diff options
author | npm CLI robot <npm-cli+bot@github.com> | 2022-07-03 10:33:41 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-03 18:33:41 +0100 |
commit | c624f5d35e028ba88314830638b42dc734923239 (patch) | |
tree | a6b940521a617946d9c8bc1aedff78d5634a9490 /deps/npm | |
parent | dca76e7990c0ac27029e91a6730126e2adadb614 (diff) | |
download | node-new-c624f5d35e028ba88314830638b42dc734923239.tar.gz |
deps: upgrade npm to 8.13.2
PR-URL: https://github.com/nodejs/node/pull/43622
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
Reviewed-By: Ruy Adorno <ruyadorno@github.com>
Diffstat (limited to 'deps/npm')
18 files changed, 74 insertions, 24 deletions
diff --git a/deps/npm/docs/content/commands/npm-run-script.md b/deps/npm/docs/content/commands/npm-run-script.md index d94040f1a2..f606ec6bf5 100644 --- a/deps/npm/docs/content/commands/npm-run-script.md +++ b/deps/npm/docs/content/commands/npm-run-script.md @@ -240,6 +240,21 @@ will *not* run any pre- or post-scripts. <!-- automatically generated, do not edit manually --> <!-- see lib/utils/config/definitions.js --> +#### `foreground-scripts` + +* Default: false +* Type: Boolean + +Run all build scripts (ie, `preinstall`, `install`, and `postinstall`) +scripts for installed packages in the foreground process, sharing standard +input, output, and error with the main npm process. + +Note that this will generally make installs run slower, and be much noisier, +but can be useful for debugging. + +<!-- automatically generated, do not edit manually --> +<!-- see lib/utils/config/definitions.js --> + #### `script-shell` * Default: '/bin/sh' on POSIX systems, 'cmd.exe' on Windows diff --git a/deps/npm/docs/output/commands/npm-ls.html b/deps/npm/docs/output/commands/npm-ls.html index 4363442ef3..07deb2d490 100644 --- a/deps/npm/docs/output/commands/npm-ls.html +++ b/deps/npm/docs/output/commands/npm-ls.html @@ -166,7 +166,7 @@ tree at all, use <a href="../commands/npm-explain.html"><code>npm explain</code> the results to only the paths to the packages named. Note that nested packages will <em>also</em> show the paths to the specified packages. For example, running <code>npm ls promzard</code> in npm's source tree will show:</p> -<pre lang="bash"><code>npm@8.13.1 /path/to/npm +<pre lang="bash"><code>npm@8.13.2 /path/to/npm └─┬ init-package-json@0.0.4 └── promzard@0.1.5 </code></pre> diff --git a/deps/npm/docs/output/commands/npm-run-script.html b/deps/npm/docs/output/commands/npm-run-script.html index d74acb0564..5b1150cf4b 100644 --- a/deps/npm/docs/output/commands/npm-run-script.html +++ b/deps/npm/docs/output/commands/npm-run-script.html @@ -142,7 +142,7 @@ npm command-line interface <section id="table_of_contents"> <h2 id="table-of-contents">Table of contents</h2> -<div id="_table_of_contents"><ul><li><a href="#synopsis">Synopsis</a></li><li><a href="#description">Description</a></li><li><a href="#workspaces-support">Workspaces support</a></li><ul><li><a href="#filtering-workspaces">Filtering workspaces</a></li></ul><li><a href="#configuration">Configuration</a></li><ul><li><a href="#workspace"><code>workspace</code></a></li><li><a href="#workspaces"><code>workspaces</code></a></li><li><a href="#include-workspace-root"><code>include-workspace-root</code></a></li><li><a href="#if-present"><code>if-present</code></a></li><li><a href="#ignore-scripts"><code>ignore-scripts</code></a></li><li><a href="#script-shell"><code>script-shell</code></a></li></ul><li><a href="#see-also">See Also</a></li></ul></div> +<div id="_table_of_contents"><ul><li><a href="#synopsis">Synopsis</a></li><li><a href="#description">Description</a></li><li><a href="#workspaces-support">Workspaces support</a></li><ul><li><a href="#filtering-workspaces">Filtering workspaces</a></li></ul><li><a href="#configuration">Configuration</a></li><ul><li><a href="#workspace"><code>workspace</code></a></li><li><a