deps: throw StackOverflow in JSON.parse

Backport of:

fc6343a79274b6a1e99037ebb131096e2da05306

from v8 upstream.

Original commit message:

    Catch stack overflow in JSON.parse.

    BUG=

    Review URL: https://chromiumcodereview.appspot.com/11275039

    git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@12816 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Reviewed-By: Fedor Indutny <fedor@indutny.com>

.gitignore

@@ -42,3 +42,4 @@ ipch/
 email.md
 deps/v8-*
 ./node_modules
+.svn/

.mailmap

@@ -0,0 +1,104 @@
+Aaron Heckmann <aaron.heckmann@gmail.com> <aaron.heckmann+github@gmail.com>
+Abe Fettig <abefettig@gmail.com> <abe@fettig.net>
+Alex Kocharin <rlidwka@kocharin.ru>
+Alex Kocharin <rlidwka@kocharin.ru> <alex@kocharin.ru>
+Alexis Sellier <self@cloudhead.net>
+Alexis Sellier <self@cloudhead.net> <alexis@cloudhead.io>
+Arlo Breault <arlolra@gmail.com>
+Artem Zaytsev <a.arepo@gmail.com>
+Atsuo Fukaya <fukayatsu@gmail.com>
+Ben Noordhuis <info@bnoordhuis.nl> <bnoordhuis@bender.(none)>
+Bert Belder <bertbelder@gmail.com> <bert@piscisaureus2.(none)>
+Bert Belder <bertbelder@gmail.com> <piscisaureus@Berts-MacBook-Pro.local>
+Brandon Benvie <brandon@bbenvie.com> <brandon@brandonbenvie.com>
+Brian White <mscdex@mscdex.net>
+Brian White <mscdex@mscdex.net> <mscdex@gmail.com>
+Chew Choon Keat <choonkeat@gmail.com>
+Christopher Lenz <cmlenz@gmail.com> <chris@lamech.local>
+Daniel Berger <code+node@dpbis.net>
+Daniel Chcouri <333222@gmail.com>
+Daniel Gröber <darklord@darkboxed.org>
+Daniel Gröber <darklord@darkboxed.org> <dxld@darkboxed.org>
+Daniel Pihlström <sciolist.se@gmail.com>
+David Siegel <david@artcom.de> <david.siegel@artcom.de>
+Domenic Denicola <domenic@domenicdenicola.com>
+Eduard Burtescu <eddy_me08@yahoo.com>
+Einar Otto Stangvik <einaros@gmail.com>
+Elliott Cable <me@ell.io>
+EungJun Yi <semtlenori@gmail.com>
+Evan Larkin <evan.larkin.il.com> <evan.larkin.iit@gmail.com>
+Farid Neshat <FaridN_SOAD@yahoo.com>
+Felix Geisendörfer <felix@debuggable.com>
+Felix Geisendörfer <felix@debuggable.com>
+Friedemann Altrock <frodenius@gmail.com>
+Fuji Goro <gfuji@cpan.org>
+Gabriel de Perthuis <g2p.code@gmail.com>
+Herbert Vojčík <herby@mailbox.sk>
+Igor Zinkovsky <igorzi@microsoft.com>
+Isaac Z. Schlueter <i@izs.me>
+Isaac Z. Schlueter <i@izs.me> <i@foohack.com>
+Jérémy Lal <kapouer@melix.org>
+Jérémy Lal <kapouer@melix.org> <holisme@gmail.com>
+Jered Schmidt <tr@nslator.jp>
+Joe Shaw <joe@joeshaw.org> <joeshaw@litl.com>
+Johan Bergström <bugs@bergstroem.nu>
+Johan Dahlberg <jfd@distrop.com> <dahlberg.johan@gmail.com>
+Jonas Pfenniger <jonas@pfenniger.name> <jonas@stvs.ch>
+Jonathan Rentzsch <jwr.git@redshed.net>
+Joshua S. Weinstein <josher19@users.sf.net>
+Koichi Kobayashi <koichik@improvement.jp>
+Kris Kowal <kris.kowal@cixar.com>
+Kyle Robinson Young <kyle@dontkry.com>
+Mathias Pettersson <mape@mape.me>
+Michael Bernstein <michaelrbernstein@gmail.com>
+Michael Wilber <gcr@sneakygcr.net>
+Micheil Smith <micheil@brandedcode.com> <micheil@yettobebranded.net>
+Mikael Bourges-Sevenier <mikeseven@gmail.com> <msevenier@motorola.com>
+Nebu Pookins<nebu@nebupookins.net>
+Nicholas Kinsey <pyrotechnick@feistystudios.com>
+Onne Gorter <onne@onnlucky.com>
+Paul Querna <pquerna@apache.org> <paul@querna.org>
+Ray Morgan <rmorgan@zappos.com>
+Ray Solomon <raybsolomon@gmail.com>
+Rick Olson <technoweenie@gmail.com>
+Ryan Dahl <ry@tinyclouds.org>
+Ryan Emery <seebees@gmail.com>
+Sam Shull <brickysam26@gmail.com> <brickysam26@samuel-shulls-computer.local>
+Sam Shull <brickysam26@gmail.com> <sshull@squaremouth.com>
+Sambasiva Suda <sambasivarao@gmail.com>
+San-Tai Hsu <v@fatpipi.com>
+Sergey Kryzhanovsky <skryzhanovsky@gmail.com> <another@dhcp199-223-red.yandex.net>
+Shannen Saez <shannenlaptop@gmail.com>
+Shigeki Ohtsu <ohtsu@d.jp> <ohtsu@iij.ad.jp>
+Siddharth Mahendraker <siddharth_mahen@hotmail.com> <siddharth_mahen@me.com>
+Simon Willison <simon@simonwillison.net>
+Stanislav Opichal <opichals@gmail.com>
+Stefan Bühler <stbuehler@web.de>
+Tadashi SAWADA <cesare@mayverse.jp>
+Takahiro ANDO <takahiro.ando@gmail.com>
+Ted Young <ted@radicaldesigns.org>
+Thomas Lee <thomas.lee@shinetech.com> <tom@tom-debian.sensis.com.au>
+Tim Caswell <tim@creationix.com> <tim@0-26-8-e9-4c-e1.dyn.utdallas.edu>
+Tim Smart <timehandgod@gmail.com> <tim@fostle.com>
+Tim Smart <timehandgod@gmail.com> <timehandgod@gmail.com>
+TJ Holowaychuk <tj@vision-media.ca>
+TJ Holowaychuk <tj@vision-media.ca> <tjholowayhuk@gmail.com>
+Trevor Burnham <trevor@databraid.com> <trevorburnham@gmail.com>
+Tyler Larson <talltyler@gmail.com>
+Vincent Voyer <v@fasterize.com>
+Yoshihiro KIKUCHI <yknetg@gmail.com>
+Yuichiro MASUI <masui@masuidrive.jp>
+Zachary Scott <zachary@zacharyscott.net> <zachary.s.scott@gmail.com>
+Zoran Tomicic <ztomicic@gmail.com>
+
+# These people didn't contribute patches to node directly,
+# but we've landed their v8 patches in the node repository:
+Daniel Clifford <danno@chromium.org>
+Erik Corry <erik.corry@gmail.com>
+Jakob Kummerow <jkummerow@chromium.org>
+Kevin Millikin <kmillikin@chromium.org>
+Lasse R.H. Nielsen <lrn@chromium.org>
+Michael Starzinger <mstarzinger@chromium.org>
+Toon Verwaest <verwaest@chromium.org>
+Vyacheslav Egorov <vegorov@chromium.org>
+Yang Guo <yangguo@chromium.org>

AUTHORS

@@ -59,7 +59,7 @@ Arlo Breault <arlolra@gmail.com>
 Kris Kowal <kris.kowal@cixar.com>
 Jacek Becela <jacek.becela@gmail.com>
 Rob Ellis <kazoomer@gmail.com>
-Tim Smart <timehAndGod@gmail.com>
+Tim Smart <timehandgod@gmail.com>
 Herbert Vojčík <herby@mailbox.sk>
 Krishna Rajendran <krishna@emptybox.org>
 Nicholas Kinsey <pyrotechnick@feistystudios.com>
@@ -98,8 +98,7 @@ Jerome Etienne <jerome.etienne@gmail.com>
 Dmitriy Shalashov <skaurus@gmail.com>
 Adam Wiggins <adam@heroku.com>
 Rick Olson <technoweenie@gmail.com>
-David Siegel <david.siegel@artcom.de>
-Sergey Kzyzhanovsky <skryzhanovsky@gmail.com>
+Sergey Kryzhanovsky <skryzhanovsky@gmail.com>
 Marco Rogers <marco.rogers@gmail.com>
 Benjamin Fritsch <beanie@benle.de>
 Jan Kassens <jan@kassens.net>
@@ -144,13 +143,13 @@ Daniel Gröber <darklord@darkboxed.org>
 Travis Swicegood <development@domain51.com>
 Oleg Slobodskoi <oleg008@gmail.com>
 Jeremy Martin <jmar777@gmail.com>
-Michael W <gcr@sneakygcr.net>
+Michael Wilber <gcr@sneakygcr.net>
 Sean Braithwaite <brapse@gmail.com>
 Anders Conbere <aconbere@gmail.com>
 Devin Torres <devin@devintorres.com>
 Theo Schlossnagle <jesus@omniti.com>
 Kai Chen <kaichenxyz@gmail.com>
-Daniel C <333222@gmail.com>
+Daniel Chcouri <333222@gmail.com>
 Mihai Călin Bazon <mihai@bazon.net>
 Ali Farhadi <a.farhadi@gmail.com>
 Daniel Ennis <aikar@aikar.co>
@@ -159,59 +158,69 @@ Greg Hughes <greg@ghughes.com>
 David Trejo <david.daniel.trejo@gmail.com>
 Joe Walnes <joe@walnes.com>
 Koichi Kobayashi <koichik@improvement.jp>
-Daniel Gröber <dxld@darkboxed.org>
 Konstantin Käfer <github@kkaefer.com>
 Richard Rodger <richard@ricebridge.com>
 Andreas Reich <andreas@reich.name>
+Tony Huang <cnwzhjs@gmail.com>
 Dean McNamee <dean@gmail.com>
 Trevor Burnham <trevor@databraid.com>
 Zachary Scott <zachary@zacharyscott.net>
 Arnout Kazemier <info@3rd-Eden.com>
 George Stagas <gstagas@gmail.com>
+Ben Weaver <ben@orangesoda.net>
 Scott McWhirter <scott.mcwhirter@joyent.com>
 Jakub Lekstan <jakub.lekstan@dreamlab.pl>
+Nick Campbell <nicholas.j.campbell@gmail.com>
+Nebu Pookins <nebu@nebupookins.net>
 Tim Baumann <tim@timbaumann.info>
 Robert Mustacchi <rm@joyent.com>
-Håvard Stranden <havard.stranden@gmail.com>
 George Miroshnykov <george.miroshnykov@gmail.com>
+Mark Cavage <mark.cavage@joyent.com>
+Håvard Stranden <havard.stranden@gmail.com>
 Marcel Laverdet <marcel@laverdet.com>
 Alexandre Marangone <a.marangone@gmail.com>
-Mark Cavage <mark.cavage@joyent.com>
 Ryan Petrello <lists@ryanpetrello.com>
+Fuji Goro <gfuji@cpan.org>
 Siddharth Mahendraker <siddharth_mahen@hotmail.com>
+Dave Pacheco <dap@joyent.com>
 Mathias Buus <m@ge.tt>
+Henry Rawas <henryr@schakra.com>
 Yoshihiro KIKUCHI <yknetg@gmail.com>
 Brett Kiefer <kiefer@gmail.com>
 Mariano Iglesias <mariano@cricava.com>
 Jörn Horstmann <git@jhorstmann.net>
 Joe Shaw <joe@joeshaw.org>
-Alex Xu <alex_y_xu@yahoo.ca>
-Kip Gebhardt <kip.gebhardt@voxer.com>
-Stefan Rusu <saltwaterc@gmail.com>
-Wojciech Wnętrzak <w.wnetrzak@gmail.com>
-Reid Burke <me@reidburke.com>
 Niklas Fiekas <niklas.fiekas@googlemail.com>
 Adam Luikart <me@adamluikart.com>
-avz <a.arepo@gmail.com>
+Artem Zaytsev <a.arepo@gmail.com>
+Alex Xu <alex_y_xu@yahoo.ca>
 Jeremy Selier <jeremy@jolicloud.com>
 Igor Zinkovsky <igorzi@microsoft.com>
+Kip Gebhardt <kip.gebhardt@voxer.com>
+Stefan Rusu <saltwaterc@gmail.com>
 Shigeki Ohtsu <ohtsu@d.jp>
-vegorov@chromium.org <vegorov@chromium.org>
+Wojciech Wnętrzak <w.wnetrzak@gmail.com>
+Devon Govett <devongovett@gmail.com>
+Steve Engledow <steve.engledow@proxama.com>
 Pierre-Alexandre St-Jean <pierrealexandre.stjean@gmail.com>
+Reid Burke <me@reidburke.com>
 Vicente Jimenez Aguilar <googuy@gmail.com>
-SAWADA Tadashi <cesare@mayverse.jp>
-Logan Smyth <loganfsmyth@gmail.com>
-Christopher Wright <christopherwright@gmail.com>
-Mickaël Delahaye <mickael.delahaye@gmail.com>
+Tadashi SAWADA <cesare@mayverse.jp>
+Jeroen Janssen <jeroen.janssen@gmail.com>
+Daniel Pihlström <sciolist.se@gmail.com>
+Stefan Bühler <stbuehler@web.de>
+Alexander Uvarov <alexander.uvarov@gmail.com>
 Aku Kotkavuo <aku@hibana.net>
 Peter Bright <drpizza@quiscalusmexicanus.org>
+Logan Smyth <loganfsmyth@gmail.com>
+Christopher Wright <christopherwright@gmail.com>
 Glen Low <glen.low@pixelglow.com>
 Thomas Shinnick <tshinnic@gmail.com>
+Mickaël Delahaye <mickael.delahaye@gmail.com>
 Antranig Basman <antranig.basman@colorado.edu>
 Maciej Małecki <maciej.malecki@notimplemented.org>
 Evan Martin <martine@danga.com>
 Peter Lyons <pete@peterlyons.com>
-jkummerow@chromium.org <jkummerow@chromium.org>
 Jann Horn <jannhorn@googlemail.com>
 Abimanyu Raja <abimanyuraja@gmail.com>
 Karl Skomski <karl@skomski.com>
@@ -219,7 +228,9 @@ Niclas Hoyer <niclas@verbugt.de>
 Michael Jackson <mjijackson@gmail.com>
 Ashok Mudukutore <ashok@lineratesystems.com>
 Sean Cunningham <sean.cunningham@mandiant.com>
+Vitor Balocco <vitorbal@gmail.com>
 Ben Leslie <benno@benno.id.au>
+Eric Lovett <etlovett@gmail.com>
 Christian Tellnes <christian@tellnes.no>
 Colton Baker <github@netrefuge.net>
 Tyler Larson <talltyler@gmail.com>
@@ -229,7 +240,6 @@ Simen Brekken <simen.brekken@gmail.com>
 Guglielmo Ferri <44gatti@gmail.com>
 Thomas Parslow <tom@almostobsolete.net>
 Ryan Emery <seebees@gmail.com>
-Zachary Scott <zachary@zacharyscott.net>
 Jordan Sissel <jls@semicomplete.com>
 Matt Robenolt <matt@ydekproductions.com>
 Jacob H.C. Kragh <jhckragh@gmail.com>
@@ -240,13 +250,18 @@ Mathias Bynens <mathias@qiwi.be>
 Łukasz Walukiewicz <lukasz@walukiewicz.eu>
 Artur Adib <arturadib@gmail.com>
 E. Azer Koçulu <azer@kodfabrik.com>
+Paddy Byers <paddy.byers@gmail.com>
 Roman Shtylman <shtylman@gmail.com>
 Kyle Robinson Young <kyle@dontkry.com>
 Tim Oxley <secoif@gmail.com>
+Eduard Burtescu <eddy_me08@yahoo.com>
 Ingmar Runge <ingmar@irsoft.de>
 Russ Bradberry <rbradberry@gmail.com>
 Andreas Madsen <amwebdk@gmail.com>
 Adam Malcontenti-Wilson <adman.com@gmail.com>
+Avi Flax <avi@aviflax.com>
+Pedro Teixeira <pedro.teixeira@gmail.com>
+Johan Bergström <bugs@bergstroem.nu>
 James Hartig <james.hartig@grooveshark.com>
 Shannen Saez <shannenlaptop@gmail.com>
 Seong-Rak Choi <ragiragi@hanmail.net>
@@ -254,6 +269,8 @@ Dave Irvine <davman99@gmail.com>
 Ju-yeong Park <interruptz@gmail.com>
 Phil Sung <psung@dnanexus.com>
 Damon Oehlman <damon.oehlman@sidelab.com>
+Mikael Bourges-Sevenier <mikeseven@gmail.com>
+Emerson Macedo <emerleite@gmail.com>
 Ryunosuke SATO <tricknotes.rs@gmail.com>
 Michael Bernstein <michaelrbernstein@gmail.com>
 Guillermo Rauch <rauchg@gmail.com>
@@ -264,7 +281,6 @@ Dan VerWeire <dverweire@gmail.com>
 Matthew Fitzsimmons <matt@joyent.com>
 Philip Tellis <philip.tellis@gmail.com>
 Christopher Jeffrey <chjjeffrey@gmail.com>
-Paddy Byers <paddy.byers@gmail.com>
 Seth Fitzsimmons <seth@mojodna.net>
 Einar Otto Stangvik <einaros@gmail.com>
 Paul Vorbach <paul@vorb.de>
@@ -293,19 +309,23 @@ Charlie McConnell <charlie@charlieistheman.com>
 Farid Neshat <FaridN_SOAD@yahoo.com>
 Johannes Wüller <johanneswueller@gmail.com>
 Erik Lundin <mjor.himself@gmail.com>
-Mikael Bourges-Sevenier <mikeseven@gmail.com>
+Bryan Cantrill <bryan@joyent.com>
 Yosef Dinerstein <yosefd@microsoft.com>
 Nathan Friedly <nathan@nfriedly.com>
 Aaron Jacobs <jacobsa@google.com>
 Mustansir Golawala <mgolawala@gmail.com>
-fukayatsu <fukayatsu@gmail.com>
+Atsuo Fukaya <fukayatsu@gmail.com>
 Domenic Denicola <domenic@domenicdenicola.com>
-Bryan Cantrill <bryan@joyent.com>
-lrn@chromium.org <lrn@chromium.org>
+Joshua S. Weinstein <josher19@users.sf.net>
 Dane Springmeyer <dane@dbsgeo.com>
-Sambasiva Suda <sambasivarao@gmail.com>
+Erik Dubbelboer <erik@dubbelboer.com>
+Malte-Thorben Bruns <skenqbx@googlemail.com>
+Michael Thomas <aelmalinka@gmail.com>
+Garen Torikian <gjtorikian@gmail.com>
+EungJun Yi <semtlenori@gmail.com>
 Vincent Voyer <v@fasterize.com>
-ANDO Takahiro <takahiro.ando@gmail.com>
+Takahiro ANDO <takahiro.ando@gmail.com>
+Erwin van der Koogh <github@koogh.com>
 Brian Schroeder <bts@gmail.com>
 J. Lee Coltrane <lee@projectmastermind.com>
 Javier Hernández <jhernandez@emergya.com>
@@ -313,9 +333,56 @@ James Koval <james.ross.koval@gmail.com>
 Kevin Gadd <kevin.gadd@gmail.com>
 Ray Solomon <raybsolomon@gmail.com>
 Kevin Bowman <github@magicmonkey.org>
-Jeroen Janssen <jeroen.janssen@gmail.com>
 Matt Gollob <mattgollob@gmail.com>
 Simon Sturmer <sstur@me.com>
 Joel Brandt <joelrbrandt@gmail.com>
 Marc Harter <wavded@gmail.com>
 Nuno Job <nunojobpinto@gmail.com>
+Ben Kelly <ben@wanderview.com>
+Felix Böhm <felixboehm55@googlemail.com>
+Gabriel de Perthuis <g2p.code@gmail.com>
+Tim Macfarlane <timmacfarlane@gmail.com>
+Jonas Westerlund <jonas.westerlund@me.com>
+Dominic Tarr <dominic.tarr@gmail.com>
+Justin Plock <jplock@gmail.com>
+Toshihiro Nakamura <toshihiro.nakamura@gmail.com>
+Ivan Torres <mexpolk@gmail.com>
+Philipp Hagemeister <phihag@phihag.de>
+George Shank <shankga@gmail.com>
+Mike Morearty <mike@morearty.com>
+Peter Rybin <peter.rybin@gmail.com>
+Eugen Dueck <eugen@dueck.org>
+Gil Pedersen <git@gpost.dk>
+Tyler Neylon <tylerneylon@gmail.com>
+Golo Roden <webmaster@goloroden.de>
+Ron Korving <rkorving@wizcorp.jp>
+Brandon Wilson <chlavois@gmail.com>
+Bearice Ren <bearice@gmail.com>
+Ankur Oberoi <aoberoi@gmail.com>
+Atsuya Takagi <atsuya.takagi@gmail.com>
+Pooya Karimian <pkarimian@sencha.com>
+Frédéric Germain <frederic.germain@gmail.com>
+Robin Lee <cheeselee@fedoraproject.org>
+Adam Blackburn <regality@gmail.com>
+Willi Eggeling <email@wje-online.de>
+Andrew Paprocki <andrew@ishiboo.com>
+Max Ogden <max@maxogden.com>
+Olivier Lalonde <olalonde@gmail.com>
+Francois Marier <francois@mozilla.com>
+Trevor Norris <trev.norris@gmail.com>
+Joshua Erickson <josh@snoj.us>
+Kai Sasaki Lewuathe <sasaki_kai@lewuathe.sakura.ne.jp>
+Nicolas Chambrier <naholyr@gmail.com>
+Tim Bradshaw <tfb@cley.com>
+Johannes Ewald <mail@johannesewald.de>
+Chris Dent <chris.dent@gmail.com>
+Dan Milon <danmilon@gmail.com>
+Jacob Gable <jacob.gable@gmail.com>
+Rick Yakubowski <richard@orpha-systems.com>
+Dan Kohn <dan@dankohn.com>
+Timothy J Fontaine <tjfontaine@gmail.com>
+Eugene Girshov <eugene.girshov@nixu.com>
+Raymond Feng <enjoyjava@gmail.com>
+Tobias Müllerleile <tobias@muellerleile.net>
+Daniel Chatfield <chatfielddaniel@gmail.com>
+cjihrig <cjihrig@gmail.com>

