deps: upgrade npm to 3.8.3

PR-URL: https://github.com/npm/node/pull/6
Reviewed-By: Evan Lucas <evanlucas@me.com>

17 files changed, 296 insertions, 150 deletions

diff --git a/deps/npm/lib/cache.js b/deps/npm/lib/cache.js
index 057972c03d..757ba6e79d 100644
--- a/deps/npm/lib/cache.js
+++ b/deps/npm/lib/cache.js
@@ -285,7 +285,7 @@ function add (args, where, cb) {
         break
       case 'remote':
         // get auth, if possible
-        mapToRegistry(spec, npm.config, function (err, uri, auth) {
+        mapToRegistry(p.raw, npm.config, function (err, uri, auth) {
           if (err) return cb(err)
 
           addRemoteTarball(p.spec, { name: p.name }, null, auth, cb)
diff --git a/deps/npm/lib/cache/caching-client.js b/deps/npm/lib/cache/caching-client.js
index f70271127c..f06dde0021 100644
--- a/deps/npm/lib/cache/caching-client.js
+++ b/deps/npm/lib/cache/caching-client.js
@@ -207,6 +207,7 @@ function adaptConfig (config) {
     userAgent: config.get('user-agent'),
     log: log,
     defaultTag: config.get('tag'),
-    couchToken: config.get('_token')
+    couchToken: config.get('_token'),
+    maxSockets: config.get('maxsockets')
   }
 }
diff --git a/deps/npm/lib/config.js b/deps/npm/lib/config.js
index 8570537d0d..65bd9feced 100644
--- a/deps/npm/lib/config.js
+++ b/deps/npm/lib/config.js
@@ -195,6 +195,25 @@ function list (cb) {
     msg += '\n'
   }
 