href="#workspaces"><code>workspaces</code></a></li><li><a href="#include-workspace-root"><code>include-workspace-root</code></a></li><li><a href="#if-present"><code>if-present</code></a></li><li><a href="#ignore-scripts"><code>ignore-scripts</code></a></li><li><a href="#foreground-scripts"><code>foreground-scripts</code></a></li><li><a href="#script-shell"><code>script-shell</code></a></li></ul><li><a href="#see-also">See Also</a></li></ul></div> </section> <div id="_content"><h3 id="synopsis">Synopsis</h3> @@ -319,6 +319,18 @@ will still run their intended script if <code>ignore-scripts</code> is set, but will <em>not</em> run any pre- or post-scripts.</p> <!-- raw HTML omitted --> <!-- raw HTML omitted --> +<h4 id="foreground-scripts"><code>foreground-scripts</code></h4> +<ul> +<li>Default: false</li> +<li>Type: Boolean</li> +</ul> +<p>Run all build scripts (ie, <code>preinstall</code>, <code>install</code>, and <code>postinstall</code>) +scripts for installed packages in the foreground process, sharing standard +input, output, and error with the main npm process.</p> +<p>Note that this will generally make installs run slower, and be much noisier, +but can be useful for debugging.</p> +<!-- raw HTML omitted --> +<!-- raw HTML omitted --> <h4 id="script-shell"><code>script-shell</code></h4> <ul> <li>Default: '/bin/sh' on POSIX systems, 'cmd.exe' on Windows</li> diff --git a/deps/npm/docs/output/commands/npm.html b/deps/npm/docs/output/commands/npm.html index c7b7dd5dc7..9a0446af63 100644 --- a/deps/npm/docs/output/commands/npm.html +++ b/deps/npm/docs/output/commands/npm.html @@ -149,7 +149,7 @@ npm command-line interface <!-- raw HTML omitted --> <!-- raw HTML omitted --> <h3 id="version">Version</h3> -<p>8.13.1</p> +<p>8.13.2</p> <h3 id="description">Description</h3> <p>npm is the package manager for the Node JavaScript platform. It puts modules in place so that node can find them, and manages dependency diff --git a/deps/npm/lib/commands/run-script.js b/deps/npm/lib/commands/run-script.js index a1591c7900..8507dbe79a 100644 --- a/deps/npm/lib/commands/run-script.js +++ b/deps/npm/lib/commands/run-script.js @@ -35,6 +35,7 @@ class RunScript extends BaseCommand { 'include-workspace-root', 'if-present', 'ignore-scripts', + 'foreground-scripts', 'script-shell', ] diff --git a/deps/npm/man/man1/npm-ls.1 b/deps/npm/man/man1/npm-ls.1 index a24c524909..5a78c46a6e 100644 --- a/deps/npm/man/man1/npm-ls.1 +++ b/deps/npm/man/man1/npm-ls.1 @@ -26,7 +26,7 @@ example, running \fBnpm ls promzard\fP in npm's source tree will show: .P .RS 2 .nf -npm@8\.13\.1 /path/to/npm +npm@8\.13\.2 /path/to/npm └─┬ init\-package\-json@0\.0\.4 └── promzard@0\.1\.5 .fi diff --git a/deps/npm/man/man1/npm-run-script.1 b/deps/npm/man/man1/npm-run-script.1 index c9dc22f4eb..c9c2925ff1 100644 --- a/deps/npm/man/man1/npm-run-script.1 +++ b/deps/npm/man/man1/npm-run-script.1 @@ -246,6 +246,21 @@ Note that commands explicitly intended to run a particular script, such as \fBnpm start\fP, \fBnpm stop\fP, \fBnpm restart\fP, \fBnpm test\fP, and \fBnpm run\-script\fP will still run their intended script if \fBignore\-scripts\fP is set, but they will \fInot\fR run any pre\- or post\-scripts\. +.SS \fBforeground\-scripts\fP +.RS 0 +.IP \(bu 2 +Default: false +.IP \(bu 2 +Type: Boolean + +.RE +.P +Run all build scripts (ie, \fBpreinstall\fP, \fBinstall\fP, and \fBpostinstall\fP) +scripts for installed packages in the foreground process, sharing standard +input, output, and error with the main npm process\. +.P +Note that this will generally make installs run slower, and be much noisier, +but can be useful for debugging\. .SS \fBscript\-shell\fP .RS 0 .IP \(bu 2 diff --git a/deps/npm/man/man1/npm.1 b/deps/npm/man/man1/npm.1 index a26c713a11..1e2c15ebae 100644 --- a/deps/npm/man/man1/npm.1 +++ b/deps/npm/man/man1/npm.1 @@ -4,7 +4,7 @@ .SS Synopsis .SS Version .P -8\.13\.1 +8\.13\.2 .SS Description .P npm is the package manager for the Node JavaScript platform\. It puts diff --git a/deps/npm/node_modules/@npmcli/metavuln-calculator/lib/advisory.js b/deps/npm/node_modules/@npmcli/metavuln-calculator/lib/advisory.js index d30838e738..1f479a90dd 100644 --- a/deps/npm/node_modules/@npmcli/metavuln-calculator/lib/advisory.js +++ b/deps/npm/node_modules/@npmcli/metavuln-calculator/lib/advisory.js @@ -166,8 +166,8 @@ class Advisory { // we can try to be a *little* smarter up front by doing x-y for all // contiguous version sets in the list const ranges = [] - this.versions = semver.sort(this.versions) - this.vulnerableVersions = semver.sort(this.vulnerableVersions) + this.versions = semver.sort(this.versions, semverOpt) + this.vulnerableVersions = semver.sort(this.vulnerableVersions, semverOpt) for (let v = 0, vulnVer = 0; v < this.versions.length; v++) { // figure out the vulnerable subrange const vr = [this.versions[v]] diff --git a/deps/npm/node_modules/@npmcli/metavuln-calculator/package.json b/deps/npm/node_modules/@npmcli/metavuln-calculator/package.json index 2c04e0fd42..2e7209ffc7 100644 --- a/deps/npm/node_modules/@npmcli/metavuln-calculator/package.json +++ b/deps/npm/node_modules/@npmcli/metavuln-calculator/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/metavuln-calculator", - "version": "3.1.0", + "version": "3.1.1", "main": "lib/index.js", "files": [ "bin/", @@ -33,7 +33,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^3.0.1", - "@npmcli/template-oss": "3.2.0", + "@npmcli/template-oss": "3.5.0", "require-inject": "^1.4.4", "tap": "^16.0.1" }, @@ -48,6 +48,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "3.2.0" + "version": "3.5.0" } } diff --git a/deps/npm/node_modules/@npmcli/run-script/lib/escape.js b/deps/npm/node_modules/@npmcli/run-script/lib/escape.js index 5254be24bf..3c574371bc 100644 --- a/deps/npm/node_modules/@npmcli/run-script/lib/escape.js +++ b/deps/npm/node_modules/@npmcli/run-script/lib/escape.js @@ -65,7 +65,13 @@ const sh = (input) => { return result } +// disabling the no-control-regex rule for this line as we very specifically _do_ want to +// replace those characters if they somehow exist at this point, which is highly unlikely +// eslint-disable-next-line no-control-regex +const filename = (input) => input.replace(/[<>:"/\\|?*\x00-\x31]/g, '') + module.exports = { cmd, sh, + filename, } diff --git a/deps/npm/node_modules/@npmcli/run-script/lib/make-spawn-args.js b/deps/npm/node_modules/@npmcli/run-script/lib/make-spawn-args.js index 660588e3ee..47f7346301 100644 --- a/deps/npm/node_modules/@npmcli/run-script/lib/make-spawn-args.js +++ b/deps/npm/node_modules/@npmcli/run-script/lib/make-spawn-args.js @@ -30,6 +30,7 @@ const makeSpawnArgs = options => { npm_config_node_gyp, }) + const fileName = escape.filename(`${event}-${Date.now()}`) let scriptFile let script = '' @@ -61,7 +62,7 @@ const makeSpawnArgs = options => { const doubleEscape = pathToInitial.endsWith('.cmd') || pathToInitial.endsWith('.bat') - scriptFile = resolve(tmpdir(), `${event}-${Date.now()}.cmd`) + scriptFile = resolve(tmpdir(), `${fileName}.cmd`) script += '@echo off\n' script += cmd if (args.length) { @@ -71,7 +72,7 @@ const makeSpawnArgs = options => { const shebang = isAbsolute(scriptShell) ? `#!${scriptShell}` : `#!