deps: upgrade npm in LTS to 2.15.1

PR-URL: https://github.com/nodejs/node/pull/5968

deps/npm/.mailmap

@@ -0,0 +1,53 @@
+Alex K. Wolfe <alexkwolfe@gmail.com>
+Andrew Bradley <cspotcode@gmail.com>
+Andrew Lunny <alunny@gmail.com>
+Arlo Breault <arlolra@gmail.com>
+Benjamin Coe <bencoe@gmail.com>
+Benjamin Coe <bencoe@gmail.com> <ben@npmjs.com>
+Brian White <mscdex@mscdex.net> <mscdex@gmail.com>
+Cedric Nelson <cedric.nelson@gmail.com>
+Charlie Robbins <charlie.robbins@gmail.com>
+Dalmais Maxence <root@ip-10-195-202-5.ec2.internal>
+Danila Gerasimov <danila.gerasimov@gmail.com>
+David Beitey <david@davidjb.com>
+Domenic Denicola <domenic@domenicdenicola.com>
+Einar Otto Stangvik <einaros@gmail.com>
+Erik Wienhold <git@ewie.name>
+Evan Lucas <evan@btc.com> <evan.lucas@hattiesburgclinic.com>
+Evan Lucas <evan@btc.com> <evanlucas@me.com>
+Faiq Raza <faiqrazarizvi@gmail.com>
+Forbes Lindesay <forbes@lindesay.co.uk>
+Forrest L Norvell <ogd@aoaioxxysz.net> <forrest@npmjs.com>
+Gabriel Barros <descartavel1@gmail.com>
+Geoff Flarity <geoff.flarity@gmail.com> <gflarity@raptvm-x02.(none)>
+Isaac Z. Schlueter <i@izs.me> <i@foohack.com>
+Isaac Z. Schlueter <i@izs.me> isaacs <i@izs.me>
+Jake Verbaten <raynos2@gmail.com>
+James Sanders <jimmyjazz14@gmail.com>
+Jason Smith <jhs@iriscouch.com>
+Jonas Weber <github@jonasw.de>
+Julien Meddah <julien.meddah@deveryware.com>
+Kris Windham <kriswindham@gmail.com>
+Lin Clark <lin.w.clark@gmail.com>
+Luke Arduini <luke.arduini@gmail.com> <luke.arduini@me.com>
+Maciej Małecki <me@mmalecki.com> <maciej.malecki@notimplemented.org>
+Max Goodman <c@chromakode.com>
+Maxim Bogushevich <boga1@mail.ru>
+Maximilian Antoni <mail@maxantoni.de> <maximilian.antoni@juliusbaer.com>
+Michael Hayes <michael@hayes.io> <mhayes@newrelic.com>
+Nicolas Morel <marsup@gmail.com>
+Olivier Melcher <olivier.melcher@gmail.com>
+Ra'Shaun Stovall <rashaunstovall@gmail.com>
+Rebecca Turner <me@re-becca.org> <turner@mikomi.org>
+Rebecca Turner <me@re-becca.org> <rebecca@npmjs.com>
+Ryan Emery <seebees@gmail.com>
+Sam Mikes <smikes@cubane.com>
+Takaya Kobayashi <jigsaw@live.jp>
+Timo Weiß <timoweiss@Timo-MBP.local>
+Tony <zearin@gonk.net>
+Trent Mick <trentm@gmail.com> <trent.mick@joyent.com>
+Visnu Pitiyanuvath <visnupx@gmail.com>
+Will Elwood <w.elwood08@gmail.com>
+Wout Mertens <Wout.Mertens@gmail.com>
+Yeonghoon Park <sola92@gmail.com>
+Zeke Sikelianos <zeke@sikelianos.com>

deps/npm/.npmignore

@@ -7,6 +7,7 @@ npm-debug.log
 /test/packages/npm-test-depends-on-spark/which-spark.log
 /test/packages/test-package/random-data.txt
 /test/root
+/test/npm_cache
 node_modules/marked
 node_modules/ronn
 node_modules/tap
@@ -25,3 +26,5 @@ html/*.png
 /npm-*.tgz
 
 *.pyc
+
+/test/tap/builtin-config

deps/npm/.npmrc

@@ -1,2 +0,0 @@
-save-prefix = ~
-proprietary-attribs = false

deps/npm/.travis.yml

@@ -1,5 +1,18 @@
 language: node_js
-script: "npm run-script tap"
+sudo: false
 node_js:
-  - "0.11"
+  - "5"
+  - "4"
+  - iojs
+  - "0.12"
   - "0.10"
+  - "0.8"
+env:
+  - DEPLOY_VERSION=testing
+before_install:
+  - "npm config set spin false"
+  - "npm install -g npm/npm#2.x"
+  - "mkdir -p /var/run/couchdb"
+script: "npm test"
+notifications:
+    slack: npm-inc:kRqQjto7YbINqHPb1X6nS3g8

deps/npm/AUTHORS

@@ -4,8 +4,6 @@ Steve Steiner <ssteinerX@gmail.com>
 Mikeal Rogers <mikeal.rogers@gmail.com>
 Aaron Blohowiak <aaron.blohowiak@gmail.com>
 Martyn Smith <martyn@dollyfish.net.nz>
-Mathias Pettersson <mape@mape.me>
-Brian Hammond <brian@fictorial.com>
 Charlie Robbins <charlie.robbins@gmail.com>
 Francisco Treacy <francisco.treacy@gmail.com>
 Cliffano Subagio <cliffano@gmail.com>
@@ -16,7 +14,6 @@ James Sanders <jimmyjazz14@gmail.com>
 Reid Burke <me@reidburke.com>
 Arlo Breault <arlolra@gmail.com>
 Timo Derstappen <teemow@gmail.com>
-Bradley Meck <bradley.meck@gmail.com>
 Bart Teeuwisse <bart.teeuwisse@thecodemill.biz>
 Ben Noordhuis <info@bnoordhuis.nl>
 Tor Valamo <tor.valamo@gmail.com>
@@ -25,36 +22,42 @@ Olivier Melcher <olivier.melcher@gmail.com>
 Tomaž Muraus <kami@k5-storitve.net>
 Evan Meagher <evan.meagher@gmail.com>
 Orlando Vazquez <ovazquez@gmail.com>
+Kai Chen <kaichenxyz@gmail.com>
 George Miroshnykov <gmiroshnykov@lohika.com>
 Geoff Flarity <geoff.flarity@gmail.com>
+Max Goodman <c@chromakode.com>
 Pete Kruckenberg <pete@kruckenberg.com>
 Laurie Harper <laurie@holoweb.net>
 Chris Wong <chris@chriswongstudio.com>
-Max Goodman <c@chromacode.com>
 Scott Bronson <brons_github@rinspin.com>
 Federico Romero <federomero@gmail.com>
 Visnu Pitiyanuvath <visnupx@gmail.com>
 Irakli Gozalishvili <rfobic@gmail.com>
 Mark Cahill <mark@tiemonster.info>
-Zearin <zearin@gonk.net>
+Tony <zearin@gonk.net>
 Iain Sproat <iainsproat@gmail.com>
 Trent Mick <trentm@gmail.com>
 Felix Geisendörfer <felix@debuggable.com>
-Conny Brunnkvist <cbrunnkvist@gmail.com>
+Jameson Little <t.jameson.little@gmail.com>
+Conny Brunnkvist <conny@fuchsia.se>
 Will Elwood <w.elwood08@gmail.com>
+Dean Landolt <dean@deanlandolt.com>
 Oleg Efimov <efimovov@gmail.com>
 Martin Cooper <mfncooper@gmail.com>
-Jameson Little <t.jameson.little@gmail.com>
-cspotcode <cspotcode@gmail.com>
-Maciej Małecki <maciej.malecki@notimplemented.org>
+Jann Horn <jannhorn@googlemail.com>
+Andrew Bradley <cspotcode@gmail.com>
+Maciej Małecki <me@mmalecki.com>
 Stephen Sugden <glurgle@gmail.com>
+Michael Budde <mbudde@gmail.com>
+Jason Smith <jhs@iriscouch.com>
 Gautham Pai <buzypi@gmail.com>
 David Trejo <david.daniel.trejo@gmail.com>
 Paul Vorbach <paul@vorb.de>
 George Ornbo <george@shapeshed.com>
 Tim Oxley <secoif@gmail.com>
 Tyler Green <tyler.green2@gmail.com>
-atomizer <danila.gerasimov@gmail.com>
+Dave Pacheco <dap@joyent.com>
+Danila Gerasimov <danila.gerasimov@gmail.com>
 Rod Vagg <rod@vagg.org>
 Christian Howe <coderarity@gmail.com>
 Andrew Lunny <alunny@gmail.com>
@@ -63,7 +66,7 @@ Adam Blackburn <regality@gmail.com>
 Kris Windham <kriswindham@gmail.com>
 Jens Grunert <jens.grunert@gmail.com>
 Joost-Wim Boekesteijn <joost-wim@boekesteijn.nl>
-Dalmais Maxence <github@maxired.fr>
+Dalmais Maxence <root@ip-10-195-202-5.ec2.internal>
 Marcus Ekwall <marcus.ekwall@gmail.com>
 Aaron Stacy <aaron.r.stacy@gmail.com>
 Phillip Howell <phowell@cothm.org>
@@ -71,88 +74,281 @@ Domenic Denicola <domenic@domenicdenicola.com>
 James Halliday <mail@substack.net>
 Jeremy Cantrell <jmcantrell@gmail.com>
 Ribettes <patlogan29@gmail.com>
-Einar Otto Stangvik <einaros@gmail.com>
 Don Park <donpark@docuverse.com>
+Einar Otto Stangvik <einaros@gmail.com>
 Kei Son <heyacct@gmail.com>
 Nicolas Morel <marsup@gmail.com>
 Mark Dube <markisdee@gmail.com>
 Nathan Rajlich <nathan@tootallnate.net>
 Maxim Bogushevich <boga1@mail.ru>
-Justin Beckwith <justbe@microsoft.com>
 Meaglin <Meaglin.wasabi@gmail.com>
 Ben Evans <ben@bensbit.co.uk>
 Nathan Zadoks <nathan@nathan7.eu>
-Brian White <mscdex@gmail.com>
+Brian White <mscdex@mscdex.net>
 Jed Schmidt <tr@nslator.jp>
 Ian Livingstone <ianl@cs.dal.ca>
 Patrick Pfeiffer <patrick@buzzle.at>
 Paul Miller <paul@paulmillr.com>
-seebees <seebees@gmail.com>
+Ryan Emery <seebees@gmail.com>
 Carl Lange <carl@flax.ie>
 Jan Lehnardt <jan@apache.org>
-Alexey Kreschuk <akrsch@gmail.com>
-Di Wu <dwu@palantir.com>
-Florian Margaine <florian@margaine.com>
-Forbes Lindesay <forbes@lindesay.co.uk>
-Ian Babrou <ibobrik@gmail.com>
-Jaakko Manninen <jaakko@rocketpack.fi>
-Johan Nordberg <its@johan-nordberg.com>
+Stuart P. Bentley <stuart@testtrack4.com>
 Johan Sköld <johan@skold.cc>
-Larz Conwell <larz@larz-laptop.(none)>
+Stuart Knightley <stuart@stuartk.com>
+Niggler <nirk.niggler@gmail.com>
+Paolo Fragomeni <paolo@async.ly>
+Jaakko Manninen <jaakko@rocketpack.fi>
 Luke Arduini <luke.arduini@gmail.com>
+Larz Conwell <larz@larz-laptop.(none)>
 Marcel Klehr <mklehr@gmx.net>
-Mathias Bynens <mathias@qiwi.be>
-Matt Lunn <matt@mattlunn.me.uk>
-Matt McClure <matt.mcclure@mapmyfitness.com>
-Nirk Niggler <nirk.niggler@gmail.com>
-Paolo Fragomeni <paolo@async.ly>
-Jake Verbaten (Raynos) <raynos2@gmail.com>
 Robert Kowalski <rok@kowalski.gd>
-Schabse Laks <Dev@SLaks.net>
-Stuart Knightley <stuart@stuartk.com>
-Stuart P. Bentley <stuart@testtrack4.com>
+Forbes Lindesay <forbes@lindesay.co.uk>
 Vaz Allen <vaz@tryptid.com>
+Jake Verbaten <raynos2@gmail.com>
+Schabse Laks <Dev@SLaks.net>
+Florian Margaine <florian@margaine.com>
+Johan Nordberg <its@johan-nordberg.com>
+Ian Babrou <ibobrik@gmail.com>
+Di Wu <dwu@palantir.com>
+Mathias Bynens <mathias@qiwi.be>
+Matt McClure <matt.mcclure@mapmyfitness.com>
+Matt Lunn <matt@mattlunn.me.uk>
+Alexey Kreschuk <akrsch@gmail.com>
 elisee <elisee@sparklin.org>
-Evan You <yyx990803@gmail.com>
-Wil Moore III <wil.moore@wilmoore.com>
-Dylan Greene <dylang@gmail.com>
-zeke <zeke@sikelianos.com>
-Andrew Horton <andrew.j.horton@gmail.com>
-Denis Gladkikh <outcoldman@gmail.com>
-Daniel Santiago <daniel.santiago@highlevelwebs.com>
-Alex Kocharin <alex@kocharin.ru>
-Evan Lucas <evanlucas@me.com>
-Steve Mason <stevem@brandwatch.com>
-Quinn Slack <qslack@qslack.com>
-Sébastien Santoro <dereckson@espace-win.org>
-CamilleM <camille.moulin@alterway.fr>
-Tom Huang <hzlhu.dargon@gmail.com>
-Sergey Belov <peimei@ya.ru>
-Younghoon Park <sola92@gmail.com>
-Yazhong Liu <yorkiefixer@gmail.com>
-Mikola Lysenko <mikolalysenko@gmail.com>
-Rafael de Oleza <rafa@spotify.com>
-Yeonghoon Park <sola92@gmail.com>
-Franck Cuny <franck.cuny@gmail.com>
+Robert Gieseke <robert.gieseke@gmail.com>
+François Frisch <francoisfrisch@gmail.com>
+Trevor Burnham <tburnham@hubspot.com>
 Alan Shaw <alan@freestyle-developments.co.uk>
-Alex Rodionov <p0deje@gmail.com>
-Alexej Yaroshevich <alex@qfox.ru>
+TJ Holowaychuk <tj@vision-media.ca>
+Nicholas Kinsey <pyro@feisty.io>
+Paulo Cesar <pauloc062@gmail.com>
 Elan Shanker <elan.shanker@gmail.com>
-François Frisch <francoisfrisch@gmail.com>
-Gabriel Falkenberg <gabriel.falkenberg@gmail.com>
+Jon Spencer <jon@jonspencer.ca>
 Jason Diamond <jason@diamond.name>
+Maximilian Antoni <mail@maxantoni.de>
+Thom Blake <tblake@brightroll.com>
 Jess Martin <jessmartin@gmail.com>
-Jon Spencer <jon@jonspencer.ca>
-Matt Colyer <matt@colyer.name>
-Matt McClure <matt.mcclure@mapmyfitness.com>
-Maximilian Antoni <maximilian.antoni@juliusbaer.com>
-Nicholas Kinsey <pyro@feisty.io>
-Paulo Cesar <pauloc062@gmail.com>
-Quim Calpe <quim@kalpe.com>
-Robert Gieseke <robert.gieseke@gmail.com>
 Spain Train <michael.spainhower@opower.com>
-TJ Holowaychuk <tj@vision-media.ca>
-Thom Blake <tblake@brightroll.com>
-Trevor Burnham <tburnham@hubspot.com>
+Alex Rodionov <p0deje@gmail.com>
+Matt Colyer <matt@colyer.name>
+Evan You <yyx990803@gmail.com>
 bitspill <bitspill+github@bitspill.net>
+Gabriel Falkenberg <gabriel.falkenberg@gmail.com>
+Alexej Yaroshevich <alex@qfox.ru>
+Quim Calpe <quim@kalpe.com>
+Steve Mason <stevem@brandwatch.com>
+Wil Moore III <wil.moore@wilmoore.com>
+Sergey Belov <peimei@ya.ru>
+Tom Huang <hzlhu.dargon@gmail.com>
+CamilleM <camille.moulin@alterway.fr>
+Sébastien Santoro <dereckson@espace-win.org>
+Evan Lucas <evan@btc.com>
+Quinn Slack <qslack@qslack.com>
+Alex Kocharin <alex@kocharin.ru>
+Daniel Santiago <daniel.santiago@highlevelwebs.com>
+Denis Gladkikh <outcoldman@gmail.com>
+Andrew Horton <andrew.j.horton@gmail.com>
+Zeke Sikelianos <zeke@sikelianos.com>
+Dylan Greene <dylang@gmail.com>
+Franck Cuny <franck.cuny@gmail.com>
+Yeonghoon Park <sola92@gmail.com>
+Rafael de Oleza <rafa@spotify.com>
+Mikola Lysenko <mikolalysenko@gmail.com>
+Yazhong Liu <yorkiefixer@gmail.com>
 Neil Gentleman <ngentleman@gmail.com>
+Kris Kowal <kris.kowal@cixar.com>
+Alex Gorbatchev <alex.gorbatchev@gmail.com>
+Shawn Wildermuth <shawn@wildermuth.com>
+Wesley de Souza <wesleywex@gmail.com>
+yoyoyogi <yogesh.k@gmail.com>
+J. Tangelder <j.tangelder@gmail.com>
+Jean Lauliac <jean@lauliac.com>
+Andrey Kislyuk <kislyuk@gmail.com>
+Thorsten Lorenz <thlorenz@gmx.de>
+Julian Gruber <julian@juliangruber.com>
+Benjamin Coe <bencoe@gmail.com>
+Alex Ford <Alex.Ford@CodeTunnel.com>
+Matt Hickford <matt.hickford@gmail.com>
+Sean McGivern <sean.mcgivern@rightscale.com>
+C J Silverio <ceejceej@gmail.com>
+Robin Tweedie <robin@songkick.com>
+Miroslav Bajtoš <miroslav@strongloop.com>
+David Glasser <glasser@davidglasser.net>
+Gianluca Casati <casati_gianluca@yahoo.it>
+Forrest L Norvell <ogd@aoaioxxysz.net>
+Karsten Tinnefeld <k.tinnefeld@googlemail.com>
+Bryan Burgers <bryan@burgers.io>
+David Beitey <david@davidjb.com>
+Evan You <yyou@google.com>
+Zach Pomerantz <zmp@umich.edu>
+Chris Williams <cwilliams88@gmail.com>
+sudodoki <smd.deluzion@gmail.com>
+Mick Thompson <dthompson@gmail.com>
+Felix Rabe <felix@rabe.io>
+Michael Hayes <michael@hayes.io>
+Chris Dickinson <christopher.s.dickinson@gmail.com>
+Bradley Meck <bradley.meck@gmail.com>
+GeJ <geraud@gcu.info>
+Andrew Terris <atterris@gmail.com>
+Michael Nisi <michael.nisi@gmail.com>
+fengmk2 <fengmk2@gmail.com>
+Adam Meadows <adam.meadows@gmail.com>
+Chulki Lee <chulki.lee@gmail.com>
+不四 <busi.hyy@taobao.com>
+dead_horse <dead_horse@qq.com>
+Kenan Yildirim <kenan@kenany.me>
+Laurie Voss <git@seldo.com>
+Rebecca Turner <me@re-becca.org>
+Hunter Loftis <hunter@hunterloftis.com>
+Peter Richardson <github@zoomy.net>
+Jussi Kalliokoski <jussi.kalliokoski@gmail.com>
+Filip Weiss <me@fiws.net>
+Timo Weiß <timoweiss@Timo-MBP.local>
+Christopher Hiller <chiller@badwing.com>
+Jérémy Lal <kapouer@melix.org>
+Anders Janmyr <anders@janmyr.com>
+Chris Meyers <chris.meyers.fsu@gmail.com>
+Ludwig Magnusson <ludwig@mediatool.com>
+Wout Mertens <Wout.Mertens@gmail.com>
+Nick Santos <nick@medium.com>
+Terin Stock <terinjokes@gmail.com>
+Faiq Raza <faiqrazarizvi@gmail.com>
+Thomas Torp <thomas@erupt.no>
+Sam Mikes <smikes@cubane.com>
+Mat Tyndall <mat.tyndall@gmail.com>
+Tauren Mills <tauren@sportzing.com>
+Ron Martinez <ramartin.net@gmail.com>
+Kazuhito Hokamura <k.hokamura@gmail.com>
+Tristan Davies <github@tristan.io>
+David Volm <david@volminator.com>
+Lin Clark <lin.w.clark@gmail.com>
+Ben Page <bpage@dewalch.com>
+Jeff Jo <jeffjo@squareup.com>
+martinvd <martinvdpub@gmail.com>
+Mark J. Titorenko <nospam-github.com@titorenko.net>
+Oddur Sigurdsson <oddurs@gmail.com>
+Eric Mill <eric@konklone.com>
+Gabriel Barros <descartavel1@gmail.com>
+KevinSheedy <kevinsheedy@gmail.com>
+Aleksey Smolenchuk <aleksey@uber.com>
+Ed Morley <emorley@mozilla.com>
+Blaine Bublitz <blaine@iceddev.com>
+Andrey Fedorov <anfedorov@gmail.com>
+Daijiro Wachi <daijiro.wachi@gmail.com>
+Luc Thevenard <lucthevenard@gmail.com>
+Aria Stewart <aredridel@nbtsc.org>
+Charlie Rudolph <charles.w.rudolph@gmail.com>
+Vladimir Rutsky <rutsky@users.noreply.github.com>
+Isaac Murchie <isaac@saucelabs.com>
+Marcin Wosinek <marcin.wosinek@gmail.com>
+David Marr <davemarr@gmail.com>
+Bryan English <bryan@bryanenglish.com>
+Anthony Zotti <amZotti@users.noreply.github.com>
+Karl Horky <karl.horky@gmail.com>
+Jordan Harband <ljharb@gmail.com>
+Guðlaugur Stefán Egilsson <gulli@kolibri.is>
+Helge Skogly Holm <helge.holm@gmail.com>
+Peter A. Shevtsov <petr.shevtsov@gmail.com>
+Alain Kalker <a.c.kalker@gmail.com>
+Bryant Williams <b.n.williams@gmail.com>
+Jonas Weber <github@jonasw.de>
+Tim Whidden <twhid@twhid.com>
+Andreas <functino@users.noreply.github.com>
+Karolis Narkevicius <karolis.n@gmail.com>
+Adrian Lynch <adi_ady_ade@hotmail.com>
+Richard Littauer <richard.littauer@gmail.com>
+Oli Evans <oli@zilla.org.uk>
+Matt Brennan <mattyb1000@gmail.com>
+Jeff Barczewski <jeff.barczewski@gmail.com>
+Danny Fritz <dannyfritz@gmail.com>
+Takaya Kobayashi <jigsaw@live.jp>
+Ra'Shaun Stovall <rashaunstovall@gmail.com>
+Julien Meddah <julien.meddah@deveryware.com>
+Michiel Sikma <michiel@wedemandhtml.com>
+Jakob Krigovsky <jakob.krigovsky@gmail.com>
+Charmander <~@charmander.me>
+Erik Wienhold <git@ewie.name>
+James Butler <james.butler@sandfox.co.uk>
+Kevin Kragenbrink <kevin@gaikai.com>
+Arnaud Rinquin <rinquin.arnaud@gmail.com>
+Mike MacCana <mike.maccana@gmail.com>
+Antti Mattila <anttti@fastmail.fm>
+laiso <laiso@lai.so>
+Matt Zorn <zornme@gmail.com>
+Kyle Mitchell <kyle@kemitchell.com>
+Jeremiah Senkpiel <fishrock123@rocketmail.com>
+Michael Klein <mischkl@users.noreply.github.com>
+Simen Bekkhus <sbekkhus91@gmail.com>
+Victor <victor.shih@gmail.com>
+thefourtheye <thechargingvolcano@gmail.com>
+Clay Carpenter <claycarpenter@gmail.com>
+bangbang93 <bangbang93@163.com>
+Nick Malaguti <nmalaguti@palantir.com>
+Cedric Nelson <cedric.nelson@gmail.com>
+Kat Marchán <kzm@sykosomatic.org>
+Andrew <talktome@aboutandrew.co.uk>
+Eduardo Pinho <enet4mikeenet@gmail.com>
+Rachel Hutchison <rhutchix@intel.com>
+Ryan Temple <ryantemple145@gmail.com>
+Eugene Sharygin <eush77@gmail.com>
+Nick Heiner <nick.heiner@opower.com>
+James Talmage <james@talmage.io>
+jane arc <jane@uber.com>
+Joseph Dykstra <josephdykstra@gmail.com>
+Joshua Egan <josh-egan@users.noreply.github.com>
+Thomas Cort <thomasc@ssimicro.com>
+Thaddee Tyl <thaddee.tyl@gmail.com>
+Steve Klabnik <steve@steveklabnik.com>
+Andrew Murray <radarhere@gmail.com>
+Stephan Bönnemann <stephan@excellenteasy.com>
+Kyle M. Tarplee <kyle.tarplee@numerica.us>
+Derek Peterson <derekpetey@gmail.com>
+Greg Whiteley <greg.whiteley@atomos.com>
+murgatroid99 <mlumish@google.com>
+Marcin Cieslak <saper@saper.info>
+João Reis <reis@janeasystems.com>
+Matthew Hasbach <hasbach.git@gmail.com>
+Anna Henningsen <sqrt@entless.org>
+Jon Hall <jon_hall@outlook.com>
+James Hartig <james@levenlabs.com>
+snopeks <stephaniesnopek@gmail.com>
+Jason Kurian <JaKXz@users.noreply.github.com>
+Juan Caicedo <retiredcanadianpoet@gmail.com>
+Ashley Williams <ashley@bocoup.com>
+Andrew Marcinkevičius <andrew.web@ifdattic.com>
+Jorrit Schippers <jorrit@ncode.nl>
+Alex Lukin <alex.lukin@softgrad.com>
+Aria Stewart <aredridel@dinhe.net>
+Tim <tim-github@baverstock.org.uk>
+Nick Williams <WickyNilliams@users.noreply.github.com>
+Louis Larry <louis.larry@gmail.com>
+Jakub Gieryluk <jakub.g.opensource@gmail.com>
+Martin von Gagern <Martin.vGagern@gmx.net>
+Eymen Gunay <eymen@egunay.com>
+ekmartin <mail@ekmartin.com>
+Rafał Pocztarski <r.pocztarski@gmail.com>
+Ashley Williams <ashley666ashley@gmail.com>
+Mark Reeder <mreeder@uber.com>
+Tiago Rodrigues <tmcrodrigues@gmail.com>
+Chris Rebert <github@chrisrebert.com>
+Jeff McMahan <jeffrey.lee.mcmahan@gmail.com>
+Scott Addie <tobias.addie@gmail.com>
+Julian Simioni <julian@simioni.org>
+Jimb Esser <jimb@yahoo-inc.com>
+Hal Henke <halhenke@gmail.com>
+Alexis Campailla <alexis@janeasystems.com>
+Beau Gunderson <beau@beaugunderson.com>
+s100 <shughes1@uk.ibm.com>
+Jonathan Persson <persson.jonathan@gmail.com>
+Vedat Mahir YILMAZ <mahir@vedatmahir.com>
+Jan Schär <jscissr@gmail.com>
+Xcat Liu <xcatliu@gmail.com>
+Neil Kistner <neil.kistner@gmail.com>
+Hutson Betts <hbetts@factset.com>
+Sergey Simonchik <sergey.simonchik@jetbrains.com>
+Lewis Cowper <lewis.cowper@googlemail.com>
+Arturo Coronel <aoitsu3@gmail.com>
+Scott Plumlee <scott@plumlee.org>
+gnerkus <ifeanyioraelosi@gmail.com>
+Robert Ludwig <rob.ludwig@rideamigos.com>
+Adam Byrne <misterbyrne@gmail.com>

deps/npm/CONTRIBUTING.md

@@ -7,3 +7,6 @@
   issues](https://github.com/npm/npm/search?q=Similar%20issues&type=Issues).
 * Ensure your new issue conforms to the [Contributing
   Guidelines](https://github.com/npm/npm/wiki/Contributing-Guidelines).
+
+Participation in this open source project is subject to the [npm Code
+of Conduct](http://www.npmjs.com/policies/conduct).

deps/npm/LICENSE

@@ -1,11 +1,29 @@
+The npm application
 Copyright (c) npm, Inc. and Contributors
-All rights reserved.
+Licensed on the terms of The Artistic License 2.0
 
-npm is released under the Artistic License 2.0, subject to additional terms
-that are listed below.
+Node package dependencies of the npm application
+Copyright (c) their respective copyright owners
+Licensed on their respective license terms
 
-The text of the npm License follows and the text of the additional terms
-follows the Artistic License 2.0 terms:
+The npm public registry at https://registry.npmjs.org
+and the npm website at https://www.npmjs.com
+Operated by npm, Inc.
+Use governed by terms published on https://www.npmjs.com
+
+"Node.js"
+Trademark Joyent, Inc., https://joyent.com
+Neither npm nor npm, Inc. are affiliated with Joyent, Inc.
+
+The Node.js application
+Project of Node Foundation, https://nodejs.org
+
+The npm Logo
+Copyright (c) Mathias Pettersson and Brian Hammond
+
+"Gubblebum Blocky" typeface
+Copyright (c) Tjarda Koster, https://jelloween.deviantart.com
+Used with permission
 
 
 --------
@@ -251,11 +269,11 @@ details.
 Any data published to The npm Registry (including user account information) may
 be removed or modified at the sole discretion of the npm server administrators.
 