CONTRIBUTING.md

@@ -0,0 +1,145 @@
+# CONTRIBUTING
+
+The node.js project welcomes new contributors.  This document will guide you
+through the process.
+
+
+### FORK
+
+Fork the project [on GitHub](https://github.com/joyent/node) and check out
+your copy.
+
+```
+$ git clone git@github.com:username/node.git
+$ cd node
+$ git remote add upstream git://github.com/joyent/node.git
+```
+
+Now decide if you want your feature or bug fix to go into the master branch
+or the stable branch.  As a rule of thumb, bug fixes go into the stable branch
+while new features go into the master branch.
+
+The stable branch is effectively frozen; patches that change the node.js
+API/ABI or affect the run-time behavior of applications get rejected.
+
+The rules for the master branch are less strict; consult the
+[stability index page][] for details.
+
+In a nutshell, modules are at varying levels of API stability.  Bug fixes are
+always welcome but API or behavioral  changes to modules at stability level 3
+and up are off-limits.
+
+Node.js has several bundled dependencies in the deps/ and the tools/
+directories that are not part of the project proper.  Any changes to files
+in those directories or its subdirectories should be sent to their respective
+projects.  Do not send your patch to us, we cannot accept it.
+
+In case of doubt, open an issue in the [issue tracker][], post your question
+to the [node.js mailing list][] or contact one of the [project maintainers][]
+on [IRC][].
+
+Especially do so if you plan to work on something big.  Nothing is more
+frustrating than seeing your hard work go to waste because your vision
+does not align with that of a project maintainer.
+
+
+### BRANCH
+
+Okay, so you have decided on the proper branch.  Create a feature branch
+and start hacking:
+
+```
+$ git checkout -b my-feature-branch -t origin/v0.8
+```
+
+(Where v0.8 is the latest stable branch as of this writing.)
+
+
+### COMMIT
+
+Make sure git knows your name and email address:
+
+```
+$ git config --global user.name "J. Random User"
+$ git config --global user.email "j.random.user@example.com"
+```
+
+Writing good commit logs is important.  A commit log should describe what
+changed and why.  Follow these guidelines when writing one:
+
+1. The first line should be 50 characters or less and contain a short
+   description of the change.
+2. Keep the second line blank.
+3. Wrap all other lines at 72 columns.
+
+A good commit log looks like this:
+
+```
+Header line: explaining the commit in one line
+
+Body of commit message is a few lines of text, explaining things
+in more detail, possibly giving some background about the issue
+being fixed, etc etc.
+
+The body of the commit message can be several paragraphs, and
+please do proper word-wrap and keep columns shorter than about
+72 characters or so. That way `git log` will show things
+nicely even when it is indented.
+```
+
+The header line should be meaningful; it is what other people see when they
+run `git shortlog` or `git log --oneline`.
+
+Have a look at `git log` for inspiration.
+
+
+### REBASE
+
+Use `git rebase` (not `git merge`) to sync your work from time to time.
+
+```
+$ git fetch upstream
+$ git rebase upstream/v0.8  # or upstream/master
+```
+
+
+### TEST
+
+Bug fixes and features should come with tests.  Add your tests in the
+test/simple/ directory.  Look at other tests to see how they should be
+structured (license boilerplate, common includes, etc.).
+
+```
+$ make jslint test
+```
+
+Make sure the linter is happy and that all tests pass.  Please, do not submit
+patches that fail either check.
+
+
+### PUSH
+
+```
+$ git push origin my-feature-branch
+```
+
+Go to https://github.com/username/node and select your feature branch.  Click
+the 'Pull Request' button and fill out the form.
+
+Pull requests are usually reviewed within a few days.  If there are comments
+to address, apply your changes in a separate commit and push that to your
+feature branch.  Post a comment in the pull request afterwards; GitHub does
+not send out notifications when you add commits.
+
+
+### CONTRIBUTOR LICENSE AGREEMENT
+
+Please visit http://nodejs.org/cla.html and sign the Contributor License
+Agreement.  You only need to do that once.
+
+
+[stability index page]: https://github.com/joyent/node/blob/master/doc/api/documentation.markdown
+[issue tracker]: https://github.com/joyent/node/issues
+[node.js mailing list]: http://groups.google.com/group/nodejs
+[IRC]: http://webchat.freenode.net/?channels=node.js
+[project maintainers]: https://github.com/joyent/node/wiki/Project-Organization

