g, '_')}`] = v.toString()
acc[`process.env.npm_config_${k.replace(/-/g, '_')}`] =
result(v, { ...dirs }).toString()
return acc
}, {}),
})
@ -138,7 +142,7 @@ const LoadMockNpm = async (t, {
if (load) {
await npm.load()
for (const [k, v] of Object.entries(result(config, { npm, prefix, cache }))) {
for (const [k, v] of Object.entries(result(config, { npm, ...dirs }))) {
if (typeof v === 'object' && v.value && v.where) {
npm.config.set(k, v.value, v.where)
} else {
@ -148,20 +152,16 @@ const LoadMockNpm = async (t, {
// Set global loglevel *again* since it possibly got reset during load
// XXX: remove with npmlog
setLoglevel(t, config.loglevel, false)
npm.prefix = prefix
npm.cache = cache
npm.globalPrefix = globalPrefix
npm.prefix = dirs.prefix
npm.cache = dirs.cache
npm.globalPrefix = dirs.globalPrefix
}
return {
...rest,
...dirs,
Npm,
npm,
home,
prefix,
globalPrefix,
testdir: dir,
cache,
debugFile: async () => {
const readFiles = npm.logFiles.map(f => fs.readFile(f))
const logFiles = await Promise.all(readFiles)
@ -171,7 +171,7 @@ const LoadMockNpm = async (t, {
.join('\n')
},
timingFile: async () => {
const data = await fs.readFile(path.resolve(cache, '_timing.json'), 'utf8')
const data = await fs.readFile(path.resolve(dirs.cache, '_timing.json'), 'utf8')
return JSON.parse(data) // XXX: this fails if multiple timings are written
},
}

38
deps/npm/test/lib/commands/init.js vendored
View File

@ -136,6 +136,44 @@ t.test('npm init @scope/name', async t => {
await init.exec(['@npmcli/something'])
})
t.test('npm init @scope@spec', async t => {
t.plan(1)
npm.localPrefix = t.testdir({})
const Init = t.mock('../../../lib/commands/init.js', {
libnpmexec: ({ args }) => {
t.same(
args,
['@npmcli/create@foo'],
'should npx with scoped packages'
)
},
})
const init = new Init(npm)
process.chdir(npm.localPrefix)
await init.exec(['@npmcli@foo'])
})
t.test('npm init @scope/name@spec', async t => {
t.plan(1)
npm.localPrefix = t.testdir({})
const Init = t.mock('../../../lib/commands/init.js', {
libnpmexec: ({ args }) => {
t.same(
args,
['@npmcli/create-something@foo'],
'should npx with scoped packages'
)
},
})
const init = new Init(npm)
process.chdir(npm.localPrefix)
await init.exec(['@npmcli/something@foo'])
})
t.test('npm init git spec', async t => {
t.plan(1)
npm.localPrefix = t.testdir({})

36
deps/npm/test/lib/commands/link.js vendored
View File

@ -514,3 +514,39 @@ t.test('--global option', async t => {
'should throw an useful error'
)
})
t.test('hash character in working directory path', async t => {
const testdir = t.testdir({
'global-prefix': {
lib: {
node_modules: {
a: {
'package.json': JSON.stringify({
name: 'a',
version: '1.0.0',
}),
},
},
},
},
'i_like_#_in_my_paths': {
'test-pkg-link': {
'package.json': JSON.stringify({
name: 'test-pkg-link',
version: '1.0.0',
}),
},
},
})
npm.globalDir = resolve(testdir, 'global-prefix', 'lib', 'node_modules')
npm.prefix = resolve(testdir, 'i_like_#_in_my_paths', 'test-pkg-link')
link.workspacePaths = null
await link.exec([])
const links = await printLinks({
path: resolve(npm.globalDir, '..'),
global: true,
})
t.matchSnapshot(links, 'should create a global link to current pkg, even within path with hash')
})

46
deps/npm/test/lib/npm.js vendored
View File

@ -3,6 +3,7 @@ const { resolve, dirname, join } = require('path')
const { load: loadMockNpm } = require('../fixtures/mock-npm.js')
const mockGlobals = require('../fixtures/mock-globals')
const fs = require('@npmcli/fs')
// delete this so that we don't have configs from the fact that it
// is being run by 'npm test'
@ -435,23 +436,42 @@ t.test('debug log', async t => {
t.match(debug, log2.join(' '), 'after load log appears')
})
t.test('with bad dir', async t => {
const { npm } = await loadMockNpm(t, {
t.test('can load with bad dir', async t => {
const { npm, testdir } = await loadMockNpm(t, {
load: false,
config: {
'logs-dir': 'LOGS_DIR',
},
mocks: {
'@npmcli/fs': {
mkdir: async (dir) => {
if (dir.includes('LOGS_DIR')) {
throw new Error('err')
}
},
},
'logs-dir': (c) => join(c.testdir, 'my_logs_dir'),
},
})
const logsDir = join(testdir, 'my_logs_dir')
t.equal(npm.logFiles.length, 0, 'no log file')
// make logs dir a file before load so it files
await fs.writeFile(logsDir, 'A_TEXT_FILE')
await t.resolves(npm.load(), 'loads with invalid logs dir')
t.equal(npm.logFiles.length, 0, 'no log files array')
t.strictSame(fs.readFileSync(logsDir, 'utf-8'), 'A_TEXT_FILE')
})
})
t.test('cache dir', async t => {
t.test('creates a cache dir', async t => {
const { npm } = await loadMockNpm(t)
t.ok(fs.existsSync(npm.cache), 'cache dir exists')
})
t.test('can load with a bad cache dir', async t => {
const { npm, cache } = await loadMockNpm(t, {
load: false,
// The easiest way to make mkdir(cache) fail is to make it a file.
// This will have the same effect as if its read only or inaccessible.
cacheDir: 'A_TEXT_FILE',
})
await t.resolves(npm.load(), 'loads with cache dir as a file')
t.equal(fs.readFileSync(cache, 'utf-8'), 'A_TEXT_FILE')
})
})