From 6083c4dc102b4da306faaf81469e33687f30daf1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kat=20March=C3=A1n?= <kzm@sykosomatic.org>
Date: Sun, 28 May 2017 21:04:08 -0700
Subject: deps: upgrade npm to 5.0.0

PR-URL: https://github.com/nodejs/node/pull/13276
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
---
 deps/npm/doc/cli/npm-publish.md | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'deps/npm/doc/cli/npm-publish.md')

diff --git a/deps/npm/doc/cli/npm-publish.md b/deps/npm/doc/cli/npm-publish.md
index caf1fd2430..892786b61d 100644
--- a/deps/npm/doc/cli/npm-publish.md
+++ b/deps/npm/doc/cli/npm-publish.md
@@ -48,6 +48,10 @@ Once a package is published with a given name and version, that
 specific name and version combination can never be used again, even if
 it is removed with npm-unpublish(1).
 
+As of `npm@5`, both a sha1sum and an integrity field with a sha512sum of the
+tarball will be submitted to the registry during publication. Subsequent
+installs will use the strongest supported algorithm to verify downloads.
+
 For a "dry run" that does everything except actually publishing to the
 registry, see `npm-pack(1)`, which figures out the files to be included and
 packs them into a tarball to be uploaded to the registry.
-- 
cgit v1.2.1