ChangeLog

@@ -1,4 +1,568 @@
-2012.06.25, Version 0.8.0 (stable)
+2014.07.31, Version 0.8.28 (maintenance)
+
+* v8: Interrupts must not mask stack overflow. (Fedor Indutny)
+
+
+2014.06.09, Version 0.8.27 (maintenance), a69205346b09eb3fd21e9530a75868b92102e039
+
+* openssl: update to 1.0.0m (CVE-2014-0224)
+
+* utf8: Prevent Node from sending invalid UTF-8 (Felix Geisendörfer)
+  - *NOTE* this introduces a breaking change, previously you could construct
+    invalid UTF-8 and invoke an error in a client that was expecting valid
+    UTF-8, now unmatched surrogate pairs are replaced with the unknown UTF-8
+    character. To restore the old functionality simply have NODE_INVALID_UTF8
+    environment variable set.
+
+* tls: fix pool usage race (Fedor Indutny)
+
+* fs: close file if fstat() fails in readFile() (cjihrig)
+
+
+2013.10.13, Version 0.8.26 (maintenance), 6d391bbbe18217ce20c15c3da2bad71ef836922c
+
+* v8: Upgrade to 3.11.10.26
+
+* crypto: clear openssl error stack when handled (Ben Noordhuis)
+
+* crypto: clear errors from verify failure (Timothy J Fontaine)
+
+* crypto: fix memory leak in LoadPKCS12 (Fedor Indutny)
+
+* http: provide backpressure for pipeline flood (isaacs)
+
+* http_parser: expose pause/resume method for parser (Timothy J Fontaine)
+
+* readline: pause stdin before turning off terminal raw mode (Daniel Chatfield)
+
+
+2013.06.13, Version 0.8.25 (maintenance), 0b9bdb2bc7e1c872f0ea4713517fda22a4b0b202
+
+* npm: Upgrade to 1.2.30
+
+* child_process: fix handle delivery (Ben Noordhuis)
+
+
+2013.06.04, Version 0.8.24 (maintenance), c1a1ab067721ea17ef7b05ec5c68b01321017f05
+
+* npm: Upgrade to v1.2.24
+
+* url: Properly parse certain oddly formed urls (isaacs)
+
+* http: Don't try to destroy nonexistent sockets (isaacs)
+
+* handle_wrap: fix NULL pointer dereference (Ben Noordhuis)
+
+
+2013.04.09, Version 0.8.23 (maintenance), c67f8d0500fe15637a623eb759d2ad7eb9fb3b0b
+
+* npm: Upgrade to v1.2.18
+
+* http: Avoid EE warning on ECONNREFUSED handling (isaacs)
+
+* tls: Re-enable check of CN-ID in cert verification (Tobias Müllerleile)
+
+* child_process: fix sending utf-8 to child process (Ben Noordhuis)
+
+* crypto: check key type in GetPeerCertificate() (Ben Noordhuis)
+
+* win/openssl: mark assembled object files as seh safe (Bert Belder)
+
+* windows/msi: fix msi build issue with WiX 3.7/3.8 (Raymond Feng)
+
+
+2013.03.07, Version 0.8.22 (Stable), 67a4cb4fe8c2346e30ffb83f7178e205cc2dab33
+
+* npm: Update to 1.2.14
+
+* cluster: propagate bind errors (Ben Noordhuis)
+
+* crypto: don't assert when calling Cipher#final() twice (Ben Noordhuis)
+
+* build, windows: disable SEH (Ben Noordhuis)
+
+
+2013.02.25, Version 0.8.21 (Stable), 530d8c05d4c546146f18e5ba811d7eb3b7b7c0c5
+
+* http: Do not free the wrong parser on socket close (isaacs)
+
+* http: Handle hangup writes more gently (isaacs)
+
+* zlib: fix assert on bad input (Ben Noordhuis)
+
+* test: add TAP output to the test runner (Timothy J Fontaine)
+
+* unix: Handle EINPROGRESS from domain sockets (Ben Noordhuis)
+
+
+2013.02.15, Version 0.8.20 (Stable), e10c75579b536581ddd7ae4e2c3bf8a9d550d343
+
+* npm: Upgrade to v1.2.11
+
+* http: Do not let Agent hand out destroyed sockets (isaacs)
+
+* http: Raise hangup error on destroyed socket write (isaacs)
+
+* http: protect against response splitting attacks (Bert Belder)
+
+
+2013.02.06, Version 0.8.19 (Stable), 53978bdf420622ff0121c63c0338c9e7c2e60869
+
+* npm: Upgrade to v1.2.10
+
+* zlib: pass object size hint to V8 (Ben Noordhuis)
+
+* zlib: reduce memory consumption, release early (Ben Noordhuis)
+
+* buffer: slow buffer copy compatibility fix (Trevor Norris)
+
+* zlib: don't assert on malformed dictionary (Ben Noordhuis)
+
+* zlib: don't assert on missing dictionary (Ben Noordhuis)
+
+* windows: better ipv6 support (Bert Belder)
+
+* windows: add error mappings related to unsupported protocols (Bert Belder)
+
+* windows: map ERROR_DIRECTORY to UV_ENOENT (Bert Belder)
+
+
+2013.01.18, Version 0.8.18 (Stable), 2c4eef0d972838c51999d32c0d251857a713dc18
+
+* npm: Upgrade to v1.2.2
+
+* dns: make error message match errno (Dan Milon)
+
+* tls: follow RFC6125 more stricly (Fedor Indutny)
+
+* buffer: reject negative SlowBuffer offsets (Ben Noordhuis)
+
+* install: add simplejson fallback (Chris Dent)
+
+* http: fix "Cannot call method 'emit' of null" (Ben Noordhuis)
+
+
+2013.01.09, Version 0.8.17 (Stable), c50c33e9397d7a0a8717e8ce7530572907c054ad
+
+* npm: Upgrade to v1.2.0
+  - peerDependencies (Domenic Denicola)
+  - node-gyp v0.8.2 (Nathan Rajlich)
+  - Faster installs from github user/project shorthands (Nathan Zadoks)
+
+* typed arrays: fix 32 bit size/index overflow (Ben Noordhuis)
+
+* http: Improve performance of single-packet responses (Ben Noordhuis)
+
+* install: fix openbsd man page location (Ben Noordhuis)
+
+* http: bubble up parser errors to ClientRequest (Brian White)
+
+
+2012.12.13, Version 0.8.16 (Stable), 1c9c6277d5cfcaaac8569c0c8f7daa64292048a9
+
+* npm: Upgrade to 1.1.69
+
+* fs: fix WriteStream/ReadStream fd leaks (Ben Noordhuis)
+
+* crypto: fix leak in GetPeerCertificate (Fedor Indutny)
+
+* buffer: Don't double-negate numeric buffer arg (Trevor Norris)
+
+* net: More accurate IP address validation and IPv6 dotted notation. (Joshua Erickson)
+
+
+2012.11.26, Version 0.8.15 (Stable), fdf91afb494a7a2fff2913d817f589c191a2c88f
+
+* npm: Upgrade to 1.1.66 (isaacs)
+
+* linux: use /proc/cpuinfo for CPU frequency (Ben Noordhuis)
+
+* windows: map WSAESHUTDOWN to UV_EPIPE (Ben Noordhuis)
+
+* windows: map ERROR_GEN_FAILURE to UV_EIO (Bert Belder)
+
+* unix: do not set environ unless one is provided (Charlie McConnell)
+
+* domains: don't crash if domain is set to null (Bert Belder)
+
+* windows: fix the x64 debug build (Bert Belder)
+
+* net, tls: fix connect() resource leak (Ben Noordhuis)
+
+
+2012.10.25, Version 0.8.14 (Stable), b00527fcf05c3d9f/b5d5d790f9472906a59fe218
+
+* events: Don't clobber pre-existing _events obj in EE ctor (isaacs)
+
+
+2012.10.25, Version 0.8.13 (Stable), ff4c974873f9a7cc6a5b042eb9b6389bb8dde6d6
+
+* V8: Upgrade to 3.11.10.25
+
+* npm: Upgrade to 1.1.65
+
+* url: parse hostnames that start with - or _ (Ben Noordhuis)
+
+* repl: Fix Windows 8 terminal issue (Bert Belder)
+
+* typed arrays: use signed char for signed int8s (Aaron Jacobs)
+
+* crypto: fix bugs in DiffieHellman (Ben Noordhuis)
+
+* configure: turn on VFPv3 on ARMv7 (Ben Noordhuis)
+
+* Re-enable OpenSSL UI for entering passphrases via tty (Ben Noordhuis)
+
+* repl: ensure each REPL instance gets its own "context" (Nathan Rajlich)
+
+
+2012.10.12, Version 0.8.12 (Stable), 38c72d4e29574dec5205bcf23c2a85efe65331a4
+
+* npm: Upgrade to 1.1.63
+
+* crypto: Reduce stability index to 2-Unstable (isaacs)
+
+* windows: fix handle leak in uv_fs_utime (Bert Belder)
+
+* windows: fix application crashed popup in debug version (Bert Belder)
+
+* buffer: report proper retained size in profiler (Ben Noordhuis)
+
+* buffer: fix byteLength with UTF-16LE (koichik)
+
+* repl: make "end of input" JSON.parse() errors throw in the REPL (Nathan Rajlich)
+
+* repl: make invalid RegExp modifiers throw in the REPL (Nathan Rajlich)
+
+* http: handle multiple Proxy-Authenticate values (Willi Eggeling)
+
+
+2012.09.27, Version 0.8.11 (Stable), e1f39468fa580c1e4cb15fac621f87944ee625dc
+
+* fs: Fix stat() size reporting for large files (Ben Noordhuis)
+
+
+2012.09.25, Version 0.8.10 (Stable), 0bc273da4fcaa79b209ed755ad249a3e7be626a6
+
+* npm: Upgrade to 1.1.62
+
+* repl: make invalid RegExps throw in the REPL (Nathan Rajlich)
+
+* v8: loosen artificial mmap constraint (Bryan Cantrill)
+
+* process: fix setuid() and setgid() error reporting (Ben Noordhuis)
+
+* domain: Properly exit() on domain disposal (isaacs)
+
+* fs: fix watchFile() missing deletion events (Ben Noordhuis)
+
+* fs: fix assert in fs.watch() (Ben Noordhuis)
+
+* fs: don't segfault on deeply recursive stat() (Ben Noordhuis)
+
+* http: Remove timeout handler when data arrives (Frédéric Germain)
+
+* http: make the client "res" object gets the same domain as "req" (Nathan Rajlich)
+
+* windows: don't blow up when an invalid FD is used (Bert Belder)
+
+* unix: map EDQUOT to UV_ENOSPC (Charlie McConnell)
+
+* linux: improve /proc/cpuinfo parser (Ben Noordhuis)
+
+* win/tty: reset background brightness when color is set to default (Bert Belder)
+
+* unix: put child process stdio fds in blocking mode (Ben Noordhuis)
+
+* unix: fix EMFILE busy loop (Ben Noordhuis)
+
+* sunos: don't set TCP_KEEPALIVE (Ben Noordhuis)
+
+* tls: Use slab allocator for memory management (Fedor Indutny)
+
+* openssl: Use optimized assembly code for x86 and x64 (Bert Belder)
+
+
+2012.09.11, Version 0.8.9 (Stable), b88c3902b241cf934e75443b934f2033ad3915b1
+
+* v8: upgrade to 3.11.10.22
+
+* GYP: upgrade to r1477
+
+* npm: Upgrade to 1.1.61
+
+* npm: Don't create world-writable files (isaacs)
+
+* windows: fix single-accept mode for shared server sockets (Bert Belder)
+
+* windows: fix uninitialized memory access in uv_update_time() (Bert Belder)
+
+* windows: don't throw when a signal handler is attached (Bert Belder)
+
+* unix: fix memory leak in udp (Ben Noordhuis)
+
+* unix: map errno ESPIPE (Ben Noordhuis)
+
+* unix, windows: fix memory corruption in fs-poll.c (Ben Noordhuis)
+
+* sunos: fix os.cpus() on x86_64 (Ben Noordhuis)
+
+* child process: fix processes with IPC channel don't emit 'close' (Bert Belder)
+
+* build: add a "--dest-os" option to force a gyp "flavor" (Nathan Rajlich)
+
+* build: set `process.platform` to "sunos" on SunOS (Nathan Rajlich)
+
+* build: fix `make -j` fails after `make clean` (Bearice Ren)
+
+* build: fix openssl configuration for "arm" builds (Nathan Rajlich)
+
+* tls: support unix domain socket/named pipe in tls.connect (Shigeki Ohtsu)
+
+* https: make https.get() accept a URL (koichik)
+
+* http: respect HTTP/1.0 TE header (Ben Noordhuis)
+
+* crypto, tls: Domainify setSNICallback, pbkdf2, randomBytes (Ben Noordhuis)
+
+* stream.pipe: Don't call destroy() unless it's a function (isaacs)
+
+
+2012.08.22, Version 0.8.8 (Stable), a299c97bbc701f4d460e91214d7bfe7a9589d361
+
+* V8: upgrade to 3.11.10.19
+
+* npm: upgrade to 1.1.59
+
+* windows: fix uninitialized memory access in uv_update_time() (Bert Belder)
+
+* unix, windows: fix memory corruption in fs-poll.c (Ben Noordhuis)
+
+* unix: fix integer overflow in uv_hrtime (Tim Holy)
+
+* sunos: fix uv_cpu_info() on x86_64 (Ben Noordhuis)
+
+* tls: update default cipher list (Ben Noordhuis)
+
+* unix: Fix llvm and older gcc duplicate symbol warnings (Bert Belder)
+
+* fs: fix use after free in stat watcher (Ben Noordhuis)
+
+* build: Fix using manually compiled gcc on OS X (Nathan Rajlich)
+
+* windows: make junctions work again (Bert Belder)
+
+
+2012.08.15, Version 0.8.7 (Stable), f640c5d35cba96634cd8176a525a1d876e361a61
+
+* npm: Upgrade to 1.1.49
+
+* website: download page (Golo Roden)
+
+* crypto: fix uninitialized memory access in openssl (Ben Noordhuis)
+
+* buffer, crypto: fix buffer decoding (Ben Noordhuis)
+
+* build: compile with -fno-tree-vrp when gcc >= 4.0 (Ben Noordhuis)
+
+* tls: handle multiple CN fields when verifying cert (Ben Noordhuis)
+
+* doc: remove unused util from child_process (Kyle Robinson Young)
+
+* build: rework -fvisibility=hidden detection (Ben Noordhuis)
+
+* windows: don't duplicate invalid stdio handles (Bert Belder)
+
+* windows: fix typos in process-stdio.c (Bert Belder)
+
+
+2012.08.07, Version 0.8.6 (Stable), 0544a586ca6b6b900a42e164033dbf350765700a
+
+* npm: Upgrade to v1.1.48
+
+* Add 'make binary' to build binary tarballs for all Unixes (Nathan Rajlich)
+
+* zlib: Emit 'close' on destroy(). (Dominic Tarr)
+
+* child_process: Fix stdout=null when stdio=['pipe'] (Tyler Neylon)
+
+* installer: prevent ETXTBSY errors (Ben Noordhuis)
+
+* installer: honor --without-npm, default install path (Ben Noordhuis)
+
+* net: make pause work with connecting sockets (Bert Belder)
+
+* installer: fix cross-compile installs (Ben Noordhuis)
+
+* net: fix .listen({fd:0}) (Ben Noordhuis)
+
+* windows: map WSANO_DATA to UV_ENOENT (Bert Belder)
+
+
+2012.08.02, Version 0.8.5 (Stable), 9b86a4453f0c76f2707a75c0b2343aba33ec63bc
+
+* node: tag Encode and friends NODE_EXTERN (Ben Noordhuis)
+
+* fs: fix ReadStream / WriteStream missing callback (Gil Pedersen)
+
+* fs: fix readFileSync("/proc/cpuinfo") regression (Ben Noordhuis)
+
+* installer: don't assume bash is installed (Ben Noordhuis)
+
+* Report errors properly from --eval and stdin (isaacs)
+
+* assert: fix throws() throws an error without message property (koichik)
+
+* cluster: fix libuv assert in net.listen() (Ben Noordhuis)
+
+* build: always link sunos builds with libumem (Trent Mick)
+
+* build: improve armv7 / hard-float detection (Adam Malcontenti-Wilson)
+
+* https: Use host header as effective servername (isaacs)
+
+* sunos: work around OS bug to prevent fs.watch() from spinning (Bryan Cantrill)
+
+* linux: fix 'two watchers, one path' segfault (Ben Noordhuis)
+
+* windows: fix memory leaks in many fs functions (Bert Belder)
+
+* windows: don't allow directories to be opened for writing/appending (Bert Belder)
+
+* windows: make fork() work even when not all stdio handles are valid (Bert Belder)
+
+* windows: make unlink() not remove mount points, and improve performance (Bert Belder)
+
+* build: Sign pkg installer for OS X (isaacs)
+
+
+2012.07.25, Version 0.8.4 (Stable), f98562fcd7d1cab573ca4dc1612157d6999befd4
+
+* V8: Upgrade to 3.11.10.17
+
+* npm: Upgrade to 1.1.45
+
+* net: fix Socket({ fd: 42 }) api (Ben Noordhuis)
+
+* readline: Remove event listeners on close (isaacs)
+
+* windows: correctly prep long path for fs.exists(Sync) (Bert Belder)
+
+* debugger: wake up the event loop when a debugger command is dispatched (Peter Rybin)
+
+* tls: verify server's identity (Fedor Indutny)
+
+* net: ignore socket.setTimeout(Infinity or NaN) (Fedor Indutny)
+
+
+2012.07.19, Version 0.8.3 (Stable), 60bf2d6cb33e4ce55604f73889ab840a9de8bdab
+
+* V8: upgrade to 3.11.10.15
+
+* npm: Upgrade to 1.1.43
+
+* net: fix net.Server.listen({fd:x}) error reporting (Ben Noordhuis)
+
+* net: fix bogus errno reporting (Ben Noordhuis)
+
+* build: Move npm shebang logic into an npm script (isaacs)
+
+* build: fix add-on loading on freebsd (Ben Noordhuis)
+
+* build: disable unsafe optimizations (Ben Noordhuis)
+
+* build: fix spurious mksnapshot crashes for good (Ben Noordhuis)
+
+* build: speed up genv8constants (Dave Pacheco)
+
+* fs: make unwatchFile() remove a specific listener (Ben Noordhuis)
+
+* domain: Remove first arg from intercepted fn (Toshihiro Nakamura)
+
+* domain: Fix memory leak on error (isaacs)
+
+* events: Fix memory leak from removeAllListeners (Nathan Rajlich)
+
+* zlib: Fix memory leak in Unzip class. (isaacs)
+
+* crypto: Fix memory leak in DecipherUpdate() (Ben Noordhuis)
+
+
+2012.07.09, Version 0.8.2 (Stable), cc6084b9ac5cf1d4fe5e7165b71e8fc05d11be1f
+
+* npm: Upgrade to 1.1.36
+
+* readline: don't use Function#call() (Nathan Rajlich)
+
+* Code cleanup to pass 'use strict' (Jonas Westerlund)
+
+* module: add filename to require() json errors (TJ Holowaychuk)
+
+* readline: fix for unicode prompts (Tim Macfarlane)
+
+* timers: fix handling of large timeouts (Ben Noordhuis)
+
+* repl: fix passing an empty line inserting "undefined" into the buffer (Nathan Rajlich)
+
+* repl: fix crashes when buffering command (Maciej Małecki)
+
+* build: rename strict_aliasing to node_no_strict_aliasing (Ben Noordhuis)
+
+* build: disable -fstrict-aliasing for any gcc < 4.6.0 (Ben Noordhuis)
+
+* build: detect cc version with -dumpversion (Ben Noordhuis)
+
+* build: handle output of localized gcc or clang (Ben Noordhuis)
+
+* unix: fix memory corruption in freebsd.c (Ben Noordhuis)
+
+* unix: fix 'zero handles, one request' busy loop (Ben Noordhuis)
+
+* unix: fix busy loop on unexpected tcp message (Ben Noordhuis)
+
+* unix: fix EINPROGRESS busy loop (Ben Noordhuis)
+
+
+2012.06.29, Version 0.8.1 (stable), 2134aa3d5c622fc3c3b02ccb713fcde0e0df479a
+
+* V8: upgrade to v3.11.10.12
+
+* npm: upgrade to v1.1.33
+  - Support for parallel use of the cache folder
+  - Retry on registry timeouts or network failures (Trent Mick)
+  - Reduce 'engines' failures to a warning
+  - Use new zsh completion if aviailable (Jeremy Cantrell)
+
+* Fix #3577 Un-break require('sys')
+
+* util: speed up formatting of large arrays/objects (Ben Noordhuis)
+
+* windows: make fs.realpath(Sync) work with UNC paths (Bert Belder)
+
+* build: fix --shared-v8 option (Ben Noordhuis)
+
+* doc: `detached` is a boolean (Andreas Madsen)
+
+* build: use proper python interpreter (Ben Noordhuis)
+
+* build: expand ~ in `./configure --prefix=~/a/b/c` (Ben Noordhuis)
+
+* build: handle CC env var with spaces (Gabriel de Perthuis)
+
+* build: fix V8 build when compiling with gcc 4.5 (Ben Noordhuis)
+
+* build: fix --shared-v8 option (Ben Noordhuis)
+
+* windows msi: Fix icon issue which caused huge file size (Bert Belder)
+
+* unix: assume that dlopen() may clobber dlerror() (Ben Noordhuis)
+
+* sunos: fix memory corruption bugs (Ben Noordhuis)
+
+* windows: better (f)utimes and (f)stat (Bert Belder)
+
+
+2012.06.25, Version 0.8.0 (stable), 8b8a7a7f9b41e74e1e810d0330738ad06fc302ec
 