+  // project config file
+  var project = npm.config.sources.project
+  var pconf = project.data
+  var ppath = project.path
+  var pconfKeys = getKeys(pconf)
+  if (pconfKeys.length) {
+    msg += '; project config ' + ppath + '\n'
+    pconfKeys.forEach(function (k) {
+      var val = (k.charAt(0) === '_')
+              ? '---sekretz---'
+              : JSON.stringify(pconf[k])
+      if (pconf[k] !== npm.config.get(k)) {
+        if (!long) return
+        msg += '; ' + k + ' = ' + val + ' (overridden)\n'
+      } else msg += k + ' = ' + val + '\n'
+    })
+    msg += '\n'
+  }
+
   // user config file
   var uconf = npm.config.sources.user.data
   var uconfKeys = getKeys(uconf)
diff --git a/deps/npm/lib/config/cmd-list.js b/deps/npm/lib/config/cmd-list.js
new file mode 100644
index 0000000000..82725221ba
--- /dev/null
+++ b/deps/npm/lib/config/cmd-list.js
@@ -0,0 +1,115 @@
+var extend = Object.assign || require('util')._extend
+
+// short names for common things
+var shorthands = {
+  'un': 'uninstall',
+  'rb': 'rebuild',
+  'list': 'ls',
+  'ln': 'link',
+  'i': 'install',
+  'it': 'install-test',
+  'up': 'update',
+  'c': 'config',
+  's': 'search',
+  'se': 'search',
+  'unstar': 'star', // same function
+  'tst': 'test',
+  't': 'test',
+  'ddp': 'dedupe',
+  'v': 'view'
+}
+
+var affordances = {
+  'la': 'ls',
+  'll': 'ls',
+  'verison': 'version',
+  'isntall': 'install',
+  'dist-tags': 'dist-tag',
+  'apihelp': 'help',
+  'find-dupes': 'dedupe',
+  'upgrade': 'update',
+  'login': 'adduser',
+  'add-user': 'adduser',
+  'author': 'owner',
+  'home': 'docs',
+  'issues': 'bugs',
+  'info': 'view',
+  'show': 'view',
+  'find': 'search',
+  'unlink': 'uninstall',
+  'remove': 'uninstall',
+  'rm': 'uninstall',
+  'r': 'uninstall'
+}
+
+// these are filenames in .
+var cmdList = [
+  'install',
+  'install-test',
+  'uninstall',
+  'cache',
+  'config',
+  'set',
+  'get',
+  'update',
+  'outdated',
+  'prune',
+  'pack',
+  'dedupe',
+
+  'rebuild',
+  'link',
+
+  'publish',
+  'star',
+  'stars',
+  'tag',
+  'adduser',
+  'logout',
+  'unpublish',
+  'owner',
+  'access',
+  'team',
+  'deprecate',
+  'shrinkwrap',
+
+  'help',
+  'help-search',
+  'ls',
+  'search',
+  'view',
+  'init',
+  'version',
+  'edit',
+  'explore',
+  'docs',
+  'repo',
+  'bugs',
+  'faq',
+  'root',
+  'prefix',
+  'bin',
+  'whoami',
+  'dist-tag',
+  'ping',
+
+  'test',
+  'stop',
+  'start',
+  'restart',
+  'run-script',
+  'completion'
+]
+
+var plumbing = [
+  'build',
+  'unbuild',
+  'xmas',
+  'substack',
+  'visnup'
+]
+module.exports.aliases = extend(extend({}, shorthands), affordances)
+module.exports.shorthands = shorthands
+module.exports.affordances = affordances
+module.exports.cmdList = cmdList
+module.exports.plumbing = plumbing
diff --git a/deps/npm/lib/config/defaults.js b/deps/npm/lib/config/defaults.js
index ee1e73851e..e93c1e57ec 100644
--- a/deps/npm/lib/config/defaults.js
+++ b/deps/npm/lib/config/defaults.js
@@ -165,6 +165,7 @@ Object.defineProperty(exports, 'defaults', {get: function () {
     loglevel: 'warn',
     logstream: process.stderr,
     long: false,
+    maxsockets: 50,
     message: '%s',
     'node-version': process.version,
     npat: false,
@@ -276,6 +277,7 @@ exports.types = {
   loglevel: ['silent', 'error', 'warn', 'http', 'info', 'verbose', 'silly'],
   logstream: Stream,
   long: Boolean,
+  maxsockets: Number,
   message: String,
   'node-version': [null, semver],
   npat: Boolean,
diff --git a/deps/npm/lib/config/get-credentials-by-uri.js b/deps/npm/lib/config/get-credentials-by-uri.js
index a073a594a5..19779c4137 100644
--- a/deps/npm/lib/config/get-credentials-by-uri.js
+++ b/deps/npm/lib/config/get-credentials-by-uri.js
@@ -20,6 +20,14 @@ function getCredentialsByURI (uri) {
     alwaysAuth: undefined
   }
 
+  // used to override scope matching for tokens as well as legacy auth
+  if (this.get(nerfed + ':always-auth') !== undefined) {
+    var val = this.get(nerfed + ':always-auth')
+    c.alwaysAuth = val === 'false' ? false : !!val
+  } else if (this.get('always-auth') !== undefined) {
+    c.alwaysAuth = this.get('always-auth')
+  }
+
   if (this.get(nerfed + ':_authToken')) {
     c.token = this.get(nerfed + ':_authToken')
     // the bearer token is enough, don't confuse things
@@ -58,13 +66,6 @@ function getCredentialsByURI (uri) {
     c.email = this.get('email')
   }
 
