deps: upgrade npm to 2.7.0

PR-URL: https://github.com/iojs/io.js/pull/1080
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

6 files changed, 177 insertions, 16 deletions

diff --git a/deps/npm/doc/cli/npm-init.md b/deps/npm/doc/cli/npm-init.md
index 08e517d79a..ec4c25beda 100644
--- a/deps/npm/doc/cli/npm-init.md
+++ b/deps/npm/doc/cli/npm-init.md
@@ -21,8 +21,18 @@ without a really good reason to do so.
 If you invoke it with `-f`, `--force`, `-y`, or `--yes`, it will use only
 defaults and not prompt you for any options.
 
+## CONFIGURATION
+
+### scope
+
+* Default: none
+* Type: String
+
+The scope under which the new module should be created.
+
 ## SEE ALSO
 
 * <https://github.com/isaacs/init-package-json>
 * package.json(5)
 * npm-version(1)
+* npm-scope(7)
diff --git a/deps/npm/doc/cli/npm-install.md b/deps/npm/doc/cli/npm-install.md
index 2d42716373..6b2ac7778c 100644
--- a/deps/npm/doc/cli/npm-install.md
+++ b/deps/npm/doc/cli/npm-install.md
@@ -43,9 +43,10 @@ after packing it up into a tarball (b).
     it installs the current package context (ie, the current working
     directory) as a global package.
 
-    By default, `npm install` will install all modules listed as
-    dependencies. With the `--production` flag,
-    npm will not install modules listed in `devDependencies`.
+    By default, `npm install` will install all modules listed as dependencies.
+    With the `--production` flag (or when the `NODE_ENV` environment variable
+    is set to `production`), npm will not install modules listed in
+    `devDependencies`.
 
 * `npm install <folder>`:
 
diff --git a/deps/npm/doc/cli/npm-ls.md b/deps/npm/doc/cli/npm-ls.md
index 0f0d79489a..318cdd8fd6 100644
--- a/deps/npm/doc/cli/npm-ls.md
+++ b/deps/npm/doc/cli/npm-ls.md
@@ -67,6 +67,20 @@ project.
 
 Max display depth of the dependency tree.
 
+### prod / production
+
+* Type: Boolean
+* Default: false
+
+Display only the dependency tree for packages in `dependencies`.
+
+### dev
+
+* Type: Boolean
+* Default: false
+
+Display only the dependency tree for packages in `devDependencies`.
+
 ## SEE ALSO
 
 * npm-config(1)
diff --git a/deps/npm/doc/cli/npm-run-script.md b/deps/npm/doc/cli/npm-run-script.md
index c218c845f5..9e6e17e1d0 100644
--- a/deps/npm/doc/cli/npm-run-script.md
+++ b/deps/npm/doc/cli/npm-run-script.md
@@ -8,16 +8,11 @@ npm-run-script(1) -- Run arbitrary package scripts
 
 ## DESCRIPTION
 
-This runs an arbitrary command from a package's `"scripts"` object.
-If no package name is provided, it will search for a `package.json`
-in the current folder and use its `"scripts"` object. If no `"command"`
-is provided, it will list the available top level scripts. The `env` command
-can be used to list environment variables that will be available to the script
-at runtime. If an "env" command is defined in your package it will have
-precedence instead.
-
-`run[-script]` is used by the test, start, restart, and stop commands, but can
-be called directly, as well.
+This runs an arbitrary command from a package's `"scripts"` object.  If no
+`"command"` is provided, it will list the available scripts.  `run[-script]` is
+used by the test, start, restart, and stop commands, but can be called
+directly, as well. When the scripts in the package are printed out, they're
+separated into lifecycle (test, start, restart) and directly-run scripts.
 
 As of [`npm@2.0.0`](http://blog.npmjs.org/post/98131109725/npm-2-0-0), you can
 use custom arguments when executing scripts. The special option `--` is used by
@@ -29,6 +24,11 @@ all the arguments after the `--` directly to your script:
 The arguments will only be passed to the script specified after ```npm run```
 and not to any pre or post script.
 
+The `env` script is a special built-in command that can be used to list
+environment variables that will be available to the script at runtime. If an
+"env" command is defined in your package it will take precedence over the
+built-in.
+
 ## SEE ALSO
 
 * npm-scripts(7)
diff --git a/deps/npm/doc/cli/npm-update.md b/deps/npm/doc/cli/npm-update.md
index 2aa0f366bc..ce31c28910 100644
--- a/deps/npm/doc/cli/npm-update.md
+++ b/deps/npm/doc/cli/npm-update.md
@@ -8,7 +8,7 @@ npm-update(1) -- Update a package
 ## DESCRIPTION
 
 This command will update all the packages listed to the latest version
-(specified by the `tag` config).
+(specified by the `tag` config), respecting semver.
 
 It will also install missing packages. As with all commands that install
 packages, the `--dev` flag will cause `devDependencies` to be processed
@@ -20,10 +20,135 @@ packages.
 If no package name is specified, all packages in the specified location (global
 or local) will be updated.
 