 * V8: upgrade to v3.11.10.10
 
@@ -440,6 +1004,38 @@
 * Bug fixes
 
 
+2012.07.10 Version 0.6.20 (maintenance), 952e513379169ec1b40909d1db056e9bf4294899
+
+* npm: Upgrade to 1.1.37 (isaacs)
+
+* benchmark: Backport improvements made in master (isaacs)
+
+* build: always link with -lz (Trent Mick)
+
+* core: use proper #include directives (Ben Noordhuis)
+
+* cluster: don't silently drop messages when the write queue gets big (Bert Belder)
+
+* windows: don't print error when GetConsoleTitleW returns an empty string (Bert Belder)
+
+
+2012.06.06 Version 0.6.19 (stable), debf552ed2d4a53957446e82ff3c52a8182d5ff4
+
+* npm: upgrade to 1.1.24
+
+* fs: no end emit after createReadStream.pause() (Andreas Madsen)
+
+* vm: cleanup module memory leakage (Marcel Laverdet)
+
+* unix: fix loop starvation under high network load (Ben Noordhuis)
+
+* unix: remove abort() in ev_unref() (Ben Noordhuis)
+
+* windows/tty: never report error after forcibly aborting line-buffered read (Bert Belder)
+
+* windows: skip GetFileAttributes call when opening a file (Bert Belder)
+
+
 2012.05.15 Version 0.6.18 (stable), 4bc1d395de6abed2cf1e4d0b7b3a1480a21c368f
 
 * windows: skip GetFileAttributes call when opening a file (Bert Belder)
@@ -771,7 +1367,7 @@
 * crypto: don't ignore DH init errors (Ben Noordhuis)
 
 
-2011.12.14, Version 0.6.6
+2011.12.14, Version 0.6.6 (stable), 9a059ea69e1f6ebd8899246682d8ca257610b8ab
 
 * npm update to 1.1.0-beta-4 (Isaac Z. Schlueter)
 
@@ -1008,7 +1604,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * Upgrade GYP to r1081
 
 
-2011.10.10, Version 0.5.9 (unstable)
+2011.10.10, Version 0.5.9 (unstable), 3bd9b08fb125b606f97a4079b147accfdeebb07d
 
 * fs.watch interface backed by kqueue, inotify, and ReadDirectoryChangesW
   (Igor Zinkovsky, Ben Noordhuis)
@@ -1092,7 +1688,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * #1719 Drain OpenSSL error queue
 
 
-2011.09.08, Version 0.5.6 (unstable)
+2011.09.08, Version 0.5.6 (unstable), b49bec55806574a47403771bce1ee379c2b09ca2
 
 * #345, #1635, #1648 Documentation improvements (Thomas Shinnick,
   Abimanyu Raja, AJ ONeal, Koichi Kobayashi, Michael Jackson, Logan Smyth,
@@ -1380,7 +1976,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * DTrace probes: support X-Forwarded-For (Dave Pacheco)
 
 
-2011.09.15, Version 0.4.12 (stable)
+2011.09.15, Version 0.4.12 (stable), 771ba34ca7b839add2ef96879e1ffc684813cf7c
 
 * Improve docs
 
@@ -1429,7 +2025,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * Doc improvments (koichik, Logan Smyth, Ben Noordhuis, Arnout Kazemier)
 
 
-2011.07.19, Version 0.4.10 (stable)
+2011.07.19, Version 0.4.10 (stable), 1b8dd65d6e3b82b6863ef38835cc436c5d30c1d5
 
 * #394 Fix Buffer drops last null character in UTF-8
 
@@ -1456,7 +2052,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * Doc improvements
 
 
-2011.06.29, Version 0.4.9 (stable)
+2011.06.29, Version 0.4.9 (stable), de44eafd7854d06cd85006f509b7051e8540589b
 
 * Improve documentation
 
@@ -1530,7 +2126,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * Upgrade V8 to 3.1.8.16.
 
 
-2011.04.22, Version 0.4.7 (stable)
+2011.04.22, Version 0.4.7 (stable), c85455a954411b38232e79752d4abb61bb75031b
 
 * Don't emit error on ECONNRESET from read() #670
 
@@ -1548,7 +2144,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * Improve docs.
 
 
-2011.04.13, Version 0.4.6 (stable)
+2011.04.13, Version 0.4.6 (stable), 58002d56bc79410c5ff397fc0e1ffec0665db38a
 
 * Don't error on ENOTCONN from shutdown() #670
 
@@ -1578,7 +2174,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * Upgrade v8 to 3.1.8.10
 
 
-2011.04.01, Version 0.4.5 (stable)
+2011.04.01, Version 0.4.5 (stable), 787a343b588de26784fef97f953420b53a6e1d73
 
 * Fix listener leak in stream.pipe() (Mikeal Rogers)
 
@@ -1711,7 +2307,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * Upgrade V8 to 3.1.5, libev to 4.4.
 
 
-2011.02.10, Version 0.4.0 (stable)
+2011.02.10, Version 0.4.0 (stable), eb155ea6f6a6aa341aa8c731dca8da545c6a4008
 
 * require() improvements (isaacs)
   - understand package.json (isaacs)
@@ -1744,7 +2340,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * Upgrade V8 to 3.1.2
 
 
-2011.02.04, Version 0.3.8 (unstable)
+2011.02.04, Version 0.3.8 (unstable), 9493b7563bff31525b4080df5aeef09747782d5e
 
 * Add req.abort() for client side requests.
 
@@ -1766,7 +2362,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 
 * Upgrade V8 to 3.1.1
 
-2011.01.27, Version 0.3.7 (unstable)
+2011.01.27, Version 0.3.7 (unstable), d8579c6afdbe868de6dffa8db78bbe4ba2d03e0e
 
 * Expose agent in http and https client. (Mikeal Rogers)
 
@@ -1828,7 +2424,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * Don't stat() on cached modules. (Felix Geisendörfer)
 
 
-2011.01.08, Version 0.3.4 (unstable)
+2011.01.08, Version 0.3.4 (unstable), 73f53e12e4a5b9ef7dbb4792bd5f8ad403094441
 
 * Primordial mingw build (Bert Belder)
 
@@ -2046,7 +2642,7 @@ koichik, Maciej Małecki, Guglielmo Ferri, isaacs)
 * Upgrade V8 to 2.3.8
 
 
-2010.08.13, Version 0.1.104
+2010.08.13, Version 0.1.104, b14dd49222687c12f3e8eac597cff4f2674f84e8
 
 * Various bug fixes (console, querystring, require)
 

Makefile

@@ -3,6 +3,12 @@
 BUILDTYPE ?= Release
 PYTHON ?= python
 DESTDIR ?=
+SIGN ?=
+
+# Default to verbose builds.
+# To do quiet/pretty builds, run `make V=` to set V to an empty string,
+# or set the V environment variable to an empty string.
+V ?= 1
 
 # BUILDTYPE=Debug builds both release and debug builds. If you want to compile
 # just the debug build, run `make -C out BUILDTYPE=Debug` instead.
@@ -16,28 +22,28 @@ endif
 # to check for changes.
 .PHONY: node node_g
 
-node: config.gypi
-	$(MAKE) -C out BUILDTYPE=Release
+node: config.gypi out/Makefile
+	$(MAKE) -C out BUILDTYPE=Release V=$(V)
 	ln -fs out/Release/node node
 
-node_g: config.gypi
-	$(MAKE) -C out BUILDTYPE=Debug
+node_g: config.gypi out/Makefile
+	$(MAKE) -C out BUILDTYPE=Debug V=$(V)
 	ln -fs out/Debug/node node_g
 
 config.gypi: configure
 	./configure
 
 out/Debug/node:
-	$(MAKE) -C out BUILDTYPE=Debug
+	$(MAKE) -C out BUILDTYPE=Debug V=$(V)
 
 out/Makefile: common.gypi deps/uv/uv.gyp deps/http_parser/http_parser.gyp deps/zlib/zlib.gyp deps/v8/build/common.gypi deps/v8/tools/gyp/v8.gyp node.gyp config.gypi
-	tools/gyp_node -f make
+	$(PYTHON) tools/gyp_node -f make
 
 install: all
-	out/Release/node tools/installer.js install $(DESTDIR)
+	$(PYTHON) tools/install.py $@ $(DESTDIR)
 
 uninstall:
-	out/Release/node tools/installer.js uninstall
+	$(PYTHON) tools/install.py $@ $(DESTDIR)
 
 clean:
 	-rm -rf out/Makefile node node_g out/$(BUILDTYPE)/node blog.html email.md
@@ -108,7 +114,7 @@ apidoc_sources = $(wildcard doc/api/*.markdown)
 apidocs = $(addprefix out/,$(apidoc_sources:.markdown=.html)) \
           $(addprefix out/,$(apidoc_sources:.markdown=.json))
 
-apidoc_dirs = out/doc out/doc/api/ out/doc/api/assets out/doc/about out/doc/community out/doc/logos out/doc/images
+apidoc_dirs = out/doc out/doc/api/ out/doc/api/assets out/doc/about out/doc/community out/doc/download out/doc/logos out/doc/images
 
 apiassets = $(subst api_assets,api/assets,$(addprefix out/,$(wildcard doc/api_assets/*)))
 
@@ -126,17 +132,18 @@ website_files = \
 	out/doc/pipe.css \
 	out/doc/about/index.html \
 	out/doc/community/index.html \
+	out/doc/download/index.html \
 	out/doc/logos/index.html \
 	out/doc/changelog.html \
 	$(doc_images)
 
-doc: program $(apidoc_dirs) $(website_files) $(apiassets) $(apidocs) tools/doc/ blog
+doc: $(apidoc_dirs) $(website_files) $(apiassets) $(apidocs) tools/doc/ blog node
 
 blogclean:
 	rm -rf out/blog
 
 blog: doc/blog out/Release/node tools/blog
-	out/Release/node tools/blog/generate.js doc/blog/ out/blog/ doc/blog.html
+	out/Release/node tools/blog/generate.js doc/blog/ out/blog/ doc/blog.html doc/rss.xml
 
 $(apidoc_dirs):
 	mkdir -p $@
@@ -144,19 +151,19 @@ $(apidoc_dirs):
 out/doc/api/assets/%: doc/api_assets/% out/doc/api/assets/
 	cp $< $@
 
-out/doc/changelog.html: ChangeLog doc/changelog-head.html doc/changelog-foot.html tools/build-changelog.sh
+out/doc/changelog.html: ChangeLog doc/changelog-head.html doc/changelog-foot.html tools/build-changelog.sh node
 	bash tools/build-changelog.sh
 
-out/doc/%.html: doc/%.html
+out/doc/%.html: doc/%.html node
 	cat $< | sed -e 's|__VERSION__|'$(VERSION)'|g' > $@
 
 out/doc/%: doc/%
 	cp -r $< $@
 
-out/doc/api/%.json: doc/api/%.markdown
+out/doc/api/%.json: doc/api/%.markdown node
 	out/Release/node tools/doc/generate.js --format=json $< > $@
 
-out/doc/api/%.html: doc/api/%.markdown
+out/doc/api/%.html: doc/api/%.markdown node
 	out/Release/node tools/doc/generate.js --format=html --template=doc/template.html $< > $@
 
 email.md: ChangeLog tools/email-footer.md
@@ -186,8 +193,22 @@ docclean:
 	-rm -rf out/doc
 
 VERSION=v$(shell $(PYTHON) tools/getnodeversion.py)
+RELEASE=$(shell $(PYTHON) tools/getnodeisrelease.py)
+PLATFORM=$(shell uname | tr '[:upper:]' '[:lower:]')
+ifeq ($(findstring x86_64,$(shell uname -m)),x86_64)
+DESTCPU ?= x64
+else
+DESTCPU ?= ia32
+endif
+ifeq ($(DESTCPU),x64)
+ARCH=x64
+else
+ARCH=x86
+endif
 TARNAME=node-$(VERSION)
 TARBALL=$(TARNAME).tar.gz
+BINARYNAME=$(TARNAME)-$(PLATFORM)-$(ARCH)
+BINARYTAR=$(BINARYNAME).tar.gz
 PKG=out/$(TARNAME).pkg
 packagemaker=/Developer/Applications/Utilities/PackageMaker.app/Contents/MacOS/PackageMaker
 
@@ -195,28 +216,7 @@ dist: doc $(TARBALL) $(PKG)
 
 PKGDIR=out/dist-osx
 
-pkg: $(PKG)
-
-$(PKG):
-	rm -rf $(PKGDIR)
-	rm -rf out/deps out/Release
-	./configure --prefix=$(PKGDIR)/32/usr/local --without-snapshot --dest-cpu=ia32
-	$(MAKE) install
-	rm -rf out/deps out/Release
-	./configure --prefix=$(PKGDIR)/usr/local --without-snapshot --dest-cpu=x64
-	$(MAKE) install
-	lipo $(PKGDIR)/32/usr/local/bin/node \
-		$(PKGDIR)/usr/local/bin/node \
-		-output $(PKGDIR)/usr/local/bin/node-universal \
-		-create
-	mv $(PKGDIR)/usr/local/bin/node-universal $(PKGDIR)/usr/local/bin/node
-	rm -rf $(PKGDIR)/32
-	$(packagemaker) \
-		--id "org.nodejs.NodeJS-$(VERSION)" \
-		--doc tools/osx-pkg.pmdoc \
-		--out $(PKG)
-
-$(TARBALL): node out/doc
+release-only:
 	@if [ "$(shell git status --porcelain | egrep -v '^\?\? ')" = "" ]; then \
 		exit 0 ; \
 	else \
@@ -228,15 +228,40 @@ $(TARBALL): node out/doc
 		echo "" >&2 ; \
 		exit 1 ; \
 	fi
-	@if [ $(shell ./node --version) = "$(VERSION)" ]; then \
+	@if [ "$(RELEASE)" = "1" ]; then \
 		exit 0; \
 	else \
 	  echo "" >&2 ; \
-		echo "$(shell ./node --version) doesn't match $(VERSION)." >&2 ; \
+		echo "#NODE_VERSION_IS_RELEASE is set to $(RELEASE)." >&2 ; \
 	  echo "Did you remember to update src/node_version.cc?" >&2 ; \
 	  echo "" >&2 ; \
 		exit 1 ; \
 	fi
+
+pkg: $(PKG)
+
+$(PKG): release-only
+	rm -rf $(PKGDIR)
+	rm -rf out/deps out/Release
+	./configure --prefix=$(PKGDIR)/32/usr/local --without-snapshot --dest-cpu=ia32
+	$(MAKE) install V=$(V)
+	rm -rf out/deps out/Release
+	./configure --prefix=$(PKGDIR)/usr/local --without-snapshot --dest-cpu=x64
+	$(MAKE) install V=$(V)
+	SIGN="$(APP_SIGN)" PKGDIR="$(PKGDIR)" bash tools/osx-codesign.sh
+	lipo $(PKGDIR)/32/usr/local/bin/node \
+		$(PKGDIR)/usr/local/bin/node \
+		-output $(PKGDIR)/usr/local/bin/node-universal \
+		-create
+	mv $(PKGDIR)/usr/local/bin/node-universal $(PKGDIR)/usr/local/bin/node
+	rm -rf $(PKGDIR)/32
+	$(packagemaker) \
+		--id "org.nodejs.Node" \
+		--doc tools/osx-pkg.pmdoc \
+		--out $(PKG)
+	SIGN="$(INT_SIGN)" PKG="$(PKG)" bash tools/osx-productsign.sh
+
+$(TARBALL): release-only node doc
 	git archive --format=tar --prefix=$(TARNAME)/ HEAD | tar xf -
 	mkdir -p $(TARNAME)/doc/api
 	cp doc/node.1 $(TARNAME)/doc/node.1
@@ -248,6 +273,22 @@ $(TARBALL): node out/doc
 	rm -rf $(TARNAME)
 	gzip -f -9 $(TARNAME).tar
 