-  if (this.get(nerfed + ':always-auth') !== undefined) {
-    var val = this.get(nerfed + ':always-auth')
-    c.alwaysAuth = val === 'false' ? false : !!val
-  } else if (this.get('always-auth') !== undefined) {
-    c.alwaysAuth = this.get('always-auth')
-  }
-
   if (c.username && c.password) {
     c.auth = new Buffer(c.username + ':' + c.password).toString('base64')
   }
diff --git a/deps/npm/lib/help.js b/deps/npm/lib/help.js
index a954ae814b..388a4e7d5d 100644
--- a/deps/npm/lib/help.js
+++ b/deps/npm/lib/help.js
@@ -12,6 +12,9 @@ var npm = require('./npm.js')
 var log = require('npmlog')
 var opener = require('opener')
 var glob = require('glob')
+var cmdList = require('./config/cmd-list').cmdList
+var shorthands = require('./config/cmd-list').shorthands
+var commands = cmdList.concat(Object.keys(shorthands))
 
 function help (args, cb) {
   var argv = npm.config.get('argv').cooked
@@ -163,7 +166,7 @@ function npmUsage (valid, cb) {
     '',
     'where <command> is one of:',
     npm.config.get('long') ? usages()
-        : '    ' + wrap(Object.keys(npm.commands)),
+        : '    ' + wrap(commands),
     '',
     'npm <cmd> -h     quick help on <cmd>',
     'npm -l           display full usage info',
diff --git a/deps/npm/lib/install.js b/deps/npm/lib/install.js
index 759535e102..2f8bff1ce3 100644
--- a/deps/npm/lib/install.js
+++ b/deps/npm/lib/install.js
@@ -667,12 +667,23 @@ Installer.prototype.printInstalled = function (cb) {
     return !child.failed && (mutation === 'add' || mutation === 'update')
   }).map(function (action) {
     var child = action[1]
-    return packageId(child)
+    return child.path
   })
   log.showProgress()
   if (!addedOrMoved.length) return cb()
   recalculateMetadata(this.idealTree, log, iferr(cb, function (tree) {
     log.clearProgress()
+    // These options control both how installs happen AND how `ls` shows output.
+    // Something like `npm install --production` only installs production deps.
+    // By contrast `npm install --production foo` installs `foo` and the
+    // `production` option is ignored. But when it comes time for `ls` to show
+    // its output, it excludes the thing we just installed because that flag.
+    // The summary output we get should be unfiltered, showing everything
+    // installed, so we clear these options before calling `ls`.
+    npm.config.set('production', false)
+    npm.config.set('dev', false)
+    npm.config.set('only', '')
+    npm.config.set('also', '')
     ls.fromTree(self.where, tree, addedOrMoved, false, function () {
       log.showProgress()
       cb()
diff --git a/deps/npm/lib/install/filter-invalid-actions.js b/deps/npm/lib/install/filter-invalid-actions.js
index f90bf0b4ea..2c5d430c5d 100644
--- a/deps/npm/lib/install/filter-invalid-actions.js
+++ b/deps/npm/lib/install/filter-invalid-actions.js
@@ -21,7 +21,7 @@ module.exports = function (top, differences, next) {
   while (action = differences.shift()) {
     var cmd = action[0]
     var pkg = action[1]
-    if (pkg.isInLink || pkg.parent.target || pkg.parent.isLink) {
+    if (pkg.isInLink || (pkg.parent && (pkg.parent.target || pkg.parent.isLink))) {
       // we want to skip warning if this is a child of another module that we're removing
       if (!pkg.parent.removing) {
         log.warn('skippingAction', 'Module is inside a symlinked module: not running ' +
diff --git a/deps/npm/lib/logout.js b/deps/npm/lib/logout.js
index c1ac2818ef..a3287d42d1 100644
--- a/deps/npm/lib/logout.js
+++ b/deps/npm/lib/logout.js
@@ -8,6 +8,15 @@ var mapToRegistry = require('./utils/map-to-registry.js')
 
 logout.usage = 'npm logout [--registry=<url>] [--scope=<@scope>]'
 
+function afterLogout (normalized, cb) {
+  var scope = npm.config.get('scope')
+
+  if (scope) npm.config.del(scope + ':registry')
+
+  npm.config.clearCredentialsByURI(normalized)
+  npm.config.save('user', cb)
+}
+
 function logout (args, cb) {
   cb = dezalgo(cb)
 
@@ -19,13 +28,12 @@ function logout (args, cb) {
       npm.registry.logout(normalized, { auth: auth }, function (err) {
         if (err) return cb(err)
 
-        npm.config.clearCredentialsByURI(normalized)
-        npm.config.save('user', cb)
+        afterLogout(normalized, cb)
       })
     } else if (auth.username || auth.password) {
       log.verbose('logout', 'clearing user credentials for', normalized)
-      npm.config.clearCredentialsByURI(normalized)
-      npm.config.save('user', cb)
+
+      afterLogout(normalized, cb)
     } else {
       cb(new Error(
         'Not logged in to', normalized + ',', "so can't log out."
diff --git a/deps/npm/lib/ls.js b/deps/npm/lib/ls.js
index dbaae5190e..b5dc44888e 100644
--- a/deps/npm/lib/ls.js
+++ b/deps/npm/lib/ls.js
@@ -42,6 +42,10 @@ function andRecalculateMetadata (next) {
   }
 }
 
+function inList (list, value) {
+  return list.indexOf(value) !== -1
+}
+
 var lsFromTree = ls.fromTree = function (dir, physicalTree, args, silent, cb) {
   if (typeof cb !== 'function') {
     cb = silent
@@ -56,8 +60,7 @@ var lsFromTree = ls.fromTree = function (dir, physicalTree, args, silent, cb) {
       var p = npa(a)
       var name = p.name
       var ver = semver.validRange(p.rawSpec) || ''
-
-      return [ name, ver ]
+      return [ name, ver, a ]
     })
   }
 
@@ -79,7 +82,7 @@ var lsFromTree = ls.fromTree = function (dir, physicalTree, args, silent, cb) {
     // the raw data can be circular
     out = JSON.stringify(d, function (k, o) {
       if (typeof o === 'object') {
-        if (seen.indexOf(o) !== -1) return '[Circular]'
+        if (inList(seen, o)) return '[Circular]'
         seen.push(o)
       }
       return o
@@ -117,12 +120,18 @@ function filterByEnv (data) {
   var dev = npm.config.get('dev') || /^dev(elopment)?$/.test(npm.config.get('only'))
   var production = npm.config.get('production') || /^prod(uction)?$/.test(npm.config.get('only'))
   var dependencies = {}
-  var devDependencies = data.devDependencies || []
+  var devKeys = Object.keys(data.devDependencies || [])
+  var prodKeys = Object.keys(data._dependencies || [])
   Object.keys(data.dependencies).forEach(function (name) {
-    var keys = Object.keys(devDependencies)
-    if (dev && !production && keys.indexOf(name) === -1) return
-    if (!dev && keys.indexOf(name) !== -1 && data.dependencies[name].missing) return
-    dependencies[name] = data.dependencies[name]
+    if (!dev && inList(devKeys, name) && data.dependencies[name].missing) {
+      return
+    }
+
+    if ((dev && inList(devKeys, name)) ||            // only --dev
+        (production && inList(prodKeys, name)) ||    // only --production
+        (!dev && !production)) {                            // no --production|--dev|--only=xxx
+      dependencies[name] = data.dependencies[name]
+    }
   })
   data.dependencies = dependencies
 }
@@ -249,7 +258,7 @@ function bfsify (root) {
     Object.keys(deps).forEach(function (d) {
       var dep = deps[d]
       if (dep.missing) return
-      if (seen.indexOf(dep) !== -1) {
+      if (inList(seen, dep)) {
         if (npm.config.get('parseable') || !npm.config.get('long')) {
           delete deps[d]
           return
@@ -270,15 +279,20 @@ function filterFound (root, args) {
   if (!args.length) return root
   var deps = root.dependencies
   if (deps) {
-    Object.keys(deps).forEach(function (d) {
-      var dep = filterFound(deps[d], args)
+    Object.keys(deps).forEach(function (depName) {
+      var dep = filterFound(deps[depName], args)
       if (dep.peerMissing) return
 
