16 files changed, 50 insertions, 188 deletions
diff --git a/deps/npm/doc/cli/npm-ci.md b/deps/npm/doc/cli/npm-ci.md
deleted file mode 100644
index b1406e36a5..0000000000
--- a/deps/npm/doc/cli/npm-ci.md
+++ /dev/null
@@ -1,58 +0,0 @@
-npm-ci(1) -- Install a project with a clean slate
-===================================
-
-## SYNOPSIS
-
-    npm ci
-
-## EXAMPLE
-
-Make sure you have a package-lock and an up-to-date install:
-
-```
-$ cd ./my/npm/project
-$ npm install
-added 154 packages in 10s
-$ ls | grep package-lock
-```
-
-Run `npm ci` in that project
-
-```
-$ npm ci
-added 154 packages in 5s
-```
-
-Configure Travis to build using `npm ci` instead of `npm install`:
-
-```
-# .travis.yml
-install:
-- npm ci
-# keep the npm cache around to speed up installs
-cache:
-  directories:
-  - "$HOME/.npm"
-```
-
-## DESCRIPTION
-
-This command is similar to `npm-install(1)`, except it's meant to be used in
-automated environments such as test platforms, continuous integration, and
-deployment. It can be significantly faster than a regular npm install by
-skipping certain user-oriented features. It is also more strict than a regular
-install, which can help catch errors or inconsistencies caused by the
-incrementally-installed local environments of most npm users.
-
-In short, the main differences between using `npm install` and `npm ci` are:
-
-* The project **must** have an existing `package-lock.json` or `npm-shrinkwrap.json`.
-* If dependencies in the package lock do not match those in `package.json`, `npm ci` will exit with an error, instead of updating the package lock.
-* `npm ci` can only install entire projects at a time: individual dependencies cannot be added with this command.
-* If a `node_modules` is already present, it will be automatically removed before `npm ci` begins its install.
-* It will never write to `package.json` or any of the package-locks: installs are essentially frozen.
-
-## SEE ALSO
-
-* npm-install(1)
-* npm-package-locks(5)
diff --git a/deps/npm/doc/cli/npm-install.md b/deps/npm/doc/cli/npm-install.md
index 370c8f248b..0489ddf94e 100644
--- a/deps/npm/doc/cli/npm-install.md
+++ b/deps/npm/doc/cli/npm-install.md
@@ -55,9 +55,6 @@ after packing it up into a tarball (b).
     is set to `production`), npm will not install modules listed in
     `devDependencies`.
 
-    > NOTE: The `--production` flag has no particular meaning when adding a
-    dependency to a project.
-
 * `npm install <folder>`:
 
     Install the package in the directory as a symlink in the current project.
@@ -350,8 +347,7 @@ The `--no-shrinkwrap` argument, which will ignore an available
 package lock or shrinkwrap file and use the package.json instead.
 
 The `--no-package-lock` argument will prevent npm from creating a
-`package-lock.json` file.  When running with package-lock's disabled npm
-will not automatically prune your node modules when installing.
+`package-lock.json` file.
 
 The `--nodedir=/path/to/node/source` argument will allow npm to find the
 node source code so that npm can compile native modules.
diff --git a/deps/npm/doc/cli/npm-ls.md b/deps/npm/doc/cli/npm-ls.md
index 7b10a19d69..e665a735c3 100644
--- a/deps/npm/doc/cli/npm-ls.md
+++ b/deps/npm/doc/cli/npm-ls.md
@@ -76,7 +76,7 @@ Max display depth of the dependency tree.
 
 Display only the dependency tree for packages in `dependencies`.
 
-### dev / development
+### dev
 
 * Type: Boolean
 * Default: false
diff --git a/deps/npm/doc/cli/npm-prune.md b/deps/npm/doc/cli/npm-prune.md
index 0dde244251..c7f340ca7b 100644
--- a/deps/npm/doc/cli/npm-prune.md
+++ b/deps/npm/doc/cli/npm-prune.md
@@ -3,7 +3,7 @@ npm-prune(1) -- Remove extraneous packages
 
 ## SYNOPSIS
 
-    npm prune [[<@scope>/]<pkg>...] [--production] [--dry-run] [--json]
+    npm prune [[<@scope>/]<pkg>...] [--production]
 
 ## DESCRIPTION
 
@@ -16,21 +16,9 @@ package's dependencies list.
 