+tar: $(TARBALL)
+
+$(BINARYTAR): release-only
+	rm -rf $(BINARYNAME)
+	rm -rf out/deps out/Release
+	./configure --prefix=/ --without-snapshot --dest-cpu=$(DESTCPU) $(CONFIG_FLAGS)
+	$(MAKE) install DESTDIR=$(BINARYNAME) V=$(V) PORTABLE=1
+	cp README.md $(BINARYNAME)
+	cp LICENSE $(BINARYNAME)
+	cp ChangeLog $(BINARYNAME)
+	tar -cf $(BINARYNAME).tar $(BINARYNAME)
+	rm -rf $(BINARYNAME)
+	gzip -f -9 $(BINARYNAME).tar
+
+binary: $(BINARYTAR)
+
 dist-upload: $(TARBALL) $(PKG)
 	ssh node@nodejs.org mkdir -p web/nodejs.org/dist/$(VERSION)
 	scp $(TARBALL) node@nodejs.org:~/web/nodejs.org/dist/$(VERSION)/$(TARBALL)
@@ -261,6 +302,9 @@ bench-idle:
 	sleep 1
 	./node benchmark/idle_clients.js &
 
+jslintfix:
+	PYTHONPATH=tools/closure_linter/ $(PYTHON) tools/closure_linter/closure_linter/fixjsstyle.py --strict --nojsdoc -r lib/ -r src/ --exclude_files lib/punycode.js
+
 jslint:
 	PYTHONPATH=tools/closure_linter/ $(PYTHON) tools/closure_linter/closure_linter/gjslint.py --unix_mode --strict --nojsdoc -r lib/ -r src/ --exclude_files lib/punycode.js
 
@@ -269,4 +313,4 @@ cpplint:
 
 lint: jslint cpplint
 
-.PHONY: lint cpplint jslint bench clean docopen docclean doc dist distclean check uninstall install install-includes install-bin all program staticlib dynamiclib test test-all website-upload pkg blog blogclean
+.PHONY: lint cpplint jslint bench clean docopen docclean doc dist distclean check uninstall install install-includes install-bin all staticlib dynamiclib test test-all website-upload pkg blog blogclean tar binary release-only

README.md

@@ -3,12 +3,26 @@ Evented I/O for V8 javascript. [![Build Status](https://secure.travis-ci.org/joy
 
 ### To build:
 
-Unix/Macintosh (requires python 2.6 or 2.7):
+Prerequisites (Unix only):
+
+    * Python 2.6 or 2.7
+    * GNU Make 3.81 or newer
+    * libexecinfo (FreeBSD and OpenBSD only)
+
+Unix/Macintosh:
 
     ./configure
     make
     make install
 
+If your python binary is in a non-standard location or has a
+non-standard name, run the following instead:
+
+    export PYTHON=/path/to/python
+    $PYTHON ./configure
+    make
+    make install
+
 Windows:
 
     vcbuild.bat

benchmark/http.sh

@@ -1,12 +1,43 @@
 #!/bin/bash
 cd "$(dirname "$(dirname $0)")"
-sudo sysctl -w net.inet.ip.portrange.first=12000
-sudo sysctl -w net.inet.tcp.msl=1000
-sudo sysctl -w kern.maxfiles=1000000 kern.maxfilesperproc=1000000
+
+if type sysctl &>/dev/null; then
+  # darwin and linux
+  sudo sysctl -w net.ipv4.ip_local_port_range="12000 65535"
+  sudo sysctl -w net.inet.ip.portrange.first=12000
+  sudo sysctl -w net.inet.tcp.msl=1000
+  sudo sysctl -w kern.maxfiles=1000000 kern.maxfilesperproc=1000000
+elif type /usr/sbin/ndd &>/dev/null; then
+  # sunos
+  /usr/sbin/ndd -set /dev/tcp tcp_smallest_anon_port 12000
+  /usr/sbin/ndd -set /dev/tcp tcp_largest_anon_port 65535
+  /usr/sbin/ndd -set /dev/tcp tcp_max_buf 2097152
+  /usr/sbin/ndd -set /dev/tcp tcp_xmit_hiwat 1048576
+  /usr/sbin/ndd -set /dev/tcp tcp_recv_hiwat 1048576
+fi
+
 ulimit -n 100000
 
-./node benchmark/http_simple.js || exit 1 &
+k=${KEEPALIVE}
+if [ "$k" = "no" ]; then
+  k=""
+else
+  k="-k"
+fi
+node=${NODE:-./node}
+
+$node benchmark/http_simple.js &
+npid=$!
+
 sleep 1
 
-ab -n 30000 -c 100 http://127.0.0.1:8000/${TYPE:-bytes}/${LENGTH:-1024} | grep Req
-killall node
+if [ "$k" = "-k" ]; then
+  echo "using keepalive"
+fi
+
+for i in a a a a a a a a a a a a a a a a a a a a; do
+  ab $k -t 10 -c 100 http://127.0.0.1:8000/${TYPE:-bytes}/${LENGTH:-1024} \
+    2>&1 | grep Req | egrep -o '[0-9\.]+'
+done
+
+kill $npid

benchmark/http_simple.js

@@ -96,13 +96,12 @@ var server = http.createServer(function (req, res) {
                             'Transfer-Encoding': 'chunked' });
     // send body in chunks
     var len = body.length;
-    var step = ~~(len / n_chunks) || len;
+    var step = Math.floor(len / n_chunks) || 1;
 
-    for (var i = 0; i < len; i += step) {
-      res.write(body.slice(i, i + step));
+    for (var i = 0, n = (n_chunks - 1); i < n; ++i) {
+      res.write(body.slice(i * step, i * step + step));
     }
-
-    res.end();
+    res.end(body.slice((n_chunks - 1) * step));
   } else {
     var content_length = body.length.toString();
 

benchmark/http_simple_auto.js

@@ -77,13 +77,12 @@ var server = http.createServer(function (req, res) {
                             "Transfer-Encoding": "chunked" });
     // send body in chunks
     var len = body.length;
-    var step = ~~(len / n_chunks) || len;
+    var step = Math.floor(len / n_chunks) || 1;
 
-    for (var i = 0; i < len; i += step) {
-      res.write(body.slice(i, i + step));
+    for (var i = 0, n = (n_chunks - 1); i < n; ++i) {
+      res.write(body.slice(i * step, i * step + step));
     }
-
-    res.end();
+    res.end(body.slice((n_chunks - 1) * step));
   } else {
     var content_length = body.length.toString();
 

benchmark/http_simple_cluster.js

@@ -3,7 +3,7 @@ var os = require('os');
 
 if (cluster.isMaster) {
   console.log('master running on pid %d', process.pid);
-  for (var i = 1, n = os.cpus().length; i < n; ++i) cluster.fork();
+  for (var i = 0, n = os.cpus().length; i < n; ++i) cluster.fork();
 } else {
   require(__dirname + '/http_simple.js');
 }

benchmark/tls-connect.js

@@ -0,0 +1,86 @@
+
+var assert = require('assert'),
+    fs = require('fs'),
+    path = require('path'),
+    tls = require('tls');
+
+
+var target_connections = 10000,
+    concurrency = 10;
+
+for (var i = 2; i < process.argv.length; i++) {
+  switch (process.argv[i]) {
+    case '-c':
+      concurrency = ~~process.argv[++i];
+      break;
+
+    case '-n':
+      target_connections = ~~process.argv[++i];
+      break;
+
+    default:
+      throw new Error('Invalid flag: ' + process.argv[i]);
+  }
+}
+
+
+var cert_dir = path.resolve(__dirname, '../test/fixtures'),
+    options = { key: fs.readFileSync(cert_dir + '/test_key.pem'),
+                cert: fs.readFileSync(cert_dir + '/test_cert.pem'),
+                ca: [ fs.readFileSync(cert_dir + '/test_ca.pem') ] };
+
+var server = tls.createServer(options, onConnection);
+server.listen(8000);
+
+
+var initiated_connections = 0,
+    server_connections = 0,
+    client_connections = 0,
+    start = Date.now();
+
+for (var i = 0; i < concurrency; i++)
+  makeConnection();
+
+
+process.on('exit', onExit);
+
+
+function makeConnection() {
+  if (initiated_connections >= target_connections)
+    return;
+
+  initiated_connections++;
+
+  var conn = tls.connect(8000, function() {
+    client_connections++;
+
+    if (client_connections % 100 === 0)
+      console.log(client_connections + ' of ' + target_connections +
+                  ' connections made');
+
+    conn.end();
+    makeConnection();
+  });
+}
+
+
+function onConnection(conn) {
+  server_connections++;
+
+  if (server_connections === target_connections)
+    server.close();
+}
+
+
+function onExit() {
+  var end = Date.now(),
+      s = (end - start) / 1000,
+      persec = Math.round(target_connections / s);
+
+  assert.equal(initiated_connections, target_connections);
+  assert.equal(client_connections, target_connections);
+  assert.equal(server_connections, target_connections);
+
+  console.log('%d connections in %d s', target_connections, s);
+  console.log('%d connections per second', persec);
+}

common.gypi

@@ -1,6 +1,5 @@
 {
   'variables': {
-    'strict_aliasing%': 'false',     # turn on/off -fstrict-aliasing
     'visibility%': 'hidden',         # V8's visibility setting
     'target_arch%': 'ia32',          # set v8's target architecture
     'host_arch%': 'ia32',            # set v8's host architecture
@@ -8,6 +7,12 @@
     'library%': 'static_library',    # allow override to 'shared_library' for DLL/.so builds
     'component%': 'static_library',  # NB. these names match with what V8 expects
     'msvs_multi_core_compile': '0',  # we do enable multicore compiles, but not using the V8 way
+    'gcc_version%': 'unknown',
+    'clang%': 0,
+
+    # Turn on optimizations that may trigger compiler bugs.
+    # Use at your own risk. Do *NOT* report bugs if this option is enabled.
+    'node_unsafe_optimizations%': 0,
 
     # Enable V8's post-mortem debugging only on unix flavors.
     'conditions': [
@@ -42,19 +47,38 @@
         },
       },
       'Release': {
-        'cflags': [ '-O3', '-fdata-sections', '-ffunction-sections' ],
         'conditions': [
           ['target_arch=="x64"', {
             'msvs_configuration_platform': 'x64',
           }],
+          ['node_unsafe_optimizations==1', {
+            'cflags': [ '-O3', '-ffunction-sections', '-fdata-sections' ],
+            'ldflags': [ '-Wl,--gc-sections' ],
+          }, {
+            'cflags': [ '-O2', '-fno-strict-aliasing' ],
+            'cflags!': [ '-O3', '-fstrict-aliasing' ],
+            'conditions': [
+              # Required by the dtrace post-processor. Unfortunately,
+              # some gcc/binutils combos generate bad code when
+              # -ffunction-sections is enabled. Let's hope for the best.
+              ['OS=="solaris"', {
+                'cflags': [ '-ffunction-sections', '-fdata-sections' ],
+              }, {
+                'cflags!': [ '-ffunction-sections', '-fdata-sections' ],
+              }],
+              ['clang == 0 and gcc_version >= 40', {
+                'cflags': [ '-fno-tree-vrp' ],
+              }],
+              ['clang == 0 and gcc_version <= 44', {
+                'cflags': [ '-fno-tree-sink' ],
+              }],
+            ],
+          }],
           ['OS=="solaris"', {
             'cflags': [ '-fno-omit-frame-pointer' ],
             # pull in V8's postmortem metadata
             'ldflags': [ '-Wl,-z,allextract' ]
           }],
-          ['strict_aliasing!="true"', {
-            'cflags': [ '-fno-strict-aliasing' ],
-          }],
         ],
         'msvs_settings': {
           'VCCLCompilerTool': {
@@ -139,7 +163,7 @@
       [ 'OS=="linux" or OS=="freebsd" or OS=="openbsd" or OS=="solaris"', {
         'cflags': [ '-Wall', '-pthread', ],
         'cflags_cc': [ '-fno-rtti', '-fno-exceptions' ],
-        'ldflags': [ '-pthread', ],
+        'ldflags': [ '-pthread', '-rdynamic' ],
         'conditions': [
           [ 'target_arch=="ia32"', {
             'cflags': [ '-m32' ],
@@ -149,9 +173,6 @@
             'cflags': [ '-m64' ],
             'ldflags': [ '-m64' ],
           }],
-          [ 'OS=="linux"', {
-            'ldflags': [ '-rdynamic' ],
-          }],
           [ 'OS=="solaris"', {
             'cflags': [ '-pthreads' ],
             'ldflags': [ '-pthreads' ],
@@ -172,7 +193,6 @@
           'GCC_ENABLE_PASCAL_STRINGS': 'NO',        # No -mpascal-strings
           'GCC_THREADSAFE_STATICS': 'NO',           # -fno-threadsafe-statics
           'GCC_VERSION': '4.2',
-          'GCC_WARN_ABOUT_MISSING_NEWLINE': 'YES',  # -Wnewline-eof
           'PREBINDING': 'NO',                       # No -Wl,-prebind
           'MACOSX_DEPLOYMENT_TARGET': '10.5',       # -mmacosx-version-min=10.5
           'USE_HEADERMAP': 'NO',

configure

@@ -65,20 +65,43 @@ parser.add_option("--shared-v8-libname",
     dest="shared_v8_libname",
     help="Alternative lib name to link to (default: 'v8')")
 
+parser.add_option("--shared-openssl",
+    action="store_true",
+    dest="shared_openssl",
+    help="Link to a shared OpenSSl DLL instead of static linking")
+
+parser.add_option("--shared-openssl-includes",
+    action="store",
+    dest="shared_openssl_includes",
+    help="Directory containing OpenSSL header files")
+
+parser.add_option("--shared-openssl-libpath",
+    action="store",
+    dest="shared_openssl_libpath",
+    help="A directory to search for the shared OpenSSL DLLs")
+
+parser.add_option("--shared-openssl-libname",
+    action="store",
+    dest="shared_openssl_libname",
+    help="Alternative lib name to link to (default: 'crypto,ssl')")
+
+# deprecated
 parser.add_option("--openssl-use-sys",
     action="store_true",
-    dest="openssl_use_sys",
-    help="Use the system OpenSSL instead of one included with Node")
+    dest="shared_openssl",
+    help=optparse.SUPPRESS_HELP)
 
+# deprecated
 parser.add_option("--openssl-includes",
     action="store",
-    dest="openssl_includes",
-    help="A directory to search for the OpenSSL includes")
+    dest="shared_openssl_includes",
+    help=optparse.SUPPRESS_HELP)
 
+# deprecated
 parser.add_option("--openssl-libpath",
     action="store",
-    dest="openssl_libpath",
-    help="A directory to search for the OpenSSL libraries")
+    dest="shared_openssl_libpath",
+    help=optparse.SUPPRESS_HELP)
 
 parser.add_option("--no-ssl2",
     action="store_true",
@@ -136,11 +159,34 @@ parser.add_option("--dest-cpu",
     dest="dest_cpu",
     help="CPU architecture to build for. Valid values are: arm, ia32, x64")
 
+parser.add_option("--dest-os",
+    action="store",
+    dest="dest_os",
+    help="Operating system to build for. Valid values are: "
+         "win, mac, solaris, freebsd, linux")
+
 parser.add_option("--no-ifaddrs",
     action="store_true",
     dest="no_ifaddrs",
     help="Use on deprecated SunOS systems that do not support ifaddrs.h")
 
+parser.add_option("--with-arm-float-abi",
+    action="store",
+    dest="arm_float_abi",
+    help="Specifies which floating-point ABI to use. Valid values are: "
+         "soft, softfp, hard")
+
+# Using --unsafe-optimizations voids your warranty.
+parser.add_option("--unsafe-optimizations",
+    action="store_true",
+    dest="unsafe_optimizations",
+    help=optparse.SUPPRESS_HELP)
+
+parser.add_option("--tag",
+    action="store",
+    dest="tag",
+    help="Custom build tag")
+
 (options, args) = parser.parse_args()
 