-"npm Logo" created by Mathias Pettersson and Brian Hammond,
-used with permission.
+"npm Logo" contributed by Mathias Pettersson and Brian Hammond,
+use is subject to https://www.npmjs.com/policies/trademark
 
 "Gubblebum Blocky" font
-Copyright (c) by Tjarda Koster, http://jelloween.deviantart.com
+Copyright (c) by Tjarda Koster, https://jelloween.deviantart.com
 included for use in the npm website and documentation,
 used with permission.
 

deps/npm/Makefile

@@ -61,10 +61,10 @@ latest:
 	@echo "Installing latest published npm"
 	@echo "Use 'make install' or 'make link' to install the code"
 	@echo "in this folder that you're looking at right now."
-	node cli.js install -g -f npm
+	node cli.js install -g -f npm ${NPMOPTS}
 
-install: docclean all
-	node cli.js install -g -f
+install: all
+	node cli.js install -g -f ${NPMOPTS}
 
 # backwards compat
 dev: install
@@ -72,7 +72,7 @@ dev: install
 link: uninstall
 	node cli.js link -f
 
-clean: markedclean ronnclean doc-clean uninstall
+clean: markedclean marked-manclean doc-clean uninstall
 	rm -rf npmrc
 	node cli.js cache clean
 
@@ -84,19 +84,19 @@ doc: $(mandocs) $(htmldocs)
 markedclean:
 	rm -rf node_modules/marked node_modules/.bin/marked .building_marked
 
-ronnclean:
-	rm -rf node_modules/ronn node_modules/.bin/ronn .building_ronn
+marked-manclean:
+	rm -rf node_modules/marked-man node_modules/.bin/marked-man .building_marked-man
 
 docclean: doc-clean
 doc-clean:
 	rm -rf \
     .building_marked \
-    .building_ronn \
+    .building_marked-man \
     html/doc \
     html/api \
     man
 
-# use `npm install ronn` for this to work.
+# use `npm install marked-man` for this to work.
 man/man1/npm-README.1: README.md scripts/doc-build.sh package.json
 	@[ -d man/man1 ] || mkdir -p man/man1
 	scripts/doc-build.sh $< $@
@@ -161,10 +161,10 @@ marked: node_modules/.bin/marked
 node_modules/.bin/marked:
 	node cli.js install marked --no-global
 
-ronn: node_modules/.bin/ronn
+marked-man: node_modules/.bin/marked-man
 
-node_modules/.bin/ronn:
-	node cli.js install ronn --no-global
+node_modules/.bin/marked-man:
+	node cli.js install marked-man --no-global
 
 doc: man
 

deps/npm/README.md

@@ -1,4 +1,4 @@
-npm(1) -- node package manager
+npm(1) -- a JavaScript package manager
 ==============================
 [![Build Status](https://img.shields.io/travis/npm/npm/master.svg)](https://travis-ci.org/npm/npm)
 ## SYNOPSIS
@@ -14,17 +14,28 @@ Much more info available via `npm help` once it's installed.
 To install an old **and unsupported** version of npm that works on node 0.3
 and prior, clone the git repo and dig through the old tags and branches.
 
+**npm is configured to use npm, Inc.'s public package registry at
+<https://registry.npmjs.org> by default.**
+
+You can configure npm to use any compatible registry you
+like, and even run your own registry. Check out the [doc on
+registries](https://docs.npmjs.com/misc/registry).
+
+Use of someone else's registry may be governed by terms of use. The
+terms of use for the default public registry are available at
+<https://www.npmjs.com>.
+
 ## Super Easy Install
 
-npm comes with node now.
+npm is bundled with [node](http://nodejs.org/download/).
 
 ### Windows Computers
 
-Get the MSI.  npm is in it.
+[Get the MSI](http://nodejs.org/download/).  npm is in it.
 
 ### Apple Macintosh Computers
 
-Get the pkg.  npm is in it.
+[Get the pkg](http://nodejs.org/download/).  npm is in it.
 
 ### Other Sorts of Unices
 
@@ -36,21 +47,27 @@ paths, etc.) then read on.
 ## Fancy Install (Unix)
 
 There's a pretty robust install script at
-<https://www.npmjs.org/install.sh>.  You can download that and run it.
+<https://www.npmjs.com/install.sh>.  You can download that and run it.
 
 Here's an example using curl:
 
-    curl -L https://npmjs.org/install.sh | sh
+```sh
+curl -L https://www.npmjs.com/install.sh | sh
+```
 
 ### Slightly Fancier
 
 You can set any npm configuration params with that script:
 
-    npm_config_prefix=/some/path sh install.sh
+```sh
+npm_config_prefix=/some/path sh install.sh
+```
 
 Or, you can run it in uber-debuggery mode:
 
-    npm_debug=1 sh install.sh
+```sh
+npm_debug=1 sh install.sh
+```
 
 ### Even Fancier
 
@@ -62,10 +79,15 @@ arbitrary config keys using the `./configure --key=val ...`, and then
 run npm commands by doing `node cli.js <cmd> <args>`.  (This is helpful
 for testing, or running stuff without actually installing npm itself.)
 
-## Fancy Windows Install
+## Windows Install or Upgrade
+
+You can download a zip file from <https://github.com/npm/npm/releases>, and
+unpack it in the `node_modules\npm\` folder inside node's installation folder.
+
+To upgrade to npm 2, follow the Windows upgrade instructions in
+the npm Troubleshooting Guide:
 
-You can download a zip file from <https://npmjs.org/dist/>, and unpack it
-in the same folder where node.exe lives.
+<https://github.com/npm/npm/wiki/Troubleshooting#upgrading-on-windows>
 
 If that's not fancy enough for you, then you can fetch the code with
 git, and mess with it directly.
@@ -74,40 +96,18 @@ git, and mess with it directly.
 
 No.
 
-## Permissions when Using npm to Install Other Stuff
-
-**tl;dr**
-
-* Use `sudo` for greater safety.  Or don't, if you prefer not to.
-* npm will downgrade permissions if it's root before running any build
-  scripts that package authors specified.
-
-### More details...
-
-As of version 0.3, it is recommended to run npm as root.
-This allows npm to change the user identifier to the `nobody` user prior
-to running any package build or test commands.
-
-If you are not the root user, or if you are on a platform that does not
-support uid switching, then npm will not attempt to change the userid.
-
-If you would like to ensure that npm **always** runs scripts as the
-"nobody" user, and have it fail if it cannot downgrade permissions, then
-set the following configuration param:
-
-    npm config set unsafe-perm false
-
-This will prevent running in unsafe mode, even as non-root users.
-
 ## Uninstalling
 
 So sad to see you go.
 
-    sudo npm uninstall npm -g
-
+```sh
+sudo npm uninstall npm -g
+```
 Or, if that fails,
 
-    sudo make uninstall
+```sh
+sudo make uninstall
+```
 
 ## More Severe Uninstalling
 
@@ -121,106 +121,32 @@ remove them.
 To remove cruft left behind by npm 0.x, you can use the included
 `clean-old.sh` script file.  You can run it conveniently like this:
 
-    npm explore npm -g -- sh scripts/clean-old.sh
+```sh
+npm explore npm -g -- sh scripts/clean-old.sh
+```
 
 npm uses two configuration files, one for per-user configs, and another
 for global (every-user) configs.  You can view them by doing:
 
-    npm config get userconfig   # defaults to ~/.npmrc
-    npm config get globalconfig # defaults to /usr/local/etc/npmrc
+```sh
+npm config get userconfig   # defaults to ~/.npmrc
+npm config get globalconfig # defaults to /usr/local/etc/npmrc
+```
 
 Uninstalling npm does not remove configuration files by default.  You
 must remove them yourself manually if you want them gone.  Note that
 this means that future npm installs will not remember the settings that
 you have chosen.
 
-## Using npm Programmatically
-
-If you would like to use npm programmatically, you can do that.
-It's not very well documented, but it *is* rather simple.
-
-Most of the time, unless you actually want to do all the things that
-npm does, you should try using one of npm's dependencies rather than
-using npm itself, if possible.
-
-Eventually, npm will be just a thin cli wrapper around the modules
-that it depends on, but for now, there are some things that you must
-use npm itself to do.
-
-    var npm = require("npm")
-    npm.load(myConfigObject, function (er) {
-      if (er) return handlError(er)
-      npm.commands.install(["some", "args"], function (er, data) {
-        if (er) return commandFailed(er)
-        // command succeeded, and data might have some info
-      })
-      npm.on("log", function (message) { .... })
-    })
-
-The `load` function takes an object hash of the command-line configs.
-The various `npm.commands.<cmd>` functions take an **array** of
-positional argument **strings**.  The last argument to any
-`npm.commands.<cmd>` function is a callback.  Some commands take other
-optional arguments.  Read the source.
-
-You cannot set configs individually for any single npm function at this
-time.  Since `npm` is a singleton, any call to `npm.config.set` will
-change the value for *all* npm commands in that process.
-
-See `./bin/npm-cli.js` for an example of pulling config values off of the
-command line arguments using nopt.  You may also want to check out `npm
-help config` to learn about all the options you can set there.
-
 ## More Docs
 
-Check out the [docs](https://www.npmjs.org/doc/),
-especially the [faq](https://www.npmjs.org/doc/faq.html).
+Check out the [docs](https://docs.npmjs.com/),
+especially the [faq](https://docs.npmjs.com/misc/faq).
 
 You can use the `npm help` command to read any of them.
 
 If you're a developer, and you want to use npm to publish your program,
-you should [read this](https://www.npmjs.org/doc/developers.html)
-
-## Legal Stuff
-
-"npm" and "The npm Registry" are owned by npm, Inc.
-All rights reserved.  See the included LICENSE file for more details.
-
-"Node.js" and "node" are trademarks owned by Joyent, Inc.
-
-Modules published on the npm registry are not officially endorsed by
-npm, Inc. or the Node.js project.
-
-Data published to the npm registry is not part of npm itself, and is
-the sole property of the publisher.  While every effort is made to
-ensure accountability, there is absolutely no guarantee, warrantee, or
-assertion expressed or implied as to the quality, fitness for a
-specific purpose, or lack of malice in any given npm package.
-
-If you have a complaint about a package in the public npm registry,
-and cannot [resolve it with the package
-owner](https://www.npmjs.org/doc/misc/npm-disputes.html), please email
-<support@npmjs.com> and explain the situation.
-
-Any data published to The npm Registry (including user account
-information) may be removed or modified at the sole discretion of the
-npm server administrators.
-
-### In plainer english
-
-npm is the property of npm, Inc.
-
-If you publish something, it's yours, and you are solely accountable
-for it.
-
-If other people publish something, it's theirs.
-
-Users can publish Bad Stuff.  It will be removed promptly if reported.
-But there is no vetting process for published modules, and you use
-them at your own risk.  Please inspect the source.
-
-If you publish Bad Stuff, we may delete it from the registry, or even
-ban your account in extreme cases.  So don't do that.
+you should [read this](https://docs.npmjs.com/misc/developers)
 
 ## BUGS
 
@@ -228,8 +154,6 @@ When you find issues, please report them:
 
 * web:
   <https://github.com/npm/npm/issues>
-* email:
-  <npm-@googlegroups.com>
 
 Be sure to include *all* of the output from the npm command that didn't work
 as expected.  The `npm-debug.log` file is also helpful to provide.

deps/npm/bin/node-gyp-bin/node-gyp

@@ -1,2 +1,6 @@
 #!/usr/bin/env sh
-node "`dirname "$0"`/../../node_modules/node-gyp/bin/node-gyp.js" "$@"
+if [ "x$npm_config_node_gyp" = "x" ]; then
+  node "`dirname "$0"`/../../node_modules/node-gyp/bin/node-gyp.js" "$@"
+else
+  "$npm_config_node_gyp" "$@"
+fi

deps/npm/bin/node-gyp-bin/node-gyp.cmd

@@ -1 +1,5 @@
-node "%~dp0\..\..\node_modules\node-gyp\bin\node-gyp.js" %*
+if not defined npm_config_node_gyp (
+  node "%~dp0\..\..\node_modules\node-gyp\bin\node-gyp.js" %*
+) else (
+  node "%npm_config_node_gyp%" %*
+)

deps/npm/bin/npm

@@ -7,8 +7,28 @@ case `uname` in
     *CYGWIN*) basedir=`cygpath -w "$basedir"`;;
 esac
 
-if [ -x "$basedir/node.exe" ]; then
-  "$basedir/node.exe" "$basedir/node_modules/npm/bin/npm-cli.js" "$@"
-else
-  node "$basedir/node_modules/npm/bin/npm-cli.js" "$@"
+NODE_EXE="$basedir/node.exe"
+if ! [ -x "$NODE_EXE" ]; then
+  NODE_EXE=node
 fi
+
+NPM_CLI_JS="$basedir/node_modules/npm/bin/npm-cli.js"
+
+case `uname` in
+  *MINGW*)
+    NPM_PREFIX=`"$NODE_EXE" "$NPM_CLI_JS" prefix -g`
+    NPM_PREFIX_NPM_CLI_JS="$NPM_PREFIX/node_modules/npm/bin/npm-cli.js"
+    if [ -f "$NPM_PREFIX_NPM_CLI_JS" ]; then
+      NPM_CLI_JS="$NPM_PREFIX_NPM_CLI_JS"
+    fi
+    ;;
+  *CYGWIN*)
+    NPM_PREFIX=`"$NODE_EXE" "$NPM_CLI_JS" prefix -g`
+    NPM_PREFIX_NPM_CLI_JS="$NPM_PREFIX/node_modules/npm/bin/npm-cli.js"
+    if [ -f "$NPM_PREFIX_NPM_CLI_JS" ]; then
+      NPM_CLI_JS="$NPM_PREFIX_NPM_CLI_JS"
+    fi
+    ;;
+esac
+
+"$NODE_EXE" "$NPM_CLI_JS" "$@"

deps/npm/bin/npm-cli.js

@@ -19,10 +19,9 @@ var log = require("npmlog")
 log.pause() // will be unpaused when config is loaded.
 log.info("it worked if it ends with", "ok")
 
-var fs = require("graceful-fs")
-  , path = require("path")
+var path = require("path")
   , npm = require("../lib/npm.js")
-  , npmconf = require("npmconf")
+  , npmconf = require("../lib/config/core.js")
   , errorHandler = require("../lib/utils/error-handler.js")
 
   , configDefs = npmconf.defs
@@ -58,16 +57,6 @@ if (conf.versions) {
 log.info("using", "npm@%s", npm.version)
 log.info("using", "node@%s", process.version)
 
-// make sure that this version of node works with this version of npm.
-var semver = require("semver")
-  , nodeVer = process.version
-  , reqVer = npm.nodeVersionRequired
-if (reqVer && !semver.satisfies(nodeVer, reqVer)) {
-  return errorHandler(new Error(
-    "npm doesn't work with node " + nodeVer
-    + "\nRequired: node@" + reqVer), true)
-}
-
 process.on("uncaughtException", errorHandler)
 
 if (conf.usage && npm.command !== "help") {

deps/npm/bin/npm.cmd

@@ -1,6 +1,19 @@
-:: Created by npm, please don't edit manually.
-@IF EXIST "%~dp0\node.exe" (
-  "%~dp0\node.exe" "%~dp0\.\node_modules\npm\bin\npm-cli.js" %*
-) ELSE (
-  node "%~dp0\.\node_modules\npm\bin\npm-cli.js" %*
-)
+:: Created by npm, please don't edit manually.
+@ECHO OFF
+
+SETLOCAL
+
+SET "NODE_EXE=%~dp0\node.exe"
+IF NOT EXIST "%NODE_EXE%" (
+  SET "NODE_EXE=node"
+)
+
+SET "NPM_CLI_JS=%~dp0\node_modules\npm\bin\npm-cli.js"
+FOR /F "delims=" %%F IN ('CALL "%NODE_EXE%" "%NPM_CLI_JS%" prefix -g') DO (
+  SET "NPM_PREFIX_NPM_CLI_JS=%%F\node_modules\npm\bin\npm-cli.js"
+)
+IF EXIST "%NPM_PREFIX_NPM_CLI_JS%" (
+  SET "NPM_CLI_JS=%NPM_PREFIX_NPM_CLI_JS%"
+)
+
+"%NODE_EXE%" "%NPM_CLI_JS%" %*

deps/npm/doc/api/npm-bin.md

@@ -10,4 +10,4 @@ npm-bin(3) -- Display npm bin folder
 Print the folder where npm will install executables.
 
 This function should not be used programmatically.  Instead, just refer
-to the `npm.bin` member.
+to the `npm.bin` property.

deps/npm/doc/api/npm-help-search.md

@@ -27,4 +27,4 @@ array of results is returned. Each result is an object with these properties:
 * file:
   Name of the file that matched
 
-The silent parameter is not neccessary not used, but it may in the future.
+The silent parameter is not necessary not used, but it may in the future.

deps/npm/doc/api/npm-load.md

@@ -10,9 +10,9 @@ npm-load(3) -- Load config settings
 npm.load() must be called before any other function call.  Both parameters are
 optional, but the second is recommended.
 
-The first parameter is an object hash of command-line config params, and the
-second parameter is a callback that will be called when npm is loaded and
-ready to serve.
+The first parameter is an object containing command-line config params, and the
+second parameter is a callback that will be called when npm is loaded and ready
+to serve.
 
 The first parameter should follow a similar structure as the package.json
 config object.

deps/npm/doc/api/npm-ls.md

@@ -52,5 +52,5 @@ List packages in the global install prefix instead of in the current
 project.
 
 Note, if parseable is set or long isn't set, then duplicates will be trimmed.
-This means that if a submodule a same dependency as a parent module, then the
+This means that if a submodule has the same dependency as a parent module, then the
 dependency will only be output once.

deps/npm/doc/api/npm-ping.md

@@ -0,0 +1,14 @@
+npm-ping(3) -- Ping npm registry
+================================
+
+## SYNOPSIS
+
+    npm.registry.ping(registry, options, function (er, pong))
+
+## DESCRIPTION
+
+Attempts to connect to the given registry, returning a `pong`
+object with various metadata if it succeeds.
+
+This function is primarily useful for debugging connection issues
+to npm registries.

deps/npm/doc/api/npm-restart.md

@@ -1,5 +1,5 @@
-npm-restart(3) -- Start a package
-=================================
+npm-restart(3) -- Restart a package
+===================================
 
 ## SYNOPSIS
 
@@ -7,14 +7,33 @@ npm-restart(3) -- Start a package
 
 ## DESCRIPTION
 
-This runs a package's "restart" script, if one was provided.
-Otherwise it runs package's "stop" script, if one was provided, and then
-the "start" script.
+This restarts a package (or multiple packages).
+
+This runs a package's "stop", "restart", and "start" scripts, and associated
+pre- and post- scripts, in the order given below:
+
+1. prerestart
+2. prestop
+3. stop
+4. poststop
+5. restart
+6. prestart
+7. start
+8. poststart
+9. postrestart
 
 If no version is specified, then it restarts the "active" version.
 
-npm can run tests on multiple packages. Just specify multiple packages
-in the `packages` parameter.
+npm can restart multiple packages. Just specify multiple packages in
+the `packages` parameter.
+
+## NOTE
+
+Note that the "restart" script is run **in addition to** the "stop"
+and "start" scripts, not instead of them.
+
+This is the behavior as of `npm` major version 2.  A change in this
+behavior will be accompanied by an increase in major version number
 
 ## SEE ALSO
 

deps/npm/doc/api/npm-start.md

@@ -9,5 +9,5 @@ npm-start(3) -- Start a package
 
 This runs a package's "start" script, if one was provided.
 
-npm can run tests on multiple packages. Just specify multiple packages
-in the `packages` parameter.
+npm can start multiple packages. Just specify multiple packages in the
+`packages` parameter.

deps/npm/doc/api/npm-submodule.md

@@ -1,28 +0,0 @@
-npm-submodule(3) -- Add a package as a git submodule
-====================================================
-
-## SYNOPSIS
-
-    npm.commands.submodule(packages, callback)
-
-## DESCRIPTION
-
-For each package specified, npm will check if it has a git repository url
-in its package.json description then add it as a git submodule at
-`node_modules/<pkg name>`.
-
-This is a convenience only.  From then on, it's up to you to manage
-updates by using the appropriate git commands.  npm will stubbornly
-refuse to update, modify, or remove anything with a `.git` subfolder
-in it.
-
-This command also does not install missing dependencies, if the package
-does not include them in its git repository.  If `npm ls` reports that
-things are missing, you can either install, link, or submodule them yourself,
-or you can do `npm explore <pkgname> -- npm install` to install the
-dependencies into the submodule folder.
-
-## SEE ALSO
-
-* npm help json
-* git help submodule

deps/npm/doc/api/npm-tag.md

@@ -18,6 +18,6 @@ is the package name and version is the version number (much like installing a
 specific version).
 
 The second element is the name of the tag to tag this version with. If this
-parameter is missing or falsey (empty), the default froom the config will be
+parameter is missing or falsey (empty), the default from the config will be
 used. For more information about how to set this config, check
 `man 3 npm-config` for programmatic usage or `man npm-config` for cli usage.

deps/npm/doc/api/npm-update.md

@@ -2,10 +2,17 @@ npm-update(3) -- Update a package
 =================================
 
 ## SYNOPSIS
+
     npm.commands.update(packages, callback)
 
 # DESCRIPTION
 
-Updates a package, upgrading it to the latest version. It also installs any missing packages.
+Updates a package, upgrading it to the latest version. It also installs any
+missing packages.
+
+The `packages` argument is an array of packages to update. The `callback`
+parameter will be called when done or when an error occurs.
+
+## SEE ALSO
 
-The 'packages' argument is an array of packages to update. The 'callback' parameter will be called when done or when an error occurs.
+* npm-update(1)

deps/npm/doc/api/npm-view.md

@@ -65,7 +65,7 @@ If a version range is provided, then data will be printed for every
 matching version of the package.  This will show which version of jsdom
 was required by each matching version of yui3:
 
-    npm.commands.view(["yui3@'>0.5.4'", "dependencies.jsdom"], callback)
+    npm.commands.view(["yui3@>0.5.4", "dependencies.jsdom"], callback)
 
 ## OUTPUT
 

deps/npm/doc/api/npm.md

@@ -1,5 +1,5 @@
-npm(3) -- node package manager
-==============================
+npm(3) -- javascript package manager
+====================================
 
 ## SYNOPSIS
 
@@ -25,13 +25,12 @@ This is the API documentation for npm.
 To find documentation of the command line
 client, see `npm(1)`.
 
