[Snyk] Upgrade npm from 6.6.0 to 6.10.2

[snyk-bot]

Snyk have raised this PR to upgrade npm from 6.6.0 to 6.10.2.

• The recommended version is 20 minor versions ahead of your current version.
• The recommended version was released 21 days ago, on 2019-07-23.

Release notes

• 6.10.2 - 2019-07-23

  v6.10.2 (2019-07-23):

  tl;dr - Fixes several issues with the cache when npm is run as sudo on Unix systems.

  TESTING

  • 2a78b96f8 check test cache for root-owned files (@isaacs)
  • 108646ebc run sudo tests on Travis-CI (@isaacs)
  • cf984e946 set --no-esm tap flag (@isaacs)
  • 8e0a3100d add script to run tests and leave fixtures for inspection and debugging (@isaacs)

  BUGFIXES

  • 25f4f73f6 add a util for writing arbitrary files to cache This prevents metrics timing and debug logs from becoming root-owned. (@isaacs)
  • 2c61ce65d infer cache owner from parent dir in correct-mkdir util (@isaacs)
  • 235e5d6df ensure correct owner on cached all-packages metadata (@isaacs)
  • e2d377bb6 npm.community#8540 audit: report server error on failure (@isaacs)
  • 52576a39e #216 npm.community#5385 npm.community#6076 Fix npm ci with file: dependencies. Partially reverts #40/#86, recording dependencies of linked deps in order for npm ci to work. (@jfirebaugh)

  DEPENDENCIES

  • 0fefdee13 [email protected] (@isaacs)
    • infer uid/gid instead of accepting as options, preventing the overwhelming majority of cases where root-owned files end up in the cache folder. (ac84d14) (@isaacs) (#1)
    • i18n: add another error message (676cb32) (@zkat)
  • e1d87a392 [email protected] (@isaacs)
    • git: ensure stream failures are reported (7f07b5d) #1 (@lddubeau)
  • 3f035bf09 [email protected] (@isaacs)
  • ba3283112 [email protected] (@isaacs)
  • ee90c334d [email protected] (@isaacs)
  • 1e480c384 [email protected] (@isaacs)
  • 7662ee850 [email protected] (@isaacs)
  • 1357fadc6 [email protected] (@isaacs)
  • a621b5cb6 [email protected] (@isaacs)
  • 560cd31dd [email protected] (@isaacs)
  • de7ae0867 [email protected] (@isaacs)
  • e95da463c [email protected] (@isaacs)
  • 554b641d4 [email protected] (@isaacs)
  • 06772f34a [email protected] (@isaacs)
  • 85358db80 [email protected] (@isaacs)
    • 051cf20 #26 fix switches for alternative shells on Windows (@gucong3000)
    • 3aaf954 #25 set only one PATH env variable for child process on Windows (@zkochan)
    • ea18ed2 #36 #11 #18 remove procInterrupt listener on SIGINT in procError (@mattshin)
    • 5523951 #29 #30 Use platform specific path casing if present (@mattezell)
• 6.10.2-next.3 - 2019-07-22

  6.10.2-next.3

• 6.10.2-next.2 - 2019-07-21

  v6.10.2-next.2

• 6.10.2-next.1 - 2019-07-17

  6.10.2-next.1

• 6.10.2-next.0 - 2019-07-16

  v6.10.2-next.0

• 6.10.1 - 2019-07-11

  BUGFIXES

  • 3cbd57712 fix(git): strip GIT environs when running git (@isaacs)
  • a81a8c4c4 #206 improve isOnly(Dev,Optional) (@larsgw)
  • 172f9aca6 #179 fix-xmas-underline (@raywu0123)
  • f52673fc7 #212 build: use /usr/bin/env to load bash (@rsmarples)

  DEPENDENCIES

  • ef4445ad3 #208 [email protected] (@irega)
  • c0d611356 [email protected] (@isaacs)
  • 7716ba972 [email protected] (@isaacs)
  • 42d22e837 [email protected] (@isaacs)
  • a2ea7f9ff [email protected] (@isaacs)
  • 429226a5e [email protected] (@isaacs)
  • 175670ea6 [email protected]: (@isaacs)
  • 0d0517f7f [email protected] (@isaacs)
  • 741400429 [email protected] (@isaacs)
  • bddd60e30 [email protected] (@isaacs)
  • 4acf03fd1 [email protected] (@isaacs)
  • c2bd17291 [email protected] (@isaacs)
  • 7f0221bb1 [email protected] (@isaacs)
  • f458fe7dd [email protected] (@isaacs)
  • 009752978 [email protected] (@isaacs)
  • 0fa2bb438 [email protected] (@isaacs)
  • b86450929 [email protected] (@isaacs)
  • 25db00fe9 [email protected] (@isaacs)
  • 8dfbe8610 [email protected] (@isaacs)
  • f6164d5dd isaacs/chownr#21 isaacs/chownr#20 npm.community#7901 npm.community#8203 [email protected] This fixes an EISDIR error from cacache on Darwin in Node versions prior to 10.6. (@isaacs)
• 6.10.1-next.2 - 2019-07-10