       // see if this one itself matches
       var found = false
-      for (var i = 0; !found && i < args.length; i++) {
-        if (d === args[i][0]) {
-          found = semver.satisfies(dep.version, args[i][1], true)
+      for (var ii = 0; !found && ii < args.length; ii++) {
+        var argName = args[ii][0]
+        var argVersion = args[ii][1]
+        var argRaw = args[ii][2]
+        if (depName === argName) {
+          found = semver.satisfies(dep.version, argVersion, true)
+        } else if (dep.path === argRaw) {
+          found = true
         }
       }
       // included explicitly
@@ -286,7 +300,7 @@ function filterFound (root, args) {
       // included because a child was included
       if (dep._found && !root._found) root._found = 1
       // not included
-      if (!dep._found) delete deps[d]
+      if (!dep._found) delete deps[depName]
     })
   }
   if (!root._found) root._found = false
@@ -420,7 +434,7 @@ function getExtras (data) {
 
 function makeParseable (data, long, dir, depth, parent, d) {
   depth = depth || 0
-
+  if (depth > npm.config.get('depth')) return [ makeParseable_(data, long, dir, depth, parent, d) ]
   return [ makeParseable_(data, long, dir, depth, parent, d) ]
   .concat(Object.keys(data.dependencies || {})
     .sort(alphasort).map(function (d) {
diff --git a/deps/npm/lib/npm.js b/deps/npm/lib/npm.js
index 1912d02be2..4d45165063 100644
--- a/deps/npm/lib/npm.js
+++ b/deps/npm/lib/npm.js
@@ -27,6 +27,9 @@
   var which = require('which')
   var CachingRegClient = require('./cache/caching-client.js')
   var parseJSON = require('./utils/parse-json.js')
+  var aliases = require('./config/cmd-list').aliases
+  var cmdList = require('./config/cmd-list').cmdList
+  var plumbing = require('./config/cmd-list').plumbing
 
   npm.config = {
     loaded: false,
@@ -55,114 +58,9 @@
   }
 
   var commandCache = {}
-
-  // short names for common things
-  var aliases = {
-    'rm': 'uninstall',
-    'r': 'uninstall',
-    'un': 'uninstall',
-    'unlink': 'uninstall',
-    'remove': 'uninstall',
-    'rb': 'rebuild',
-    'list': 'ls',
-    'la': 'ls',
-    'll': 'ls',
-    'ln': 'link',
-    'i': 'install',
-    'isntall': 'install',
-    'it': 'install-test',
-    'up': 'update',
-    'upgrade': 'update',
-    'c': 'config',
-    'dist-tags': 'dist-tag',
-    'info': 'view',
-    'show': 'view',
-    'find': 'search',
-    's': 'search',
-    'se': 'search',
-    'author': 'owner',
-    'home': 'docs',
-    'issues': 'bugs',
-    'unstar': 'star', // same function
-    'apihelp': 'help',
-    'login': 'adduser',
-    'add-user': 'adduser',
-    'tst': 'test',
-    't': 'test',
-    'find-dupes': 'dedupe',
-    'ddp': 'dedupe',
-    'v': 'view',
-    'verison': 'version'
-  }
-
   var aliasNames = Object.keys(aliases)
 
-  // these are filenames in .
-  var cmdList = [
-    'install',
-    'install-test',
-    'uninstall',
-    'cache',
-    'config',
-    'set',
-    'get',
-    'update',
-    'outdated',
-    'prune',
-    'pack',
-    'dedupe',
-
-    'rebuild',
-    'link',
-
-    'publish',
-    'star',
-    'stars',
-    'tag',
-    'adduser',
-    'logout',
-    'unpublish',
-    'owner',
-    'access',
-    'team',
-    'deprecate',
-    'shrinkwrap',
-
-    'help',
-    'help-search',
-    'ls',
-    'search',
-    'view',
-    'init',
-    'version',
-    'edit',
-    'explore',
-    'docs',
-    'repo',
-    'bugs',
-    'faq',
-    'root',
-    'prefix',
-    'bin',
-    'whoami',
-    'dist-tag',
-    'ping',
-
-    'test',
-    'stop',
-    'start',
-    'restart',
-    'run-script',
-    'completion'
-  ]
-  var plumbing = [
-    'build',
-    'unbuild',
-    'xmas',
-    'substack',
-    'visnup'
-  ]
-  var littleGuys = [ 'isntall' ]
+  var littleGuys = [ 'isntall', 'verison' ]
   var fullList = cmdList.concat(aliasNames).filter(function (c) {
     return plumbing.indexOf(c) === -1
   })
@@ -371,6 +269,12 @@
           log.disableProgress()
         }
 