-Prior to using npm's commands, `npm.load()` must be called.
-If you provide `configObject` as an object hash of top-level
-configs, they override the values stored in the various config
-locations. In the npm command line client, this set of configs
-is parsed from the command line options. Additional configuration
-params are loaded from two configuration files. See `npm-config(1)`,
-`npm-config(7)`, and `npmrc(5)` for more information.
+Prior to using npm's commands, `npm.load()` must be called.  If you provide
+`configObject` as an object map of top-level configs, they override the values
+stored in the various config locations. In the npm command line client, this
+set of configs is parsed from the command line options. Additional
+configuration params are loaded from two configuration files. See
+`npm-config(1)`, `npm-config(7)`, and `npmrc(5)` for more information.
 
 After that, each of the functions are accessible in the
 commands object: `npm.commands.<cmd>`.  See `npm-index(7)` for a list of
@@ -88,9 +87,9 @@ command.
 
 ## MAGIC
 
-For each of the methods in the `npm.commands` hash, a method is added to
-the npm object, which takes a set of positional string arguments rather
-than an array and a callback.
+For each of the methods in the `npm.commands` object, a method is added to the
+npm object, which takes a set of positional string arguments rather than an
+array and a callback.
 
 If the last argument is a callback, then it will use the supplied
 callback.  However, if no callback is provided, then it will print out

deps/npm/doc/cli/npm-access.md

@@ -0,0 +1,74 @@
+npm-access(1) -- Set access level on published packages
+=======================================================
+
+## SYNOPSIS
+
+    npm access public [<package>]
+    npm access restricted [<package>]
+
+    npm access grant <read-only|read-write> <scope:team> [<package>]
+    npm access revoke <scope:team> [<package>]
+
+    npm access ls-packages [<user>|<scope>|<scope:team>]
+    npm access ls-collaborators [<package> [<user>]]
+    npm access edit [<package>]
+
+## DESCRIPTION
+
+Used to set access controls on private packages.
+
+For all of the subcommands, `npm access` will perform actions on the packages
+in the current working directory if no package name is passed to the
+subcommand.
+
+* public / restricted:
+  Set a package to be either publicly accessible or restricted.
+
+* grant / revoke:
+  Add or remove the ability of users and teams to have read-only or read-write
+  access to a package.
+
+* ls-packages:
+
+  Show all of the packages a user or a team is able to access, along with the
+  access level, except for read-only public packages (it won't print the whole
+  registry listing)
+
+* ls-collaborators:
+  Show all of the access privileges for a package. Will only show permissions
+  for packages to which you have at least read access. If `<user>` is passed in,
+  the list is filtered only to teams _that_ user happens to belong to.
+
+* edit:
+  Set the access privileges for a package at once using `$EDITOR`.
+
+## DETAILS
+
+`npm access` always operates directly on the current registry, configurable
+from the command line using `--registry=<registry url>`.
+
+Unscoped packages are *always public*.
+
+Scoped packages *default to restricted*, but you can either publish them as
+public using `npm publish --access=public`, or set their access as public using
+`npm access public` after the initial publish.
+
+You must have privileges to set the access of a package:
+
+* You are an owner of an unscoped or scoped package.
+* You are a member of the team that owns a scope.
+* You have been given read-write privileges for a package, either as a member
+  of a team or directly as an owner.
+
+If your account is not paid, then attempts to publish scoped packages will fail
+with an HTTP 402 status code (logically enough), unless you use
+`--access=public`.
+
+Management of teams and team memberships is done with the `npm team` command.
+
+## SEE ALSO
+
+* npm-team(1)
+* npm-publish(1)
+* npm-config(7)
+* npm-registry(7)

deps/npm/doc/cli/npm-adduser.md

@@ -3,30 +3,67 @@ npm-adduser(1) -- Add a registry user account
 
 ## SYNOPSIS
 
-    npm adduser
+    npm adduser [--registry=url] [--scope=@orgname] [--always-auth]
+
+    aliases: login, add-user
 
 ## DESCRIPTION
 
-Create or verify a user named `<username>` in the npm registry, and
-save the credentials to the `.npmrc` file.
+Create or verify a user named `<username>` in the specified registry, and
+save the credentials to the `.npmrc` file. If no registry is specified,
+the default registry will be used (see `npm-config(7)`).
 
 The username, password, and email are read in from prompts.
 
-You may use this command to change your email address, but not username
-or password.
+To reset your password, go to <https://www.npmjs.com/forgot>
 
-To reset your password, go to <https://npmjs.org/forgot>
+To change your email address, go to <https://www.npmjs.com/email-edit>
 
 You may use this command multiple times with the same user account to
-authorize on a new machine.
+authorize on a new machine.  When authenticating on a new machine,
+the username, password and email address must all match with
+your existing record.
+
+`npm login` is an alias to `adduser` and behaves exactly the same way.
 
 ## CONFIGURATION
 
 ### registry
 
-Default: http://registry.npmjs.org/
+Default: https://registry.npmjs.org/
+
+The base URL of the npm package registry. If `scope` is also specified,
+this registry will only be used for packages with that scope. See `npm-scope(7)`.
+
+### scope
+
+Default: none
+
+If specified, the user and login credentials given will be associated
+with the specified scope. See `npm-scope(7)`. You can use both at the same time,
+e.g.
+
+    npm adduser --registry=http://myregistry.example.com --scope=@myco
+
+This will set a registry for the given scope and login or create a user for
+that registry at the same time.
+
+### always-auth
+
+Default: false
+
+If specified, save configuration indicating that all requests to the given
+registry should include authorization information. Useful for private
+registries. Can be used with `--registry` and / or `--scope`, e.g.
+
+    npm adduser --registry=http://private-registry.example.com --always-auth
 
-The base URL of the npm package registry.
+This will ensure that all requests to that registry (including for tarballs)
+include an authorization header. This setting may be necessary for use with
+private registries where metadata and package tarballs are stored on hosts with
+different hostnames. See `always-auth` in `npm-config(7)` for more details on
+always-auth. Registry-specific configuration of `always-auth` takes precedence
+over any global configuration.
 
 ## SEE ALSO
 

deps/npm/doc/cli/npm-bugs.md

@@ -6,6 +6,8 @@ npm-bugs(1) -- Bugs for a package in a web browser maybe
     npm bugs <pkgname>
     npm bugs (with no args in a package dir)
 
+    aliases: issues
+
 ## DESCRIPTION
 
 This command tries to guess at the likely location of a package's

deps/npm/doc/cli/npm-build.md

@@ -12,7 +12,10 @@ npm-build(1) -- Build a package
 
 This is the plumbing command called by `npm link` and `npm install`.
 
-It should generally not be called directly.
+It should generally be called during installation, but if you need to run it
+directly, run:
+
+    npm run-script build
 
 ## SEE ALSO
 

deps/npm/doc/cli/npm-config.md

@@ -12,6 +12,8 @@ npm-config(1) -- Manage the npm configuration files
     npm get <key>
     npm set <key> <value> [--global]
 
+    aliases: c
+
 ## DESCRIPTION
 
 npm gets its config settings from the command line, environment

deps/npm/doc/cli/npm-dedupe.md

@@ -6,6 +6,8 @@ npm-dedupe(1) -- Reduce duplication
     npm dedupe [package names...]
     npm ddp [package names...]
 
+    aliases: find-dupes, ddp
+
 ## DESCRIPTION
 
 Searches the local package tree and attempts to simplify the overall

deps/npm/doc/cli/npm-dist-tag.md

@@ -0,0 +1,87 @@
+npm-dist-tag(1) -- Modify package distribution tags
+===================================================
+
+## SYNOPSIS
+
+    npm dist-tag add <pkg>@<version> [<tag>]
+    npm dist-tag rm <pkg> <tag>
+    npm dist-tag ls [<pkg>]
+
+    aliases: dist-tags
+
+## DESCRIPTION
+
+Add, remove, and enumerate distribution tags on a package:
+
+* add:
+  Tags the specified version of the package with the specified tag, or the
+  `--tag` config if not specified.
+
+* rm:
+  Clear a tag that is no longer in use from the package.
+
+* ls:
+  Show all of the dist-tags for a package, defaulting to the package in
+  the current prefix.
+
+A tag can be used when installing packages as a reference to a version instead
+of using a specific version number:
+
+    npm install <name>@<tag>
+
+When installing dependencies, a preferred tagged version may be specified:
+
+    npm install --tag <tag>
+
+This also applies to `npm dedupe`.
+
+Publishing a package sets the `latest` tag to the published version unless the
+`--tag` option is used. For example, `npm publish --tag=beta`.
+
+By default, `npm install <pkg>` (without any `@<version>` or `@<tag>`
+specifier) installs the `latest` tag.
+
+## PURPOSE
+
+Tags can be used to provide an alias instead of version numbers.
+
+For example, a project might choose to have multiple streams of development
+and use a different tag for each stream,
+e.g., `stable`, `beta`, `dev`, `canary`.
+
+By default, the `latest` tag is used by npm to identify the current version of
+a package, and `npm install <pkg>` (without any `@<version>` or `@<tag>`
+specifier) installs the `latest` tag. Typically, projects only use the `latest`
+tag for stable release versions, and use other tags for unstable versions such
+as prereleases.
+
+The `next` tag is used by some projects to identify the upcoming version.
+
+By default, other than `latest`, no tag has any special significance to npm
+itself.
+
+## CAVEATS
+
+This command used to be known as `npm tag`, which only created new tags, and so
+had a different syntax.
+
+Tags must share a namespace with version numbers, because they are specified in
+the same slot: `npm install <pkg>@<version>` vs `npm install <pkg>@<tag>`.
+
+Tags that can be interpreted as valid semver ranges will be rejected. For
+example, `v1.4` cannot be used as a tag, because it is interpreted by semver as
+`>=1.4.0 <1.5.0`.  See <https://github.com/npm/npm/issues/6082>.
+
+The simplest way to avoid semver problems with tags is to use tags that do not
+begin with a number or the letter `v`.
+
+## SEE ALSO
+
+* npm-tag(1)
+* npm-publish(1)
+* npm-install(1)
+* npm-dedupe(1)
+* npm-registry(7)
+* npm-config(1)
+* npm-config(7)
+* npmrc(5)

deps/npm/doc/cli/npm-explore.md

@@ -32,7 +32,6 @@ The shell to run for the `npm explore` command.
 
 ## SEE ALSO
 
-* npm-submodule(1)
 * npm-folders(5)
 * npm-edit(1)
 * npm-rebuild(1)

deps/npm/doc/cli/npm-help-search.md

@@ -21,7 +21,7 @@ command directly.
 ### long
 
 * Type: Boolean
-* Default false
+* Default: false
 
 If true, the "long" flag will cause help-search to output context around
 where the terms were found in the documentation.

deps/npm/doc/cli/npm-init.md

@@ -3,7 +3,7 @@ npm-init(1) -- Interactively create a package.json file
 
 ## SYNOPSIS
 
-    npm init
+    npm init [-f|--force|-y|--yes]
 
 ## DESCRIPTION
 
@@ -18,8 +18,21 @@ the options in there.
 It is strictly additive, so it does not delete options from your package.json
 without a really good reason to do so.
 
+If you invoke it with `-f`, `--force`, `-y`, or `--yes`, it will use only
+defaults and not prompt you for any options.
+
+## CONFIGURATION
+
+### scope
+
+* Default: none
+* Type: String
+
+The scope under which the new module should be created.
+
 ## SEE ALSO
 
 * <https://github.com/isaacs/init-package-json>
 * package.json(5)
 * npm-version(1)
+* npm-scope(7)

deps/npm/doc/cli/npm-install.md

@@ -7,10 +7,10 @@ npm-install(1) -- Install a package
     npm install <tarball file>
     npm install <tarball url>
     npm install <folder>
-    npm install <name> [--save|--save-dev|--save-optional] [--save-exact]
-    npm install <name>@<tag>
-    npm install <name>@<version>
-    npm install <name>@<version range>
+    npm install [@<scope>/]<name> [--save|--save-dev|--save-optional] [--save-exact] [--save-bundle]
+    npm install [@<scope>/]<name>@<tag>
+    npm install [@<scope>/]<name>@<version>
+    npm install [@<scope>/]<name>@<version range>
     npm i (with any of the previous argument usage)
 
 ## DESCRIPTION
@@ -21,11 +21,11 @@ by that. See npm-shrinkwrap(1).
 
 A `package` is:
 
-* a) a folder containing a program described by a package.json file
+* a) a folder containing a program described by a `package.json(5)` file
 * b) a gzipped tarball containing (a)
 * c) a url that resolves to (b)
 * d) a `<name>@<version>` that is published on the registry (see `npm-registry(7)`) with (c)
-* e) a `<name>@<tag>` that points to (d)
+* e) a `<name>@<tag>` (see `npm-dist-tag(1)`) that points to (d)
 * f) a `<name>` that has a "latest" tag satisfying (e)
 * g) a `<git remote url>` that resolves to (b)
 
@@ -43,9 +43,12 @@ after packing it up into a tarball (b).
     it installs the current package context (ie, the current working
     directory) as a global package.
 
-    By default, `npm install` will install all modules listed as
-    dependencies. With the `--production` flag,
-    npm will not install modules listed in `devDependencies`.
+    By default, `npm install` will install all modules listed as dependencies
+    in `package.json(5)`.
+
+    With the `--production` flag (or when the `NODE_ENV` environment variable
+    is set to `production`), npm will not install modules listed in
+    `devDependencies`.
 
 * `npm install <folder>`:
 
@@ -70,10 +73,10 @@ after packing it up into a tarball (b).
 
           npm install https://github.com/indexzero/forever/tarball/v0.5.6
 
-* `npm install <name> [--save|--save-dev|--save-optional]`:
+* `npm install [@<scope>/]<name> [--save|--save-dev|--save-optional]`:
 
     Do a `<name>@<tag>` install, where `<tag>` is the "tag" config. (See
-    `npm-config(7)`.)
+    `npm-config(7)`. The config's default value is `latest`.)
 
     In most cases, this will install the latest version
     of the module published on npm.
@@ -92,25 +95,34 @@ after packing it up into a tarball (b).
     * `--save-optional`: Package will appear in your `optionalDependencies`.
 
     When using any of the above options to save dependencies to your
-    package.json, there is an additional, optional flag:
+    package.json, there are two additional, optional flags:
 
     * `--save-exact`: Saved dependencies will be configured with an
       exact version rather than using npm's default semver range
       operator.
 
+    * `-B, --save-bundle`: Saved dependencies will also be added to your `bundleDependencies` list.
+
+    Note: if you do not include the @-symbol on your scope name, npm will
+    interpret this as a GitHub repository instead, see below. Scopes names
+    must also be followed by a slash.
+
     Examples:
 
           npm install sax --save
+          npm install githubname/reponame
+          npm install @myorg/privatepackage
           npm install node-tap --save-dev
           npm install dtrace-provider --save-optional
           npm install readable-stream --save --save-exact
+          npm install ansi-regex --save --save-bundle
 
 
     **Note**: If there is a file or folder named `<name>` in the current
     working directory, then it will try to install that, and only try to
     fetch the package by name if it is not valid.
 
-* `npm install <name>@<tag>`:
+* `npm install [@<scope>/]<name>@<tag>`:
 
     Install the version of the package that is referenced by the specified tag.
     If the tag does not exist in the registry data for that package, then this
@@ -119,17 +131,19 @@ after packing it up into a tarball (b).
     Example:
 
           npm install sax@latest
+          npm install @myorg/mypackage@latest
 
-* `npm install <name>@<version>`:
+* `npm install [@<scope>/]<name>@<version>`:
 
-    Install the specified version of the package.  This will fail if the version
-    has not been published to the registry.
+    Install the specified version of the package.  This will fail if the
+    version has not been published to the registry.
 
     Example:
 
           npm install sax@0.1.1
+          npm install @myorg/privatepackage@1.5.0
 
-* `npm install <name>@<version range>`:
+* `npm install [@<scope>/]<name>@<version range>`:
 
     Install a version of the package matching the specified version range.  This
     will follow the same rules for resolving dependencies described in `package.json(5)`.
@@ -140,23 +154,84 @@ after packing it up into a tarball (b).
     Example:
 
           npm install sax@">=0.1.0 <0.2.0"
+          npm install @myorg/privatepackage@">=0.1.0 <0.2.0"
 
 * `npm install <git remote url>`:
 
     Install a package by cloning a git remote url.  The format of the git
     url is:
 
-          <protocol>://[<user>@]<hostname><separator><path>[#<commit-ish>]
+          <protocol>://[<user>[:<password>]@]<hostname>[:<port>][:/]<path>[#<commit-ish>]
 
     `<protocol>` is one of `git`, `git+ssh`, `git+http`, or
     `git+https`.  If no `<commit-ish>` is specified, then `master` is
     used.
 
+    The following git environment variables are recognized by npm and will be added
+    to the environment when running git:
+
+    * `GIT_ASKPASS`
+    * `GIT_PROXY_COMMAND`
+    * `GIT_SSH`
+    * `GIT_SSH_COMMAND`
+    * `GIT_SSL_CAINFO`
+    * `GIT_SSL_NO_VERIFY`
+
+    See the git man page for details.
+
     Examples:
 
-          git+ssh://git@github.com:npm/npm.git#v1.0.27
-          git+https://isaacs@github.com/npm/npm.git
-          git://github.com/npm/npm.git#v1.0.27
+          npm install git+ssh://git@github.com:npm/npm.git#v1.0.27
+          npm install git+https://isaacs@github.com/npm/npm.git
+          npm install git://github.com/npm/npm.git#v1.0.27
+          GIT_SSH_COMMAND='ssh -i ~/.ssh/custom_ident' npm install git+ssh://git@github.com:npm/npm.git
+
+* `npm install <githubname>/<githubrepo>[#<commit-ish>]`:
+* `npm install github:<githubname>/<githubrepo>[#<commit-ish>]`:
+
+    Install the package at `https://github.com/githubname/githubrepo` by
+    attempting to clone it using `git`.
+
+    If you don't specify a *commit-ish* then `master` will be used.
+
+    Examples:
+
+          npm install mygithubuser/myproject
+          npm install github:mygithubuser/myproject
+
+* `npm install gist:[<githubname>/]<gistID>[#<commit-ish>]`:
+
+    Install the package at `https://gist.github.com/gistID` by attempting to
+    clone it using `git`. The GitHub username associated with the gist is
+    optional and will not be saved in `package.json` if `--save` is used.
+
+    If you don't specify a *commit-ish* then `master` will be used.
+
+    Example:
+
+          npm install gist:101a11beef
+
+* `npm install bitbucket:<bitbucketname>/<bitbucketrepo>[#<commit-ish>]`:
+
+    Install the package at `https://bitbucket.org/bitbucketname/bitbucketrepo`
+    by attempting to clone it using `git`.
+
+    If you don't specify a *commit-ish* then `master` will be used.
+
+    Example:
+
+          npm install bitbucket:mybitbucketuser/myproject
+
+* `npm install gitlab:<gitlabname>/<gitlabrepo>[#<commit-ish>]`:
+
+    Install the package at `https://gitlab.com/gitlabname/gitlabrepo`
+    by attempting to clone it using `git`.
+
+    If you don't specify a *commit-ish* then `master` will be used.
+
+    Example:
+
+          npm install gitlab:mygitlabuser/myproject
 
 You may combine multiple arguments, and even multiple types of arguments.
 For example:
@@ -255,5 +330,6 @@ affects a real use-case, it will be investigated.
 * npmrc(5)
 * npm-registry(7)
 * npm-tag(1)
-* npm-rm(1)
+* npm-uninstall(1)
 * npm-shrinkwrap(1)
+* package.json(5)

deps/npm/doc/cli/npm-link.md

@@ -4,28 +4,32 @@ npm-link(1) -- Symlink a package folder
 ## SYNOPSIS
 
     npm link (in package folder)
-    npm link <pkgname>
+    npm link [@<scope>/]<pkgname>
     npm ln (with any of the previous argument usage)
 
 ## DESCRIPTION
 
 Package linking is a two-step process.
 
-First, `npm link` in a package folder will create a globally-installed
-symbolic link from `prefix/package-name` to the current folder.
+First, `npm link` in a package folder will create a symlink in the global folder
+`{prefix}/lib/node_modules/<package>` that links to the package where the `npm
+link` command was executed. (see `npm-config(7)` for the value of `prefix`).
 
 Next, in some other location, `npm link package-name` will create a
-symlink from the local `node_modules` folder to the global symlink.
+symbolic link from globally-installed `package-name` to `node_modules/`
+of the current folder.
 
 Note that `package-name` is taken from `package.json`,
 not from directory name.
 
+The package name can be optionally prefixed with a scope. See `npm-scope(7)`.
+The scope must be preceded by an @-symbol and followed by a slash.
+
 When creating tarballs for `npm publish`, the linked packages are
 "snapshotted" to their current state by resolving the symbolic links.
 
-This is
-handy for installing your own stuff, so that you can work on it and test it
-iteratively without having to continually rebuild.
+This is handy for installing your own stuff, so that you can work on it and
+test it iteratively without having to continually rebuild.
 
 For example:
 
@@ -35,7 +39,8 @@ For example:
     npm link redis              # link-install the package
 
 Now, any changes to ~/projects/node-redis will be reflected in
-~/projects/node-bloggy/node_modules/redis/
+~/projects/node-bloggy/node_modules/node-redis/. Note that the link should
+be to the package name, not the directory name for that package.
 
 You may also shortcut the two steps in one.  For example, to do the
 above use-case in a shorter way:
@@ -46,11 +51,16 @@ above use-case in a shorter way:
 The second line is the equivalent of doing:
 
     (cd ../node-redis; npm link)
-    npm link redis
+    npm link node-redis
 
 That is, it first creates a global link, and then links the global
 installation target into your project's `node_modules` folder.
 
+If your linked package is scoped (see `npm-scope(7)`) your link command must
+include that scope, e.g.
+
+    npm link @myorg/privatepackage
+
 ## SEE ALSO
 
 * npm-developers(7)

deps/npm/doc/cli/npm-logout.md

@@ -0,0 +1,45 @@
+npm-logout(1) -- Log out of the registry
+========================================
+
+## SYNOPSIS
+
+    npm logout [--registry=url] [--scope=@orgname]
+
+## DESCRIPTION
+
+When logged into a registry that supports token-based authentication, tell the
+server to end this token's session. This will invalidate the token everywhere
+you're using it, not just for the current environment.
+
+When logged into a legacy registry that uses username and password authentication, this will
+clear the credentials in your user configuration. In this case, it will _only_ affect
+the current environment.
+
+If `--scope` is provided, this will find the credentials for the registry
+connected to that scope, if set.
+
+## CONFIGURATION
+
+### registry
+
+Default: https://registry.npmjs.org/
+
+The base URL of the npm package registry. If `scope` is also specified,
+it takes precedence.
+
+### scope
+
+Default: none
+
+If specified, you will be logged out of the specified scope. See `npm-scope(7)`.
+
+    npm logout --scope=@myco
+
+## SEE ALSO
+
+* npm-adduser(1)
+* npm-registry(7)
+* npm-config(1)
+* npm-config(7)
+* npmrc(5)
+* npm-whoami(1)

deps/npm/doc/cli/npm-ls.md

@@ -3,10 +3,10 @@ npm-ls(1) -- List installed packages
 
 ## SYNOPSIS
 
-    npm list [<pkg> ...]
-    npm ls [<pkg> ...]
-    npm la [<pkg> ...]
-    npm ll [<pkg> ...]
+    npm list [[@<scope>/]<pkg> ...]
+    npm ls [[@<scope>/]<pkg> ...]
+    npm la [[@<scope>/]<pkg> ...]
+    npm ll [[@<scope>/]<pkg> ...]
 
 ## DESCRIPTION
 
@@ -67,6 +67,20 @@ project.
 
 Max display depth of the dependency tree.
 
+### prod / production
+
+* Type: Boolean
+* Default: false
+
+Display only the dependency tree for packages in `dependencies`.
+
+### dev
+
+* Type: Boolean
+* Default: false
+
+Display only the dependency tree for packages in `devDependencies`.
+
 ## SEE ALSO
 
 * npm-config(1)

deps/npm/doc/cli/npm-outdated.md

@@ -10,9 +10,61 @@ npm-outdated(1) -- Check for outdated packages
 This command will check the registry to see if any (or, specific) installed
 packages are currently outdated.
 
-The resulting field 'wanted' shows the latest version according to the
-version specified in the package.json, the field 'latest' the very latest
-version of the package.
+In the output:
+
+* `wanted` is the maximum version of the package that satisfies the semver
+  range specified in `package.json`. If there's no available semver range (i.e.
+  you're running `npm outdated --global`, or the package isn't included in
+  `package.json`), then `wanted` shows the currently-installed version.
+* `latest` is the version of the package tagged as latest in the registry.
+  Running `npm publish` with no special configuration will publish the package
+  with a dist-tag of `latest`. This may or may not be the maximum version of
+  the package, or the most-recently published version of the package, depending
+  on how the package's developer manages the latest dist-tag(1).
+* `location` is where in the dependency tree the package is located. Note that
+  `npm outdated` defaults to a depth of 0, so unless you override that, you'll
+  always be seeing only top-level dependencies that are outdated.
+* `package type` (when using `--long` / `-l`) tells you whether this package is
+  a `dependency` or a `devDependency`. Packages not included in `package.json`
+  are always marked `dependencies`.
+
+### An example
+
+```
+$ npm outdated
+Package      Current   Wanted   Latest  Location
+glob          5.0.15   5.0.15    6.0.1  test-outdated-output
+nothingness    0.0.3      git      git  test-outdated-output
+npm            3.5.1    3.5.2    3.5.1  test-outdated-output
+local-dev      0.0.3   linked   linked  test-outdated-output
+once           1.3.2    1.3.3    1.3.3  test-outdated-output
+```
+
+With these `dependencies`:
+```json
+{
+  "glob": "^5.0.15",
+  "nothingness": "github:othiym23/nothingness#master",
+  "npm": "^3.5.1",
+  "once": "^1.3.1"
+}
+```
+
+A few things to note:
+
+* `glob` requires `^5`, which prevents npm from installing `glob@6`, which is
+  outside the semver range.
+* Git dependencies will always be reinstalled, because of how they're specified.
+  The installed committish might satisfy the dependency specifier (if it's
+  something immutable, like a commit SHA), or it might not, so `npm outdated` and
+  `npm update` have to fetch Git repos to check. This is why currently doing a
+  reinstall of a Git dependency always forces a new clone and install.
+* `npm@3.5.2` is marked as "wanted", but "latest" is `npm@3.5.1` because npm
+  uses dist-tags to manage its `latest` and `next` release channels. `npm update`
+  will install the _newest_ version, but `npm install npm` (with no semver range)
+  will install whatever's tagged as `latest`.
+* `once` is just plain out of date. Reinstalling `node_modules` from scratch or
+  running `npm update` will bring it up to spec.
 