  6.10.1-next.2

• 6.10.1-next.1 - 2019-07-03

  6.10.1-next.1

• 6.10.1-next.0 - 2019-07-03

  6.10.1-next.0

• 6.10.0 - 2019-07-03

  FEATURES

  • 87fef4e35 #176 fix: Always return JSON for outdated --json (@sreeramjayan)
  • f101d44fc #203 fix(unpublish): add space after hyphen (@ffflorian)
  • a4475de4c #202 enable production flag for npm audit (@CalebCourier)
  • d192904d0 #178 fix: Return a value for view when in silent mode (@stayradiated)
  • 39d473adf #185 Allow git to follow global tagsign config (@junderw)

  BUGFIXES

  • d9238af0b #201 npm/npm#17858 npm/npm#18042 npm.community#644 do not crash when removing nameless packages (@SteveVanOpstal and @isaacs)
  • 4bec4f111 #200 Check for node (as well as node.exe) in npm's local dir on Windows (@rgoulais)
  • ce93dab2d #180 npm.community#6187 Fix handling of remote deps in npm outdated (@larsgw)

  TESTING

  • a823f3084 travis: Update to include new v12 LTS (@isaacs)
  • 33e2d1dac fix flaky debug-logs test (@isaacs)
  • e9411c6cd Don't time out waiting for gpg user input (@isaacs)
  • d2d301704 #195 Add the arm64 check for legacy-platform-all.js test case. (@ossdev07)
  • a4dc34243 parallel tests (@isaacs)

  DOCUMENTATION

  • f5857e263 #192 Clarify usage of bundledDependencies (@john-osullivan)
  • 747fdaf66 #159 doc: add --audit-level param (@ngraef)

  DEPENDENCIES

  • e36b3c320 [email protected] (@isaacs)
  • 6bb935c09 [email protected] (@isaacs)
    • e9cd536 Use custom caching realpath implementation, dramatically reducing lstat calls when reading the package tree (@isaacs)
  • 39538b460 [email protected] (@isaacs)
    • f8b1552 #38 Ignore errors raised by fs.closeSync (@lukeapage)
  • 042193069 [email protected] (@isaacs)
    • 8bbd051 #172 limit git retry times, avoid unlimited retries (小秦)
    • 92f5e4c #170 fix(errors): Fix "TypeError: err.code.match is not a function" error (@jviotti)
  • 8bd8e909f [email protected] (@isaacs)
    • 47de8f5 #146 npm.community#2395 fix(config): Add ssri config 'error' option (@larsgw)
    • 5156561 fix(write): avoid a cb never called situation (@zkat)
    • 90f40f0 #166 #165 docs: Fix docs for path property in get.info (@hdgarrood)
  • bf61c45c6 [email protected] (@isaacs)
  • f75d46a9d [email protected] (@isaacs)
    • c80341a #215 Fix encoding/decoding of base-256 numbers (@justfalter)
    • 77522f0 #204 #214 Use stat instead of lstat when checking CWD (@stkb)
  • ec6236210 [email protected] (@isaacs)
    • 63d1e3e #30 Sort package tarball entries by file type for compression benefits (@isaacs)
    • 7fcd045 Ignore .DS_Store files as well as folders (@isaacs)
    • 68b7c96 Never include .git folders in package root. (Note: this prevents the issue that broke the v6.9.1 release.) (@isaacs)
  • 57bef61bc update fstream in node-gyp (@isaacs)
    • Addresses security advisory #886
  • acbbf7eee #183 [email protected] (@kemitchell)
  • 011ae67f0 [email protected] (@isaacs)
  • f5e884909 [email protected] (@isaacs)
  • b57d07e35 [email protected] (@isaacs)
• 6.10.0-next.0 - 2019-07-01
• 6.9.2 - 2019-06-27
• 6.9.1-next.0 - 2019-03-20
• 6.9.0 - 2019-03-06
• 6.9.0-next.0 - 2019-02-21
• 6.8.0 - 2019-02-13
• 6.8.0-next.2 - 2019-02-07
• 6.8.0-next.1 - 2019-02-06
• 6.8.0-next.0 - 2019-01-31
• 6.7.0 - 2019-01-23
• 6.6.0 - 2019-01-17

from npm GitHub Release Notes

---

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs