deps: update npm to 6.12.0

Update npm to 6.12.0

Now `npm ci` runs prepare scripts for git dependencies, and respects the
`--no-optional` argument.  Warnings for `engine` mismatches are printed
again.  Various other fixes and cleanups.

PR-URL: https://github.com/nodejs/node/pull/29885
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Christian Clauss <cclauss@me.com>

6 files changed, 174 insertions, 25 deletions

diff --git a/deps/npm/test/common-tap.js b/deps/npm/test/common-tap.js
index 83a61f4bdb..d8dc8a10d8 100644
--- a/deps/npm/test/common-tap.js
+++ b/deps/npm/test/common-tap.js
@@ -60,29 +60,31 @@ const find = require('which').sync('find')
 require('tap').teardown(() => {
   // work around windows folder locking
   process.chdir(returnCwd)
-  try {
-    if (isSudo) {
-      // running tests as sudo.  ensure we didn't leave any root-owned
-      // files in the cache by mistake.
-      const args = [ commonCache, '-uid', '0' ]
-      const found = spawnSync(find, args)
-      const output = found && found.stdout && found.stdout.toString()
-      if (output.length) {
-        const er = new Error('Root-owned files left in cache!')
-        er.testName = main
-        er.files = output.trim().split('\n')
-        throw er
+  process.on('exit', () => {
+    try {
+      if (isSudo) {
+        // running tests as sudo.  ensure we didn't leave any root-owned
+        // files in the cache by mistake.
+        const args = [ commonCache, '-uid', '0' ]
+        const found = spawnSync(find, args)
+        const output = found && found.stdout && found.stdout.toString()
+        if (output.length) {
+          const er = new Error('Root-owned files left in cache!')
+          er.testName = main
+          er.files = output.trim().split('\n')
+          throw er
+        }
+      }
+      if (!process.env.NO_TEST_CLEANUP) {
+        rimraf.sync(exports.pkg)
+        rimraf.sync(commonCache)
+      }
+    } catch (e) {
+      if (process.platform !== 'win32') {
+        throw e
       }
     }
-    if (!process.env.NO_TEST_CLEANUP) {
-      rimraf.sync(exports.pkg)
-      rimraf.sync(commonCache)
-    }
-  } catch (e) {
-    if (process.platform !== 'win32') {
-      throw e
-    }
-  }
+  })
 })
 
 var port = exports.port = 15443 + testId
diff --git a/deps/npm/test/fixtures/config/userconfig-with-gc b/deps/npm/test/fixtures/config/userconfig-with-gc
index b00d5195bd..cf774bb883 100644
--- a/deps/npm/test/fixtures/config/userconfig-with-gc
+++ b/deps/npm/test/fixtures/config/userconfig-with-gc
@@ -1,4 +1,4 @@
-globalconfig = /Users/claudiahdz/npm/cli/test/fixtures/config/globalconfig
+globalconfig = /Users/isaacs/dev/npm/cli/test/fixtures/config/globalconfig
 email = i@izs.me
 env-thing = ${random_env_var}
 init.author.name = Isaac Z. Schlueter
diff --git a/deps/npm/test/tap/check-engine-reqs.js b/deps/npm/test/tap/check-engine-reqs.js
index 7cbbcd354f..fa25e28dd6 100644
--- a/deps/npm/test/tap/check-engine-reqs.js
+++ b/deps/npm/test/tap/check-engine-reqs.js
@@ -27,7 +27,6 @@ test('setup', function (t) {
 
 var INSTALL_OPTS = ['--loglevel', 'silly']
 var EXEC_OPTS = {cwd: installIn}
-
 test('install bad engine', function (t) {
   common.npm(['install', '--engine-strict', installFrom].concat(INSTALL_OPTS), EXEC_OPTS, function (err, code) {
     t.ifError(err, 'npm ran without issue')
@@ -43,6 +42,18 @@ test('force install bad engine', function (t) {
   })
 })
 
