Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deps: upgrade npm to 5.0.0 #13276

Closed
wants to merge 1 commit into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1,581 changes: 70 additions & 1,511 deletions deps/npm/CHANGELOG.md

Large diffs are not rendered by default.

32 changes: 23 additions & 9 deletions deps/npm/TODO.org
Original file line number Diff line number Diff line change
@@ -1,4 +1,18 @@
* Finished
* [COMPLETED] npm: remove packageIntegrity
* [COMPLETED] npm: fix lifecycle stuff
* pack:
* pre-: immediately before tarball contents are packed. Need to re-read package.json immediately after
* pack: No pack lifecycle
* post-: immediately after tarball reaches its final destination (not immediately after packaging)
* prepare: `npm install`, immediately before `postinstall`, and immediately before `prepack`, never if `--prod`, after prepublish, before prepublishOnly
* prepublish: alias for `prepare`
* prepublishOnly: ONLY on `npm publish` (never on `npm pack`), runs before prepack (which takes care of re-reading package.json), re-reads package.json immediately after
* [COMPLETED] pacote: fix always-auth bug
* [COMPLETED] pacote: figure out why cache is being written as root
* [COMPLETED] npm: make `npm update` save files as the right type
* [COMPLETED] npm: update docs with npm5 changes
* [COMPLETED] npm: don't write "problems" into package-lock
* [COMPLETED] npm: add `created-with`, `shrinkwrap-version`, and `package-integrity`
* [COMPLETED] npm: warn on incompatible package-lock version
* [COMPLETED] npm: warn if both shrinkwrap and package-lock are there
Expand Down Expand Up @@ -46,6 +60,12 @@
* [COMPLETED] npm: fix bundle replacement issues (see: npm i nyc warning spam)
* need fromBundle attribute on shrinkwrap and pass it through. the sw.version && sw.integrity-based fake node needs to have this there.
* Backlog
* [TODO] make-fetch-happen: integrity failures are being thrown
* [TODO] write-file-atomic: review https://github.com/npm/write-file-atomic/pull/22
* [TODO] pacote: write tests for git handlers
* https://github.com/zkat/pacote/issues/70
* [TODO] pacote: offline feature support for git deps
* [TODO] npm: get logging working during the recalculateMetadata spam
* [TODO] pacote: opts.extraHeaders
* https://github.com/zkat/pacote/issues/79
* [TODO] pacote: ECONNRESET recovery
Expand All @@ -59,14 +79,8 @@
* https://github.com/zkat/make-fetch-happen/issues/16
* [TODO] make-fetch-happen: retry notification
* https://github.com/zkat/make-fetch-happen/issues/21
* [TODO] npm: move addBundled call from inflate-shrinkwrap to extract
* fix the fucking bundling thing while at it
* [TODO] npm: more informative logging when building git deps
* Needed for npm@5
* [TODO] pacote: write tests for git handlers
* https://github.com/zkat/pacote/issues/70
* [TODO] pacote: offline feature support for git deps
* [TODO] npm: get logging working during the recalculateMetadata spam
* [TODO] write-file-atomic: review https://github.com/npm/write-file-atomic/pull/22
* Active
* [TODO] npm: make `npm update` save files as the right type
* [TODO] node: track down lifecycle signal failure
* [TODO] npm: figure out https://github.com/npm/npm/issues/16665
* [TODO] npm: first-run notice about npm5 still having known issues
1 change: 0 additions & 1 deletion deps/npm/appveyor.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ install:
- ps: Install-Product node $env:nodejs_version $env:platform
- npm config set spin false
- npm rebuild
- npm i -g "npm/npm#release-beta-5"
- node . install -g .
- set "PATH=%APPDATA%\npm;C:\Program Files\Git\mingw64\libexec;%PATH%"
- npm install --loglevel=http
Expand Down
1,566 changes: 1,566 additions & 0 deletions deps/npm/changelogs/CHANGELOG-4.md

Large diffs are not rendered by default.

60 changes: 36 additions & 24 deletions deps/npm/doc/cli/npm-cache.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,11 @@ npm-cache(1) -- Manipulates packages cache
npm cache add <tarball url>
npm cache add <name>@<version>

npm cache ls [<path>]

npm cache clean [<path>]
aliases: npm cache clear, npm cache rm

npm cache verify

## DESCRIPTION

Used to add, list, or clean the npm cache folder.
Expand All @@ -22,35 +22,45 @@ Used to add, list, or clean the npm cache folder.
intended to be used internally by npm, but it can provide a way to
add data to the local installation cache explicitly.

* ls:
Show the data in the cache. Argument is a path to show in the cache
folder. Works a bit like the `find` program, but limited by the
`depth` config.

* clean:
Delete data out of the cache folder. If an argument is provided, then
it specifies a subpath to delete. If no argument is provided, then
the entire cache is deleted.
Delete all data out of the cache folder.

* verify:
Verify the contents of the cache folder, garbage collecting any unneeded data,
and verifying the integrity of the cache index and all cached data.

## DETAILS

npm stores cache data in the directory specified in `npm config get cache`.
For each package that is added to the cache, three pieces of information are
stored in `{cache}/{name}/{version}`:
npm stores cache data in an opaque directory within the configured `cache`,
named `_cacache`. This directory is a `cacache`-based content-addressable cache
that stores all http request data as well as other package-related data. This
directory is primarily accessed through `pacote`, the library responsible for
all package fetching as of npm@5.

All data that passes through the cache is fully verified for integrity on both
insertion and extraction. Cache corruption will either trigger an error, or
signal to `pacote` that the data must be refetched, which it will do
automatically. For this reason, it should never be necessary to clear the cache
for any reason other than reclaiming disk space, thus why `clean` now requires
`--force` to run.

There is currently no method exposed through npm to inspect or directly manage
the contents of this cache. In order to access it, `cacache` must be used
directly.

npm will not remove data by itself: the cache will grow as new packages are
installed.

* .../package/package.json:
The package.json file, as npm sees it.
* .../package.tgz:
The tarball for that version.
## A NOTE ABOUT THE CACHE'S DESIGN

Additionally, whenever a registry request is made, a `.cache.json` file
is placed at the corresponding URI, to store the ETag and the requested
data. This is stored in `{cache}/{hostname}/{path}/.cache.json`.
The npm cache is strictly a cache: it should not be relied upon as a persistent
and reliable data store for package data. npm makes no guarantee that a
previously-cached piece of data will be available later, and will automatically
delete corrupted contents. The primary guarantee that the cache makes is that,
if it does return data, that data will be exactly the data that was inserted.

Commands that make non-essential registry requests (such as `search` and
`view`, or the completion scripts) generally specify a minimum timeout.
If the `.cache.json` file is younger than the specified timeout, then
they do not make an HTTP request to the registry.
To run an offline verification of existing cache contents, use `npm cache
verify`.

## CONFIGURATION

Expand All @@ -69,3 +79,5 @@ The root cache folder.
* npm-install(1)
* npm-publish(1)
* npm-pack(1)
* https://npm.im/cacache
* https://npm.im/pacote
Loading