 If the `--production` flag is specified or the `NODE_ENV` environment
 variable is set to `production`, this command will remove the packages
-specified in your `devDependencies`. Setting `--no-production` will
+specified in your `devDependencies`. Setting `--production=false` will
 negate `NODE_ENV` being set to `production`.
 
-If the `--dry-run` flag is used then no changes will actually be made.
-
-If the `--json` flag is used then the changes `npm prune` made (or would
-have made with `--dry-run`) are printed as a JSON object.
-
-In normal operation with package-locks enabled, extraneous modules are
-pruned automatically when modules are installed and you'll only need
-this command with the `--production` flag.
-
-If you've disabled package-locks then extraneous modules will not be removed
-and it's up to you to run `npm prune` from time-to-time to remove them.
-
 ## SEE ALSO
 
 * npm-uninstall(1)
diff --git a/deps/npm/doc/cli/npm-team.md b/deps/npm/doc/cli/npm-team.md
index 9e01a451c7..5a8b4b63e3 100644
--- a/deps/npm/doc/cli/npm-team.md
+++ b/deps/npm/doc/cli/npm-team.md
@@ -34,9 +34,6 @@ when operating on them, separated by a colon (`:`). That is, if you have a
   under that organization. If performed on a team, it will instead return a list
   of all users belonging to that particular team.
 
-* edit:
-  Edit a current team.
-
 ## DETAILS
 
 `npm team` always operates directly on the current registry, configurable from
diff --git a/deps/npm/doc/cli/npm-update.md b/deps/npm/doc/cli/npm-update.md
index b6cf2af78b..d6ec30d2ae 100644
--- a/deps/npm/doc/cli/npm-update.md
+++ b/deps/npm/doc/cli/npm-update.md
@@ -26,10 +26,6 @@ As of `npm@2.6.1`, the `npm update` will only inspect top-level packages.
 Prior versions of `npm` would also recursively inspect all dependencies.
 To get the old behavior, use `npm --depth 9999 update`.
 
-As of `npm@5.0.0`, the `npm update` will change `package.json` to save the
-new version as the minimum required dependency. To get the old behavior,
-use `npm update --no-save`.
-
 ## EXAMPLES
 
 IMPORTANT VERSION NOTE: these examples assume `npm@2.6.1` or later.  For
@@ -108,6 +104,30 @@ If the dependence were on `^0.4.0`:
 Then `npm update` will install `dep1@0.4.1`, because that is the highest-sorting
 version that satisfies `^0.4.0` (`>= 0.4.0 <0.5.0`)
 
+### Recording Updates with `--save`
+
+When you want to update a package and save the new version as
+the minimum required dependency in `package.json`, you can use
+`npm update -S` or `npm update --save`.  For example if
+`package.json` contains:
+
+```
+"dependencies": {
+  "dep1": "^1.1.1"
+}
+```
+
+Then `npm update --save` will install `dep1@1.2.2` (i.e., `latest`),
+and `package.json` will be modified:
+
+```
+"dependencies": {
+  "dep1": "^1.2.2"
+}
+```
+
+Note that `npm` will only write an updated version to `package.json`
+if it installs a new package.
 
 ### Updating Globally-Installed Packages
 
diff --git a/deps/npm/doc/cli/npm.md b/deps/npm/doc/cli/npm.md
index e41e7252e3..ec867e5f9e 100644
--- a/deps/npm/doc/cli/npm.md
+++ b/deps/npm/doc/cli/npm.md
@@ -93,7 +93,7 @@ npm is extremely configurable.  It reads its configuration options from
 * Command line switches:  
   Set a config with `--key val`.  All keys take a value, even if they
   are booleans (the config parser doesn't know what the options are at
-  the time of parsing).  If no value is provided, then the option is set
+  the time of parsing.)  If no value is provided, then the option is set
   to boolean `true`.
 * Environment Variables:  
   Set any config by prefixing the name in an environment variable with
diff --git a/deps/npm/doc/files/npm-folders.md b/deps/npm/doc/files/npm-folders.md
index 456cb58bc8..74c7883443 100644
--- a/deps/npm/doc/files/npm-folders.md
+++ b/deps/npm/doc/files/npm-folders.md
@@ -68,7 +68,7 @@ Man pages are not installed on Windows systems.
 ### Cache
 
 See `npm-cache(1)`.  Cache files are stored in `~/.npm` on Posix, or
-`%AppData%/npm-cache` on Windows.
+`~/npm-cache` on Windows.
 
 This is controlled by the `cache` configuration param.
 
diff --git a/deps/npm/doc/files/npm-package-locks.md b/deps/npm/doc/files/npm-package-locks.md
index cbb62bdc38..c57fc85658 100644
--- a/deps/npm/doc/files/npm-package-locks.md
+++ b/deps/npm/doc/files/npm-package-locks.md
@@ -136,25 +136,6 @@ on. Additionally, the diffs from these changes are human-readable and will
 inform you of any changes npm has made to your `node_modules`, so you can notice
 if any transitive dependencies were updated, hoisted, etc.
 
-### Resolving lockfile conflicts
-
-Occasionally, two separate npm install will create package locks that cause
-merge conflicts in source control systems. As of `npm@5.7.0`, these conflicts
-can be resolved by manually fixing any `package.json` conflicts, and then
-running `npm install [--package-lock-only]` again. npm will automatically
-resolve any conflicts for you and write a merged package lock that includes all
-the dependencies from both branches in a reasonable tree. If
-`--package-lock-only` is provided, it will do this without also modifying your
-local `node_modules/`.
-
-To make this process seamless on git, consider installing
-[`npm-merge-driver`](https://npm.im/npm-merge-driver), which will teach git how
-to do this itself without any user interaction. In short: `$ npx
-npm-merge-driver install -g` will let you do this, and even works with
-pre-`npm@5.7.0` versions of npm 5, albeit a bit more noisily. Note that if
-`package.json` itself conflicts, you will have to resolve that by hand and run
-`npm install` manually, even with the merge driver.
-
 ## SEE ALSO
 
 * https://medium.com/@sdboyer/so-you-want-to-write-a-package-manager-4ae9c17d9527
diff --git a/deps/npm/doc/files/package-lock.json.md b/deps/npm/doc/files/package-lock.json.md
index 1b4ba93497..4c134fc229 100644
--- a/deps/npm/doc/files/package-lock.json.md
+++ b/deps/npm/doc/files/package-lock.json.md
@@ -120,15 +120,6 @@ transitive dependency of a non-optional dependency of the top level.
 All optional dependencies should be included even if they're uninstallable
 on the current platform.
 
-
-#### requires
-
-This is a mapping of module name to version.  This is a list of everything
-this module requires, regardless of where it will be installed.  The version
-should match via normal matching rules a dependency either in our
-`dependencies` or in a level higher than us.
-
-
 #### dependencies
 
 The dependencies of this dependency, exactly as at the top level.
@@ -137,6 +128,5 @@ The dependencies of this dependency, exactly as at the top level.
 
 * npm-shrinkwrap(1)
 * npm-shrinkwrap.json(5)
-* npm-package-locks(5)
 * package.json(5)
 * npm-install(1)
diff --git a/deps/npm/doc/files/package.json.md b/deps/npm/doc/files/package.json.md
index e8db328ed5..d91984d1d4 100644
--- a/deps/npm/doc/files/package.json.md
+++ b/deps/npm/doc/files/package.json.md
@@ -11,11 +11,11 @@ settings described in `npm-config(7)`.
 
 ## name
 
-If you plan to publish your package, the *most* important things in your
-package.json are the name and version fields as they will be required. The name
-and version together form an identifier that is assumed to be completely unique.
-Changes to the package should come along with changes to the version. If you don't
-plan to publish your package, the name and version fields are optional.
+The *most* important things in your package.json are the name and version fields.
+Those are actually required, and your package won't install without
+them.  The name and version together form an identifier that is assumed
+to be completely unique.  Changes to the package should come along with
+changes to the version.
 
 The name is what your thing is called.
 