 
@@ -166,8 +212,8 @@ def pkg_config(pkg):
   return (libs, cflags)
 
 
-def host_arch_cc():
-  """Host architecture check using the CC command."""
+def cc_macros():
+  """Checks predefined macros using the CC command."""
 
   try:
     p = subprocess.Popen(CC.split() + ['-dM', '-E', '-'],
@@ -196,6 +242,52 @@ def host_arch_cc():
       key = lst[1]
       val = lst[2]
       k[key] = val
+  return k
+
+
+def is_arch_armv7():
+  """Check for ARMv7 instructions"""
+  cc_macros_cache = cc_macros()
+  return ('__ARM_ARCH_7__' in cc_macros_cache or
+          '__ARM_ARCH_7A__' in cc_macros_cache or
+          '__ARM_ARCH_7R__' in cc_macros_cache or
+          '__ARM_ARCH_7M__' in cc_macros_cache)
+
+
+def arm_hard_float_abi():
+  """Check for hardfloat or softfloat eabi on ARM"""
+  # GCC versions 4.6 and above define __ARM_PCS or __ARM_PCS_VFP to specify
+  # the Floating Point ABI used (PCS stands for Procedure Call Standard).
+  # We use these as well as a couple of other defines to statically determine
+  # what FP ABI used.
+  # GCC versions 4.4 and below don't support hard-fp.
+  # GCC versions 4.5 may support hard-fp without defining __ARM_PCS or
+  # __ARM_PCS_VFP.
+
+  if compiler_version() >= (4, 6, 0):
+    return '__ARM_PCS_VFP' in cc_macros()
+  elif compiler_version() < (4, 5, 0):
+    return False
+  elif '__ARM_PCS_VFP' in cc_macros():
+    return True
+  elif ('__ARM_PCS' in cc_macros() or
+        '__SOFTFP' in cc_macros() or
+        not '__VFP_FP__' in cc_macros()):
+    return False
+  else:
+    print '''Node.js configure error: Your version of GCC does not report
+      the Floating-Point ABI to compile for your hardware
+
+      Please manually specify which floating-point ABI to use with the
+      --with-arm-float-abi option.
+      '''
+    sys.exit()
+
+
+def host_arch_cc():
+  """Host architecture check using the CC command."""
+
+  k = cc_macros()
 
   matchup = {
     '__x86_64__'  : 'x64',
@@ -227,66 +319,77 @@ def host_arch_win():
   return matchup.get(arch, 'ia32')
 
 
-def host_arch():
-  """Host architecture. One of arm, ia32 or x64."""
-  if os.name == 'nt':
-    arch = host_arch_win()
-  else:
-    arch = host_arch_cc()
-  return arch
-
-
-def target_arch():
-  return host_arch()
-
-def cc_version():
+def compiler_version():
   try:
-    proc = subprocess.Popen([CC, '-v'], stderr=subprocess.PIPE)
-  except OSError:
-    return None
-  lines = proc.communicate()[1].split('\n')
-  version_line = None
-  for i, line in enumerate(lines):
-    if 'version' in line:
-      version_line = line
-  if not version_line:
-    return None
-  version = version_line.split("version")[1].strip().split()[0].split(".")
-  if not version:
-    return None
-  return ['LLVM' in version_line] + version
+    proc = subprocess.Popen(CC.split() + ['--version'], stdout=subprocess.PIPE)
+  except WindowsError:
+    return (0, False)
+
+  is_clang = 'clang' in proc.communicate()[0].split('\n')[0]
+
+  proc = subprocess.Popen(CC.split() + ['-dumpversion'], stdout=subprocess.PIPE)
+  version = tuple(map(int, proc.communicate()[0].split('.')))
+
+  return (version, is_clang)
+
+
+def configure_arm(o):
+  # V8 on ARM requires that armv7 is set. CPU Model detected by
+  # the presence of __ARM_ARCH_7__ and the like defines in compiler
+  if options.arm_float_abi:
+    hard_float = options.arm_float_abi == 'hard'
+  else:
+    hard_float = arm_hard_float_abi()
+  o['variables']['v8_use_arm_eabi_hardfloat'] = b(hard_float)
+
+  armv7 = is_arch_armv7()
+  if armv7:
+    # CHECKME VFPv3 implies ARMv7+ but is the reverse true as well?
+    o['variables']['arm_fpu'] = 'vfpv3'
+    o['variables']['arm_neon'] = 0
+  o['variables']['armv7'] = int(armv7)
+
 
 def configure_node(o):
   # TODO add gdb
-  o['variables']['node_prefix'] = options.prefix if options.prefix else ''
+  o['variables']['v8_no_strict_aliasing'] = 1 # work around compiler bugs
+  o['variables']['node_prefix'] = os.path.expanduser(options.prefix or '')
   o['variables']['node_install_npm'] = b(not options.without_npm)
   o['variables']['node_install_waf'] = b(not options.without_waf)
-  o['variables']['host_arch'] = host_arch()
-  o['variables']['target_arch'] = options.dest_cpu or target_arch()
+  o['variables']['node_unsafe_optimizations'] = (
+    1 if options.unsafe_optimizations else 0)
   o['default_configuration'] = 'Debug' if options.debug else 'Release'
 
-  # turn off strict aliasing if gcc < 4.6.0 unless it's llvm-gcc
-  # see http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45883
-  # see http://code.google.com/p/v8/issues/detail?id=884
-  o['variables']['strict_aliasing'] = b(
-    'clang' in CC or cc_version() >= [False, 4, 6, 0])
+  host_arch = host_arch_win() if os.name == 'nt' else host_arch_cc()
+  target_arch = options.dest_cpu or host_arch
+  o['variables']['host_arch'] = host_arch
+  o['variables']['target_arch'] = target_arch
+
+  if target_arch == 'arm':
+    configure_arm(o)
+
+  cc_version, is_clang = compiler_version()
+  o['variables']['clang'] = 1 if is_clang else 0
+
+  if not is_clang and cc_version != 0:
+    o['variables']['gcc_version'] = 10 * cc_version[0] + cc_version[1]
 
   # clang has always supported -fvisibility=hidden, right?
-  if 'clang' not in CC and cc_version() < [False, 4, 0, 0]:
+  if not is_clang and cc_version < (4,0,0):
     o['variables']['visibility'] = ''
 
   # By default, enable DTrace on SunOS systems. Don't allow it on other
   # systems, since it won't work.  (The MacOS build process is different than
   # SunOS, and we haven't implemented it.)
   if sys.platform.startswith('sunos'):
-    o['variables']['node_use_dtrace'] = b(not options.without_dtrace);
-    # Strict aliasing causes problems with the V8 snapshots on SunOS
-    o['variables']['strict_aliasing'] = b(False);
+    o['variables']['node_use_dtrace'] = b(not options.without_dtrace)
   elif b(options.with_dtrace) == 'true':
     raise Exception('DTrace is currently only supported on SunOS systems.')
   else:
     o['variables']['node_use_dtrace'] = 'false'
 
+  if options.no_ifaddrs:
+    o['defines'] += ['SUNOS_NO_IFADDRS']
 
   # By default, enable ETW on Windows.
   if sys.platform.startswith('win32'):
@@ -296,6 +399,11 @@ def configure_node(o):
   else:
     o['variables']['node_use_etw'] = 'false'
 
+  if options.tag:
+    o['variables']['node_tag'] = '-' + options.tag
+  else:
+    o['variables']['node_tag'] = ''
+
 
 def configure_libz(o):
   o['variables']['node_shared_zlib'] = b(options.shared_zlib)
@@ -324,40 +432,35 @@ def configure_v8(o):
     o['libraries'] += ['-lv8']
   if options.shared_v8_includes:
     o['include_dirs'] += [options.shared_v8_includes]
-    o['variables']['node_shared_v8_includes'] = options.shared_v8_includes
 
 
 def configure_openssl(o):
   o['variables']['node_use_openssl'] = b(not options.without_ssl)
+  o['variables']['node_shared_openssl'] = b(options.shared_openssl)
 
   if options.without_ssl:
     return
 
-  if options.no_ifaddrs:
-    o['defines'] += ['SUNOS_NO_IFADDRS']
-
   if options.no_ssl2:
     o['defines'] += ['OPENSSL_NO_SSL2=1']
 
-  if not options.openssl_use_sys:
-    o['variables']['node_shared_openssl'] = b(False)
-  else:
-    out = pkg_config('openssl')
-    (libs, cflags) = out if out else ('', '')
+  if options.shared_openssl:
+    (libs, cflags) = pkg_config('openssl') or ('-lssl -lcrypto', '')
 
-    if options.openssl_libpath:
-      o['libraries'] += ['-L%s' % options.openssl_libpath, '-lssl', '-lcrypto']
+    if options.shared_openssl_libpath:
+      o['libraries'] += ['-L%s' % options.shared_openssl_libpath]
+
+    if options.shared_openssl_libname:
+      libnames = options.shared_openssl_libname.split(',')
+      o['libraries'] += ['-l%s' % s for s in libnames]
     else:
       o['libraries'] += libs.split()
 
-    if options.openssl_includes:
-      o['include_dirs'] += [options.openssl_includes]
+    if options.shared_openssl_includes:
+      o['include_dirs'] += [options.shared_openssl_includes]
     else:
       o['cflags'] += cflags.split()
 
-    o['variables']['node_shared_openssl'] = b(
-      libs or cflags or options.openssl_libpath or options.openssl_includes)
-
 
 output = {
   'variables': {},
@@ -395,7 +498,10 @@ write('config.mk', "# Do not edit. Generated by the configure script.\n" +
   ("BUILDTYPE=%s\n" % ('Debug' if options.debug else 'Release')))
 
 if os.name == 'nt':
-  subprocess.call(['python', 'tools/gyp_node', '-f', 'msvs',
-                                               '-G', 'msvs_version=2010'])
+  gyp_args = ['-f', 'msvs', '-G', 'msvs_version=2010']
+elif options.dest_os:
+  gyp_args = ['-f', 'make-' + options.dest_os]
 else:
-  subprocess.call(['tools/gyp_node', '-f', 'make'])
+  gyp_args = ['-f', 'make']
+
+subprocess.call([sys.executable, 'tools/gyp_node'] + gyp_args)

deps/npm/.npmignore

@@ -1,16 +1,17 @@
 *.swp
-test/bin
-test/output.log
-test/packages/*/node_modules
-test/packages/npm-test-depends-on-spark/which-spark.log
-test/packages/test-package/random-data.txt
-test/root
-node_modules/ronn
-node_modules/.bin
+.*.swp
 npm-debug.log
-./npmrc
-.gitignore
-release/
+/test/bin
+/test/output.log
+/test/packages/*/node_modules
+/test/packages/npm-test-depends-on-spark/which-spark.log
+/test/packages/test-package/random-data.txt
+/test/root
+node_modules/ronn
+node_modules/tap
+node_modules/.bin
+/npmrc
+/release/
 
 # don't need these in the npm package.
 html/*.png
@@ -18,3 +19,7 @@ html/*.png
 # don't ignore .npmignore files
 # these are used in some tests.
 !.npmignore
+
+/npm-*.tgz
+
+*.pyc

deps/npm/.tern-project

@@ -0,0 +1,7 @@
+{
+  "libs": [
+  ],
+  "plugins": {
+    "node": {}
+  }
+}

deps/npm/.travis.yml

@@ -1,4 +0,0 @@
-language: node_js
-before_install: "make &>out || cat out; rm out"
-node_js:
-  - 0.6

deps/npm/AUTHORS

@@ -69,3 +69,24 @@ Aaron Stacy <aaron.r.stacy@gmail.com>
 Phillip Howell <phowell@cothm.org>
 Domenic Denicola <domenic@domenicdenicola.com>
 James Halliday <mail@substack.net>
+Jeremy Cantrell <jmcantrell@gmail.com>
+Ribettes <patlogan29@gmail.com>
+Einar Otto Stangvik <einaros@gmail.com>
+Don Park <donpark@docuverse.com>
+Kei Son <heyacct@gmail.com>
+Nicolas Morel <marsup@gmail.com>
+Mark Dube <markisdee@gmail.com>
+Nathan Rajlich <nathan@tootallnate.net>
+Maxim Bogushevich <boga1@mail.ru>
+Justin Beckwith <justbe@microsoft.com>
+Meaglin <Meaglin.wasabi@gmail.com>
+Ben Evans <ben@bensbit.co.uk>
+Nathan Zadoks <nathan@nathan7.eu>
+Brian White <mscdex@gmail.com>
+Jed Schmidt <tr@nslator.jp>
+Ian Livingstone <ianl@cs.dal.ca>
+Patrick Pfeiffer <patrick@buzzle.at>
+Paul Miller <paul@paulmillr.com>
+seebees <seebees@gmail.com>
+Carl Lange <carl@flax.ie>
+Jan Lehnardt <jan@apache.org>

deps/npm/LICENSE

@@ -1,4 +1,4 @@
-Copyright 2009-2012, Isaac Z. Schlueter (the "Original Author")
+Copyright (c) Isaac Z. Schlueter (the "Original Author")
 All rights reserved.
 
 MIT +no-false-attribs License
@@ -42,23 +42,24 @@ Original Author, when distributed with the Software.
 part of the Node.js project, and is neither owned by nor
 officially affiliated with Joyent, Inc.
 
-Packages published in the npm registry are not part of npm
-itself, are the sole property of their respective maintainers,
-and are not covered by this license.
+Packages published in the npm registry (other than the Software and
+its included dependencies) are not part of npm itself, are the sole
+property of their respective maintainers, and are not covered by
+this license.
 
 "npm Logo" created by Mathias Pettersson and Brian Hammond,
 used with permission.
 
 "Gubblebum Blocky" font
-Copyright (c) 2007 by Tjarda Koster, http://jelloween.deviantart.com
+Copyright (c) by Tjarda Koster, http://jelloween.deviantart.com
 included for use in the npm website and documentation,
 used with permission.
 
-This program uses "node-uuid", Copyright (c) 2010 Robert Kieffer,
-according to the terms of the MIT license.
-
-This program uses "request", Copyright (c) 2011 Mikeal Rogers,
+This program uses "request", Copyright (c) Mikeal Rogers,
 according to the terms of the Apache license.
 
-This program uses "mkdirp",  Copyright (c) 2010 James Halliday,
+This program uses "mkdirp",  Copyright (c) James Halliday,
 according to the terms of the MIT/X11 license.
+
+This program uses "opener", Copyright (c) Domenic Denicola,
+according to the terms of the DWTFPL2 license.

deps/npm/Makefile

@@ -92,7 +92,7 @@ doc/cli/index.md: $(markdowns) scripts/index-build.js scripts/doc-build.sh packa
 	node scripts/index-build.js > $@
 
 node_modules/.bin/ronn:
-	node cli.js install https://github.com/isaacs/ronnjs/tarball/master
+	node cli.js install ronn
 
 doc: man
 
@@ -101,16 +101,10 @@ man: $(cli_docs) $(api_docs)
 test:
 	node cli.js test
 
-version: link
-	git add package.json &&\
-	git ci -m v$(shell npm -v)
-
 publish: link doc
-	@git tag -d v$(shell npm -v) || true
 	@git push origin :v$(shell npm -v) || true
 	@npm unpublish npm@$(shell npm -v) || true
 	git clean -fd
-	git tag -s -m v$(shell npm -v) v$(shell npm -v) &&\
 	git push origin --tags &&\
 	npm publish &&\
 	npm tag npm@$(shell npm -v) $(shell npm -v | awk -F. '{print $$1 "." $$2}') &&\
@@ -119,18 +113,26 @@ publish: link doc
 
 docpublish: doc-publish
 doc-publish: doc
-	rsync -vazu --stats --no-implied-dirs --delete html/doc/ npmjs.org:/var/www/npmjs.org/public/doc
-	rsync -vazu --stats --no-implied-dirs --delete html/api/ npmjs.org:/var/www/npmjs.org/public/api
-	rsync -vazu --stats --no-implied-dirs --delete html/webfonts/ npmjs.org:/var/www/npmjs.org/public/webfonts
-	scp html/style.css npmjs.org:/var/www/npmjs.org/public/
+	rsync -vazu --stats --no-implied-dirs --delete \
+		html/doc/ \
+		node@npmjs.org:/home/node/npm-www/doc
+	rsync -vazu --stats --no-implied-dirs --delete \
+		html/api/ \
+		node@npmjs.org:/home/node/npm-www/api
+	rsync -vazu --stats --no-implied-dirs --delete \
+		html/static/webfonts/ \
+		node@npmjs.org:/home/node/npm-www/static/webfonts
+	rsync -vazu --stats --no-implied-dirs --delete \
+		html/static/style.css \
+		node@npmjs.org:/home/node/npm-www/static/
 
 zip-publish: release
-	scp release/* npmjs.org:/var/www/npmjs.org/public/dist/
+	scp release/* node@nodejs.org:dist/npm/
 
 release:
 	@bash scripts/release.sh
 
 sandwich:
-	@[ $$(whoami) = "root" ] && (echo "ok"; echo "ham" > sandwich) || echo "make it yourself"
+	@[ $$(whoami) = "root" ] && (echo "ok"; echo "ham" > sandwich) || echo "make it yourself" && exit 13
 
 .PHONY: all latest install dev link doc clean uninstall test man doc-publish doc-clean docclean docpublish release zip-publish

deps/npm/README.md

@@ -9,7 +9,7 @@ Much more info available via `npm help` once it's installed.
 