 ## CONFIGURATION
 
@@ -47,6 +99,7 @@ project.
 
 ### depth
 
+* Default: 0
 * Type: Int
 
 Max depth for checking dependency tree.
@@ -54,5 +107,6 @@ Max depth for checking dependency tree.
 ## SEE ALSO
 
 * npm-update(1)
+* npm-dist-tag(1)
 * npm-registry(7)
 * npm-folders(5)

deps/npm/doc/cli/npm-owner.md

@@ -7,6 +7,8 @@ npm-owner(1) -- Manage package owners
     npm owner add <user> <package name>
     npm owner rm <user> <package name>
 
+    aliases: author
+
 ## DESCRIPTION
 
 Manage ownership of published packages.

deps/npm/doc/cli/npm-ping.md

@@ -0,0 +1,16 @@
+npm-ping(1) -- Ping npm registry
+================================
+
+## SYNOPSIS
+
+    npm ping [--registry <registry>]
+
+## DESCRIPTION
+
+Ping the configured or given npm registry and verify authentication.
+
+## SEE ALSO
+
+* npm-config(1)
+* npm-config(7)
+* npmrc(5)

deps/npm/doc/cli/npm-prefix.md

@@ -3,11 +3,15 @@ npm-prefix(1) -- Display prefix
 
 ## SYNOPSIS
 
-    npm prefix
+    npm prefix [-g]
 
 ## DESCRIPTION
 
-Print the prefix to standard out.
+Print the local prefix to standard out. This is the closest parent directory
+to contain a package.json file unless `-g` is also specified.
+
+If `-g` is specified, this will be the value of the global prefix. See
+`npm-config(7)` for more detail.
 
 ## SEE ALSO
 

deps/npm/doc/cli/npm-prune.md

@@ -15,11 +15,13 @@ removed.
 Extraneous packages are packages that are not listed on the parent
 package's dependencies list.
 
-If the `--production` flag is specified, this command will remove the
-packages specified in your `devDependencies`.
+If the `--production` flag is specified or the `NODE_ENV` environment
+variable is set to `production`, this command will remove the packages
+specified in your `devDependencies`. Setting `--production=false` will
+negate `NODE_ENV` being set to `production`.
 
 ## SEE ALSO
 
-* npm-rm(1)
+* npm-uninstall(1)
 * npm-folders(5)
 * npm-ls(1)

deps/npm/doc/cli/npm-publish.md

@@ -4,12 +4,20 @@ npm-publish(1) -- Publish a package
 
 ## SYNOPSIS
 
-    npm publish <tarball> [--tag <tag>]
-    npm publish <folder> [--tag <tag>]
+    npm publish <tarball> [--tag <tag>] [--access <public|restricted>]
+    npm publish <folder> [--tag <tag>] [--access <public|restricted>]
 
 ## DESCRIPTION
 
-Publishes a package to the registry so that it can be installed by name.
+Publishes a package to the registry so that it can be installed by name. All
+files in the package directory are included if no local `.gitignore` or
+`.npmignore` file is present. See `npm-developers(7)` for full details on
+what's included in the published package, as well as details on how the package
+is built.
+
+By default npm will publish to the public registry. This can be overridden by
+specifying a different default registry or using a `npm-scope(7)` in the name
+(see `package.json(5)`).
 
 * `<folder>`:
   A folder containing a package.json file
@@ -21,10 +29,17 @@ Publishes a package to the registry so that it can be installed by name.
 * `[--tag <tag>]`
   Registers the published package with the given tag, such that `npm install
   <name>@<tag>` will install this version.  By default, `npm publish` updates
-  and `npm install` installs the `latest` tag.
+  and `npm install` installs the `latest` tag. See `npm-dist-tag(1)` for
+  details about tags.
+
+* `[--access <public|restricted>]`
+  Tells the registry whether this package should be published as public or
+  restricted. Only applies to scoped packages, which default to `restricted`.
+  If you don't have a paid account, you must publish with `--access public`
+  to publish scoped packages.
 
 Fails if the package name and version combination already exists in
-the registry.
+the specified registry.
 
 Once a package is published with a given name and version, that
 specific name and version combination can never be used again, even if
@@ -33,6 +48,7 @@ it is removed with npm-unpublish(1).
 ## SEE ALSO
 
 * npm-registry(7)
+* npm-scope(7)
 * npm-adduser(1)
 * npm-owner(1)
 * npm-deprecate(1)

deps/npm/doc/cli/npm-restart.md

@@ -1,17 +1,34 @@
-npm-restart(1) -- Start a package
-=================================
+npm-restart(1) -- Restart a package
+===================================
 
 ## SYNOPSIS
 
-    npm restart <name>
+    npm restart [-- <args>]
 
 ## DESCRIPTION
 
-This runs a package's "restart" script, if one was provided.
-Otherwise it runs package's "stop" script, if one was provided, and then
-the "start" script.
+This restarts a package.
 
-If no version is specified, then it restarts the "active" version.
+This runs a package's "stop", "restart", and "start" scripts, and associated
+pre- and post- scripts, in the order given below:
+
+1. prerestart
+2. prestop
+3. stop
+4. poststop
+5. restart
+6. prestart
+7. start
+8. poststart
+9. postrestart
+
+## NOTE
+
+Note that the "restart" script is run **in addition to** the "stop"
+and "start" scripts, not instead of them.
+
+This is the behavior as of `npm` major version 2.  A change in this
+behavior will be accompanied by an increase in major version number
 
 ## SEE ALSO
 
@@ -20,3 +37,4 @@ If no version is specified, then it restarts the "active" version.
 * npm-test(1)
 * npm-start(1)
 * npm-stop(1)
+* npm-restart(3)

deps/npm/doc/cli/npm-run-script.md

@@ -3,18 +3,41 @@ npm-run-script(1) -- Run arbitrary package scripts
 
 ## SYNOPSIS
 
-    npm run-script [<pkg>] [command]
-    npm run [<pkg>] [command]
+    npm run-script [command] [-- <args>]
+    npm run [command] [-- <args>]
 
 ## DESCRIPTION
 
-This runs an arbitrary command from a package's `"scripts"` object.
-If no package name is provided, it will search for a `package.json`
-in the current folder and use its `"scripts"` object. If no `"command"`
-is provided, it will list the available top level scripts.
+This runs an arbitrary command from a package's `"scripts"` object.  If no
+`"command"` is provided, it will list the available scripts.  `run[-script]` is
+used by the test, start, restart, and stop commands, but can be called
+directly, as well. When the scripts in the package are printed out, they're
+separated into lifecycle (test, start, restart) and directly-run scripts.
 
-It is used by the test, start, restart, and stop commands, but can be
-called directly, as well.
+As of [`npm@2.0.0`](http://blog.npmjs.org/post/98131109725/npm-2-0-0), you can
+use custom arguments when executing scripts. The special option `--` is used by
+[getopt](http://goo.gl/KxMmtG) to delimit the end of the options. npm will pass
+all the arguments after the `--` directly to your script:
+
+    npm run test -- --grep="pattern"
+
+The arguments will only be passed to the script specified after ```npm run```
+and not to any pre or post script.
+
+The `env` script is a special built-in command that can be used to list
+environment variables that will be available to the script at runtime. If an
+"env" command is defined in your package it will take precedence over the
+built-in.
+
+In addition to the shell's pre-existing `PATH`, `npm run` adds
+`node_modules/.bin` to the `PATH` provided to scripts. Any binaries provided by
+locally-installed dependencies can be used without the `node_modules/.bin`
+prefix. For example, if there is a `devDependency` on `tap` in your package,
+you should write:
+
+    "scripts": {"test": "tap test/\*.js"}
+
+instead of `"scripts": {"test": "node_modules/.bin/tap test/\*.js"}` to run your tests.
 
 ## SEE ALSO
 

deps/npm/doc/cli/npm-search.md

@@ -3,9 +3,9 @@ npm-search(1) -- Search for packages
 
 ## SYNOPSIS
 
-    npm search [--long] [search terms ...]
-    npm s [search terms ...]
-    npm se [search terms ...]
+    npm search [-l|--long] [search terms ...]
+
+    aliases: s, se, find
 
 ## DESCRIPTION
 
@@ -27,6 +27,15 @@ lines. When disabled (default) search results are truncated to fit
 neatly on a single line. Modules with extremely long names will
 fall on multiple lines.
 
+### registry
+
+ * Default: https://registry.npmjs.org/
+ * Type   : url
+
+Search the specified registry for modules. If you have configured npm to point to a different default registry,
+such as your internal private module repository, `npm search` will default to that registry when searching.
+Pass a different registry url such as the default above in order to override this setting.
+
 ## SEE ALSO
 
 * npm-registry(7)

deps/npm/doc/cli/npm-shrinkwrap.md

@@ -9,18 +9,18 @@ npm-shrinkwrap(1) -- Lock down dependency versions
 
 This command locks down the versions of a package's dependencies so
 that you can control exactly which versions of each dependency will be
-used when your package is installed. The "package.json" file is still
-required if you want to use "npm install".
+used when your package is installed. The `package.json` file is still
+required if you want to use `npm install`.
 
-By default, "npm install" recursively installs the target's
-dependencies (as specified in package.json), choosing the latest
+By default, `npm install` recursively installs the target's
+dependencies (as specified in `package.json`), choosing the latest
 available version that satisfies the dependency's semver pattern. In
 some situations, particularly when shipping software where each change
 is tightly managed, it's desirable to fully specify each version of
 each dependency recursively so that subsequent builds and deploys do
 not inadvertently pick up newer versions of a dependency that satisfy
 the semver pattern. Specifying specific semver patterns in each
-dependency's package.json would facilitate this, but that's not always
+dependency's `package.json` would facilitate this, but that's not always
 possible or desirable, as when another author owns the npm package.
 It's also possible to check dependencies directly into source control,
 but that may be undesirable for other reasons.
@@ -48,18 +48,18 @@ package B:
 and package C:
 
     {
-      "name": "C,
+      "name": "C",
       "version": "0.0.1"
     }
 
 If these are the only versions of A, B, and C available in the
-registry, then a normal "npm install A" will install:
+registry, then a normal `npm install A` will install:
 
     A@0.1.0
     `-- B@0.0.1
         `-- C@0.0.1
 
-However, if B@0.0.2 is published, then a fresh "npm install A" will
+However, if B@0.0.2 is published, then a fresh `npm install A` will
 install:
 
     A@0.1.0
@@ -78,7 +78,7 @@ In this case, A's author can run
 
     npm shrinkwrap
 
-This generates npm-shrinkwrap.json, which will look something like this:
+This generates `npm-shrinkwrap.json`, which will look something like this:
 
     {
       "name": "A",
@@ -86,9 +86,13 @@ This generates npm-shrinkwrap.json, which will look something like this:
       "dependencies": {
         "B": {
           "version": "0.0.1",
+          "from": "B@^0.0.1",
+          "resolved": "https://registry.npmjs.org/B/-/B-0.0.1.tgz",
           "dependencies": {
             "C": {
-              "version": "0.1.0"
+              "version": "0.0.1",
+              "from": "org/C#v0.0.1",
+              "resolved": "git://github.com/org/C.git#5c380ae319fc4efe9e7f2d9c78b0faa588fd99b4"
             }
           }
         }
@@ -96,44 +100,44 @@ This generates npm-shrinkwrap.json, which will look something like this:
     }
 
 The shrinkwrap command has locked down the dependencies based on
-what's currently installed in node_modules.  When "npm install"
-installs a package with a npm-shrinkwrap.json file in the package
-root, the shrinkwrap file (rather than package.json files) completely
+what's currently installed in node_modules.  When `npm install`
+installs a package with an `npm-shrinkwrap.json` in the package
+root, the shrinkwrap file (rather than `package.json` files) completely
 drives the installation of that package and all of its dependencies
 (recursively).  So now the author publishes A@0.1.0, and subsequent
-installs of this package will use B@0.0.1 and C@0.1.0, regardless the
-dependencies and versions listed in A's, B's, and C's package.json
+installs of this package will use B@0.0.1 and C@0.0.1, regardless the
+dependencies and versions listed in A's, B's, and C's `package.json`
 files.
 
 
 ### Using shrinkwrapped packages
 
 Using a shrinkwrapped package is no different than using any other
-package: you can "npm install" it by hand, or add a dependency to your
-package.json file and "npm install" it.
+package: you can `npm install` it by hand, or add a dependency to your
+`package.json` file and `npm install` it.
 
 ### Building shrinkwrapped packages
 
 To shrinkwrap an existing package:
 
-1. Run "npm install" in the package root to install the current
+1. Run `npm install` in the package root to install the current
    versions of all dependencies.
 2. Validate that the package works as expected with these versions.
-3. Run "npm shrinkwrap", add npm-shrinkwrap.json to git, and publish
+3. Run `npm shrinkwrap`, add `npm-shrinkwrap.json` to git, and publish
    your package.
 
 To add or update a dependency in a shrinkwrapped package:
 
-1. Run "npm install" in the package root to install the current
+1. Run `npm install` in the package root to install the current
    versions of all dependencies.
-2. Add or update dependencies. "npm install" each new or updated
-   package individually and then update package.json.  Note that they
+2. Add or update dependencies. `npm install` each new or updated
+   package individually and then update `package.json`.  Note that they
    must be explicitly named in order to be installed: running `npm
    install` with no arguments will merely reproduce the existing
    shrinkwrap.
 3. Validate that the package works as expected with the new
    dependencies.
-4. Run "npm shrinkwrap", commit the new npm-shrinkwrap.json, and
+4. Run `npm shrinkwrap`, commit the new `npm-shrinkwrap.json`, and
    publish your package.
 
 You can use npm-outdated(1) to view dependencies with newer versions
@@ -141,14 +145,14 @@ available.
 
 ### Other Notes
 
-A shrinkwrap file must be consistent with the package's package.json
-file. "npm shrinkwrap" will fail if required dependencies are not
+A shrinkwrap file must be consistent with the package's `package.json`
+file. `npm shrinkwrap` will fail if required dependencies are not
 already installed, since that would result in a shrinkwrap that
 wouldn't actually work. Similarly, the command will fail if there are
-extraneous packages (not referenced by package.json), since that would
-indicate that package.json is not correct.
+extraneous packages (not referenced by `package.json`), since that would
+indicate that `package.json` is not correct.
 
-Since "npm shrinkwrap" is intended to lock down your dependencies for
+Since `npm shrinkwrap` is intended to lock down your dependencies for
 production use, `devDependencies` will not be included unless you
 explicitly set the `--dev` flag when you run `npm shrinkwrap`.  If
 installed `devDependencies` are excluded, then npm will print a

deps/npm/doc/cli/npm-start.md

@@ -3,11 +3,17 @@ npm-start(1) -- Start a package
 
 ## SYNOPSIS
 
-    npm start <name>
+    npm start [-- <args>]
 
 ## DESCRIPTION
 
-This runs a package's "start" script, if one was provided.
+This runs an arbitrary command specified in the package's `"start"` property of
+its `"scripts"` object. If no `"start"` property is specified on the
+`"scripts"` object, it will run `node server.js`.
+
+As of [`npm@2.0.0`](http://blog.npmjs.org/post/98131109725/npm-2-0-0), you can
+use custom arguments when executing scripts. Refer to npm-run-script(1) for
+more details.
 
 ## SEE ALSO
 

deps/npm/doc/cli/npm-stop.md

@@ -3,7 +3,7 @@ npm-stop(1) -- Stop a package
 
 ## SYNOPSIS
 
-    npm stop <name>
+    npm stop [-- <args>]
 
 ## DESCRIPTION
 

deps/npm/doc/cli/npm-submodule.md

@@ -1,28 +0,0 @@
-npm-submodule(1) -- Add a package as a git submodule
-====================================================
-
-## SYNOPSIS
-
-    npm submodule <pkg>
-
-## DESCRIPTION
-
-If the specified package has a git repository url in its package.json
-description, then this command will add it as a git submodule at
-`node_modules/<pkg name>`.
-
-This is a convenience only.  From then on, it's up to you to manage
-updates by using the appropriate git commands.  npm will stubbornly
-refuse to update, modify, or remove anything with a `.git` subfolder
-in it.
-
-This command also does not install missing dependencies, if the package
-does not include them in its git repository.  If `npm ls` reports that
-things are missing, you can either install, link, or submodule them yourself,
-or you can do `npm explore <pkgname> -- npm install` to install the
-dependencies into the submodule folder.
-
-## SEE ALSO
-
-* package.json(5)
-* git help submodule

deps/npm/doc/cli/npm-tag.md

@@ -7,6 +7,8 @@ npm-tag(1) -- Tag a published version
 
 ## DESCRIPTION
 
+THIS COMMAND IS DEPRECATED. See npm-dist-tag(1) for details.
+
 Tags the specified version of the package with the specified tag, or the
 `--tag` config if not specified.
 
@@ -23,6 +25,29 @@ This also applies to `npm dedupe`.
 
 Publishing a package always sets the "latest" tag to the published version.
 
+## PURPOSE
+
+Tags can be used to provide an alias instead of version numbers.  For
+example, `npm` currently uses the tag "next" to identify the upcoming
+version, and the tag "latest" to identify the current version.
+
+A project might choose to have multiple streams of development, e.g.,
+"stable", "canary".
+
+## CAVEATS
+
+Tags must share a namespace with version numbers, because they are
+specified in the same slot: `npm install <pkg>@<version>` vs `npm
+install <pkg>@<tag>`.
+
+Tags that can be interpreted as valid semver ranges will be
+rejected. For example, `v1.4` cannot be used as a tag, because it is
+interpreted by semver as `>=1.4.0 <1.5.0`.  See
+<https://github.com/npm/npm/issues/6082>.
+
+The simplest way to avoid semver problems with tags is to use tags
+that do not begin with a number or the letter `v`.
+
 ## SEE ALSO
 
 * npm-publish(1)
@@ -31,4 +56,5 @@ Publishing a package always sets the "latest" tag to the published version.
 * npm-registry(7)
 * npm-config(1)
 * npm-config(7)
+* npm-tag(3)
 * npmrc(5)

deps/npm/doc/cli/npm-team.md

@@ -0,0 +1,55 @@
+npm-team(1) -- Manage organization teams and team memberships
+=============================================================
+
+## SYNOPSIS
+
+    npm team create <scope:team>
+    npm team destroy <scope:team>
+
+    npm team add <scope:team> <user>
+    npm team rm <scope:team> <user>
+
+    npm team ls <scope>|<scope:team>
+
+    npm team edit <scope:team>
+
+## DESCRIPTION
+
+Used to manage teams in organizations, and change team memberships. Does not
+handle permissions for packages.
+
+Teams must always be fully qualified with the organization/scope they belond to
+when operating on them, separated by a colon (`:`). That is, if you have a
+`developers` team on a `foo` organization, you must always refer to that team as
+`foo:developers` in these commands.
+
+* create / destroy:
+  Create a new team, or destroy an existing one.
+
+* add / rm:
+  Add a user to an existing team, or remove a user from a team they belong to.
+
+* ls:
+  If performed on an organization name, will return a list of existing teams
+  under that organization. If performed on a team, it will instead return a list
+  of all users belonging to that particular team.
+
+## DETAILS
+
+`npm team` always operates directly on the current registry, configurable from
+the command line using `--registry=<registry url>`.
+
+In order to create teams and manage team membership, you must be a *team admin*
+under the given organization. Listing teams and team memberships may be done by
+any member of the organizations.
+
+Organization creation and management of team admins and *organization* members
+is done through the website, not the npm CLI.
+
+To use teams to manage permissions on packages belonging to your organization,
+use the `npm access` command to grant or revoke the appropriate permissions.
+
+## SEE ALSO
+
+* npm-access(1)
+* npm-registr(7)

deps/npm/doc/cli/npm-test.md

@@ -3,8 +3,9 @@ npm-test(1) -- Test a package
 
 ## SYNOPSIS
 
-      npm test <name>
-      npm tst <name>
+      npm test [-- <args>]
+
+      aliases: t, tst
 
 ## DESCRIPTION
 

deps/npm/doc/cli/npm-uninstall.md

@@ -1,9 +1,9 @@
-npm-rm(1) -- Remove a package
+npm-uninstall(1) -- Remove a package
 =============================
 
 ## SYNOPSIS
 
-    npm uninstall <name> [--save|--save-dev|--save-optional]
+    npm uninstall [@<scope>/]<package> [--save|--save-dev|--save-optional]
     npm rm (with any of the previous argument usage)
 
 ## DESCRIPTION
@@ -27,9 +27,12 @@ the package version in your main package.json:
 
 * `--save-optional`: Package will be removed from your `optionalDependencies`.
 
+Scope is optional and follows the usual rules for `npm-scope(7)`.
+
 Examples:
 
     npm uninstall sax --save
+    npm uninstall @myorg/privatepackage --save
     npm uninstall node-tap --save-dev
     npm uninstall dtrace-provider --save-optional
 

deps/npm/doc/cli/npm-unpublish.md

@@ -3,7 +3,7 @@ npm-unpublish(1) -- Remove a package from the registry
 
 ## SYNOPSIS
 
-    npm unpublish <name>[@<version>]
+    npm unpublish [@<scope>/]<name>[@<version>]
 
 ## WARNING
 
@@ -27,6 +27,8 @@ Even if a package version is unpublished, that specific name and
 version combination can never be reused.  In order to publish the
 package again, a new version number must be used.
 
+The scope is optional and follows the usual rules for `npm-scope(7)`.
+
 ## SEE ALSO
 
 * npm-deprecate(1)

deps/npm/doc/cli/npm-update.md

@@ -5,20 +5,144 @@ npm-update(1) -- Update a package
 
     npm update [-g] [<name> [<name> ...]]
 
+    aliases: up, upgrade
+
 ## DESCRIPTION
 
 This command will update all the packages listed to the latest version
-(specified by the `tag` config).
+(specified by the `tag` config), respecting semver.
+
+It will also install missing packages. As with all commands that install
+packages, the `--dev` flag will cause `devDependencies` to be processed
+as well.
+
+If the `-g` flag is specified, this command will update globally installed
+packages.
+
+If no package name is specified, all packages in the specified location (global
+or local) will be updated.
+
+As of `npm@2.6.1`, the `npm update` will only inspect top-level packages.
+Prior versions of `npm` would also recursively inspect all dependencies.
+To get the old behavior, use `npm --depth 9999 update`.
+
+## EXAMPLES
+
+IMPORTANT VERSION NOTE: these examples assume `npm@2.6.1` or later.  For
+older versions of `npm`, you must specify `--depth 0` to get the behavior
+described below.
+
+For the examples below, assume that the current package is `app` and it depends
+on dependencies, `dep1` (`dep2`, .. etc.).  The published versions of `dep1` are:
+
+```
+{
+  "dist-tags": { "latest": "1.2.2" },
+  "versions": [
+    "1.2.2",
+    "1.2.1",
+    "1.2.0",
+    "1.1.2",
+    "1.1.1",
+    "1.0.0",
+    "0.4.1",
+    "0.4.0",
+    "0.2.0"
+  ]
+}
+```
+
+### Caret Dependencies
+
+If `app`'s `package.json` contains:
+
+```
+"dependencies": {
+  "dep1": "^1.1.1"
+}
+```
+
+Then `npm update` will install `dep1@1.2.2`, because `1.2.2` is `latest` and
+`1.2.2` satisfies `^1.1.1`.
+
+### Tilde Dependencies
+
+However, if `app`'s `package.json` contains:
+
+```
+"dependencies": {
+  "dep1": "~1.1.1"
+}
+```
+
+In this case, running `npm update` will install `dep1@1.1.2`.  Even though the `latest`
+tag points to `1.2.2`, this version does not satisfy `~1.1.1`, which is equivalent
+to `>=1.1.1 <1.2.0`.  So the highest-sorting version that satisfies `~1.1.1` is used,
+which is `1.1.2`.
+
+### Caret Dependencies below 1.0.0
+
+Suppose `app` has a caret dependency on a version below `1.0.0`, for example:
+
+```
+"dependencies": {
+  "dep1": "^0.2.0"
+}
+```
+
+`npm update` will install `dep1@0.2.0`, because there are no other
+versions which satisfy `^0.2.0`.
+
+If the dependence were on `^0.4.0`:
+
+```
+"dependencies": {
+  "dep1": "^0.4.0"
+}
+```
+
+Then `npm update` will install `dep1@0.4.1`, because that is the highest-sorting
+version that satisfies `^0.4.0` (`>= 0.4.0 <0.5.0`)
+
+### Recording Updates with `--save`
+
+When you want to update a package and save the new version as
+the minimum required dependency in `package.json`, you can use
+`npm update --save`.  For example if `package.json` contains
+
+```
+"dependencies": {
+  "dep1": "^1.1.1"
+}
+```
+
+Then `npm update --save` will install `dep1@1.2.2` (i.e., `latest`),
+and `package.json` will be modified:
+
+```
+"dependencies": {
+  "dep1": "^1.2.2"
+}
+```
+
+Note that `npm` will only write an updated version to `package.json`
+if it installs a new package.
+
+### Updating Globally-Installed Packages
+
+`npm update -g` will apply the `update` action to each globally installed
+package that is `outdated` -- that is, has a version that is different from
+`latest`.
 
-It will also install missing packages.
+NOTE: If a package has been upgraded to a version newer than `latest`, it will
+be _downgraded_.
 
-If the `-g` flag is specified, this command will update globally installed packages.
-If no package name is specified, all packages in the specified location (global or local) will be updated.
 
 ## SEE ALSO
 
 * npm-install(1)
 * npm-outdated(1)
+* npm-shrinkwrap(1)
 * npm-registry(7)
 * npm-folders(5)
 * npm-ls(1)

deps/npm/doc/cli/npm-version.md

@@ -8,15 +8,18 @@ npm-version(1) -- Bump a package version
 ## DESCRIPTION
 
 Run this in a package directory to bump the version and write the new
-data back to the package.json file.
+data back to `package.json` and, if present, `npm-shrinkwrap.json`.
 
 The `newversion` argument should be a valid semver string, *or* a
-valid second argument to semver.inc (one of "patch", "minor", "major",
-"prepatch", "preminor", "premajor", "prerelease"). In the second case,
+valid second argument to semver.inc (one of `patch`, `minor`, `major`,
+`prepatch`, `preminor`, `premajor`, `prerelease`). In the second case,
 the existing version will be incremented by 1 in the specified field.
 
-If run in a git repo, it will also create a version commit and tag, and
-fail if the repo is not clean.
+If run in a git repo, it will also create a version commit and tag.
+This behavior is controlled by `git-tag-version` (see below), and can
+be disabled on the command line by running `npm --no-git-tag-version version`.
+It will fail if the working directory is not clean, unless the `--force`
+flag is set.
 
 If supplied with `--message` (shorthand: `-m`) config option, npm will
 use it as a commit message when creating a version commit.  If the
@@ -38,8 +41,50 @@ in your git config for this to work properly.  For example:
 
     Enter passphrase:
 
+If `preversion`, `version`, or `postversion` are in the `scripts` property of
+the package.json, they will be executed as part of running `npm version`.
+
+The exact order of execution is as follows:
+  1. Check to make sure the git working directory is clean before we get started.
+     Your scripts may add files to the commit in future steps.
+     This step is skipped if the `--force` flag is set.
+  2. Run the `preversion` script. These scripts have access to the old `version` in package.json.
+     A typical use would be running your full test suite before deploying.
+     Any files you want added to the commit should be explicitly added using `git add`.
+  3. Bump `version` in `package.json` as requested (`patch`, `minor`, `major`, etc).
+  4. Run the `version` script. These scripts have access to the new `version` in package.json
+     (so they can incorporate it into file headers in generated files for example).
+     Again, scripts should explicitly add generated files to the commit using `git add`.
+  5. Commit and tag.
+  6. Run the `postversion` script. Use it to clean up the file system or automatically push
+     the commit and/or tag.
+
+Take the following example:
+
+    "scripts": {
+      "preversion": "npm test",
+      "version": "npm run build && git add -A dist",
+      "postversion": "git push && git push --tags && rm -rf build/temp"
+    }
+
+This runs all your tests, and proceeds only if they pass. Then runs your `build` script, and
+adds everything in the `dist` directory to the commit. After the commit, it pushes the new commit
+and tag up to the server, and deletes the `build/temp` directory.
+
+## CONFIGURATION
+
+### git-tag-version
+
+* Default: true
+* Type: Boolean
+
+Commit and tag the version change.
+
 ## SEE ALSO
 
 * npm-init(1)
+* npm-run-script(1)
+* npm-scripts(7)
 * package.json(5)
 * semver(7)
+* config(7)

deps/npm/doc/cli/npm-view.md

@@ -3,8 +3,8 @@ npm-view(1) -- View registry info
 
 ## SYNOPSIS
 
-    npm view <name>[@<version>] [<field>[.<subfield>]...]
-    npm v <name>[@<version>] [<field>[.<subfield>]...]
+    npm view [@<scope>/]<name>[@<version>] [<field>[.<subfield>]...]
+    npm v [@<scope>/]<name>[@<version>] [<field>[.<subfield>]...]
 
 ## DESCRIPTION
 
@@ -24,7 +24,7 @@ For example, to show the dependencies of the `ronn` package at version
 
     npm view ronn@0.3.5 dependencies
 
-You can view child field by separating them with a period.
+You can view child fields by separating them with a period.
 To view the git repository URL for the latest version of npm, you could
 do this:
 
@@ -66,6 +66,11 @@ was required by each matching version of yui3:
 
     npm view yui3@'>0.5.4' dependencies.jsdom
 
+To show the `connect` package version history, you can do
+this:
+
+    npm view connect versions
+
 ## OUTPUT
 
 If only a single string field for a single version is output, then it

deps/npm/doc/cli/npm.md

@@ -1,5 +1,5 @@
-npm(1) -- node package manager
-==============================
+npm(1) -- javascript package manager
+====================================
 
 ## SYNOPSIS
 
@@ -127,20 +127,18 @@ Patches welcome!
 Contributors are listed in npm's `package.json` file.  You can view them
 easily by doing `npm view npm contributors`.
 
-If you would like to contribute, but don't know what to work on, check
-the issues list or ask on the mailing list.
+If you would like to contribute, but don't know what to work on, read
+the contributing guidelines and check the issues list.
 
-* <http://github.com/npm/npm/issues>
-* <npm-@googlegroups.com>
+* https://github.com/npm/npm/wiki/Contributing-Guidelines
+* <https://github.com/npm/npm/issues>
 
 ## BUGS
 
 When you find issues, please report them:
 
 * web:
-  <http://github.com/npm/npm/issues>
-* email:
-  <npm-@googlegroups.com>
+  <https://github.com/npm/npm/issues>
 
 Be sure to include *all* of the output from the npm command that didn't work
 as expected.  The `npm-debug.log` file is also helpful to provide.

deps/npm/doc/files/npm-folders.md

@@ -20,12 +20,10 @@ This document will tell you what it puts where.
 ### prefix Configuration
 
 The `prefix` config defaults to the location where node is installed.
-On most systems, this is `/usr/local`, and most of the time is the same
-as node's `process.installPrefix`.
-
-On windows, this is the exact location of the node.exe binary.  On Unix
-systems, it's one level up, since node is typically installed at
-`{prefix}/bin/node` rather than `{prefix}/node.exe`.
+On most systems, this is `/usr/local`. On windows, this is the exact
+location of the node.exe binary.  On Unix systems, it's one level up,
+since node is typically installed at `{prefix}/bin/node` rather than
+`{prefix}/node.exe`.
 
 When the `global` flag is set, npm installs things into this prefix.
 When it is not set, it uses the root of the current package, or the
@@ -42,6 +40,12 @@ Global installs on Unix systems go to `{prefix}/lib/node_modules`.
 Global installs on Windows go to `{prefix}/node_modules` (that is, no
 `lib` folder.)
 
+Scoped packages are installed the same way, except they are grouped together
+in a sub-folder of the relevant `node_modules` folder with the name of that
+scope prefix by the @ symbol, e.g. `npm install @myorg/package` would place
+the package in `{prefix}/node_modules/@myorg/package`. See `scope(7)` for
+more details.
+
 If you wish to `require()` a package, then install it locally.
 
 ### Executables

deps/npm/doc/files/npmrc.md

@@ -17,7 +17,7 @@ The four relevant files are:
 
 * per-project config file (/path/to/my/project/.npmrc)
 * per-user config file (~/.npmrc)
-* global config file ($PREFIX/npmrc)
+* global config file ($PREFIX/etc/npmrc)
 * npm builtin config file (/path/to/npm/npmrc)
 
 All npm config files are an ini-formatted list of `key = value`
@@ -30,6 +30,17 @@ Each of these files is loaded, and config options are resolved in
 priority order.  For example, a setting in the userconfig file would
 override the setting in the globalconfig file.
 
+Array values are specified by adding "[]" after the key name. For
+example:
+
+    key[] = "first value"
+    key[] = "second value"
+
+**NOTE:** Because local (per-project or per-user) `.npmrc` files can contain
+sensitive credentials, they must be readable and writable _only_ by your user
+account (i.e. must have a mode of `0600`), otherwise they _will be ignored by
+npm!_
+
 ### Per-project config file
 
 When working locally in a project, a `.npmrc` file in the root of the
@@ -41,6 +52,9 @@ running npm in.  It has no effect when your module is published.  For
 example, you can't publish a module that forces itself to install
 globally, or in a different location.
 
+Additionally, this file is not read in global mode, such as when running
+`npm install -g`.
+
 ### Per-user config file
 
 `$HOME/.npmrc` (or the `userconfig` param, if set in the environment

deps/npm/doc/files/package.json.md

@@ -17,18 +17,30 @@ them.  The name and version together form an identifier that is assumed
 to be completely unique.  Changes to the package should come along with
 changes to the version.
 
-The name is what your thing is called.  Some tips:
+The name is what your thing is called.
 
+Some rules:
+
+* The name must be less than or equal to 214 characters. This includes the scope for
+  scoped packages.
+* The name can't start with a dot or an underscore.
+* New packages must not have uppercase letters in the name.
+* The name ends up being part of a URL, an argument on the command line, and a
+  folder name. Therefore, the name can't contain any non-URL-safe characters.
+
+Some tips:
+
+* Don't use the same name as a core Node module.
 * Don't put "js" or "node" in the name.  It's assumed that it's js, since you're
   writing a package.json file, and you can specify the engine using the "engines"
   field.  (See below.)
-* The name ends up being part of a URL, an argument on the command line, and a
-  folder name. Any name with non-url-safe characters will be rejected.
-  Also, it can't start with a dot or an underscore.
 * The name will probably be passed as an argument to require(), so it should
   be something short, but also reasonably descriptive.
 * You may want to check the npm registry to see if there's something by that name
-  already, before you get too attached to it.  http://registry.npmjs.org/
+  already, before you get too attached to it. <https://www.npmjs.com/>
+
+A name can be optionally prefixed by a scope, e.g. `@myorg/mypackage`. See
+`npm-scope(7)` for more detail.
 
 ## version
 
@@ -72,7 +84,7 @@ with your package.
 
 It should look like this:
 
-    { "url" : "http://github.com/owner/project/issues"
+    { "url" : "https://github.com/owner/project/issues"
     , "email" : "project@hostname.com"
     }
 
@@ -86,18 +98,61 @@ If a url is provided, it will be used by the `npm bugs` command.
 You should specify a license for your package so that people know how they are
 permitted to use it, and any restrictions you're placing on it.
 
-The simplest way, assuming you're using a common license such as BSD-3-Clause
-or MIT, is to just specify the standard SPDX ID of the license you're using,
-like this:
+If you're using a common license such as BSD-2-Clause or MIT, add a
+current SPDX license identifier for the license you're using, like this:
 
     { "license" : "BSD-3-Clause" }
 
 You can check [the full list of SPDX license IDs](https://spdx.org/licenses/).
 Ideally you should pick one that is
-[OSI](http://opensource.org/licenses/alphabetical) approved.
+[OSI](https://opensource.org/licenses/alphabetical) approved.
 
-It's also a good idea to include a LICENSE file at the top level in
-your package.
+If your package is licensed under multiple common licenses, use an [SPDX license
+expression syntax version 2.0 string](https://npmjs.com/package/spdx), like this:
+
+    { "license" : "(ISC OR GPL-3.0)" }
+
+If you are using a license that hasn't been assigned an SPDX identifier, or if
+you are using a custom license, use a string value like this one:
+
+    { "license" : "SEE LICENSE IN <filename>" }
+
+Then include a file named `<filename>` at the top level of the package.
+
+Some old packages used license objects or a "licenses" property containing an
+array of license objects:
+
+    // Not valid metadata
+    { "license" :
+      { "type" : "ISC"
+      , "url" : "http://opensource.org/licenses/ISC"
+      }
+    }
+
+    // Not valid metadata
+    { "licenses" :
+      [
+        { "type": "MIT"
+        , "url": "http://www.opensource.org/licenses/mit-license.php"
+        }
+      , { "type": "Apache-2.0"
+        , "url": "http://opensource.org/licenses/apache2.0.php"
+        }
+      ]
+    }
+
+Those styles are now deprecated. Instead, use SPDX expressions, like this:
+
+    { "license": "ISC" }
+
+    { "license": "(MIT OR Apache-2.0)" }
+
+Finally, if you do not wish to grant others the right to use a private or
+unpublished package under any terms:
+
+    { "license": "UNLICENSED"}
+
+Consider also setting `"private": true` to prevent accidental publication.
 
 ## people fields: author, contributors
 
@@ -111,7 +166,7 @@ is an object with a "name" field and optionally "url" and "email", like this:
 
 Or you can shorten that all into a single string, and npm will parse it for you:
 
-    "Barney Rubble <b@rubble.com> (http://barnyrubble.tumblr.com/)
+    "Barney Rubble <b@rubble.com> (http://barnyrubble.tumblr.com/)"
 
 Both email and url are optional either way.
 
@@ -123,10 +178,32 @@ The "files" field is an array of files to include in your project.  If
 you name a folder in the array, then it will also include the files
 inside that folder. (Unless they would be ignored by another rule.)
 
-You can also provide a ".npmignore" file in the root of your package,
-which will keep files from being included, even if they would be picked
-up by the files array.  The ".npmignore" file works just like a
-".gitignore".
+You can also provide a ".npmignore" file in the root of your package or
+in subdirectories, which will keep files from being included, even
+if they would be picked up by the files array.  The `.npmignore` file
+works just like a `.gitignore`.
+
+Certain files are always included, regardless of settings:
+
+* `package.json`
+* `README`
+* `CHANGES` / `CHANGELOG` / `HISTORY` (any casing and file extension)
+* `LICENSE` / `LICENCE`
+* The file in the "main" field
+
+Conversely, some files are always ignored:
+
+* `.git`
+* `CVS`
+* `.svn`
+* `.hg`
+* `.lock-wscript`
+* `.wafpickle-N`
+* `.*.swp`
+* `.DS_Store`
+* `._*`
+* `npm-debug.log`
+* `.npmrc`
 
 ## main
 
@@ -151,12 +228,12 @@ command name to local file name. On install, npm will symlink that file into
 installs.
 
 
-For example, npm has this:
+For example, myapp could have this:
 
-    { "bin" : { "npm" : "./cli.js" } }
+    { "bin" : { "myapp" : "./cli.js" } }
 
-So, when you install npm, it'll create a symlink from the `cli.js` script to
-`/usr/local/bin/npm`.
+So, when you install myapp, it'll create a symlink from the `cli.js` script to
+`/usr/local/bin/myapp`.
 
 If you have a single executable, and its name should be the name
 of the package, then you can just supply it as a string.  For example:
@@ -216,7 +293,7 @@ will create entries for `man foo` and `man 2 foo`
 
 The CommonJS [Packages](http://wiki.commonjs.org/wiki/Packages/1.0) spec details a
 few ways that you can indicate the structure of your package using a `directories`
-hash. If you look at [npm's package.json](http://registry.npmjs.org/npm/latest),
+object. If you look at [npm's package.json](https://registry.npmjs.org/npm/latest),
 you'll see that it has directories for doc, lib, and man.
 
 In the future, this information may be used in other creative ways.
@@ -228,10 +305,13 @@ with the lib folder in any way, but it's useful meta info.
 
 ### directories.bin
 
-If you specify a "bin" directory, then all the files in that folder will
-be used as the "bin" hash.
+If you specify a `bin` directory in `directories.bin`, all the files in
+that folder will be added.
 
-If you have a "bin" hash already, then this has no effect.
+Because of the way the `bin` directive works, specifying both a
+`bin` path and setting `directories.bin` is an error. If you want to
+specify individual files, use `bin`, and for all the files in an
+existing `bin` directory, use `directories.bin`.
 
 ### directories.man
 
@@ -247,31 +327,47 @@ maybe, someday.
 
 Put example scripts in here.  Someday, it might be exposed in some clever way.
 
+### directories.test
+
+Put your tests in here. It is currently not exposed, but it might be in the
+future.
+
 ## repository
 
 Specify the place where your code lives. This is helpful for people who
-want to contribute.  If the git repo is on github, then the `npm docs`
+want to contribute.  If the git repo is on GitHub, then the `npm docs`
 command will be able to find you.
 
 Do it like this:
 
     "repository" :
       { "type" : "git"
-      , "url" : "http://github.com/npm/npm.git"
+      , "url" : "https://github.com/npm/npm.git"
       }
 
     "repository" :
       { "type" : "svn"
-      , "url" : "http://v8.googlecode.com/svn/trunk/"
+      , "url" : "https://v8.googlecode.com/svn/trunk/"
       }
 
 The URL should be a publicly available (perhaps read-only) url that can be handed
 directly to a VCS program without any modification.  It should not be a url to an
 html project page that you put in your browser.  It's for computers.
 
+For GitHub, GitHub gist, Bitbucket, or GitLab repositories you can use the same
+shortcut syntax you use for `npm install`:
+
+    "repository": "npm/npm"
+
+    "repository": "gist:11081aaa281"
+
+    "repository": "bitbucket:example/repo"
+
+    "repository": "gitlab:another/repo"
+
 ## scripts
 
-The "scripts" member is an object hash of script commands that are run
+The "scripts" property is a dictionary containing script commands that are run
 at various times in the lifecycle of your package.  The key is the lifecycle
 event, and the value is the command to run at that point.
 
@@ -279,9 +375,9 @@ See `npm-scripts(7)` to find out more about writing package scripts.
 
 ## config
 
-A "config" hash can be used to set configuration
-parameters used in package scripts that persist across upgrades.  For
-instance, if a package had the following:
+A "config" object can be used to set configuration parameters used in package
+scripts that persist across upgrades.  For instance, if a package had the
+following:
 
     { "name" : "foo"
     , "config" : { "port" : "8080" } }
@@ -295,13 +391,13 @@ configs.
 
 ## dependencies
 
-Dependencies are specified with a simple hash of package name to
+Dependencies are specified in a simple object that maps a package name to a
 version range. The version range is a string which has one or more
-space-separated descriptors.  Dependencies can also be identified with
-a tarball or git URL.
+space-separated descriptors.  Dependencies can also be identified with a
+tarball or git URL.
 
 **Please do not put test harnesses or transpilers in your
-`dependencies` hash.**  See `devDependencies`, below.
+`dependencies` object.**  See `devDependencies`, below.
 
 See semver(7) for more details about specifying version ranges.
 
@@ -320,6 +416,8 @@ See semver(7) for more details about specifying version ranges.
 * `range1 || range2` Passes if either range1 or range2 are satisfied.
 * `git...` See 'Git URLs as Dependencies' below
 * `user/repo` See 'GitHub URLs' below
+* `tag` A specific version tagged and published as `tag`  See `npm-tag(1)`
+* `path/path/path` See [Local Paths](#local-paths) below
 
 For example, these are all valid:
 
@@ -334,6 +432,8 @@ For example, these are all valid:
       , "elf" : "~1.2.3"
       , "two" : "2.x"
       , "thr" : "3.3.x"
+      , "lat" : "latest"
+      , "dyl" : "file:../dyl"
       }
     }
 
@@ -359,24 +459,53 @@ an argument to `git checkout`.  The default is `master`.
 
 ## GitHub URLs
 
-As of version 1.1.65, you can refer to GitHub urls as just "foo": "user/foo-project". For example:
+As of version 1.1.65, you can refer to GitHub urls as just "foo":
+"user/foo-project".  Just as with git URLs, a `commit-ish` suffix can be
+included.  For example:
 
     {
       "name": "foo",
       "version": "0.0.0",
       "dependencies": {
-        "express": "visionmedia/express"
+        "express": "visionmedia/express",
+        "mocha": "visionmedia/mocha#4727d357ea"
+      }
+    }
+
+## Local Paths
+
+As of version 2.0.0 you can provide a path to a local directory that contains a
+package. Local paths can be saved using `npm install --save`, using any of
+these forms:
+
+    ../foo/bar
+    ~/foo/bar
+    ./foo/bar
+    /foo/bar
+
+in which case they will be normalized to a relative path and added to your
+`package.json`. For example:
+
+    {
+      "name": "baz",
+      "dependencies": {
+        "bar": "file:../foo/bar"
       }
     }
 
+This feature is helpful for local offline development and creating
+tests that require npm installing where you don't want to hit an
+external server, but should not be used when publishing packages
+to the public registry.
+
 ## devDependencies
 
 If someone is planning on downloading and using your module in their
 program, then they probably don't want or need to download and build
 the external test or documentation framework that you use.
 
-In this case, it's best to list these additional items in a
-`devDependencies` hash.
+In this case, it's best to map these additional items in a `devDependencies`
+object.
 
 These things will be installed when doing `npm link` or `npm install`
 from the root of a package, and can be managed like any other npm
@@ -407,29 +536,35 @@ run this script as well, so that you can test it easily.
 
 ## peerDependencies
 
-In some cases, you want to express the compatibility of your package with an
+In some cases, you want to express the compatibility of your package with a
 host tool or library, while not necessarily doing a `require` of this host.
-This is usually refered to as a *plugin*. Notably, your module may be exposing
+This is usually referred to as a *plugin*. Notably, your module may be exposing
 a specific interface, expected and specified by the host documentation.
 
 For example:
 
     {
       "name": "tea-latte",
-      "version": "1.3.5"
+      "version": "1.3.5",
       "peerDependencies": {
         "tea": "2.x"
       }
     }
 
 This ensures your package `tea-latte` can be installed *along* with the second
-major version of the host package `tea` only. The host package is automatically
-installed if needed. `npm install tea-latte` could possibly yield the following
-dependency graph:
+major version of the host package `tea` only. `npm install tea-latte` could
+possibly yield the following dependency graph:
 
     ├── tea-latte@1.3.5
     └── tea@2.2.0
 
+**NOTE: npm versions 1 and 2 will automatically install `peerDependencies` if
+they are not explicitly depended upon higher in the dependency tree. In the
+next major version of npm (npm@3), this will no longer be the case. You will
+receive a warning that the peerDependency is not installed instead.** The
+behavior in npms 1 & 2 was frequently confusing and could easily put you into
+dependency hell, a situation that npm is designed to avoid as much as possible.
+
 Trying to install another plugin with a conflicting requirement will cause an
 error. For this reason, make sure your plugin requirement is as broad as
 possible, and not to lock it down to specific patch versions.
@@ -441,17 +576,33 @@ this. If you depend on features introduced in 1.5.2, use `">= 1.5.2 < 2"`.
 
 ## bundledDependencies
 
-Array of package names that will be bundled when publishing the package.
+This defines an array of package names that will be bundled when publishing the package.
 
-If this is spelled `"bundleDependencies"`, then that is also honorable.
+In cases where you need to preserve npm packages locally or have them available through a single file download, you can bundle the packages in a tarball file by specifying the package names in the `bundledDependencies` array and executing `npm pack`.
+
+For example:
+If we define a package.json like this:
+
+```
+{
+  "name": "awesome-web-framework",
+  "version": "1.0.0",
+  "bundledDependencies": [
+    'renderized', 'super-streams'
+  ]
+}
+```
+we can obtain `awesome-web-framework-1.0.0.tgz` file by running `npm pack`. This file contains the dependencies `renderized` and `super-streams` which can be installed in a new project by executing `npm install awesome-web-framework-1.0.0.tgz`.
+
+If this is spelled `"bundleDependencies"`, then that is also honored.
 
 ## optionalDependencies
 
-If a dependency can be used, but you would like npm to proceed if it
-cannot be found or fails to install, then you may put it in the
-`optionalDependencies` hash.  This is a map of package name to version
-or url, just like the `dependencies` hash.  The difference is that
-failure is tolerated.
+If a dependency can be used, but you would like npm to proceed if it cannot be
+found or fails to install, then you may put it in the `optionalDependencies`
+object.  This is a map of package name to version or url, just like the
+`dependencies` object.  The difference is that build failures do not cause
+installation to fail.
 
 It is still your program's responsibility to handle the lack of the
 dependency.  For example, something like this:
@@ -498,16 +649,17 @@ field is advisory only.
 
 ## engineStrict
 
+**NOTE: This feature is deprecated and will be removed in npm 3.0.0.**
+
 If you are sure that your module will *definitely not* run properly on
-versions of Node/npm other than those specified in the `engines` hash,
+versions of Node/npm other than those specified in the `engines` object,
 then you can set `"engineStrict": true` in your package.json file.
 This will override the user's `engine-strict` config setting.
 
 Please do not do this unless you are really very very sure.  If your
-engines hash is something overly restrictive, you can quite easily and
+engines object is something overly restrictive, you can quite easily and
 inadvertently lock yourself into obscurity and prevent your users from
-updating to new versions of Node.  Consider this choice carefully.  If
-people abuse it, it will be removed in a future version of npm.
+updating to new versions of Node.  Consider this choice carefully.
 
 ## os
 
@@ -553,21 +705,21 @@ does help prevent some confusion if it doesn't work as expected.
 If you set `"private": true` in your package.json, then npm will refuse
 to publish it.
 
-This is a way to prevent accidental publication of private repositories.
-If you would like to ensure that a given package is only ever published
-to a specific registry (for example, an internal registry),
-then use the `publishConfig` hash described below
-to override the `registry` config param at publish-time.
+This is a way to prevent accidental publication of private repositories.  If
+you would like to ensure that a given package is only ever published to a
+specific registry (for example, an internal registry), then use the
+`publishConfig` dictionary described below to override the `registry` config
+param at publish-time.
 
 ## publishConfig
 
-This is a set of config values that will be used at publish-time.  It's
-especially handy if you want to set the tag or registry, so that you can
-ensure that a given package is not tagged with "latest" or published to
-the global public registry by default.
+This is a set of config values that will be used at publish-time. It's
+especially handy if you want to set the tag, registry or access, so that
+you can ensure that a given package is not tagged with "latest", published
+to the global public registry or that a scoped module is private by default.
 
-Any config values can be overridden, but of course only "tag" and
-"registry" probably matter for the purposes of publishing.
+Any config values can be overridden, but of course only "tag", "registry" and
+"access" probably matter for the purposes of publishing.
 
 See `npm-config(7)` to see the list of config options that can be
 overridden.
@@ -604,4 +756,4 @@ npm will default some values based on package contents.
 * npm-faq(7)
 * npm-install(1)
 * npm-publish(1)
-* npm-rm(1)
+* npm-uninstall(1)

deps/npm/doc/misc/npm-coding-style.md

@@ -10,7 +10,7 @@ designed to reduce visual clutter and make bugs more apparent.
 If you want to contribute to npm (which is very encouraged), you should
 make your code conform to npm's style.
 
-Note: this concerns npm's code not the specific packages at npmjs.org
+Note: this concerns npm's code not the specific packages that you can download from the npm registry.
 
 ## Line Length
 
@@ -21,7 +21,7 @@ statements onto multiple lines.
 ## Indentation
 
 Two-spaces.  Tabs are better, but they look like hell in web browsers
-(and on github), and node uses 2 spaces, so that's that.
+(and on GitHub), and node uses 2 spaces, so that's that.
 
 Configure your editor appropriately.
 
@@ -147,7 +147,7 @@ Use appropriate log levels.  See `npm-config(7)` and search for
 ## Case, naming, etc.
 
 Use `lowerCamelCase` for multiword identifiers when they refer to objects,
-functions, methods, members, or anything not specified in this section.
+functions, methods, properties, or anything not specified in this section.
 
 Use `UpperCamelCase` for class names (things that you'd pass to "new").
 

deps/npm/doc/misc/npm-config.md

@@ -3,7 +3,7 @@ npm-config(7) -- More than you probably want to know about npm configuration
 
 ## DESCRIPTION
 
-npm gets its configuration values from 6 sources, in this priority:
+npm gets its configuration values from the following sources, sorted by priority:
 
 ### Command Line Flags
 
@@ -50,11 +50,11 @@ The following shorthands are parsed on the command-line:
 * `-dd`, `--verbose`: `--loglevel verbose`
 * `-ddd`: `--loglevel silly`
 * `-g`: `--global`
+* `-C`: `--prefix`
 * `-l`: `--long`
 * `-m`: `--message`
 * `-p`, `--porcelain`: `--parseable`
 * `-reg`: `--registry`
-* `-v`: `--version`
 * `-f`: `--force`
 * `-desc`: `--description`
 * `-S`: `--save`
@@ -106,6 +106,16 @@ See package.json(5) for more information.
 
 ## Config Settings
 
+### access
+
+* Default: `restricted`
+* Type: Access
+
+When publishing scoped packages, the access level defaults to `restricted`.  If
+you want your scoped package to be publicly viewable (and installable) set
+`--access=public`. The only valid values for `access` are `public` and
+`restricted`. Unscoped packages _always_ have an access level of `public`.
+
 ### always-auth
 
 * Default: false
@@ -136,14 +146,22 @@ The browser that is called by the `npm docs` command to open websites.
 ### ca
 
 * Default: The npm CA certificate
-* Type: String or null
+* Type: String, Array or null
 
 The Certificate Authority signing certificate that is trusted for SSL
-connections to the registry.
+connections to the registry. Values should be in PEM format with newlines
+replaced by the string "\n". For example:
+
+    ca="-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----"
 
 Set to `null` to only allow "known" registrars, or to a specific CA cert
 to trust only that specific signing authority.
 
+Multiple CAs can be trusted by specifying an array of certificates:
+
+    ca[]="..."
+    ca[]="..."
+
 See also the `strict-ssl` config.
 
 ### cafile
@@ -214,7 +232,7 @@ A client certificate to pass when accessing the registry.
 
 ### color
 
-* Default: true on Posix, false on Windows
+* Default: true
 * Type: Boolean or `"always"`
 
 If false, never shows colors.  If `"always"` then always shows colors.
@@ -225,8 +243,13 @@ If true, then only prints color codes for tty file descriptors.
 * Default: Infinity
 * Type: Number
 
-The depth to go when recursing directories for `npm ls` and
-`npm cache ls`.
+The depth to go when recursing directories for `npm ls`,
+`npm cache ls`, and `npm outdated`.
+
+For `npm outdated`, a setting of `Infinity` will be treated as `0`
+since that gives more useful information.  To show the outdated status
+of all packages and dependents, use a large integer value,
+e.g., `npm outdated --depth 9999`
 
 ### description
 
@@ -253,12 +276,6 @@ set.
 
 The command to run for `npm edit` or `npm config edit`.
 
-### email
-
-The email of the logged-in user.
-
-Set by the `npm adduser` command.  Should not be set explicitly.
-
 ### engine-strict
 
 * Default: false
@@ -366,11 +383,23 @@ The string that starts all the debugging log output.
 
 ### https-proxy
 
-* Default: the `HTTPS_PROXY` or `https_proxy` or `HTTP_PROXY` or
-  `http_proxy` environment variables.
+* Default: null
 * Type: url
 
-A proxy to use for outgoing https requests.
+A proxy to use for outgoing https requests. If the `HTTPS_PROXY` or
+`https_proxy` or `HTTP_PROXY` or `http_proxy` environment variables are set,
+proxy settings will be honored by the underlying `request` library.
+
+### if-present
+
+* Default: false
+* Type: Boolean
+
+If true, npm will not exit with an error code when `run-script` is invoked for
+a script that isn't defined in the `scripts` section of `package.json`. This
+option can be used when it's desirable to optionally run a script when it's
+present and fail if the script fails. This is useful, for example, when running
+scripts that may only apply for some builds in an otherwise generic CI setup.
 
 ### ignore-scripts
 
@@ -389,34 +418,42 @@ documentation for the
 [init-package-json](https://github.com/isaacs/init-package-json) module
 for more information, or npm-init(1).
 
-### init.author.name
+### init-author-name
 
 * Default: ""
 * Type: String
 
 The value `npm init` should use by default for the package author's name.
 
-### init.author.email
+### init-author-email
 
 * Default: ""
 * Type: String
 
 The value `npm init` should use by default for the package author's email.
 
-### init.author.url
+### init-author-url
 
 * Default: ""
 * Type: String
 
 The value `npm init` should use by default for the package author's homepage.
 
-### init.license
+### init-license
 
 * Default: "ISC"
 * Type: String
 
 The value `npm init` should use by default for the package license.
 
+### init-version
+
+* Default: "1.0.0"
+* Type: semver
+
+The value that `npm init` should use by default for the package
+version number, if not already set in package.json.
+
 ### json
 
 * Default: false
@@ -461,15 +498,15 @@ to the npm registry.  Must be IPv4 in versions of Node prior to 0.12.
 
 ### loglevel
 
-* Default: "http"
+* Default: "warn"
 * Type: String
-* Values: "silent", "win", "error", "warn", "http", "info", "verbose", "silly"
+* Values: "silent", "error", "warn", "http", "info", "verbose", "silly"
 
 What level of logs to report.  On failure, *all* logs are written to
 `npm-debug.log` in the current working directory.
 
 Any logs of a higher level than the setting are shown.
-The default is "http", which shows http, warn, and error output.
+The default is "warn", which shows warn and error output.
 
 ### logstream
 
@@ -493,6 +530,14 @@ colored output if it is a TTY.
 
 Show extended information in `npm ls` and `npm search`.
 
+### maxsockets
+
+* Default: 50
+* Type: Number
+
+The maximum number of connections to use per origin (protocol/host/port
+combination). Passed to the `http` `Agent` used to make the request.
+
 ### message
 
 * Default: "%s"
@@ -507,7 +552,7 @@ Any "%s" in the message will be replaced with the version number.
 * Default: process.version
 * Type: semver or false
 
-The node version to use when checking package's "engines" hash.
+The node version to use when checking a package's `engines` map.
 
 ### npat
 
@@ -529,7 +574,7 @@ usage.
 * Default: true
 * Type: Boolean
 
-Attempt to install packages in the `optionalDependencies` hash.  Note
+Attempt to install packages in the `optionalDependencies` object.  Note
 that if these packages fail to install, the overall installation
 process is not aborted.
 
@@ -574,10 +619,12 @@ this as true.
 
 ### proxy
 
-* Default: `HTTP_PROXY` or `http_proxy` environment variable, or null
+* Default: null
 * Type: url
 
-A proxy to use for outgoing http requests.
+A proxy to use for outgoing http requests. If the `HTTP_PROXY` or
+`http_proxy` environment variables are set, proxy settings will be
+honored by the underlying `request` library.
 
 ### rebuild-bundle
 
@@ -607,8 +654,8 @@ Remove failed installs.
 
 Save installed packages to a package.json file as dependencies.
 
-When used with the `npm rm` command, it removes it from the dependencies
-hash.
+When used with the `npm rm` command, it removes it from the `dependencies`
+object.
 
 Only works if there is already a package.json file present.
 
@@ -629,10 +676,10 @@ bundledDependencies list.
 * Default: false
 * Type: Boolean
 
-Save installed packages to a package.json file as devDependencies.
+Save installed packages to a package.json file as `devDependencies`.
 
 When used with the `npm rm` command, it removes it from the
-devDependencies hash.
+`devDependencies` object.
 
 Only works if there is already a package.json file present.
 
@@ -654,7 +701,7 @@ Save installed packages to a package.json file as
 optionalDependencies.
 
 When used with the `npm rm` command, it removes it from the
-devDependencies hash.
+`devDependencies` object.
 
 Only works if there is already a package.json file present.
 
@@ -663,14 +710,25 @@ Only works if there is already a package.json file present.
 * Default: '^'
 * Type: String
 
-Configure how versions of packages installed to a package.json file via 
+Configure how versions of packages installed to a package.json file via
 `--save` or `--save-dev` get prefixed.
 
-For example if a package has version `1.2.3`, by default it's version is
-set to `^1.2.3` which allows minor upgrades for that package, but after  
+For example if a package has version `1.2.3`, by default its version is
+set to `^1.2.3` which allows minor upgrades for that package, but after
 `npm config set save-prefix='~'` it would be set to `~1.2.3` which only allows
 patch upgrades.
 
+### scope
+
+* Default: ""
+* Type: String
+
+Associate an operation with a scope for a scoped registry. Useful when logging
+in to a private registry for the first time:
+`npm login --scope=@organization --registry=registry.organization.com`, which
+will cause `@organization` to be mapped to the registry for future installation
+of packages specified according to the pattern `@organization/package`.
+
 ### searchopts
 
 * Default: ""
@@ -754,6 +812,19 @@ it will install the specified tag.
 Also the tag that is added to the package@version specified by the `npm
 tag` command, if no explicit tag is given.
 
+### tag-version-prefix
+
+* Default: `"v"`
+* Type: String
+
+If set, alters the prefix used when tagging a new version when performing a
+version increment using  `npm-version`. To remove the prefix altogether, set it
+to the empty string: `""`.
+
+Because other tools may rely on the convention that npm version tags look like
+`v1.0.0`, _only use this property if it is absolutely necessary_. In
+particular, use care when overriding this setting for public packages.
+
 ### tmp
 
 * Default: TMPDIR environment variable, or "/tmp"
@@ -794,13 +865,6 @@ instead of complete help when doing `npm-help(1)`.
 
 The UID to set to when running package scripts as root.
 
-### username
-
-* Default: null
-* Type: String
-
-The username on the npm registry.  Set with `npm adduser`
-
 ### userconfig
 
 * Default: ~/.npmrc
@@ -811,7 +875,7 @@ The location of user-level configuration settings.
 ### umask
 
 * Default: 022
-* Type: Octal numeric string
+* Type: Octal numeric string in range 0000..0777 (0..511)
 
 The "umask" value to use when setting the file creation mode on files
 and folders.
@@ -841,8 +905,8 @@ Only relevant when specified explicitly on the command line.
 * Default: false
 * Type: boolean
 
-If true, output the npm version as well as node's `process.versions`
-hash, and exit successfully.
+If true, output the npm version as well as node's `process.versions` map, and
+exit successfully.
 
 Only relevant when specified explicitly on the command line.
 
@@ -858,7 +922,6 @@ Set to `"browser"` to view html help content in the default web browser.
 ## SEE ALSO
 
 * npm-config(1)
-* npm-config(7)
 * npmrc(5)
 * npm-scripts(7)
 * npm-folders(5)

deps/npm/doc/misc/npm-developers.md

@@ -76,7 +76,7 @@ least, you need:
 
 * scripts:
   If you have a special compilation or installation script, then you
-  should put it in the `scripts` hash.  You should definitely have at
+  should put it in the `scripts` object.  You should definitely have at
   least a basic smoke-test command as the "scripts.test" field.
   See npm-scripts(7).
 
@@ -86,8 +86,8 @@ least, you need:
   then you need to specify that in the "main" field.
 
 * directories:
-  This is a hash of folders.  The best ones to include are "lib" and
-  "doc", but if you specify a folder full of man pages in "man", then
+  This is an object mapping names to folders.  The best ones to include are
+  "lib" and "doc", but if you use "man" to specify a folder full of man pages,
   they'll get installed just like these ones.
 
 You can use `npm init` in the root of your package in order to get you
@@ -100,7 +100,17 @@ Use a `.npmignore` file to keep stuff out of your package.  If there's
 no `.npmignore` file, but there *is* a `.gitignore` file, then npm will
 ignore the stuff matched by the `.gitignore` file.  If you *want* to
 include something that is excluded by your `.gitignore` file, you can
-create an empty `.npmignore` file to override it.
+create an empty `.npmignore` file to override it. Like `git`, `npm` looks
+for `.npmignore` and `.gitignore` files in all subdirectories of your
+package, not only the root directory.
+
+`.npmignore` files follow the [same pattern rules](https://git-scm.com/book/en/v2/Git-Basics-Recording-Changes-to-the-Repository#Ignoring-Files)
+as `.gitignore` files:
+
+* Blank lines or lines starting with `#` are ignored.
+* Standard glob patterns work.
+* You can end patterns with a forward slash `/` to specify a directory.
+* You can negate a pattern by starting it with an exclamation point `!`.
 
 By default, the following paths and files are ignored, so there's no
 need to add them to `.npmignore` explicitly:
@@ -110,9 +120,11 @@ need to add them to `.npmignore` explicitly:
 * `.DS_Store`
 * `.git`
 * `.hg`
+* `.npmrc`
 * `.lock-wscript`
 * `.svn`
 * `.wafpickle-*`
+* `config.gypi`
 * `CVS`
 * `npm-debug.log`
 
@@ -124,7 +136,9 @@ The following paths and files are never ignored, so adding them to
 `.npmignore` is pointless:
 
 * `package.json`
-* `README.*`
+* `README` (and its variants)
+* `CHANGELOG` (and its variants)
+* `LICENSE` / `LICENCE`
 
 ## Link Packages
 
@@ -177,7 +191,7 @@ This is documented better in npm-adduser(1).
 
 ## Publish your package
 
-This part's easy.  IN the root of your folder, do this:
+This part's easy.  In the root of your folder, do this:
 
     npm publish
 

deps/npm/doc/misc/npm-faq.md

@@ -1,364 +0,0 @@
-npm-faq(7) -- Frequently Asked Questions
-========================================
-
-## Where can I find these docs in HTML?
-
-<https://www.npmjs.org/doc/>, or run:
-
-    npm config set viewer browser
-
-to open these documents in your default web browser rather than `man`.
-
-## It didn't work.
-
-That's not really a question.
-
-## Why didn't it work?
-
-I don't know yet.
-
-Read the error output, and if you can't figure out what it means,
-do what it says and post a bug with all the information it asks for.
-
-## Where does npm put stuff?
-
-See `npm-folders(5)`
-
-tl;dr:
-
-* Use the `npm root` command to see where modules go, and the `npm bin`
-  command to see where executables go
-* Global installs are different from local installs.  If you install
-  something with the `-g` flag, then its executables go in `npm bin -g`
-  and its modules go in `npm root -g`.
-
-## How do I install something on my computer in a central location?
-
-Install it globally by tacking `-g` or `--global` to the command.  (This
-is especially important for command line utilities that need to add
-their bins to the global system `PATH`.)
-
-## I installed something globally, but I can't `require()` it
-
-Install it locally.
-
-The global install location is a place for command-line utilities
-to put their bins in the system `PATH`.  It's not for use with `require()`.
-
-If you `require()` a module in your code, then that means it's a
-dependency, and a part of your program.  You need to install it locally
-in your program.
-
-## Why can't npm just put everything in one place, like other package managers?
-
-Not every change is an improvement, but every improvement is a change.
-This would be like asking git to do network IO for every commit.  It's
-not going to happen, because it's a terrible idea that causes more
-problems than it solves.
-
-It is much harder to avoid dependency conflicts without nesting
-dependencies.  This is fundamental to the way that npm works, and has
-proven to be an extremely successful approach.  See `npm-folders(5)` for
-more details.
-
-If you want a package to be installed in one place, and have all your
-programs reference the same copy of it, then use the `npm link` command.
-That's what it's for.  Install it globally, then link it into each
-program that uses it.
-
-## Whatever, I really want the old style 'everything global' style.
-
-Write your own package manager.  You could probably even wrap up `npm`
-in a shell script if you really wanted to.
-
-npm will not help you do something that is known to be a bad idea.
-
-## Should I check my `node_modules` folder into git?
-
-Mikeal Rogers answered this question very well:
-
-<http://www.futurealoof.com/posts/nodemodules-in-git.html>
-
-tl;dr
-
-* Check `node_modules` into git for things you **deploy**, such as
-  websites and apps.
-* Do not check `node_modules` into git for libraries and modules
-  intended to be reused.
-* Use npm to manage dependencies in your dev environment, but not in
-  your deployment scripts.
-
-## Is it 'npm' or 'NPM' or 'Npm'?
-
-npm should never be capitalized unless it is being displayed in a
-location that is customarily all-caps (such as the title of man pages.)
-
-## If 'npm' is an acronym, why is it never capitalized?
-
-Contrary to the belief of many, "npm" is not in fact an abbreviation for
-"Node Package Manager".  It is a recursive bacronymic abbreviation for
-"npm is not an acronym".  (If it was "ninaa", then it would be an
-acronym, and thus incorrectly named.)
-
-"NPM", however, *is* an acronym (more precisely, a capitonym) for the
-National Association of Pastoral Musicians.  You can learn more
-about them at <http://npm.org/>.
-
-In software, "NPM" is a Non-Parametric Mapping utility written by
-Chris Rorden.  You can analyze pictures of brains with it.  Learn more
-about the (capitalized) NPM program at <http://www.cabiatl.com/mricro/npm/>.
-
-The first seed that eventually grew into this flower was a bash utility
-named "pm", which was a shortened descendent of "pkgmakeinst", a
-bash function that was used to install various different things on different
-platforms, most often using Yahoo's `yinst`.  If `npm` was ever an
-acronym for anything, it was `node pm` or maybe `new pm`.
-
-So, in all seriousness, the "npm" project is named after its command-line
-utility, which was organically selected to be easily typed by a right-handed
-programmer using a US QWERTY keyboard layout, ending with the
-right-ring-finger in a postition to type the `-` key for flags and
-other command-line arguments.  That command-line utility is always
-lower-case, though it starts most sentences it is a part of.
-
-## How do I list installed packages?
-
-`npm ls`
-
-## How do I search for packages?
-
-`npm search`
-
-Arguments are greps.  `npm search jsdom` shows jsdom packages.
-
-## How do I update npm?
-
-    npm update npm -g
-
-You can also update all outdated local packages by doing `npm update` without
-any arguments, or global packages by doing `npm update -g`.
-
-Occasionally, the version of npm will progress such that the current
-version cannot be properly installed with the version that you have
-installed already.  (Consider, if there is ever a bug in the `update`
-command.)
-
-In those cases, you can do this:
-
-    curl https://www.npmjs.org/install.sh | sh
-
-## What is a `package`?
-
-A package is:
-
-* a) a folder containing a program described by a package.json file
-* b) a gzipped tarball containing (a)
-* c) a url that resolves to (b)
-* d) a `<name>@<version>` that is published on the registry with (c)
-* e) a `<name>@<tag>` that points to (d)
-* f) a `<name>` that has a "latest" tag satisfying (e)
-* g) a `git` url that, when cloned, results in (a).
-
-Even if you never publish your package, you can still get a lot of
-benefits of using npm if you just want to write a node program (a), and
-perhaps if you also want to be able to easily install it elsewhere
-after packing it up into a tarball (b).
-
-Git urls can be of the form:
-
-    git://github.com/user/project.git#commit-ish
-    git+ssh://user@hostname:project.git#commit-ish
-    git+http://user@hostname/project/blah.git#commit-ish
-    git+https://user@hostname/project/blah.git#commit-ish
-
-The `commit-ish` can be any tag, sha, or branch which can be supplied as
-an argument to `git checkout`.  The default is `master`.
-
-## What is a `module`?
-
-A module is anything that can be loaded with `require()` in a Node.js
-program.  The following things are all examples of things that can be
-loaded as modules:
-
-* A folder with a `package.json` file containing a `main` field.
-* A folder with an `index.js` file in it.
-* A JavaScript file.
-
-Most npm packages are modules, because they are libraries that you
-load with `require`.  However, there's no requirement that an npm
-package be a module!  Some only contain an executable command-line
-interface, and don't provide a `main` field for use in Node programs.
-
-Almost all npm packages (at least, those that are Node programs)
-*contain* many modules within them (because every file they load with
-`require()` is a module).
-
-In the context of a Node program, the `module` is also the thing that
-was loaded *from* a file.  For example, in the following program:
-
-    var req = require('request')
-
-we might say that "The variable `req` refers to the `request` module".
-
-## So, why is it the "`node_modules`" folder, but "`package.json`" file?  Why not `node_packages` or `module.json`?
-
-The `package.json` file defines the package.  (See "What is a
-package?" above.)
-
-The `node_modules` folder is the place Node.js looks for modules.
-(See "What is a module?" above.)
-
-For example, if you create a file at `node_modules/foo.js` and then
-had a program that did `var f = require('foo.js')` then it would load
-the module.  However, `foo.js` is not a "package" in this case,
-because it does not have a package.json.
-
-Alternatively, if you create a package which does not have an
-`index.js` or a `"main"` field in the `package.json` file, then it is
-not a module.  Even if it's installed in `node_modules`, it can't be
-an argument to `require()`.
-
-## `"node_modules"` is the name of my deity's arch-rival, and a Forbidden Word in my religion.  Can I configure npm to use a different folder?
-
-No.  This will never happen.  This question comes up sometimes,
-because it seems silly from the outside that npm couldn't just be
-configured to put stuff somewhere else, and then npm could load them
-from there.  It's an arbitrary spelling choice, right?  What's the big
-deal?
-
-At the time of this writing, the string `'node_modules'` appears 151
-times in 53 separate files in npm and node core (excluding tests and
-documentation).
-
-Some of these references are in node's built-in module loader.  Since
-npm is not involved **at all** at run-time, node itself would have to
-be configured to know where you've decided to stick stuff.  Complexity
-hurdle #1.  Since the Node module system is locked, this cannot be
-changed, and is enough to kill this request.  But I'll continue, in
-deference to your deity's delicate feelings regarding spelling.
-
-Many of the others are in dependencies that npm uses, which are not
-necessarily tightly coupled to npm (in the sense that they do not read
-npm's configuration files, etc.)  Each of these would have to be
-configured to take the name of the `node_modules` folder as a
-parameter.  Complexity hurdle #2.
-
-Furthermore, npm has the ability to "bundle" dependencies by adding
-the dep names to the `"bundledDependencies"` list in package.json,
-which causes the folder to be included in the package tarball.  What
-if the author of a module bundles its dependencies, and they use a
-different spelling for `node_modules`?  npm would have to rename the
-folder at publish time, and then be smart enough to unpack it using
-your locally configured name.  Complexity hurdle #3.
-
-Furthermore, what happens when you *change* this name?  Fine, it's
-easy enough the first time, just rename the `node_modules` folders to
-`./blergyblerp/` or whatever name you choose.  But what about when you
-change it again?  npm doesn't currently track any state about past
-configuration settings, so this would be rather difficult to do
-properly.  It would have to track every previous value for this
-config, and always accept any of them, or else yesterday's install may
-be broken tomorrow.  Complexity hurdle #4.
-
-Never going to happen.  The folder is named `node_modules`.  It is
-written indelibly in the Node Way, handed down from the ancient times
-of Node 0.3.
-
-## How do I install node with npm?
-
-You don't.  Try one of these node version managers:
-
-Unix:
-
-* <http://github.com/isaacs/nave>
-* <http://github.com/visionmedia/n>
-* <http://github.com/creationix/nvm>
-
-Windows:
-
-* <http://github.com/marcelklehr/nodist>
-* <https://github.com/hakobera/nvmw>
-* <https://github.com/nanjingboy/nvmw>
-
-## How can I use npm for development?
-
-See `npm-developers(7)` and `package.json(5)`.
-
-You'll most likely want to `npm link` your development folder.  That's
-awesomely handy.
-
-To set up your own private registry, check out `npm-registry(7)`.
-
-## Can I list a url as a dependency?
-
-Yes.  It should be a url to a gzipped tarball containing a single folder
-that has a package.json in its root, or a git url.
-(See "what is a package?" above.)
-
-## How do I symlink to a dev folder so I don't have to keep re-installing?
-
-See `npm-link(1)`
-
-## The package registry website.  What is that exactly?
-
-See `npm-registry(7)`.
-
-## I forgot my password, and can't publish.  How do I reset it?
-
-Go to <https://npmjs.org/forgot>.
-
-## I get ECONNREFUSED a lot.  What's up?
-
-Either the registry is down, or node's DNS isn't able to reach out.
-
-To check if the registry is down, open up
-<https://registry.npmjs.org/> in a web browser.  This will also tell
-you if you are just unable to access the internet for some reason.
-
-If the registry IS down, let us know by emailing <support@npmjs.com>
-or posting an issue at <https://github.com/npm/npm/issues>.  If it's
-down for the world (and not just on your local network) then we're
-probably already being pinged about it.
-
-You can also often get a faster response by visiting the #npm channel
-on Freenode IRC.
-
-## Why no namespaces?
-
-Please see this discussion: <https://github.com/npm/npm/issues/798>
-
-tl;dr - It doesn't actually make things better, and can make them worse.
-
-If you want to namespace your own packages, you may: simply use the
-`-` character to separate the names.  npm is a mostly anarchic system.
-There is not sufficient need to impose namespace rules on everyone.
-
-## Who does npm?
-
-npm was originally written by Isaac Z. Schlueter, and many others have
-contributed to it, some of them quite substantially.
-
-The npm open source project, The npm Registry, and [the community
-website](https://www.npmjs.org) are maintained and operated by the
-good folks at [npm, Inc.](http://www.npmjs.com)
-
-## I have a question or request not addressed here. Where should I put it?
-
-Post an issue on the github project:
-
-* <https://github.com/npm/npm/issues>
-
-## Why does npm hate me?
-
-npm is not capable of hatred.  It loves everyone, especially you.
-
-## SEE ALSO
-
-* npm(1)
-* npm-developers(7)
-* package.json(5)
-* npm-config(1)
-* npm-config(7)
-* npmrc(5)
-* npm-config(7)
-* npm-folders(5)

deps/npm/doc/misc/npm-index.md

@@ -3,7 +3,7 @@ npm-index(7) -- Index of all npm documentation
 
 ### README(1)
 
-node package manager
+a JavaScript package manager
 
 ## Command Line Documentation
 
@@ -11,7 +11,11 @@ Using npm on the command line
 
 ### npm(1)
 
-node package manager
+javascript package manager
+
+### npm-access(1)
+
+Set access level on published packages
 