/usr/bin/env ${scriptShell}` - scriptFile = resolve(tmpdir(), `${event}-${Date.now()}.sh`) + scriptFile = resolve(tmpdir(), `${fileName}.sh`) script += `${shebang}\n` script += cmd if (args.length) { diff --git a/deps/npm/node_modules/@npmcli/run-script/package.json b/deps/npm/node_modules/@npmcli/run-script/package.json index ef8b43f772..1ce162dd8d 100644 --- a/deps/npm/node_modules/@npmcli/run-script/package.json +++ b/deps/npm/node_modules/@npmcli/run-script/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/run-script", - "version": "4.1.3", + "version": "4.1.5", "description": "Run a lifecycle script for a package (descendant of npm-lifecycle)", "author": "GitHub Inc.", "license": "ISC", @@ -17,10 +17,6 @@ "posttest": "npm run lint", "template-oss-apply": "template-oss-apply --force" }, - "tap": { - "check-coverage": true, - "coverage-map": "map.js" - }, "devDependencies": { "@npmcli/eslint-config": "^3.0.1", "@npmcli/template-oss": "3.5.0", @@ -32,7 +28,8 @@ "@npmcli/node-gyp": "^2.0.0", "@npmcli/promise-spawn": "^3.0.0", "node-gyp": "^9.0.0", - "read-package-json-fast": "^2.0.3" + "read-package-json-fast": "^2.0.3", + "which": "^2.0.2" }, "files": [ "bin/", diff --git a/deps/npm/node_modules/npm-packlist/lib/index.js b/deps/npm/node_modules/npm-packlist/lib/index.js index e4a2e76c54..bd72329f02 100644 --- a/deps/npm/node_modules/npm-packlist/lib/index.js +++ b/deps/npm/node_modules/npm-packlist/lib/index.js @@ -34,10 +34,13 @@ const glob = require('glob') const globify = pattern => pattern.split('\\').join('/') const readOutOfTreeIgnoreFiles = (root, rel, result = '') => { - for (const file of ['.gitignore', '.npmignore']) { + for (const file of ['.npmignore', '.gitignore']) { try { const ignoreContent = fs.readFileSync(path.join(root, file), { encoding: 'utf8' }) result += ignoreContent + '\n' + // break the loop immediately after concatting, this allows us to prioritize the + // .npmignore and discard the .gitignore if one exists + break } catch (err) { // we ignore ENOENT errors completely because we don't care if the file doesn't exist // but we throw everything else because failing to read a file that does exist is diff --git a/deps/npm/node_modules/npm-packlist/package.json b/deps/npm/node_modules/npm-packlist/package.json index dfa0188b4c..4c63caf21e 100644 --- a/deps/npm/node_modules/npm-packlist/package.json +++ b/deps/npm/node_modules/npm-packlist/package.json @@ -1,6 +1,6 @@ { "name": "npm-packlist", - "version": "5.1.0", + "version": "5.1.1", "description": "Get a list of the files to add from a folder into an npm package", "directories": { "test": "test" diff --git a/deps/npm/package.json b/deps/npm/package.json index a9d84ab62c..95afa528fa 100644 --- a/deps/npm/package.json +++ b/deps/npm/package.json @@ -1,5 +1,5 @@ { - "version": "8.13.1", + "version": "8.13.2", "name": "npm", "description": "a package manager for JavaScript", "workspaces": [ @@ -62,7 +62,7 @@ "@npmcli/fs": "^2.1.0", "@npmcli/map-workspaces": "^2.0.3", "@npmcli/package-json": "^2.0.0", - "@npmcli/run-script": "^4.1.3", + "@npmcli/run-script": "^4.1.5", "abbrev": "~1.1.1", "archy": "~1.0.0", "cacache": "^16.1.1", diff --git a/deps/npm/tap-snapshots/test/lib/load-all-commands.js.test.cjs b/deps/npm/tap-snapshots/test/lib/load-all-commands.js.test.cjs index 13a3b06fe3..57dd612666 100644 --- a/deps/npm/tap-snapshots/test/lib/load-all-commands.js.test.cjs +++ b/deps/npm/tap-snapshots/test/lib/load-all-commands.js.test.cjs @@ -746,7 +746,7 @@ npm run-script <command> [-- <args>] Options: [-w|--workspace <workspace-name> [-w|--workspace <workspace-name> ...]] [-ws|--workspaces] [--include-workspace-root] [--if-present] [--ignore-scripts] -[--script-shell <script-shell>] +[--foreground-scripts] [--script-shell <script-shell>] aliases: run, rum, urn diff --git a/deps/npm/tap-snapshots/test/lib/npm.js.test.cjs b/deps/npm/tap-snapshots/test/lib/npm.js.test.cjs index c59252f9e8..5ae34e8687 100644 --- a/deps/npm/tap-snapshots/test/lib/npm.js.test.cjs +++ b/deps/npm/tap-snapshots/test/lib/npm.js.test.cjs @@ -790,7 +790,7 @@ All commands: Options: [-w|--workspace <workspace-name> [-w|--workspace <workspace-name> ...]] [-ws|--workspaces] [--include-workspace-root] [--if-present] [--ignore-scripts] - [--script-shell <script-shell>] + [--foreground-scripts] [--script-shell <script-shell>] aliases: run, rum, urn |