 ## IMPORTANT
 
-**You need node v0.6 or higher to run this program.**
+**You need node v0.8 or higher to run this program.**
 
 To install an old **and unsupported** version of npm that works on node 0.3
 and prior, clone the git repo and dig through the old tags and branches.
@@ -35,31 +35,18 @@ paths, etc.) then read on.
 
 ## Fancy Install (Unix)
 
-To install npm with one command, do this:
-
-    curl http://npmjs.org/install.sh | sh
-
-To skip the npm 0.x cleanup, do this:
-
-    curl http://npmjs.org/install.sh | clean=no sh
-
-To say "yes" to the 0.x cleanup, but skip the prompt:
-
-    curl http://npmjs.org/install.sh | clean=yes sh
-
-If you get permission errors, you'll need to **run** the script as root.
-(Note, just putting `sudo` in front of the `curl` will **fetch** the script
-as root.)
+There's a pretty robust install script at
+<https://npmjs.org/install.sh>.  You can download that and run it.
 
 ### Slightly Fancier
 
 You can set any npm configuration params with that script:
 
-    curl http://npmjs.org/install.sh | npm_config_prefix=/some/path sh
+    npm_config_prefix=/some/path sh install.sh
 
 Or, you can run it in uber-debuggery mode:
 
-    curl http://npmjs.org/install.sh | npm_debug=1 sh
+    npm_debug=1 sh install.sh
 
 ### Even Fancier
 
@@ -73,7 +60,7 @@ for testing, or running stuff without actually installing npm itself.)
 
 ## Fancy Windows Install
 
-You can download a zip file from <http://npmjs.org/dist/>, and unpack it
+You can download a zip file from <https://npmjs.org/dist/>, and unpack it
 in the same folder where node.exe lives.
 
 If that's not fancy enough for you, then you can fetch the code with
@@ -83,21 +70,6 @@ git, and mess with it directly.
 
 No.
 
-## Dev Install
-
-To install the latest **unstable** development version from git:
-
-    git clone https://github.com/isaacs/npm.git
-    cd npm
-    sudo make install     # (or: `node cli.js install -gf`)
-
-If you're sitting in the code folder reading this document in your
-terminal, then you've already got the code.  Just do:
-
-    sudo make install
-
-and npm will install itself.
-
 ## Permissions when Using npm to Install Other Stuff
 
 **tl;dr**
@@ -163,6 +135,14 @@ you have chosen.
 If you would like to use npm programmatically, you can do that.
 It's not very well documented, but it *is* rather simple.
 
+Most of the time, unless you actually want to do all the things that
+npm does, you should try using one of npm's dependencies rather than
+using npm itself, if possible.
+
+Eventually, npm will be just a thin cli wrapper around the modules
+that it depends on, but for now, there are some things that you must
+use npm itself to do.
+
     var npm = require("npm")
     npm.load(myConfigObject, function (er) {
       if (er) return handlError(er)
@@ -189,14 +169,13 @@ help config` to learn about all the options you can set there.
 
 ## More Docs
 
-Check out the [docs](http://npmjs.org/doc/),
-especially the [faq](http://npmjs.org/doc/faq.html).
+Check out the [docs](https://npmjs.org/doc/),
+especially the [faq](https://npmjs.org/doc/faq.html).
 
 You can use the `npm help` command to read any of them.
 
 If you're a developer, and you want to use npm to publish your program,
-you should
-[read this](http://npmjs.org/doc/developers.html)
+you should [read this](https://npmjs.org/doc/developers.html)
 
 ## Legal Stuff
 
@@ -242,7 +221,7 @@ If this concerns you, inspect the source before using packages.
 When you find issues, please report them:
 
 * web:
-  <http://github.com/isaacs/npm/issues>
+  <https://github.com/isaacs/npm/issues>
 * email:
   <npm-@googlegroups.com>
 

deps/npm/bin/npm-cli.js

@@ -22,10 +22,10 @@ log.info("it worked if it ends with", "ok")
 var fs = require("graceful-fs")
   , path = require("path")
   , npm = require("../lib/npm.js")
-  , ini = require("../lib/utils/ini.js")
+  , npmconf = require("npmconf")
   , errorHandler = require("../lib/utils/error-handler.js")
 
-  , configDefs = require("../lib/utils/config-defs.js")
+  , configDefs = npmconf.defs
   , shorthands = configDefs.shorthands
   , types = configDefs.types
   , nopt = require("nopt")
@@ -50,10 +50,9 @@ if (conf.version) {
 }
 
 if (conf.versions) {
-  var v = process.versions
-  v.npm = npm.version
-  console.log(v)
-  return
+  npm.command = "version"
+  conf.usage = false
+  npm.argv = []
 }
 
 log.info("using", "npm@%s", npm.version)

deps/npm/doc/api/deprecate.md

@@ -25,6 +25,8 @@ The 'args' parameter must have exactly two elements:
 Note that you must be the package owner to deprecate something.  See the
 `owner` and `adduser` help topics.
 
+To un-deprecate a package, specify an empty string (`""`) for the `message` argument.
+
 ## SEE ALSO
 
 * npm-publish(3)

deps/npm/doc/api/npm.md

@@ -4,7 +4,7 @@ npm(3) -- node package manager
 ## SYNOPSIS
 
     var npm = require("npm")
-    npm.load(configObject, function (er, npm) {
+    npm.load([configObject,] function (er, npm) {
       // use the npm object, now that it's loaded.
 
       npm.config.set(key, val)
@@ -25,12 +25,13 @@ This is the API documentation for npm.
 To find documentation of the command line
 client, see `npm(1)`.
 
-Prior to using npm's commands,
-`npm.load()` must be called with an object hash of
-top-level configs.  In the npm command line client,
-this set of configs is parsed from the command line options.  Additional
-configuration params are loaded from two configuration files.  See
-`npm-config(1)` for more information.
+Prior to using npm's commands, `npm.load()` must be called.
+If you provide `configObject` as an object hash of top-level
+configs, they override the values stored in the various config
+locations. In the npm command line client, this set of configs
+is parsed from the command line options. Additional configuration
+params are loaded from two configuration files. See `npm-config(1)`
+for more information.
 
 After that, each of the functions are accessible in the
 commands object: `npm.commands.<cmd>`.  See `npm-index(1)` for a list of

deps/npm/doc/cli/bugs.md

@@ -15,7 +15,7 @@ config param.
 
 ### browser
 
-* Default: OS X: `"open"`, others: `"google-chrome"`
+* Default: OS X: `"open"`, Windows: `"start"`, Others: `"xdg-open"`
 * Type: String
 
 The browser that is called by the `npm bugs` command to open websites.

deps/npm/doc/cli/coding-style.md

@@ -10,6 +10,8 @@ designed to reduce visual clutter and make bugs more apparent.
 If you want to contribute to npm (which is very encouraged), you should
 make your code conform to npm's style.
 
+Note: this concerns npm's code not the specific packages at npmjs.org
+
 ## Line Length
 
 Keep lines shorter than 80 characters.  It's better for lines to be

deps/npm/doc/cli/config.md

@@ -36,11 +36,15 @@ work the same.
 `$HOME/.npmrc` (or the `userconfig` param, if set above)
 
 This file is an ini-file formatted list of `key = value` parameters.
+Environment variables can be replaced using `${VARIABLE_NAME}`. For example:
+
+    prefix = ${HOME}/.npm-packages
 
 ### Global config file
 
 `$PREFIX/etc/npmrc` (or the `globalconfig` param, if set above):
-This file is an ini-file formatted list of `key = value` parameters
+This file is an ini-file formatted list of `key = value` parameters.
+Environment variables can be replaced as above.
 
 ### Built-in config file
 
@@ -112,7 +116,6 @@ The following shorthands are parsed on the command-line:
 * `-reg`: `--registry`
 * `-v`: `--version`
 * `-f`: `--force`
-* `-l`: `--long`
 * `-desc`: `--description`
 * `-S`: `--save`
 * `-D`: `--save-dev`
@@ -168,9 +171,21 @@ then the user could change the behavior by doing:
 Force npm to always require authentication when accessing the registry,
 even for `GET` requests.
 
+### bin-links
+
+* Default: `true`
+* Type: Boolean
+
+Tells npm to create symlinks (or `.cmd` shims on Windows) for package
+executables.
+
+Set to false to have it not do this.  This can be used to work around
+the fact that some file systems don't support symlinks, even on
+ostensibly Unix systems.
+
 ### browser
 
-* Default: OS X: `"open"`, others: `"google-chrome"`
+* Default: OS X: `"open"`, Windows: `"start"`, Others: `"xdg-open"`
 * Type: String
 
 The browser that is called by the `npm docs` command to open websites.
@@ -195,6 +210,27 @@ See also the `strict-ssl` config.
 
 The location of npm's cache directory.  See `npm-cache(1)`
 
+### cache-lock-stale
+
+* Default: 60000 (1 minute)
+* Type: Number
+
+The number of ms before cache folder lockfiles are considered stale.
+
+### cache-lock-retries
+
+* Default: 10
+* Type: Number
+
+Number of times to retry to acquire a lock on cache folder lockfiles.
+
+### cache-lock-wait
+
+* Default: 10000 (10 seconds)
+* Type: Number
+
+Number of ms to wait for cache lock files to expire.
+
 ### cache-max
 
 * Default: Infinity
@@ -208,7 +244,7 @@ explicitly used, and that only GET requests use the cache.
 
 ### cache-min
 
-* Default: 0
+* Default: 10
 * Type: Number
 
 The minimum time (in seconds) to keep items in the registry cache before
@@ -266,6 +302,15 @@ set.
 
 The command to run for `npm edit` or `npm config edit`.
 
+### engine-strict
+
+* Default: false
+* Type: Boolean
+
+If set to true, then npm will stubbornly refuse to install (or even
+consider installing) any package that claims to not be compatible with
+the current Node.js version.
+
 ### force
 
 * Default: false
@@ -278,6 +323,38 @@ Makes various commands more forceful.
 * skips cache when requesting from the registry.
 * prevents checks against clobbering non-npm files.
 
+### fetch-retries
+
+* Default: 2
+* Type: Number
+
+The "retries" config for the `retry` module to use when fetching
+packages from the registry.
+
+### fetch-retry-factor
+
+* Default: 10
+* Type: Number
+
+The "factor" config for the `retry` module to use when fetching
+packages.
+
+### fetch-retry-mintimeout
+
+* Default: 10000 (10 seconds)
+* Type: Number
+
+The "minTimeout" config for the `retry` module to use when fetching
+packages.
+
+### fetch-retry-maxtimeout
+
+* Default: 60000 (1 minute)
+* Type: Number
+
+The "maxTimeout" config for the `retry` module to use when fetching
+packages.
+
 ### git
 
 * Default: `"git"`
@@ -296,10 +373,10 @@ Operates in "global" mode, so that packages are installed into the
 `prefix` folder instead of the current working directory.  See
 `npm-folders(1)` for more on the differences in behavior.
 
-* packages are installed into the `prefix/node_modules` folder, instead of the
+* packages are installed into the `{prefix}/lib/node_modules` folder, instead of the
   current working directory.
-* bin files are linked to `prefix/bin`
-* man pages are linked to `prefix/share/man`
+* bin files are linked to `{prefix}/bin`
+* man pages are linked to `{prefix}/share/man`
 
 ### globalconfig
 
@@ -337,7 +414,7 @@ A proxy to use for outgoing https requests.
 
 ### user-agent
 
-* Default: npm/{npm.version} node/{process.version}
+* Default: node/{process.version} {process.platform} {process.arch}
 * Type: String
 
 Sets a User-Agent to the request header
@@ -439,6 +516,9 @@ It cannot be set from the command line, but if you are using npm
 programmatically, you may wish to send logs to somewhere other than
 stderr.
 
+If the `color` config is set to true, then this stream will receive
+colored output if it is a TTY.
+
 ### long
 
 * Default: false
@@ -485,6 +565,15 @@ The url to report npat test results.
 A node module to `require()` when npm loads.  Useful for programmatic
 usage.
 
+### optional
+
+* Default: true
+* Type: Boolean
+
+Attempt to install packages in the `optionalDependencies` hash.  Note
+that if these packages fail to install, the overall installation
+process is not aborted.
+
 ### parseable
 
 * Default: false
@@ -495,7 +584,7 @@ standard output.
 
 ### prefix
 
-* Default: node's process.installPrefix
+* Default: see npm-folders(1)
 * Type: path
 
 The location to install global items.  If set on the command line, then
@@ -632,6 +721,25 @@ character to indicate reverse sort.
 
 The shell to run for the `npm explore` command.
 
+### shrinkwrap
+
+* Default: true
+* Type: Boolean
+
+If set to false, then ignore `npm-shrinkwrap.json` files when
+installing.
+
+### sign-git-tag
+
+* Default: false
+* Type: Boolean
+
+If set to true, then the `npm version` command will tag the version
+using `-s` to add a signature.
+
+Note that git requires you to have set up GPG keys in your git configs
+for this to work properly.
+
 ### strict-ssl
 
 * Default: true

deps/npm/doc/cli/dedupe.md

@@ -0,0 +1,53 @@
+npm-dedupe(1) -- Reduce duplication
+===================================
+
+## SYNOPSIS
+
+    npm dedupe [package names...]
+
+## DESCRIPTION
+
+Searches the local package tree and attempts to simplify the overall
+structure by moving dependencies further up the tree, where they can
+be more effectively shared by multiple dependent packages.
+
+For example, consider this dependency graph:
+
+    a
+    +-- b <-- depends on c@1.0.x
+    |   `-- c@1.0.3
+    `-- d <-- depends on c@~1.0.9
+        `-- c@1.0.10
+
+In this case, `npm-dedupe(1)` will transform the tree to:
+
+    a
+    +-- b
+    +-- d
+    `-- c@1.0.10
+
+Because of the hierarchical nature of node's module lookup, b and d
+will both get their dependency met by the single c package at the root
+level of the tree.
+
+If a suitable version exists at the target location in the tree
+already, then it will be left untouched, but the other duplicates will
+be deleted.
+
+If no suitable version can be found, then a warning is printed, and
+nothing is done.
+
+If any arguments are supplied, then they are filters, and only the
+named packages will be touched.
+
+Note that this operation transforms the dependency tree, and may
+result in packages getting updated versions, perhaps from the npm
+registry.
+
+This feature is experimental, and may change in future versions.
+
+## SEE ALSO
+
+* npm-ls(1)
+* npm-update(1)
+* npm-install(1)

deps/npm/doc/cli/deprecate.md

@@ -18,6 +18,8 @@ something like this:
 Note that you must be the package owner to deprecate something.  See the
 `owner` and `adduser` help topics.
 
