build(deps): update dependency npm to v6.6.0

[renovate]

This PR contains the following updates:

Package	Update	Type	Change	References	Sourcegraph
npm	minor	dependencies	6.5.0 -> 6.6.0	homepage, source

---

Release Notes

npm/cli

v6.6.0

Compare Source

REFACTORING OUT npm-REGISTRY-CLIENT

Today is an auspicious day! This release marks the end of a massive internal
refactor to npm that means we finally got rid of the legacy
npm-registry-client in favor of the
shiny, new, window.fetch-like
npm-registry-fetch.

Now, the installer had already done most of this work with the release of
npm@5, but it turns out every other command still used the legacy client.
This release updates all of those commands to use the new client, and while
we're at it, adds a few extra goodies:

• All OTP-requiring commands will now prompt. --otp is no longer required for dist-tag, access, et al.
• We're starting to integrate a new config system which will eventually get extracted into a standalone package.
• We now use libnpm for the API functionality of a lot of our commands! That means you can install a library if you want to write your own tooling around them.
• There's now an npm org command for managing users in your org.
• pacote now consumes npm-style configurations, instead of its own naming for various config vars. This will make it easier to load npm configs using libnpm.config and hand them directly to pacote.

There's too many commits to list all of them here, so check out the PR if you're
curious about details:

• c5af34c05
  npm-registry-client@REMOVED
  (@​zkat)
• 4cca9cb90
ad67461dc
77625f9e2
6e922aefb
584613ea8
64de4ebf0
6cd87d1a9
2786834c0
514558e09
dec07ebe3
084741913
45aff0e02
846ddcc44
8971ba1b9
99156e081
ab2155306
b37a66542
d2af0777a
e0b4c6880
ff72350b4
6ed943303
90a069e7d
b24ed5fdc
ec9fcc14f
8a56fa39e
41d19e18f
125ff9551
1c3b226ff
3c0a7b06b
08fcb3f0f
c8135d97a
ae936f22c
  #​2
  Move rest of commands to npm-registry-fetch and use figgy-pudding for configs.
  (@​zkat)

NEW FEATURES

• 02c837e01
  #​106
  Make npm dist-tags the same as npm dist-tag ls.
  (@​isaacs)
• 1065a7809
  #​65
  Add support for IBM i.
  (@​dmabupt)
• a22e6f5fc
  #​131
  Update profile to support new npm-profile API.
  (@​zkat)

BUGFIXES

• 890a74458
  npm.community#​3278
  Fix support for passing git binary path config with --git.
  (@​larsgw)
• 90e55a143
  npm.community#​2713
  Check for npm.config's existence in error-handler.js to prevent weird
  errors when failures happen before config object is loaded.
  (@​BeniCheni)
• 134207174
  npm.community#​2569
  Fix checking for optional dependencies.
  (@​larsgw)
• 7a2f6b05d
  npm.community#​4172
  Remove tink experiments.
  (@​larsgw)
• c5b6056b6
  #​123
  Handle git branch references correctly.
  (@​johanneswuerbach)
• f58b43ef2
  npm.community#​3983
  Report any errors above 400 as potentially not supporting audit.
  (@​zkat)
• a5c9e6f35
  #​124
  Set default homepage to an empty string.
  (@​anchnk)
• 5d076351d
  npm.community#​4054
  Fix npm-prefix description.
  (@​larsgw)

DOCS

• 31a7274b7
  #​71
  Fix typo in npm-token documentation.
  (@​GeorgeTaveras1231)
• 2401b7592
  Correct docs for fake-registry interface.
  (@​iarna)

DEPENDENCIES

• 9cefcdc1d
npm-registry-fetch@3.8.0
  (@​zkat)
• 1c769c9b3
pacote@9.1.0
  (@​zkat)
• f3bc5539b
figgy-pudding@3.5.1
  (@​zkat)
• bf7199d3c
npm-profile@4.0.1
  (@​zkat)
• 118c50496
semver@5.5.1
  (@​isaacs)
• eab4df925
libcipm@3.0.2
  (@​zkat)
• b86e51573
libnpm@1.4.0
  (@​zkat)
• 56fffbff2
get-stream@4.1.0
  (@​zkat)
• df972e948
  npm-profile@REMOVED
  (@​zkat)
• 32c73bf0e
libnpm@2.0.1
  (@​zkat)
• 569491b80
licensee@5.0.0
  (@​zkat)
• a3ba0ccf1
  move rimraf to prod deps
  (@​zkat)
• f63a0d6cf
spdx-license-ids@3.0.3:
  Ref: #​121
  (@​zkat)
• f350e714f
aproba@2.0.0
  (@​aeschright)
• a67e4d8b2
byte-size@5.0.1
  (@​aeschright)
• 8bea4efa3
cacache@11.3.2
  (@​aeschright)
• 9d4776836
chownr@1.1.1
  (@​aeschright)
• 70da139e9
ci-info@2.0.0
  (@​aeschright)
• bcdeddcc3
cli-table3@​0.5.1
  (@​aeschright)
• 63aab82c7
is-cidr@3.0.0
  (@​aeschright)
• d522bd90c
JSONStream@1.3.5
  (@​aeschright)
• 2a59bfc79
libnpmhook@5.0.2
  (@​aeschright)
• 66d60e394
marked@0.6.0
  (@​aeschright)
• 8213def9a
npm-packlist@1.2.0
  (@​aeschright)
• e4ffc6a2b
unique-filename@1.1.1
  (@​aeschright)
• 09a5c2fab
semver@5.6.0
  (@​aeschright)
• 740e79e17
rimraf@2.6.3
  (@​aeschright)
• 455476c8d
require-inject@1.4.4
  (@​aeschright)
• 3f40251c5
npm-pick-manifest@2.2.3
  (@​aeschright)
• 4ffa8a8e9
query-string@6.2.0
  (@​aeschright)
• a0a0ca9ec
pacote@9.3.0
  (@​aeschright)
• 5777ea8ad
readable-stream@3.1.1
  (@​aeschright)
• 887e94386
lru-cache@4.1.5
  (@​aeschright)
• 41f15524c
  Updating semver docs.
  (@​aeschright)
• fb3bbb72d
npm-audit-report@1.3.2:
  (@​melkikh)

TESTING

• f1edffba9
  Modernize maketest script.
  (@​iarna)
• ae263473d
  maketest: Use promise based example common.npm call.
  (@​iarna)
• d9970da5e
  maketest: Use newEnv for env production.
  (@​iarna)

MISCELLANEOUS

• c665f35aa
  #​119
  Replace var with const/let in lib/repo.js.
  (@​watilde)
• 46639ba9f
  Update package-lock.json for https tarball URLs
  (@​aeschright)

---

Renovate configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Enabled.

♻️ Rebasing: Whenever PR is stale, or if you modify the PR title to begin with "rebase!".

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot. View repository job log here.

[renovate-bot]

🎉 This PR is included in version 13.176.1 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