+        if (config.get('unicode')) {
+          log.enableUnicode()
+        } else {
+          log.disableUnicode()
+        }
+
         // at this point the configs are all set.
         // go ahead and spin up the registry client.
         npm.registry = new CachingRegClient(npm.config)
diff --git a/deps/npm/lib/outdated.js b/deps/npm/lib/outdated.js
index efd79ecc4a..50bdb363d1 100644
--- a/deps/npm/lib/outdated.js
+++ b/deps/npm/lib/outdated.js
@@ -139,7 +139,7 @@ function makePretty (p) {
   if (long) columns[5] = type
 
   if (npm.color) {
-    columns[0] = color[has === want ? 'yellow' : 'red'](columns[0]) // dep
+    columns[0] = color[has === want || want === 'linked' ? 'yellow' : 'red'](columns[0]) // dep
     columns[2] = color.green(columns[2]) // want
     columns[3] = color.magenta(columns[3]) // latest
     columns[4] = color.brightBlack(columns[4]) // dir
diff --git a/deps/npm/lib/update.js b/deps/npm/lib/update.js
index 45f2817f5f..f09b5accad 100644
--- a/deps/npm/lib/update.js
+++ b/deps/npm/lib/update.js
@@ -36,7 +36,7 @@ function update (args, cb) {
           "because it's currently at the maximum version that matches its specified semver range"
         )
       }
-      return ww.current !== ww.wanted
+      return ww.current !== ww.wanted && ww.latest !== 'linked'
     })
     if (wanted.length === 0) return cb()
 
diff --git a/deps/npm/lib/utils/lifecycle.js b/deps/npm/lib/utils/lifecycle.js
index 7376787fab..b29248d953 100644
--- a/deps/npm/lib/utils/lifecycle.js
+++ b/deps/npm/lib/utils/lifecycle.js
@@ -240,6 +240,7 @@ function runCmd_ (cmd, pkg, env, wd, stage, unsafe, uid, gid, cb_) {
     }
     procError(er)
   })
+  process.once('SIGTERM', procKill)
 
   function procError (er) {
     if (progressEnabled) log.enableProgress()
@@ -260,8 +261,12 @@ function runCmd_ (cmd, pkg, env, wd, stage, unsafe, uid, gid, cb_) {
       er.script = cmd
       er.pkgname = pkg.name
     }
+    process.removeListener('SIGTERM', procKill)
     return cb(er)
   }
+  function procKill () {
+    proc.kill()
+  }
 }
 
 function runHookLifecycle (pkg, env, wd, unsafe, cb) {
diff --git a/deps/npm/lib/utils/map-to-registry.js b/deps/npm/lib/utils/map-to-registry.js
index 34046d1917..9e7ce67490 100644
--- a/deps/npm/lib/utils/map-to-registry.js
+++ b/deps/npm/lib/utils/map-to-registry.js
@@ -49,8 +49,52 @@ function mapToRegistry (name, config, cb) {
 
   // normalize registry URL so resolution doesn't drop a piece of registry URL
   var normalized = registry.slice(-1) !== '/' ? registry + '/' : registry
-  var uri = url.resolve(normalized, name)
+  var uri
+  log.silly('mapToRegistry', 'data', data)
+  if (data.type === 'remote') {
+    uri = data.spec
+  } else {
+    uri = url.resolve(normalized, name)
+  }
+
   log.silly('mapToRegistry', 'uri', uri)
 