+As of `npm@2.6.1`, the `npm update` will only inspect top-level packages.
+Prior versions of `npm` would also recursively inspect all dependencies.
+To get the old behavior, use `npm --depth 9999 update`, but be warned that
+simultaneous asynchronous update of all packages, including `npm` itself
+and packages that `npm` depends on, often causes problems up to and including
+the uninstallation of `npm` itself.
+
+To restore a missing `npm`, use the command:
+
+```
+curl -L https://npmjs.com/install.sh | sh
+```
+
+## EXAMPLES
+
+IMPORTANT VERSION NOTE: these examples assume `npm@2.6.1` or later.  For
+older versions of `npm`, you must specify `--depth 0` to get the behavior
+described below.
+
+For the examples below, assume that the current package is `app` and it depends
+on dependencies, `dep1` (`dep2`, .. etc.).  The published versions of `dep1` are:
+
+```
+{
+  dist-tags: { latest: "1.2.2" },
+  versions: { "1.2.2",
+              "1.2.1",
+              "1.2.0",
+              "1.1.2",
+              "1.1.1",
+              "1.0.0",
+              "0.4.1",
+              "0.4.0",
+              "0.2.0"
+  }
+}
+```
+
+### Caret Dependencies
+
+If `app`'s `package.json` contains:
+
+```
+dependencies: {
+  dep1: "^1.1.1"
+}
+```
+
+Then `npm update` will install `dep1@1.2.2`, because `1.2.2` is `latest` and
+`1.2.2` satisfies `^1.1.1`.
+
+### Tilde Dependencies
+
+However, if `app`'s `package.json` contains:
+
+```
+dependencies: {
+  dep1: "~1.1.1"
+}
+```
+
+In this case, running `npm update` will install `dep1@1.1.2`.  Even though the `latest`
+tag points to `1.2.2`, this version does not satisfy `~1.1.1`, which is equivalent
+to `>=1.1.1 <1.2.0`.  So the highest-sorting version that satisfies `~1.1.1` is used,
+which is `1.1.2`.
+
+### Caret Dependencies below 1.0.0
+
+Suppose `app` has a caret dependency on a version below `1.0.0`, for example:
+
+```
+dependencies: {
+  dep1: "^0.2.0"
+}
+```
+
+`npm update` will install `dep1@0.2.0`, because there are no other
+versions which satisfy `^0.2.0`.
+
+If the dependence were on `^0.4.0`:
+
+```
+dependencies: {
+  dep1: "^0.4.0"
+}
+```
+
+Then `npm update` will install `dep1@0.4.1`, because that is the highest-sorting
+version that satisfies `^0.4.0` (`>= 0.4.0 <0.5.0`)
+
+### Recording Updates with `--save`
+
+When you want to update a package and save the new version as
+the minimum required dependency in `package.json`, you can use
+`npm update --save`.  For example if `package.json` contains
+
+```
+dependencies: {
+  dep1: "^1.1.1"
+}
+```
+
+Then `npm update --save` will install `dep1@1.2.2` (i.e., `latest`),
+and `package.json` will be modified:
+
+```
+dependencies: {
+  dep1: "^1.2.2"
+}
+```
+
+Note that `npm` will only write an updated version to `package.json`
+if it installs a new package.
+
+### Updating Globally-Installed Packages
+
+`npm update -g` will apply the `update` action to each globally- installed
+package that is `outdated` -- that is, has a version that is different from
+`latest`.
+
+NOTE: If a package has been upgraded to a version newer than `latest`, it will
+be _downgraded_.
+
+
 ## SEE ALSO
 
 * npm-install(1)
 * npm-outdated(1)
+* npm-shrinkwrap(1)
 * npm-registry(7)
 * npm-folders(5)
 * npm-ls(1)
diff --git a/deps/npm/doc/cli/npm-version.md b/deps/npm/doc/cli/npm-version.md
index 69f3581bfc..545bce6b6b 100644
--- a/deps/npm/doc/cli/npm-version.md
+++ b/deps/npm/doc/cli/npm-version.md
@@ -15,8 +15,10 @@ valid second argument to semver.inc (one of "patch", "minor", "major",
 "prepatch", "preminor", "premajor", "prerelease"). In the second case,
 the existing version will be incremented by 1 in the specified field.
 
-If run in a git repo, it will also create a version commit and tag, and
-fail if the repo is not clean.
+If run in a git repo, it will also create a version commit and tag, and fail if
+the repo is not clean.  This behavior is controlled by `git-tag-version` (see
+below), and can be disabled on the command line by running `npm
+--no-git-tag-version version`
 
 If supplied with `--message` (shorthand: `-m`) config option, npm will
 use it as a commit message when creating a version commit.  If the
@@ -38,9 +40,18 @@ in your git config for this to work properly.  For example:
 
     Enter passphrase:
 
+## CONFIGURATION
+
+### git-tag-version
+
+* Default: true
+* Type: Boolean
+
+Commit and tag the version change.
 
 ## SEE ALSO
 
 * npm-init(1)
 * package.json(5)
 * semver(7)
+* config(7)