@@ -44,11 +44,11 @@ A name can be optionally prefixed by a scope, e.g. `@myorg/mypackage`. See
 
 ## version
 
-If you plan to publish your package, the *most* important things in your
-package.json are the name and version fields as they will be required. The name
-and version together form an identifier that is assumed to be completely unique.
-Changes to the package should come along with changes to the version. If you don't
-plan to publish your package, the name and version fields are optional.
+The *most* important things in your package.json are the name and version fields.
+Those are actually required, and your package won't install without
+them.  The name and version together form an identifier that is assumed
+to be completely unique.  Changes to the package should come along with
+changes to the version.
 
 Version must be parseable by
 [node-semver](https://github.com/isaacs/node-semver), which is bundled
@@ -70,10 +70,6 @@ discover your package as it's listed in `npm search`.
 
 The url to the project homepage.
 
-Example:
-
-    "homepage": "https://github.com/owner/project#readme"
-
 ## bugs
 
 The url to your project's issue tracker and / or the email address to which
@@ -172,15 +168,13 @@ npm also sets a top-level "maintainers" field with your npm user info.
 
 ## files
 
-The optional `files` field is an array of file patterns that describes
+The optional "files" field is an array of file patterns that describes
 the entries to be included when your package is installed as a
-dependency. File patterns follow a similar syntax to `.gitignore`, but
-reversed: including a file, directory, or glob pattern (`*`, `**/*`, and such)
-will make it so that file is included in the tarball when it's packed. Omitting
-the field will make it default to `["*"]`, which means it will include all files.
-
-Some special files and directories are also included or excluded regardless of
-whether they exist in the `files` array (see below).
+dependency. If the files array is omitted, everything except
+automatically-excluded files will be included in your publish. If you
+name a folder in the array, then it will also include the files inside
+that folder (unless they would be ignored by another rule in this
+section.).
 
 You can also provide a `.npmignore` file in the root of your package or
 in subdirectories, which will keep files from being included. At the
@@ -232,12 +226,6 @@ This should be a module ID relative to the root of your package folder.
 For most modules, it makes the most sense to have a main script and often not
 much else.
 
-## browser
-
-If your module is meant to be used client-side the browser field should be
-used instead of the main field. This is helpful to hint users that it might
-rely on primitives that aren't available in Node.js modules. (e.g. `window`)
-
 ## bin
 
 A lot of packages have one or more executable files that they'd like to
diff --git a/deps/npm/doc/misc/npm-coding-style.md b/deps/npm/doc/misc/npm-coding-style.md
index 1199f63fcc..e6837bfbf3 100644
--- a/deps/npm/doc/misc/npm-coding-style.md
+++ b/deps/npm/doc/misc/npm-coding-style.md
@@ -115,7 +115,7 @@ Good:
 
 ## Whitespace
 
-Put a single space in front of `(` for anything other than a function call.
+Put a single space in front of ( for anything other than a function call.
 Also use a single space wherever it makes things more readable.
 
 Don't leave trailing whitespace at the end of lines.  Don't indent empty
diff --git a/deps/npm/doc/misc/npm-config.md b/deps/npm/doc/misc/npm-config.md
index 8ff052bc97..0ab0418918 100644
--- a/deps/npm/doc/misc/npm-config.md
+++ b/deps/npm/doc/misc/npm-config.md
@@ -284,9 +284,6 @@ This is a list of CIDR address to be used when configuring limited access tokens
 If false, never shows colors.  If `"always"` then always shows colors.
 If true, then only prints color codes for tty file descriptors.
 
-This option can also be changed using the environment: colors are
-disabled when the environment variable `NO_COLOR` is set to any value.
-
 ### depth
 
 * Default: Infinity
@@ -675,13 +672,6 @@ impact how lifecycle scripts are called.
 
 The node version to use when checking a package's `engines` map.
 
-### no-proxy
-
-* Default: null
-* Type: String or Array
-
-A comma-separated string or an array of domain extensions that a proxy should not be used for.
-
 ### offline
 
 * Default: false
@@ -741,10 +731,6 @@ when publishing or changing package permissions with `npm access`.
 If set to false, then ignore `package-lock.json` files when installing. This
 will also prevent _writing_ `package-lock.json` if `save` is true.
 