-  cb(null, uri, auth, normalized)
+  cb(null, uri, scopeAuth(uri, registry, auth), normalized)
+}
+
+function scopeAuth (uri, registry, auth) {
+  var cleaned = {
+    scope: auth.scope,
+    email: auth.email,
+    alwaysAuth: auth.alwaysAuth,
+    token: undefined,
+    username: undefined,
+    password: undefined,
+    auth: undefined
+  }
+
+  var requestHost
+  var registryHost
+
+  if (auth.token || auth.auth || (auth.username && auth.password)) {
+    requestHost = url.parse(uri).hostname
+    registryHost = url.parse(registry).hostname
+
+    if (requestHost === registryHost) {
+      cleaned.token = auth.token
+      cleaned.auth = auth.auth
+      cleaned.username = auth.username
+      cleaned.password = auth.password
+    } else if (auth.alwaysAuth) {
+      log.verbose('scopeAuth', 'alwaysAuth set for', registry)
+      cleaned.token = auth.token
+      cleaned.auth = auth.auth
+      cleaned.username = auth.username
+      cleaned.password = auth.password
+    } else {
+      log.silly('scopeAuth', uri, "doesn't share host with registry", registry)
+    }
+  }
+
+  return cleaned
 }
diff --git a/deps/npm/lib/view.js b/deps/npm/lib/view.js
index 9ca18d3540..e6fa21655e 100644
--- a/deps/npm/lib/view.js
+++ b/deps/npm/lib/view.js
@@ -239,29 +239,48 @@ function search (data, fields, version, title) {
 function printData (data, name, cb) {
   var versions = Object.keys(data)
   var msg = ''
+  var msgJson = []
   var includeVersions = versions.length > 1
   var includeFields
 
   versions.forEach(function (v) {
     var fields = Object.keys(data[v])
     includeFields = includeFields || (fields.length > 1)
+    msgJson.push({})
     fields.forEach(function (f) {
       var d = cleanup(data[v][f])
+      if (fields.length === 1 && npm.config.get('json')) {
+        msgJson[msgJson.length - 1][f] = d
+      }
       if (includeVersions || includeFields || typeof d !== 'string') {
-        d = cleanup(data[v][f])
-        d = npm.config.get('json')
-          ? JSON.stringify(d, null, 2)
-          : util.inspect(d, false, 5, npm.color)
+        if (npm.config.get('json')) {
+          msgJson[msgJson.length - 1][f] = d
+        } else {
+          d = util.inspect(d, false, 5, npm.color)
+        }
       } else if (typeof d === 'string' && npm.config.get('json')) {
         d = JSON.stringify(d)
       }
-      if (f && includeFields) f += ' = '
-      if (d.indexOf('\n') !== -1) d = ' \n' + d
-      msg += (includeVersions ? name + '@' + v + ' ' : '') +
-             (includeFields ? f : '') + d + '\n'
+      if (!npm.config.get('json')) {
+        if (f && includeFields) f += ' = '
+        if (d.indexOf('\n') !== -1) d = ' \n' + d
+        msg += (includeVersions ? name + '@' + v + ' ' : '') +
+               (includeFields ? f : '') + d + '\n'
+      }
     })
   })
 
+  if (msgJson.length && Object.keys(msgJson[0]).length === 1) {
+    var k = Object.keys(msgJson[0])[0]
+    msgJson = msgJson.map(function (m) { return m[k] })
+  }
+
+  if (!msg) {
+    msg = JSON.stringify(msgJson[0], null, 2) + '\n'
+  } else if (msgJson.length > 1) {
+    msg = JSON.stringify(msgJson, null, 2) + '\n'
+  }
+
   // preserve output symmetry by adding a whitespace-only line at the end if
   // there's one at the beginning
   if (/^\s*\n/.test(msg)) msg += '\n'