deps: upgrade npm to 3.8.3

PR-URL: https://github.com/npm/node/pull/6
Reviewed-By: Evan Lucas <evanlucas@me.com>

1 files changed, 8 insertions, 7 deletions

diff --git a/deps/npm/lib/config/get-credentials-by-uri.js b/deps/npm/lib/config/get-credentials-by-uri.js
index a073a594a5..19779c4137 100644
--- a/deps/npm/lib/config/get-credentials-by-uri.js
+++ b/deps/npm/lib/config/get-credentials-by-uri.js
@@ -20,6 +20,14 @@ function getCredentialsByURI (uri) {
     alwaysAuth: undefined
   }
 
+  // used to override scope matching for tokens as well as legacy auth
+  if (this.get(nerfed + ':always-auth') !== undefined) {
+    var val = this.get(nerfed + ':always-auth')
+    c.alwaysAuth = val === 'false' ? false : !!val
+  } else if (this.get('always-auth') !== undefined) {
+    c.alwaysAuth = this.get('always-auth')
+  }
+
   if (this.get(nerfed + ':_authToken')) {
     c.token = this.get(nerfed + ':_authToken')
     // the bearer token is enough, don't confuse things
@@ -58,13 +66,6 @@ function getCredentialsByURI (uri) {
     c.email = this.get('email')
   }
 
-  if (this.get(nerfed + ':always-auth') !== undefined) {
-    var val = this.get(nerfed + ':always-auth')
-    c.alwaysAuth = val === 'false' ? false : !!val
-  } else if (this.get('always-auth') !== undefined) {
-    c.alwaysAuth = this.get('always-auth')
-  }
-
   if (c.username && c.password) {
     c.auth = new Buffer(c.username + ':' + c.password).toString('base64')
   }