-When package package-locks are disabled, automatic pruning of extraneous
-modules will also be disabled.  To remove extraneous modules with
-package-locks disabled use `npm prune`.
-
 This option is an alias for `--shrinkwrap`.
 
 ### package-lock-only
@@ -752,7 +738,7 @@ This option is an alias for `--shrinkwrap`.
 * Default: false
 * Type: Boolean
 
-If set to true, it will update only the `package-lock.json`,
+If set to true, it will update only the `package-json`,
 instead of checking `node_modules` and downloading dependencies.
 
 ### parseable
@@ -849,7 +835,7 @@ Remove failed installs.
 
 ### save
 
-* Default: true
+* Default: false
 * Type: Boolean
 
 Save installed packages to a package.json file as dependencies.
diff --git a/deps/npm/doc/misc/npm-developers.md b/deps/npm/doc/misc/npm-developers.md
index 55c8d9b08d..2f54b98fb9 100644
--- a/deps/npm/doc/misc/npm-developers.md
+++ b/deps/npm/doc/misc/npm-developers.md
@@ -57,7 +57,7 @@ least, you need:
   use the name to specify that it runs on node, or is in JavaScript.
   You can use the "engines" field to explicitly state the versions of
   node (or whatever else) that your program requires, and it's pretty
-  well assumed that it's JavaScript.
+  well assumed that it's javascript.
 
   It does not necessarily need to match your github repository name.
 
diff --git a/deps/npm/doc/misc/npm-index.md b/deps/npm/doc/misc/npm-index.md
index 1656836709..64fb25de2e 100644
--- a/deps/npm/doc/misc/npm-index.md
+++ b/deps/npm/doc/misc/npm-index.md
@@ -41,10 +41,6 @@ REMOVED
 
 Manipulates packages cache
 
-### npm-ci(1)
-
-Install a project with a clean slate
-
 ### npm-completion(1)
 
 Tab Completion for npm
diff --git a/deps/npm/doc/misc/semver.md b/deps/npm/doc/misc/semver.md
index ab6f72c13e..993621a6fd 100644
--- a/deps/npm/doc/misc/semver.md
+++ b/deps/npm/doc/misc/semver.md
@@ -20,8 +20,6 @@ semver.clean('  =v1.2.3   ') // '1.2.3'
 semver.satisfies('1.2.3', '1.x || >=2.5.0 || 5.0.0 - 7.2.3') // true
 semver.gt('1.2.3', '9.8.7') // false
 semver.lt('1.2.3', '9.8.7') // true
-semver.valid(semver.coerce('v2')) // '2.0.0'
-semver.valid(semver.coerce('42.6.7.9.3-alpha')) // '42.6.7'
 ```
 
 As a command-line utility:
@@ -54,10 +52,6 @@ Options:
 -l --loose
         Interpret versions and ranges loosely
 
--c --coerce
-        Coerce a string into SemVer if possible
-        (does not imply --loose)
-
 Program exits successfully if any valid version satisfies
 all supplied ranges, and prints all satisfying versions.
 
@@ -370,19 +364,3 @@ satisfy the range.
 
 If you want to know if a version satisfies or does not satisfy a
 range, use the `satisfies(version, range)` function.
-
-### Coercion
-
-* `coerce(version)`: Coerces a string to semver if possible
-
-This aims to provide a very forgiving translation of a non-semver
-string to semver. It looks for the first digit in a string, and
-consumes all remaining characters which satisfy at least a partial semver
-(e.g., `1`, `1.2`, `1.2.3`) up to the max permitted length (256 characters).
-Longer versions are simply truncated (`4.6.3.9.2-alpha2` becomes `4.6.3`).
-All surrounding text is simply ignored (`v3.4 replaces v3.3.1` becomes `3.4.0`).
-Only text which lacks digits will fail coercion (`version one` is not valid).
-The maximum  length for any semver component considered for coercion is 16 characters;
-longer components will be ignored (`10000000000000000.4.7.4` becomes `4.7.4`).
-The maximum value for any semver component is `Integer.MAX_SAFE_INTEGER || (2**53 - 1)`;
-higher value components are invalid (`9999999999999999.4.7.4` is likely invalid).