 ### npm-adduser(1)
 
@@ -53,6 +57,10 @@ Reduce duplication
 
 Deprecate a version of a package
 
+### npm-dist-tag(1)
+
+Modify package distribution tags
+
 ### npm-docs(1)
 
 Docs for a package in a web browser maybe
@@ -85,6 +93,10 @@ Install a package
 
 Symlink a package folder
 
+### npm-logout(1)
+
+Log out of the registry
+
 ### npm-ls(1)
 
 List installed packages
@@ -101,6 +113,10 @@ Manage package owners
 
 Create a tarball from a package
 
+### npm-ping(1)
+
+Ping npm registry
+
 ### npm-prefix(1)
 
 Display prefix
@@ -123,7 +139,7 @@ Open package repository page in the browser
 
 ### npm-restart(1)
 
-Start a package
+Restart a package
 
 ### npm-rm(1)
 
@@ -161,14 +177,14 @@ Start a package
 
 Stop a package
 
-### npm-submodule(1)
-
-Add a package as a git submodule
-
 ### npm-tag(1)
 
 Tag a published version
 
+### npm-team(1)
+
+Manage organization teams and team memberships
+
 ### npm-test(1)
 
 Test a package
@@ -203,7 +219,7 @@ Using npm in your Node programs
 
 ### npm(3)
 
-node package manager
+javascript package manager
 
 ### npm-bin(3)
 
@@ -277,6 +293,10 @@ Manage package owners
 
 Create a tarball from a package
 
+### npm-ping(3)
+
+Ping npm registry
+
 ### npm-prefix(3)
 
 Display prefix
@@ -299,7 +319,7 @@ Open package repository page in the browser
 
 ### npm-restart(3)
 
-Start a package
+Restart a package
 
 ### npm-root(3)
 
@@ -325,10 +345,6 @@ Start a package
 
 Stop a package
 
-### npm-submodule(3)
-
-Add a package as a git submodule
-
 ### npm-tag(3)
 
 Tag a published version
@@ -397,18 +413,22 @@ Developer Guide
 
 Handling Module Name Disputes
 
-### npm-faq(7)
-
-Frequently Asked Questions
-
 ### npm-index(7)
 
 Index of all npm documentation
 
+### npm-orgs(7)
+
+Working with Teams & Orgs
+
 ### npm-registry(7)
 
 The JavaScript Package Registry
 
+### npm-scope(7)
+
+Scoped packages
+
 ### npm-scripts(7)
 
 How npm handles the "scripts" field

deps/npm/doc/misc/npm-orgs.md

@@ -0,0 +1,90 @@
+npm-orgs(7) -- Working with Teams & Orgs
+========================================
+
+## DESCRIPTION
+
+There are three levels of org users:
+
+1. Super admin, controls billing & adding people to the org.
+2. Team admin, manages team membership & package access.
+3. Developer, works on packages they are given access to.
+
+The super admin is the only person who can add users to the org because it impacts the monthly bill. The super admin will use the website to manage membership. Every org has a `developers` team that all users are automatically added to.
+
+The team admin is the person who manages team creation, team membership, and package access for teams. The team admin grants package access to teams, not individuals.
+
+The developer will be able to access packages based on the teams they are on. Access is either read-write or read-only.
+
+There are two main commands:
+
+1. `npm team` see npm-access(1) for more details
+2. `npm access` see npm-team(1) for more details
+
+## Team Admins create teams
+
+* Check who you’ve added to your org:
+
+```
+npm team ls <org>:developers
+```
+
+* Each org is automatically given a `developers` team, so you can see the whole list of team members in your org. This team automatically gets read-write access to all packages, but you can change that with the `access` command.
+
+* Create a new team:
+
+```
+npm team create <org:team>
+```
+
+* Add members to that team:
+
+```
+npm team add <org:team> <user>
+```
+
+## Publish a package and adjust package access
+
+* In package directory, run
+
+```
+npm init --scope=<org>
+```
+to scope it for your org & publish as usual
+
+* Grant access:
+
+```
+npm access grant <read-only|read-write> <org:team> [<package>]
+```
+
+* Revoke access:
+
+```
+npm access revoke <org:team> [<package>]
+```
+
+## Monitor your package access
+
+* See what org packages a team member can access:
+
+```
+npm access ls-packages <org> <user>
+```
+
+* See packages available to a specific team:
+
+```
+npm access ls-packages <org:team>
+```
+
+* Check which teams are collaborating on a package:
+
+```
+npm access ls-collaborators <pkg>
+```
+
+## SEE ALSO
+
+* npm-team(1)
+* npm-access(1)
+* npm-scope(7)

deps/npm/doc/misc/npm-registry.md

@@ -11,16 +11,15 @@ Additionally, npm's package registry implementation supports several
 write APIs as well, to allow for publishing packages and managing user
 account information.
 
-The official public npm registry is at <http://registry.npmjs.org/>.  It
-is powered by a CouchDB database at
-<http://isaacs.iriscouch.com/registry>.  The code for the couchapp is
-available at <http://github.com/npm/npmjs.org>.  npm user accounts
-are CouchDB users, stored in the <http://isaacs.iriscouch.com/_users>
-database.
+The official public npm registry is at <https://registry.npmjs.org/>.  It
+is powered by a CouchDB database, of which there is a public mirror at
+<https://skimdb.npmjs.com/registry>.  The code for the couchapp is
+available at <https://github.com/npm/npm-registry-couchapp>.
 
-The registry URL is supplied by the `registry` config parameter.  See
-`npm-config(1)`, `npmrc(5)`, and `npm-config(7)` for more on managing
-npm's configuration.
+The registry URL used is determined by the scope of the package (see
+`npm-scope(7)`). If no scope is specified, the default registry is used, which is
+supplied by the `registry` config parameter.  See `npm-config(1)`,
+`npmrc(5)`, and `npm-config(7)` for more on managing npm's configuration.
 
 ## Can I run my own private registry?
 
@@ -32,9 +31,10 @@ similar) design doc to implement the APIs.
 If you set up continuous replication from the official CouchDB, and then
 set your internal CouchDB as the registry config, then you'll be able
 to read any published packages, in addition to your private ones, and by
-default will only publish internally.  If you then want to publish a
-package for the whole world to see, you can simply override the
-`--registry` config for that command.
+default will only publish internally.
+
+If you then want to publish a package for the whole world to see, you can
+simply override the `--registry` option for that `publish` command.
 
 ## I don't want my package published in the official registry. It's private.
 
@@ -58,7 +58,7 @@ effectively implement the entire CouchDB API anyway.
 
 ## Is there a website or something to see package docs and such?
 
-Yes, head over to <https://npmjs.org/>
+Yes, head over to <https://npmjs.com/>
 
 ## SEE ALSO
 

deps/npm/doc/misc/npm-scope.md

@@ -0,0 +1,105 @@
+npm-scope(7) -- Scoped packages
+===============================
+
+## DESCRIPTION
+
+All npm packages have a name. Some package names also have a scope. A scope
+follows the usual rules for package names (url-safe characters, no leading dots
+or underscores). When used in package names, preceded by an @-symbol and
+followed by a slash, e.g.
+
+    @somescope/somepackagename
+
+Scopes are a way of grouping related packages together, and also affect a few
+things about the way npm treats the package.
+
+Scoped packages are supported by the public npm registry.  The npm
+client is backwards-compatible with un-scoped registries, so it can be
+used to work with scoped and un-scoped registries at the same time.
+
+## Installing scoped packages
+
+Scoped packages are installed to a sub-folder of the regular installation
+folder, e.g. if your other packages are installed in `node_modules/packagename`,
+scoped modules will be in `node_modules/@myorg/packagename`. The scope folder
+(`@myorg`) is simply the name of the scope preceded by an @-symbol, and can
+contain any number of scoped packages.
+
+A scoped package is installed by referencing it by name, preceded by an
+@-symbol, in `npm install`:
+
+    npm install @myorg/mypackage
+
+Or in `package.json`:
+
+    "dependencies": {
+      "@myorg/mypackage": "^1.3.0"
+    }
+
+Note that if the @-symbol is omitted in either case npm will instead attempt to
+install from GitHub; see `npm-install(1)`.
+
+## Requiring scoped packages
+
+Because scoped packages are installed into a scope folder, you have to
+include the name of the scope when requiring them in your code, e.g.
+
+    require('@myorg/mypackage')
+
+There is nothing special about the way Node treats scope folders, this is
+just specifying to require the module `mypackage` in the folder called `@myorg`.
+
+## Publishing scoped packages
+
+Scoped packages can be published to any registry that supports them, including
+the public npm registry.
+
+(As of 2015-04-19, and with npm 2.0 or newer, the public npm registry **does**
+support scoped packages)
+
+If you wish, you may associate a scope with a registry; see below.
+
+### Publishing public scoped packages to the public npm registry
+
+To publish a public scoped package, you must specify `--access public` with
+the initial publication.  This will publish the package and set access
+to `public` as if you had run `npm access public` after publishing.
+
+### Publishing private scoped packages to the npm registry
+
+To publish a private scoped package to the npm registry, you must have
+an [npm Private Modules](https://www.npmjs.com/private-modules)
+account.
+
+You can then publish the module with `npm publish` or `npm publish
+--access restricted`, and it will be present in the npm registry, with
+restricted access.  You can then change the access permissions, if
+desired, with `npm access` or on the npmjs.com website.
+
+## Associating a scope with a registry
+
+Scopes can be associated with a separate registry. This allows you to
+seamlessly use a mix of packages from the public npm registry and one or more
+private registries, such as npm Enterprise.
+
+You can associate a scope with a registry at login, e.g.
+
+    npm login --registry=http://reg.example.com --scope=@myco
+
+Scopes have a many-to-one relationship with registries: one registry can
+host multiple scopes, but a scope only ever points to one registry.
+
+You can also associate a scope with a registry using `npm config`:
+
+    npm config set @myco:registry http://reg.example.com
+
+Once a scope is associated with a registry, any `npm install` for a package
+with that scope will request packages from that registry instead. Any
+`npm publish` for a package name that contains the scope will be published to
+that registry instead.
+
+## SEE ALSO
+
+* npm-install(1)
+* npm-publish(1)
+* npm-access(1)

deps/npm/doc/misc/npm-scripts.md

@@ -3,7 +3,7 @@ npm-scripts(7) -- How npm handles the "scripts" field
 
 ## DESCRIPTION
 
-npm supports the "scripts" member of the package.json script, for the
+npm supports the "scripts" property of the package.json script, for the
 following scripts:
 
 * prepublish:
@@ -19,10 +19,10 @@ following scripts:
   Run BEFORE the package is uninstalled.
 * postuninstall:
   Run AFTER the package is uninstalled.
-* preupdate:
-  Run BEFORE the package is updated with the update command.
-* update, postupdate:
-  Run AFTER the package is updated with the update command.
+* preversion, version:
+  Run BEFORE bump the package version.
+* postversion:
+  Run AFTER bump the package version.
 * pretest, test, posttest:
   Run by the `npm test` command.
 * prestop, stop, poststop:
@@ -33,49 +33,29 @@ following scripts:
   Run by the `npm restart` command. Note: `npm restart` will run the
   stop and start scripts if no `restart` script is provided.
 
-Additionally, arbitrary scripts can be run by doing
-`npm run-script <pkg> <stage>`.
+Additionally, arbitrary scripts can be executed by running `npm
+run-script <pkg> <stage>`. *Pre* and *post* commands with matching
+names will be run for those as well (e.g. `premyscript`, `myscript`,
+`postmyscript`).
 
-## NOTE: INSTALL SCRIPTS ARE AN ANTIPATTERN
+## COMMON USES
 
-**tl;dr** Don't use `install`.  Use a `.gyp` file for compilation, and
-`prepublish` for anything else.
-
-You should almost never have to explicitly set a `preinstall` or
-`install` script.  If you are doing this, please consider if there is
-another option.
-
-The only valid use of `install` or `preinstall` scripts is for
-compilation which must be done on the target architecture.  In early
-versions of node, this was often done using the `node-waf` scripts, or
-a standalone `Makefile`, and early versions of npm required that it be
-explicitly set in package.json.  This was not portable, and harder to
-do properly.
-
-In the current version of node, the standard way to do this is using a
-`.gyp` file.  If you have a file with a `.gyp` extension in the root
-of your package, then npm will run the appropriate `node-gyp` commands
-automatically at install time.  This is the only officially supported
-method for compiling binary addons, and does not require that you add
-anything to your package.json file.
-
-If you have to do other things before your package is used, in a way
+If you need to perform operations on your package before it is used, in a way
 that is not dependent on the operating system or architecture of the
-target system, then use a `prepublish` script instead.  This includes
+target system, use a `prepublish` script.  This includes
 tasks such as:
 
-* Compile CoffeeScript source code into JavaScript.
-* Create minified versions of JavaScript source code.
+* Compiling CoffeeScript source code into JavaScript.
+* Creating minified versions of JavaScript source code.
 * Fetching remote resources that your package will use.
 
-The advantage of doing these things at `prepublish` time instead of
-`preinstall` or `install` time is that they can be done once, in a
-single place, and thus greatly reduce complexity and variability.
+The advantage of doing these things at `prepublish` time is that they can be done once, in a
+single place, thus reducing complexity and variability.
 Additionally, this means that:
 
 * You can depend on `coffee-script` as a `devDependency`, and thus
   your users don't need to have it installed.
-* You don't need to include the minifiers in your package, reducing
+* You don't need to include minifiers in your package, reducing
   the size for your users.
 * You don't need to rely on your users having `curl` or `wget` or
   other system tools on the target machines.
@@ -89,10 +69,10 @@ npm will default some script values based on package contents.
   If there is a `server.js` file in the root of your package, then npm
   will default the `start` command to `node server.js`.
 
-* `"preinstall": "node-waf clean || true; node-waf configure build"`:
+* `"install": "node-gyp rebuild"`:
 
-  If there is a `wscript` file in the root of your package, npm will
-  default the `preinstall` command to compile using node-waf.
+  If there is a `bindings.gyp` file in the root of your package, npm will
+  default the `install` command to compile using node-gyp.
 
 ## USER
 
@@ -135,7 +115,7 @@ Configuration parameters are put in the environment with the
 `npm_config_` prefix. For instance, you can view the effective `root`
 config by checking the `npm_config_root` environment variable.
 
-### Special: package.json "config" hash
+### Special: package.json "config" object
 
 The package.json "config" keys are overwritten in the environment if
 there is a config param of `<name>[@<version>]:<key>`.  For example,
@@ -177,10 +157,10 @@ For example, if your package.json contains this:
       }
     }
 
-then the `scripts/install.js` will be called for the install,
-post-install, stages of the lifecycle, and the `scripts/uninstall.js`
-would be called when the package is uninstalled.  Since
-`scripts/install.js` is running for three different phases, it would
+then `scripts/install.js` will be called for the install
+and post-install stages of the lifecycle, and `scripts/uninstall.js`
+will be called when the package is uninstalled.  Since
+`scripts/install.js` is running for two different phases, it would
 be wise in this case to look at the `npm_lifecycle_event` environment
 variable.
 
@@ -230,12 +210,17 @@ above.
   by simply describing your package appropriately.  In general, this
   will lead to a more robust and consistent state.
 * Inspect the env to determine where to put things.  For instance, if
-  the `npm_config_binroot` environ is set to `/home/user/bin`, then
+  the `npm_config_binroot` environment variable is set to `/home/user/bin`, then
   don't try to install executables into `/usr/local/bin`.  The user
   probably set it up that way for a reason.
 * Don't prefix your script commands with "sudo".  If root permissions
   are required for some reason, then it'll fail with that error, and
   the user will sudo the npm command in question.
+* Don't use `install`. Use a `.gyp` file for compilation, and `prepublish`
+  for anything else. You should almost never have to explicitly set a
+  preinstall or install script. If you are doing this, please consider if
+  there is another option. The only valid use of `install` or `preinstall`
+  scripts is for compilation which must be done on the target architecture.
 
 ## SEE ALSO
 

deps/npm/doc/misc/removing-npm.md

@@ -50,5 +50,5 @@ modules.  To track those down, you can do the following:
 ## SEE ALSO
 
 * README
-* npm-rm(1)
+* npm-uninstall(1)
 * npm-prune(1)

deps/npm/doc/misc/semver.md

@@ -16,12 +16,12 @@ As a command-line utility:
 
     $ semver -h
 
-    Usage: semver <version> [<version> [...]] [-r <range> | -i <inc> | -d <dec>]
+    Usage: semver <version> [<version> [...]] [-r <range> | -i <inc> | --preid <identifier> | -l | -rv]
     Test if version(s) satisfy the supplied range(s), and sort them.
 
     Multiple versions or ranges may be supplied, unless increment
-    or decrement options are specified.  In that case, only a single
-    version may be used, and it is incremented by the specified level
+    option is specified.  In that case, only a single version may
+    be used, and it is incremented by the specified level
 
     Program exits successfully if any valid version satisfies
     all supplied ranges, and prints all satisfying versions.
@@ -41,53 +41,216 @@ A leading `"="` or `"v"` character is stripped off and ignored.
 
 ## Ranges
 
-The following range styles are supported:
-
-* `1.2.3` A specific version.  When nothing else will do.  Must be a full
-  version number, with major, minor, and patch versions specified.
-  Note that build metadata is still ignored, so `1.2.3+build2012` will
-  satisfy this range.
-* `>1.2.3` Greater than a specific version.
-* `<1.2.3` Less than a specific version.  If there is no prerelease
-  tag on the version range, then no prerelease version will be allowed
-  either, even though these are technically "less than".
-* `>=1.2.3` Greater than or equal to.  Note that prerelease versions
-  are NOT equal to their "normal" equivalents, so `1.2.3-beta` will
-  not satisfy this range, but `2.3.0-beta` will.
-* `<=1.2.3` Less than or equal to.  In this case, prerelease versions
-  ARE allowed, so `1.2.3-beta` would satisfy.
+A `version range` is a set of `comparators` which specify versions
+that satisfy the range.
+
+A `comparator` is composed of an `operator` and a `version`.  The set
+of primitive `operators` is:
+
+* `<` Less than
+* `<=` Less than or equal to
+* `>` Greater than
+* `>=` Greater than or equal to
+* `=` Equal.  If no operator is specified, then equality is assumed,
+  so this operator is optional, but MAY be included.
+
+For example, the comparator `>=1.2.7` would match the versions
+`1.2.7`, `1.2.8`, `2.5.3`, and `1.3.9`, but not the versions `1.2.6`
+or `1.1.0`.
+
+Comparators can be joined by whitespace to form a `comparator set`,
+which is satisfied by the **intersection** of all of the comparators
+it includes.
+
+A range is composed of one or more comparator sets, joined by `||`.  A
+version matches a range if and only if every comparator in at least
+one of the `||`-separated comparator sets is satisfied by the version.
+
+For example, the range `>=1.2.7 <1.3.0` would match the versions
+`1.2.7`, `1.2.8`, and `1.2.99`, but not the versions `1.2.6`, `1.3.0`,
+or `1.1.0`.
+
+The range `1.2.7 || >=1.2.9 <2.0.0` would match the versions `1.2.7`,
+`1.2.9`, and `1.4.6`, but not the versions `1.2.8` or `2.0.0`.
+
+### Prerelease Tags
+
+If a version has a prerelease tag (for example, `1.2.3-alpha.3`) then
+it will only be allowed to satisfy comparator sets if at least one
+comparator with the same `[major, minor, patch]` tuple also has a
+prerelease tag.
+
+For example, the range `>1.2.3-alpha.3` would be allowed to match the
+version `1.2.3-alpha.7`, but it would *not* be satisfied by
+`3.4.5-alpha.9`, even though `3.4.5-alpha.9` is technically "greater
+than" `1.2.3-alpha.3` according to the SemVer sort rules.  The version
+range only accepts prerelease tags on the `1.2.3` version.  The
+version `3.4.5` *would* satisfy the range, because it does not have a
+prerelease flag, and `3.4.5` is greater than `1.2.3-alpha.7`.
+
+The purpose for this behavior is twofold.  First, prerelease versions
+frequently are updated very quickly, and contain many breaking changes
+that are (by the author's design) not yet fit for public consumption.
+Therefore, by default, they are excluded from range matching
+semantics.
+
+Second, a user who has opted into using a prerelease version has
+clearly indicated the intent to use *that specific* set of
+alpha/beta/rc versions.  By including a prerelease tag in the range,
+the user is indicating that they are aware of the risk.  However, it
+is still not appropriate to assume that they have opted into taking a
+similar risk on the *next* set of prerelease versions.
+
+#### Prerelease Identifiers
+
+The method `.inc` takes an additional `identifier` string argument that
+will append the value of the string as a prerelease identifier:
+
+```javascript
+> semver.inc('1.2.3', 'prerelease', 'beta')
+'1.2.4-beta.0'
+```
+
+command-line example:
+
+```shell
+$ semver 1.2.3 -i prerelease --preid beta
+1.2.4-beta.0
+```
+
+Which then can be used to increment further:
+
+```shell
+$ semver 1.2.4-beta.0 -i prerelease
+1.2.4-beta.1
+```
+
+### Advanced Range Syntax
+
+Advanced range syntax desugars to primitive comparators in
+deterministic ways.
+
+Advanced ranges may be combined in the same way as primitive
+comparators using white space or `||`.
+
+#### Hyphen Ranges `X.Y.Z - A.B.C`
+
+Specifies an inclusive set.
+
 * `1.2.3 - 2.3.4` := `>=1.2.3 <=2.3.4`
-* `~1.2.3` := `>=1.2.3-0 <1.3.0-0`  "Reasonably close to `1.2.3`".  When
-  using tilde operators, prerelease versions are supported as well,
-  but a prerelease of the next significant digit will NOT be
-  satisfactory, so `1.3.0-beta` will not satisfy `~1.2.3`.
-* `^1.2.3` := `>=1.2.3-0 <2.0.0-0`  "Compatible with `1.2.3`".  When
-  using caret operators, anything from the specified version (including
-  prerelease) will be supported up to, but not including, the next
-  major version (or its prereleases). `1.5.1` will satisfy `^1.2.3`,
-  while `1.2.2` and `2.0.0-beta` will not.
-* `^0.1.3` := `>=0.1.3-0 <0.2.0-0` "Compatible with `0.1.3`". `0.x.x` versions are
-  special: the first non-zero component indicates potentially breaking changes,
-  meaning the caret operator matches any version with the same first non-zero
-  component starting at the specified version.
-* `^0.0.2` := `=0.0.2` "Only the version `0.0.2` is considered compatible"
-* `~1.2` := `>=1.2.0-0 <1.3.0-0` "Any version starting with `1.2`"
-* `^1.2` := `>=1.2.0-0 <2.0.0-0` "Any version compatible with `1.2`"
-* `1.2.x` := `>=1.2.0-0 <1.3.0-0` "Any version starting with `1.2`"
-* `1.2.*` Same as `1.2.x`.
-* `1.2` Same as `1.2.x`.
-* `~1` := `>=1.0.0-0 <2.0.0-0` "Any version starting with `1`"
-* `^1` := `>=1.0.0-0 <2.0.0-0` "Any version compatible with `1`"
-* `1.x` := `>=1.0.0-0 <2.0.0-0` "Any version starting with `1`"
-* `1.*` Same as `1.x`.
-* `1` Same as `1.x`.
-* `*` Any version whatsoever.
-* `x` Same as `*`.
-* `""` (just an empty string) Same as `*`.
-
-
-Ranges can be joined with either a space (which implies "and") or a
-`||` (which implies "or").
+
+If a partial version is provided as the first version in the inclusive
+range, then the missing pieces are replaced with zeroes.
+
+* `1.2 - 2.3.4` := `>=1.2.0 <=2.3.4`
+
+If a partial version is provided as the second version in the
+inclusive range, then all versions that start with the supplied parts
+of the tuple are accepted, but nothing that would be greater than the
+provided tuple parts.
+
+* `1.2.3 - 2.3` := `>=1.2.3 <2.4.0`
+* `1.2.3 - 2` := `>=1.2.3 <3.0.0`
+
+#### X-Ranges `1.2.x` `1.X` `1.2.*` `*`
+
+Any of `X`, `x`, or `*` may be used to "stand in" for one of the
+numeric values in the `[major, minor, patch]` tuple.
+
+* `*` := `>=0.0.0` (Any version satisfies)
+* `1.x` := `>=1.0.0 <2.0.0` (Matching major version)
+* `1.2.x` := `>=1.2.0 <1.3.0` (Matching major and minor versions)
+
+A partial version range is treated as an X-Range, so the special
+character is in fact optional.
+
+* `""` (empty string) := `*` := `>=0.0.0`
+* `1` := `1.x.x` := `>=1.0.0 <2.0.0`
+* `1.2` := `1.2.x` := `>=1.2.0 <1.3.0`
+
+#### Tilde Ranges `~1.2.3` `~1.2` `~1`
+
+Allows patch-level changes if a minor version is specified on the
+comparator.  Allows minor-level changes if not.
+
+* `~1.2.3` := `>=1.2.3 <1.(2+1).0` := `>=1.2.3 <1.3.0`
+* `~1.2` := `>=1.2.0 <1.(2+1).0` := `>=1.2.0 <1.3.0` (Same as `1.2.x`)
+* `~1` := `>=1.0.0 <(1+1).0.0` := `>=1.0.0 <2.0.0` (Same as `1.x`)
+* `~0.2.3` := `>=0.2.3 <0.(2+1).0` := `>=0.2.3 <0.3.0`
+* `~0.2` := `>=0.2.0 <0.(2+1).0` := `>=0.2.0 <0.3.0` (Same as `0.2.x`)
+* `~0` := `>=0.0.0 <(0+1).0.0` := `>=0.0.0 <1.0.0` (Same as `0.x`)
+* `~1.2.3-beta.2` := `>=1.2.3-beta.2 <1.3.0` Note that prereleases in
+  the `1.2.3` version will be allowed, if they are greater than or
+  equal to `beta.2`.  So, `1.2.3-beta.4` would be allowed, but
+  `1.2.4-beta.2` would not, because it is a prerelease of a
+  different `[major, minor, patch]` tuple.
+
+#### Caret Ranges `^1.2.3` `^0.2.5` `^0.0.4`
+
+Allows changes that do not modify the left-most non-zero digit in the
+`[major, minor, patch]` tuple.  In other words, this allows patch and
+minor updates for versions `1.0.0` and above, patch updates for
+versions `0.X >=0.1.0`, and *no* updates for versions `0.0.X`.
+
+Many authors treat a `0.x` version as if the `x` were the major
+"breaking-change" indicator.
+
+Caret ranges are ideal when an author may make breaking changes
+between `0.2.4` and `0.3.0` releases, which is a common practice.
+However, it presumes that there will *not* be breaking changes between
+`0.2.4` and `0.2.5`.  It allows for changes that are presumed to be
+additive (but non-breaking), according to commonly observed practices.
+
+* `^1.2.3` := `>=1.2.3 <2.0.0`
+* `^0.2.3` := `>=0.2.3 <0.3.0`
+* `^0.0.3` := `>=0.0.3 <0.0.4`
+* `^1.2.3-beta.2` := `>=1.2.3-beta.2 <2.0.0` Note that prereleases in
+  the `1.2.3` version will be allowed, if they are greater than or
+  equal to `beta.2`.  So, `1.2.3-beta.4` would be allowed, but
+  `1.2.4-beta.2` would not, because it is a prerelease of a
+  different `[major, minor, patch]` tuple.
+* `^0.0.3-beta` := `>=0.0.3-beta <0.0.4`  Note that prereleases in the
+  `0.0.3` version *only* will be allowed, if they are greater than or
+  equal to `beta`.  So, `0.0.3-pr.2` would be allowed.
+
+When parsing caret ranges, a missing `patch` value desugars to the
+number `0`, but will allow flexibility within that value, even if the
+major and minor versions are both `0`.
+
+* `^1.2.x` := `>=1.2.0 <2.0.0`
+* `^0.0.x` := `>=0.0.0 <0.1.0`
+* `^0.0` := `>=0.0.0 <0.1.0`
+
+A missing `minor` and `patch` values will desugar to zero, but also
+allow flexibility within those values, even if the major version is
+zero.
+
+* `^1.x` := `>=1.0.0 <2.0.0`
+* `^0.x` := `>=0.0.0 <1.0.0`
+
+### Range Grammar
+
+Putting all this together, here is a Backus-Naur grammar for ranges,
+for the benefit of parser authors:
+
+```bnf
+range-set  ::= range ( logical-or range ) *
+logical-or ::= ( ' ' ) * '||' ( ' ' ) *
+range      ::= hyphen | simple ( ' ' simple ) * | ''
+hyphen     ::= partial ' - ' partial
+simple     ::= primitive | partial | tilde | caret
+primitive  ::= ( '<' | '>' | '>=' | '<=' | '=' | ) partial
+partial    ::= xr ( '.' xr ( '.' xr qualifier ? )? )?
+xr         ::= 'x' | 'X' | '*' | nr
+nr         ::= '0' | ['1'-'9']['0'-'9']+
+tilde      ::= '~' partial
+caret      ::= '^' partial
+qualifier  ::= ( '-' pre )? ( '+' build )?
+pre        ::= parts
+build      ::= parts
+parts      ::= part ( '.' part ) *
+part       ::= nr | [-0-9A-Za-z]+
+```
 
 ## Functions
 
@@ -109,6 +272,9 @@ strings that they parse.
     same as `prepatch`. It increments the patch version, then makes a
     prerelease. If the input version is already a prerelease it simply
     increments it.
+* `major(v)`: Return the major version number.
+* `minor(v)`: Return the minor version number.
+* `patch(v)`: Return the patch version number.
 