+test('warns on bad engine not strict', function (t) {
+  common.npm(['install', '--json', installFrom], EXEC_OPTS, function (err, code, stdout, stderr) {
+    t.ifError(err, 'npm ran without issue')
+    t.is(code, 0, 'result code')
+    var result = JSON.parse(stdout)
+    t.match(result.warnings[0], /Unsupported engine/, 'reason for optional failure in JSON')
+    t.match(result.warnings[0], /1.0.0-not-a-real-version/, 'should print mismatch version info')
+    t.match(result.warnings[0], /Not compatible with your version of node/, 'incompatibility message')
+    t.done()
+  })
+})
+
 test('cleanup', function (t) {
   cleanup()
   t.end()
diff --git a/deps/npm/test/tap/doctor.js b/deps/npm/test/tap/doctor.js
index 9285518c2e..9a1b42cdd5 100644
--- a/deps/npm/test/tap/doctor.js
+++ b/deps/npm/test/tap/doctor.js
@@ -92,7 +92,7 @@ t.test('npm doctor', function (t) {
   npm.commands.doctor({'node-url': node_url}, true, function (e, list) {
     t.ifError(e, 'npm loaded successfully')
     t.same(list.length, 9, 'list should have 9 prop')
-    t.same(list[0][1], 'OK', 'npm ping')
+    t.same(list[0][1], 'ok', 'npm ping')
     t.same(list[1][1], 'v' + npm.version, 'npm -v')
     t.same(list[2][1], process.version, 'node -v')
     t.same(list[3][1], common.registry + '/', 'npm config get registry')
@@ -113,7 +113,7 @@ t.test('npm doctor works without registry', function (t) {
   npm.commands.doctor({'node-url': node_url}, true, function (e, list) {
     t.ifError(e, 'npm loaded successfully')
     t.same(list.length, 9, 'list should have 9 prop')
-    t.same(list[0][1], 'OK', 'npm ping')
+    t.same(list[0][1], 'ok', 'npm ping')
     t.same(list[1][1], 'v' + npm.version, 'npm -v')
     t.same(list[2][1], process.version, 'node -v')
     t.same(list[3][1], '', 'no registry, but no crash')
diff --git a/deps/npm/test/tap/format-package-lock.js b/deps/npm/test/tap/format-package-lock.js
new file mode 100644
index 0000000000..ddf40915d9
--- /dev/null
+++ b/deps/npm/test/tap/format-package-lock.js
@@ -0,0 +1,116 @@
+'use strict'
+const fs = require('fs')
+const path = require('path')
+const test = require('tap').test
+const mr = require('npm-registry-mock')
+const Tacks = require('tacks')
+const File = Tacks.File
+const Dir = Tacks.Dir
+const common = require('../common-tap.js')
+
+const basedir = common.pkg
+const testdir = path.join(basedir, 'testdir')
+const cachedir = common.cache
+const globaldir = path.join(basedir, 'global')
+const tmpdir = path.join(basedir, 'tmp')
+
+const pkgPath = path.join(testdir, 'package.json')
+const pkgLockPath = path.join(testdir, 'package-lock.json')
+const shrinkwrapPath = path.join(testdir, 'npm-shrinkwrap.json')
+const CRLFreg = /\r\n|\r|\n/
+
+const env = common.newEnv().extend({
+  npm_config_cache: cachedir,
+  npm_config_tmp: tmpdir,
+  npm_config_prefix: globaldir,
+  npm_config_registry: common.registry,
+  npm_config_loglevel: 'warn',
+  npm_config_format_package_lock: false
+})
+
+var server
+var fixture = new Tacks(Dir({
+  cache: Dir(),
+  global: Dir(),
+  tmp: Dir(),
+  testdir: Dir({
+    'package.json': File({
+      name: 'install-package-lock-only',
+      version: '1.0.0',
+      dependencies: {
+        mkdirp: '^0.3.4'
+      }
+    })
+  })
+}))
+
+function setup () {
+  cleanup()
+  fixture.create(basedir)
+}
+
+function cleanup () {
+  fixture.remove(basedir)
+}
+
+test('setup', function (t) {
+  mr({port: common.port, throwOnUnmatched: true}, function (err, s) {
+    if (err) throw err
+    server = s
+    t.done()
+  })
+})
+
+test('package-lock.json unformatted, package.json formatted when config has `format-package-lock: false`', function (t) {
+  setup()
+  common.npm(['install'], {cwd: testdir, env}).spread((code, stdout, stderr) => {
+    t.is(code, 0, 'ok')
+    t.ok(fs.existsSync(pkgLockPath), 'ensure that package-lock.json was created')
+    const pkgLockUtf8 = fs.readFileSync(pkgLockPath, 'utf-8')
+    t.equal(pkgLockUtf8.split(CRLFreg).length, 2, 'package-lock.json is unformatted')
+    const pkgUtf8 = fs.readFileSync(pkgPath, 'utf-8')
+    t.notEqual(pkgUtf8.split(CRLFreg).length, 2, 'package.json is formatted')
+    t.done()
+  })
+})
+
+test('npm-shrinkwrap.json unformatted when config has `format-package-lock: false`', function (t) {
+  setup()
+  common.npm(['shrinkwrap'], {cwd: testdir, env}).spread((code, stdout, stderr) => {
+    t.is(code, 0, 'ok')
+    t.ok(fs.existsSync(shrinkwrapPath), 'ensure that npm-shrinkwrap.json was created')
+    const shrinkwrapUtf8 = fs.readFileSync(shrinkwrapPath, 'utf-8')
+    t.equal(shrinkwrapUtf8.split(CRLFreg).length, 2, 'npm-shrinkwrap.json is unformatted')
+    t.done()
+  })
+})
+
+test('package-lock.json and package.json formatted when config has `format-package-lock: true`', function (t) {
+  setup()
+  common.npm(['install'], {cwd: testdir}).spread((code, stdout, stderr) => {
+    t.is(code, 0, 'ok')
+    t.ok(fs.existsSync(pkgLockPath), 'ensure that package-lock.json was created')
+    const pkgLockUtf8 = fs.readFileSync(pkgLockPath, 'utf-8')
+    t.notEqual(pkgLockUtf8.split(CRLFreg).length, 2, 'package-lock.json is formatted')
+    const pkgUtf8 = fs.readFileSync(pkgPath, 'utf-8')
+    t.notEqual(pkgUtf8.split(CRLFreg).length, 2, 'package.json is formatted')
+    t.done()
+  })
+})
+
+test('npm-shrinkwrap.json formatted when config has `format-package-lock: true`', function (t) {
+  setup()
+  common.npm(['shrinkwrap'], {cwd: testdir}).spread((code, stdout, stderr) => {
+    t.is(code, 0, 'ok')
+    t.ok(fs.existsSync(shrinkwrapPath), 'ensure that npm-shrinkwrap.json was created')
+    const shrinkwrapUtf8 = fs.readFileSync(shrinkwrapPath, 'utf-8')
+    t.notEqual(shrinkwrapUtf8.split(CRLFreg).length, 2, 'npm-shrinkwrap.json is unformatted')
+    t.done()
+  })
+})
+
+test('cleanup', function (t) {
+  server.close()
+  cleanup()
+  t.done()
+})
diff --git a/deps/npm/test/tap/meta-test-flaky-root-ownership-test.js b/deps/npm/test/tap/meta-test-flaky-root-ownership-test.js
new file mode 100644
index 0000000000..24dd9e3d95
--- /dev/null
+++ b/deps/npm/test/tap/meta-test-flaky-root-ownership-test.js
@@ -0,0 +1,20 @@
+const t = require('tap')
+if (!process.getuid || process.getuid() !== 0 || !process.env.SUDO_UID || !process.env.SUDO_GID) {
+  t.pass('this test only runs in sudo mode')
+  t.end()
+  process.exit(0)
+}
+
+const common = require('../common-tap.js')
+const fs = require('fs')
+const mkdirp = require('mkdirp')
+mkdirp.sync(common.cache + '/root/owned')
+fs.writeFileSync(common.cache + '/root/owned/file.txt', 'should be chowned')
+const chown = require('chownr')
+
+// this will fire after t.teardown() but before process.on('exit')
+setTimeout(() => {
+  chown.sync(common.cache, +process.env.SUDO_UID, +process.env.SUDO_GID)
+}, 100)
+
+t.pass('this is fine')