 ### Comparison
 
@@ -128,6 +294,9 @@ strings that they parse.
   `v2` is greater.  Sorts in ascending order if passed to `Array.sort()`.
 * `rcompare(v1, v2)`: The reverse of compare.  Sorts an array of versions
   in descending order when passed to `Array.sort()`.
+* `diff(v1, v2)`: Returns difference between two versions by the release type
+  (`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`),
+  or null if the versions are the same.
 
 
 ### Ranges

deps/npm/html/doc/README.html

@@ -9,7 +9,7 @@
   <body>
     <div id="wrapper">
 
-<h1><a href="cli/npm.html">npm</a></h1> <p>node package manager</p>
+<h1><a href="cli/npm.html">npm</a></h1> <p>a JavaScript package manager</p>
 <p><a href="https://travis-ci.org/npm/npm"><img src="https://img.shields.io/travis/npm/npm/master.svg" alt="Build Status"></a></p>
 <h2 id="synopsis">SYNOPSIS</h2>
 <p>This is just enough info to get you up and running.</p>
@@ -18,64 +18,62 @@
 <p><strong>You need node v0.8 or higher to run this program.</strong></p>
 <p>To install an old <strong>and unsupported</strong> version of npm that works on node 0.3
 and prior, clone the git repo and dig through the old tags and branches.</p>
+<p><strong>npm is configured to use npm, Inc.&#39;s public package registry at
+<a href="https://registry.npmjs.org">https://registry.npmjs.org</a> by default.</strong></p>
+<p>You can configure npm to use any compatible registry you
+like, and even run your own registry. Check out the <a href="https://docs.npmjs.com/misc/registry">doc on
+registries</a>.</p>
+<p>Use of someone else&#39;s registry may be governed by terms of use. The
+terms of use for the default public registry are available at
+<a href="https://www.npmjs.com">https://www.npmjs.com</a>.</p>
 <h2 id="super-easy-install">Super Easy Install</h2>
-<p>npm comes with node now.</p>
+<p>npm is bundled with <a href="http://nodejs.org/download/">node</a>.</p>
 <h3 id="windows-computers">Windows Computers</h3>
-<p>Get the MSI.  npm is in it.</p>
+<p><a href="http://nodejs.org/download/">Get the MSI</a>.  npm is in it.</p>
 <h3 id="apple-macintosh-computers">Apple Macintosh Computers</h3>
-<p>Get the pkg.  npm is in it.</p>
+<p><a href="http://nodejs.org/download/">Get the pkg</a>.  npm is in it.</p>
 <h3 id="other-sorts-of-unices">Other Sorts of Unices</h3>
 <p>Run <code>make install</code>.  npm will be installed with node.</p>
 <p>If you want a more fancy pants install (a different version, customized
 paths, etc.) then read on.</p>
 <h2 id="fancy-install-unix-">Fancy Install (Unix)</h2>
 <p>There&#39;s a pretty robust install script at
-<a href="https://www.npmjs.org/install.sh">https://www.npmjs.org/install.sh</a>.  You can download that and run it.</p>
+<a href="https://www.npmjs.com/install.sh">https://www.npmjs.com/install.sh</a>.  You can download that and run it.</p>
 <p>Here&#39;s an example using curl:</p>
-<pre><code>curl -L https://npmjs.org/install.sh | sh
-</code></pre><h3 id="slightly-fancier">Slightly Fancier</h3>
+<pre><code class="lang-sh">curl -L https://www.npmjs.com/install.sh | sh
+</code></pre>
+<h3 id="slightly-fancier">Slightly Fancier</h3>
 <p>You can set any npm configuration params with that script:</p>
-<pre><code>npm_config_prefix=/some/path sh install.sh
-</code></pre><p>Or, you can run it in uber-debuggery mode:</p>
-<pre><code>npm_debug=1 sh install.sh
-</code></pre><h3 id="even-fancier">Even Fancier</h3>
+<pre><code class="lang-sh">npm_config_prefix=/some/path sh install.sh
+</code></pre>
+<p>Or, you can run it in uber-debuggery mode:</p>
+<pre><code class="lang-sh">npm_debug=1 sh install.sh
+</code></pre>
+<h3 id="even-fancier">Even Fancier</h3>
 <p>Get the code with git.  Use <code>make</code> to build the docs and do other stuff.
 If you plan on hacking on npm, <code>make link</code> is your friend.</p>
 <p>If you&#39;ve got the npm source code, you can also semi-permanently set
 arbitrary config keys using the <code>./configure --key=val ...</code>, and then
 run npm commands by doing <code>node cli.js &lt;cmd&gt; &lt;args&gt;</code>.  (This is helpful
 for testing, or running stuff without actually installing npm itself.)</p>
-<h2 id="fancy-windows-install">Fancy Windows Install</h2>
-<p>You can download a zip file from <a href="https://npmjs.org/dist/">https://npmjs.org/dist/</a>, and unpack it
-in the same folder where node.exe lives.</p>
+<h2 id="windows-install-or-upgrade">Windows Install or Upgrade</h2>
+<p>You can download a zip file from <a href="https://github.com/npm/npm/releases">https://github.com/npm/npm/releases</a>, and
+unpack it in the <code>node_modules\npm\</code> folder inside node&#39;s installation folder.</p>
+<p>To upgrade to npm 2, follow the Windows upgrade instructions in
+the npm Troubleshooting Guide:</p>
+<p><a href="https://github.com/npm/npm/wiki/Troubleshooting#upgrading-on-windows">https://github.com/npm/npm/wiki/Troubleshooting#upgrading-on-windows</a></p>
 <p>If that&#39;s not fancy enough for you, then you can fetch the code with
 git, and mess with it directly.</p>
 <h2 id="installing-on-cygwin">Installing on Cygwin</h2>
 <p>No.</p>
-<h2 id="permissions-when-using-npm-to-install-other-stuff">Permissions when Using npm to Install Other Stuff</h2>
-<p><strong>tl;dr</strong></p>
-<ul>
-<li>Use <code>sudo</code> for greater safety.  Or don&#39;t, if you prefer not to.</li>
-<li>npm will downgrade permissions if it&#39;s root before running any build
-scripts that package authors specified.</li>
-</ul>
-<h3 id="more-details-">More details...</h3>
-<p>As of version 0.3, it is recommended to run npm as root.
-This allows npm to change the user identifier to the <code>nobody</code> user prior
-to running any package build or test commands.</p>
-<p>If you are not the root user, or if you are on a platform that does not
-support uid switching, then npm will not attempt to change the userid.</p>
-<p>If you would like to ensure that npm <strong>always</strong> runs scripts as the
-&quot;nobody&quot; user, and have it fail if it cannot downgrade permissions, then
-set the following configuration param:</p>
-<pre><code>npm config set unsafe-perm false
-</code></pre><p>This will prevent running in unsafe mode, even as non-root users.</p>
 <h2 id="uninstalling">Uninstalling</h2>
 <p>So sad to see you go.</p>
-<pre><code>sudo npm uninstall npm -g
-</code></pre><p>Or, if that fails,</p>
-<pre><code>sudo make uninstall
-</code></pre><h2 id="more-severe-uninstalling">More Severe Uninstalling</h2>
+<pre><code class="lang-sh">sudo npm uninstall npm -g
+</code></pre>
+<p>Or, if that fails,</p>
+<pre><code class="lang-sh">sudo make uninstall
+</code></pre>
+<h2 id="more-severe-uninstalling">More Severe Uninstalling</h2>
 <p>Usually, the above instructions are sufficient.  That will remove
 npm, but leave behind anything you&#39;ve installed.</p>
 <p>If you would like to remove all the packages that you have installed,
@@ -83,85 +81,28 @@ then you can use the <code>npm ls</code> command to find them, and then <code>np
 remove them.</p>
 <p>To remove cruft left behind by npm 0.x, you can use the included
 <code>clean-old.sh</code> script file.  You can run it conveniently like this:</p>
-<pre><code>npm explore npm -g -- sh scripts/clean-old.sh
-</code></pre><p>npm uses two configuration files, one for per-user configs, and another
+<pre><code class="lang-sh">npm explore npm -g -- sh scripts/clean-old.sh
+</code></pre>
+<p>npm uses two configuration files, one for per-user configs, and another
 for global (every-user) configs.  You can view them by doing:</p>
-<pre><code>npm config get userconfig   # defaults to ~/.npmrc
+<pre><code class="lang-sh">npm config get userconfig   # defaults to ~/.npmrc
 npm config get globalconfig # defaults to /usr/local/etc/npmrc
-</code></pre><p>Uninstalling npm does not remove configuration files by default.  You
+</code></pre>
+<p>Uninstalling npm does not remove configuration files by default.  You
 must remove them yourself manually if you want them gone.  Note that
 this means that future npm installs will not remember the settings that
 you have chosen.</p>
-<h2 id="using-npm-programmatically">Using npm Programmatically</h2>
-<p>If you would like to use npm programmatically, you can do that.
-It&#39;s not very well documented, but it <em>is</em> rather simple.</p>
-<p>Most of the time, unless you actually want to do all the things that
-npm does, you should try using one of npm&#39;s dependencies rather than
-using npm itself, if possible.</p>
-<p>Eventually, npm will be just a thin cli wrapper around the modules
-that it depends on, but for now, there are some things that you must
-use npm itself to do.</p>
-<pre><code>var npm = require(&quot;npm&quot;)
-npm.load(myConfigObject, function (er) {
-  if (er) return handlError(er)
-  npm.commands.install([&quot;some&quot;, &quot;args&quot;], function (er, data) {
-    if (er) return commandFailed(er)
-    // command succeeded, and data might have some info
-  })
-  npm.on(&quot;log&quot;, function (message) { .... })
-})
-</code></pre><p>The <code>load</code> function takes an object hash of the command-line configs.
-The various <code>npm.commands.&lt;cmd&gt;</code> functions take an <strong>array</strong> of
-positional argument <strong>strings</strong>.  The last argument to any
-<code>npm.commands.&lt;cmd&gt;</code> function is a callback.  Some commands take other
-optional arguments.  Read the source.</p>
-<p>You cannot set configs individually for any single npm function at this
-time.  Since <code>npm</code> is a singleton, any call to <code>npm.config.set</code> will
-change the value for <em>all</em> npm commands in that process.</p>
-<p>See <code>./bin/npm-cli.js</code> for an example of pulling config values off of the
-command line arguments using nopt.  You may also want to check out <code>npm
-help config</code> to learn about all the options you can set there.</p>
 <h2 id="more-docs">More Docs</h2>
-<p>Check out the <a href="https://www.npmjs.org/doc/">docs</a>,
-especially the <a href="https://www.npmjs.org/doc/faq.html">faq</a>.</p>
+<p>Check out the <a href="https://docs.npmjs.com/">docs</a>,
+especially the <a href="https://docs.npmjs.com/misc/faq">faq</a>.</p>
 <p>You can use the <code>npm help</code> command to read any of them.</p>
 <p>If you&#39;re a developer, and you want to use npm to publish your program,
-you should <a href="https://www.npmjs.org/doc/developers.html">read this</a></p>
-<h2 id="legal-stuff">Legal Stuff</h2>
-<p>&quot;npm&quot; and &quot;The npm Registry&quot; are owned by npm, Inc.
-All rights reserved.  See the included LICENSE file for more details.</p>
-<p>&quot;Node.js&quot; and &quot;node&quot; are trademarks owned by Joyent, Inc.</p>
-<p>Modules published on the npm registry are not officially endorsed by
-npm, Inc. or the Node.js project.</p>
-<p>Data published to the npm registry is not part of npm itself, and is
-the sole property of the publisher.  While every effort is made to
-ensure accountability, there is absolutely no guarantee, warrantee, or
-assertion expressed or implied as to the quality, fitness for a
-specific purpose, or lack of malice in any given npm package.</p>
-<p>If you have a complaint about a package in the public npm registry,
-and cannot <a href="https://www.npmjs.org/doc/misc/npm-disputes.html">resolve it with the package
-owner</a>, please email
-<a href="&#109;&#97;&#x69;&#x6c;&#x74;&#111;&#58;&#x73;&#117;&#112;&#112;&#111;&#114;&#116;&#64;&#x6e;&#112;&#x6d;&#x6a;&#x73;&#46;&#99;&#x6f;&#109;">&#x73;&#117;&#112;&#112;&#111;&#114;&#116;&#64;&#x6e;&#112;&#x6d;&#x6a;&#x73;&#46;&#99;&#x6f;&#109;</a> and explain the situation.</p>
-<p>Any data published to The npm Registry (including user account
-information) may be removed or modified at the sole discretion of the
-npm server administrators.</p>
-<h3 id="in-plainer-english">In plainer english</h3>
-<p>npm is the property of npm, Inc.</p>
-<p>If you publish something, it&#39;s yours, and you are solely accountable
-for it.</p>
-<p>If other people publish something, it&#39;s theirs.</p>
-<p>Users can publish Bad Stuff.  It will be removed promptly if reported.
-But there is no vetting process for published modules, and you use
-them at your own risk.  Please inspect the source.</p>
-<p>If you publish Bad Stuff, we may delete it from the registry, or even
-ban your account in extreme cases.  So don&#39;t do that.</p>
+you should <a href="https://docs.npmjs.com/misc/developers">read this</a></p>
 <h2 id="bugs">BUGS</h2>
 <p>When you find issues, please report them:</p>
 <ul>
 <li>web:
 <a href="https://github.com/npm/npm/issues">https://github.com/npm/npm/issues</a></li>
-<li>email:
-<a href="&#109;&#97;&#105;&#108;&#x74;&#x6f;&#x3a;&#x6e;&#x70;&#x6d;&#45;&#x40;&#x67;&#111;&#x6f;&#103;&#x6c;&#x65;&#103;&#x72;&#x6f;&#117;&#112;&#115;&#x2e;&#99;&#111;&#109;">&#x6e;&#x70;&#x6d;&#45;&#x40;&#x67;&#111;&#x6f;&#103;&#x6c;&#x65;&#103;&#x72;&#x6f;&#117;&#112;&#115;&#x2e;&#99;&#111;&#109;</a></li>
 </ul>
 <p>Be sure to include <em>all</em> of the output from the npm command that didn&#39;t work
 as expected.  The <code>npm-debug.log</code> file is also helpful to provide.</p>
@@ -186,5 +127,5 @@ will no doubt tell you to put the output in a gist or email.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer"><a href="../doc/README.html">README</a> &mdash; npm@1.4.29</p>
+<p id="footer"><a href="../doc/README.html">README</a> &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-bin.html

@@ -15,7 +15,7 @@
 </code></pre><h2 id="description">DESCRIPTION</h2>
 <p>Print the folder where npm will install executables.</p>
 <p>This function should not be used programmatically.  Instead, just refer
-to the <code>npm.bin</code> member.</p>
+to the <code>npm.bin</code> property.</p>
 
 </div>
 
@@ -28,5 +28,5 @@ to the <code>npm.bin</code> member.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-bin &mdash; npm@1.4.29</p>
+<p id="footer">npm-bin &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-bugs.html

@@ -33,5 +33,5 @@ friendly for programmatic use.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-bugs &mdash; npm@1.4.29</p>
+<p id="footer">npm-bugs &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-cache.html

@@ -42,5 +42,5 @@ incrementation.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-cache &mdash; npm@1.4.29</p>
+<p id="footer">npm-cache &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-commands.html

@@ -36,5 +36,5 @@ usage, or <code>man 3 npm-&lt;command&gt;</code> for programmatic usage.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-commands &mdash; npm@1.4.29</p>
+<p id="footer">npm-commands &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-config.html

@@ -57,5 +57,5 @@ functions instead.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-config &mdash; npm@1.4.29</p>
+<p id="footer">npm-config &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-deprecate.html

@@ -47,5 +47,5 @@ a deprecation warning to all who attempt to install it.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-deprecate &mdash; npm@1.4.29</p>
+<p id="footer">npm-deprecate &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-docs.html

@@ -33,5 +33,5 @@ friendly for programmatic use.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-docs &mdash; npm@1.4.29</p>
+<p id="footer">npm-docs &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-edit.html

@@ -36,5 +36,5 @@ and how this is used.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-edit &mdash; npm@1.4.29</p>
+<p id="footer">npm-edit &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-explore.html

@@ -31,5 +31,5 @@ sure to use <code>npm rebuild &lt;pkg&gt;</code> if you make any changes.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-explore &mdash; npm@1.4.29</p>
+<p id="footer">npm-explore &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-help-search.html

@@ -31,7 +31,7 @@ An array of all matching lines (and some adjacent lines).</li>
 <li>file:
 Name of the file that matched</li>
 </ul>
-<p>The silent parameter is not neccessary not used, but it may in the future.</p>
+<p>The silent parameter is not necessary not used, but it may in the future.</p>
 
 </div>
 
@@ -44,5 +44,5 @@ Name of the file that matched</li>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-help-search &mdash; npm@1.4.29</p>
+<p id="footer">npm-help-search &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-init.html

@@ -39,5 +39,5 @@ then go ahead and use this programmatically.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-init &mdash; npm@1.4.29</p>
+<p id="footer">npm-init &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-install.html

@@ -32,5 +32,5 @@ installed or when an error has been encountered.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-install &mdash; npm@1.4.29</p>
+<p id="footer">npm-install &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-link.html

@@ -42,5 +42,5 @@ the package in the current working directory</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-link &mdash; npm@1.4.29</p>
+<p id="footer">npm-link &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-load.html

@@ -15,9 +15,9 @@
 </code></pre><h2 id="description">DESCRIPTION</h2>
 <p>npm.load() must be called before any other function call.  Both parameters are
 optional, but the second is recommended.</p>
-<p>The first parameter is an object hash of command-line config params, and the
-second parameter is a callback that will be called when npm is loaded and
-ready to serve.</p>
+<p>The first parameter is an object containing command-line config params, and the
+second parameter is a callback that will be called when npm is loaded and ready
+to serve.</p>
 <p>The first parameter should follow a similar structure as the package.json
 config object.</p>
 <p>For example, to emulate the --dev flag, pass an object that looks like this:</p>
@@ -37,5 +37,5 @@ config object.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-load &mdash; npm@1.4.29</p>
+<p id="footer">npm-load &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-ls.html

@@ -49,7 +49,7 @@ taken if it is serialized to JSON.</p>
 <p>List packages in the global install prefix instead of in the current
 project.</p>
 <p>Note, if parseable is set or long isn&#39;t set, then duplicates will be trimmed.
-This means that if a submodule a same dependency as a parent module, then the
+This means that if a submodule has the same dependency as a parent module, then the
 dependency will only be output once.</p>
 
 </div>
@@ -63,5 +63,5 @@ dependency will only be output once.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-ls &mdash; npm@1.4.29</p>
+<p id="footer">npm-ls &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-outdated.html

@@ -28,5 +28,5 @@ currently outdated.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-outdated &mdash; npm@1.4.29</p>
+<p id="footer">npm-outdated &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-owner.html

@@ -47,5 +47,5 @@ that is not implemented at this time.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-owner &mdash; npm@1.4.29</p>
+<p id="footer">npm-owner &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-pack.html

@@ -33,5 +33,5 @@ overwritten the second time.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-pack &mdash; npm@1.4.29</p>
+<p id="footer">npm-pack &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-ping.html

@@ -0,0 +1,32 @@
+<!doctype html>
+<html>
+  <title>npm-ping</title>
+  <meta http-equiv="content-type" value="text/html;utf-8">
+  <link rel="stylesheet" type="text/css" href="../../static/style.css">
+  <link rel="canonical" href="https://www.npmjs.org/doc/api/npm-ping.html">
+  <script async=true src="../../static/toc.js"></script>
+
+  <body>
+    <div id="wrapper">
+
+<h1><a href="../api/npm-ping.html">npm-ping</a></h1> <p>Ping npm registry</p>
+<h2 id="synopsis">SYNOPSIS</h2>
+<pre><code>npm.registry.ping(registry, options, function (er, pong))
+</code></pre><h2 id="description">DESCRIPTION</h2>
+<p>Attempts to connect to the given registry, returning a <code>pong</code>
+object with various metadata if it succeeds.</p>
+<p>This function is primarily useful for debugging connection issues
+to npm registries.</p>
+
+</div>
+
+<table border=0 cellspacing=0 cellpadding=0 id=npmlogo>
+<tr><td style="width:180px;height:10px;background:rgb(237,127,127)" colspan=18>&nbsp;</td></tr>
+<tr><td rowspan=4 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td><td style="width:40px;height:10px;background:#fff" colspan=4>&nbsp;</td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=4>&nbsp;</td><td style="width:40px;height:10px;background:#fff" colspan=4>&nbsp;</td><td rowspan=4 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td><td colspan=6 style="width:60px;height:10px;background:#fff">&nbsp;</td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=4>&nbsp;</td></tr>
+<tr><td colspan=2 style="width:20px;height:30px;background:#fff" rowspan=3>&nbsp;</td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=3>&nbsp;</td><td style="width:10px;height:10px;background:#fff" rowspan=3>&nbsp;</td><td style="width:20px;height:10px;background:#fff" rowspan=4 colspan=2>&nbsp;</td><td style="width:10px;height:20px;background:rgb(237,127,127)" rowspan=2>&nbsp;</td><td style="width:10px;height:10px;background:#fff" rowspan=3>&nbsp;</td><td style="width:20px;height:10px;background:#fff" rowspan=3 colspan=2>&nbsp;</td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=3>&nbsp;</td><td style="width:10px;height:10px;background:#fff" rowspan=3>&nbsp;</td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=3>&nbsp;</td></tr>
+<tr><td style="width:10px;height:10px;background:#fff" rowspan=2>&nbsp;</td></tr>
+<tr><td style="width:10px;height:10px;background:#fff">&nbsp;</td></tr>
+<tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
+<tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
+</table>
+<p id="footer">npm-ping &mdash; npm@2.15.0</p>

deps/npm/html/doc/api/npm-prefix.html

@@ -29,5 +29,5 @@
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-prefix &mdash; npm@1.4.29</p>
+<p id="footer">npm-prefix &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-prune.html

@@ -30,5 +30,5 @@ package&#39;s dependencies list.</p>
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-prune &mdash; npm@1.4.29</p>
+<p id="footer">npm-prune &mdash; npm@2.15.0</p>
 

deps/npm/html/doc/api/npm-publish.html

@@ -46,5 +46,5 @@ the registry.  Overwrites when the "force" environment variable is set
 <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
 <tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
 </table>
-<p id="footer">npm-publish &mdash; npm@1.4.29</p>
+<p id="footer">npm-publish &mdash; npm@2.15.0</p>