+To un-deprecate a package, specify an empty string (`""`) for the `message` argument.
+
 ## SEE ALSO
 
 * npm-publish(1)

deps/npm/doc/cli/developers.md

@@ -97,10 +97,34 @@ more info.
 ## Keeping files *out* of your package
 
 Use a `.npmignore` file to keep stuff out of your package.  If there's
-no .npmignore file, but there *is* a .gitignore file, then npm will
-ignore the stuff matched by the .gitignore file.  If you *want* to
-include something that is excluded by your .gitignore file, you can
-create an empty .npmignore file to override it.
+no `.npmignore` file, but there *is* a `.gitignore` file, then npm will
+ignore the stuff matched by the `.gitignore` file.  If you *want* to
+include something that is excluded by your `.gitignore` file, you can
+create an empty `.npmignore` file to override it.
+
+By default, the following paths and files are ignored, so there's no
+need to add them to `.npmignore` explicitly:
+
+* `.*.swp`
+* `._*`
+* `.DS_Store`
+* `.git`
+* `.hg`
+* `.lock-wscript`
+* `.svn`
+* `.wafpickle-*`
+* `CVS`
+* `npm-debug.log`
+
+Additionally, everything in `node_modules` is ignored, except for
+bundled dependencies. npm automatically handles this for you, so don't
+bother adding `node_modules` to `.npmignore`.
+
+The following paths and files are never ignored, so adding them to
+`.npmignore` is pointless:
+
+* `package.json`
+* `README.*`
 
 ## Link Packages
 

deps/npm/doc/cli/disputes.md

@@ -4,8 +4,10 @@ npm-disputes(1) -- Handling Module Name Disputes
 ## SYNOPSIS
 
 1. Get the author email with `npm owner ls <pkgname>`
-1. Email the author, CC <i@izs.me>.
-2. After a few weeks, if there's no resolution, we'll sort it out.
+2. Email the author, CC <i@izs.me>.
+3. After a few weeks, if there's no resolution, we'll sort it out.
+
+Don't squat on package names.  Publish code or move out of the way.
 
 ## DESCRIPTION
 
@@ -13,9 +15,9 @@ There sometimes arise cases where a user publishes a module, and then
 later, some other user wants to use that name.  Here are some common
 ways that happens (each of these is based on actual events.)
 
-1. Bob writes a JavaScript module `foo`, which is not node-specific.
-   Bob doesn't use node at all.  Joe wants to use `foo` in node, so he
-   wraps it in an npm module.  Some time later, Bob starts using node,
+1. Joe writes a JavaScript module `foo`, which is not node-specific.
+   Joe doesn't use node at all.  Bob   wants to use `foo` in node, so he
+   wraps it in an npm module.  Some time later, Joe starts using node,
    and wants to take over management of his program.
 2. Bob writes an npm module `foo`, and publishes it.  Perhaps much
    later, Joe finds a bug in `foo`, and fixes it.  He sends a pull
@@ -40,14 +42,15 @@ Joe's appropriate course of action in each case is the same.
 
 1. `npm owner ls foo`.  This will tell Joe the email address of the
    owner (Bob).
-2. Joe emails Bob, explaining the situation **as respecfully as possible**,
+2. Joe emails Bob, explaining the situation **as respectfully as possible**,
    and what he would like to do with the module name.  He adds
    isaacs <i@izs.me> to the CC list of the email.  Mention in the email
    that Bob can run `npm owner add joe foo` to add Joe as an owner of
    the `foo` package.
 3. After a reasonable amount of time, if Bob has not responded, or if
    Bob and Joe can't come to any sort of resolution, email isaacs
-   <i@izs.me> and we'll sort it out.
+   <i@izs.me> and we'll sort it out.  ("Reasonable" is usually about 4
+   weeks, but extra time is allowed around common holidays.)
 
 ## REASONING
 
@@ -69,12 +72,23 @@ Some things are not allowed, and will be removed without discussion if
 they are brought to the attention of the npm registry admins, including
 but not limited to:
 
-1. Malware (that is, a module designed to exploit or harm the machine on
-   which it is installed)
+1. Malware (that is, a package designed to exploit or harm the machine on
+   which it is installed).
 2. Violations of copyright or licenses (for example, cloning an
    MIT-licensed program, and then removing or changing the copyright and
-   license statement)
+   license statement).
 3. Illegal content.
+4. "Squatting" on a package name that you *plan* to use, but aren't
+   actually using.  Sorry, I don't care how great the name is, or how
+   perfect a fit it is for the thing that someday might happen.  If
+   someone wants to use it today, and you're just taking up space with
+   an empty tarball, you're going to be evicted.
+5. Putting empty packages in the registry.  Packages must have SOME
+   functionality.  It can be silly, but it can't be *nothing*.  (See
+   also: squatting.)
+6. Doing weird things with the registry, like using it as your own
+   personal application database or otherwise putting non-packagey
+   things into it.
 
 If you see bad behavior like this, please report it right away.
 

deps/npm/doc/cli/docs.md

@@ -16,7 +16,7 @@ config param.
 
 ### browser
 
-* Default: OS X: `"open"`, others: `"google-chrome"`
+* Default: OS X: `"open"`, Windows: `"start"`, Others: `"xdg-open"`
 * Type: String
 
 The browser that is called by the `npm docs` command to open websites.

deps/npm/doc/cli/faq.md

@@ -3,7 +3,7 @@ npm-faq(1) -- Frequently Asked Questions
 
 ## Where can I find these docs in HTML?
 
-<http://npmjs.org/doc/>, or run:
+<https://npmjs.org/doc/>, or run:
 
     npm config set viewer browser
 
@@ -72,6 +72,52 @@ Write your own package manager, then.  It's not that hard.
 
 npm will not help you do something that is known to be a bad idea.
 
+## `"node_modules"` is the name of my deity's arch-rival, and a Forbidden Word in my religion.  Can I configure npm to use a different folder?
+
+No.  This will never happen.  This question comes up sometimes,
+because it seems silly from the outside that npm couldn't just be
+configured to put stuff somewhere else, and then npm could load them
+from there.  It's an arbitrary spelling choice, right?  What's the big
+deal?
+
+At the time of this writing, the string `'node_modules'` appears 151
+times in 53 separate files in npm and node core (excluding tests and
+documentation).
+
+Some of these references are in node's built-in module loader.  Since
+npm is not involved **at all** at run-time, node itself would have to
+be configured to know where you've decided to stick stuff.  Complexity
+hurdle #1.  Since the Node module system is locked, this cannot be
+changed, and is enough to kill this request.  But I'll continue, in
+deference to your deity's delicate feelings regarding spelling.
+
+Many of the others are in dependencies that npm uses, which are not
+necessarily tightly coupled to npm (in the sense that they do not read
+npm's configuration files, etc.)  Each of these would have to be
+configured to take the name of the `node_modules` folder as a
+parameter.  Complexity hurdle #2.
+
+Furthermore, npm has the ability to "bundle" dependencies by adding
+the dep names to the `"bundledDependencies"` list in package.json,
+which causes the folder to be included in the package tarball.  What
+if the author of a module bundles its dependencies, and they use a
+different spelling for `node_modules`?  npm would have to rename the
+folder at publish time, and then be smart enough to unpack it using
+your locally configured name.  Complexity hurdle #3.
+
+Furthermore, what happens when you *change* this name?  Fine, it's
+easy enough the first time, just rename the `node_modules` folders to
+`./blergyblerp/` or whatever name you choose.  But what about when you
+change it again?  npm doesn't currently track any state about past
+configuration settings, so this would be rather difficult to do
+properly.  It would have to track every previous value for this
+config, and always accept any of them, or else yesterday's install may
+be broken tomorrow.  Complexity hurdle #5.
+
+Never going to happen.  The folder is named `node_modules`.  It is
+written indelibly in the Node Way, handed down from the ancient times
+of Node 0.3.
+
 ## Should I check my `node_modules` folder into git?
 
 Mikeal Rogers answered this question very well:
@@ -144,7 +190,7 @@ command.)
 
 In those cases, you can do this:
 
-    curl http://npmjs.org/install.sh | sh
+    curl https://npmjs.org/install.sh | sh
 
 ## What is a `package`?
 
@@ -175,12 +221,19 @@ an argument to `git checkout`.  The default is `master`.
 
 ## How do I install node with npm?
 
-You don't.  Try one of these:
+You don't.  Try one of these node version managers:
+
+Unix:
 
 * <http://github.com/isaacs/nave>
 * <http://github.com/visionmedia/n>
 * <http://github.com/creationix/nvm>
 
+Windows:
+
+* <http://github.com/marcelklehr/nodist>
+* <https://github.com/hakobera/nvmw>
+
 ## How can I use npm for development?
 
 See `npm-developers(1)` and `npm-json(1)`.
@@ -211,20 +264,29 @@ means that publishes go over HTTP by default in those versions of node.
 
 ## I forgot my password, and can't publish.  How do I reset it?
 
-Go to <http://admin.npmjs.org/reset>.
+Go to <https://npmjs.org/forgot>.
 
 ## I get ECONNREFUSED a lot.  What's up?
 
 Either the registry is down, or node's DNS isn't able to reach out.
 
-To check if the registry is down, open up
-<http://registry.npmjs.org/>
+To check if the registry is down, open up <http://registry.npmjs.org/>
 in a web browser.  This will also tell you if you are just unable to
 access the internet for some reason.
 
 If the registry IS down, let me know by emailing or posting an issue.
 We'll have someone kick it or something.
 
+## Why no namespaces?
+
+Please see this discussion: <https://github.com/isaacs/npm/issues/798>
+
+tl;dr - It doesn't actually make things better, and can make them worse.
+
+If you want to namespace your own packages, you may: simply use the
+`-` character to separate the names.  npm is a mostly anarchic system.
+There is not sufficient need to impose namespace rules on everyone.
+
 ## Who does npm?
 
 `npm view npm author`
@@ -236,7 +298,7 @@ We'll have someone kick it or something.
 Discuss it on the mailing list, or post an issue.
 
 * <npm-@googlegroups.com>
-* <http://github.com/isaacs/npm/issues>
+* <https://github.com/isaacs/npm/issues>
 
 ## Why does npm hate me?
 

deps/npm/doc/cli/folders.md

@@ -157,21 +157,21 @@ In this case, we might expect a folder structure like this:
     +-- node_modules
         +-- blerg (1.2.5) <---[A]
         +-- bar (1.2.3) <---[B]
-        |   +-- node_modules
-        |   |   `-- baz (2.0.2) <---[C]
-        |   |       `-- node_modules
-        |   |           `-- quux (3.2.0)
-        |   `-- asdf (2.3.4)
+        |   `-- node_modules
+        |       +-- baz (2.0.2) <---[C]
+        |       |   `-- node_modules
+        |       |       `-- quux (3.2.0)
+        |       `-- asdf (2.3.4)
         `-- baz (1.2.3) <---[D]
             `-- node_modules
                 `-- quux (3.2.0) <---[E]
 
-Since foo depends directly on bar@1.2.3 and baz@1.2.3, those are
+Since foo depends directly on `bar@1.2.3` and `baz@1.2.3`, those are
 installed in foo's `node_modules` folder.
 
 Even though the latest copy of blerg is 1.3.7, foo has a specific
 dependency on version 1.2.5.  So, that gets installed at [A].  Since the
-parent installation of blerg satisfie's bar's dependency on blerg@1.x,
+parent installation of blerg satisfies bar's dependency on `blerg@1.x`,
 it does not install another copy under [B].
 
 Bar [B] also has dependencies on baz and asdf, so those are installed in
@@ -179,11 +179,11 @@ bar's `node_modules` folder.  Because it depends on `baz@2.x`, it cannot
 re-use the `baz@1.2.3` installed in the parent `node_modules` folder [D],
 and must install its own copy [C].
 
-Underneath bar, the `baz->quux->bar` dependency creates a cycle.
-However, because `bar` is already in `quux`'s ancestry [B], it does not
+Underneath bar, the `baz -> quux -> bar` dependency creates a cycle.
+However, because bar is already in quux's ancestry [B], it does not
 unpack another copy of bar into that folder.
 
-Underneath `foo->baz` [D], quux's [E] folder tree is empty, because its
+Underneath `foo -> baz` [D], quux's [E] folder tree is empty, because its
 dependency on bar is satisfied by the parent folder copy installed at [B].
 
 For a graphical breakdown of what is installed where, use `npm ls`.

deps/npm/doc/cli/global.md

@@ -0,0 +1,209 @@
+npm-folders(1) -- Folder Structures Used by npm
+===============================================
+
+## DESCRIPTION
+
+npm puts various things on your computer.  That's its job.
+
+This document will tell you what it puts where.
+
+### tl;dr
+
+* Local install (default): puts stuff in `./node_modules` of the current
+  package root.
+* Global install (with `-g`): puts stuff in /usr/local or wherever node
+  is installed.
+* Install it **locally** if you're going to `require()` it.
+* Install it **globally** if you're going to run it on the command line.
+* If you need both, then install it in both places, or use `npm link`.
+
+### prefix Configuration
+
+The `prefix` config defaults to the location where node is installed.
+On most systems, this is `/usr/local`, and most of the time is the same
+as node's `process.installPrefix`.
+
+On windows, this is the exact location of the node.exe binary.  On Unix
+systems, it's one level up, since node is typically installed at
+`{prefix}/bin/node` rather than `{prefix}/node.exe`.
+
+When the `global` flag is set, npm installs things into this prefix.
+When it is not set, it uses the root of the current package, or the
+current working directory if not in a package already.
+
+### Node Modules
+
+Packages are dropped into the `node_modules` folder under the `prefix`.
+When installing locally, this means that you can
+`require("packagename")` to load its main module, or
+`require("packagename/lib/path/to/sub/module")` to load other modules.
+
+Global installs on Unix systems go to `{prefix}/lib/node_modules`.
+Global installs on Windows go to `{prefix}/node_modules` (that is, no
+`lib` folder.)
+
+If you wish to `require()` a package, then install it locally.
+
+### Executables
+
+When in global mode, executables are linked into `{prefix}/bin` on Unix,
+or directly into `{prefix}` on Windows.
+
+When in local mode, executables are linked into
+`./node_modules/.bin` so that they can be made available to scripts run
+through npm.  (For example, so that a test runner will be in the path
+when you run `npm test`.)
+
+### Man Pages
+
+When in global mode, man pages are linked into `{prefix}/share/man`.
+
+When in local mode, man pages are not installed.
+
+Man pages are not installed on Windows systems.
+
+### Cache
+
+See `npm-cache(1)`.  Cache files are stored in `~/.npm` on Posix, or
+`~/npm-cache` on Windows.
+
+This is controlled by the `cache` configuration param.
+
+### Temp Files
+
+Temporary files are stored by default in the folder specified by the
+`tmp` config, which defaults to the TMPDIR, TMP, or TEMP environment
+variables, or `/tmp` on Unix and `c:\windows\temp` on Windows.
+
+Temp files are given a unique folder under this root for each run of the
+program, and are deleted upon successful exit.
+
+## More Information
+
+When installing locally, npm first tries to find an appropriate
+`prefix` folder.  This is so that `npm install foo@1.2.3` will install
+to the sensible root of your package, even if you happen to have `cd`ed
+into some other folder.
+
+Starting at the $PWD, npm will walk up the folder tree checking for a
+folder that contains either a `package.json` file, or a `node_modules`
+folder.  If such a thing is found, then that is treated as the effective
+"current directory" for the purpose of running npm commands.  (This
+behavior is inspired by and similar to git's .git-folder seeking
+logic when running git commands in a working dir.)
+
+If no package root is found, then the current folder is used.
+
+When you run `npm install foo@1.2.3`, then the package is loaded into
+the cache, and then unpacked into `./node_modules/foo`.  Then, any of
+foo's dependencies are similarly unpacked into
+`./node_modules/foo/node_modules/...`.
+
+Any bin files are symlinked to `./node_modules/.bin/`, so that they may
+be found by npm scripts when necessary.
+
+### Global Installation
+
+If the `global` configuration is set to true, then npm will
+install packages "globally".
+
+For global installation, packages are installed roughly the same way,
+but using the folders described above.
+
+### Cycles, Conflicts, and Folder Parsimony
+
+Cycles are handled using the property of node's module system that it
+walks up the directories looking for `node_modules` folders.  So, at every
+stage, if a package is already installed in an ancestor `node_modules`
+folder, then it is not installed at the current location.
+
+Consider the case above, where `foo -> bar -> baz`.  Imagine if, in
+addition to that, baz depended on bar, so you'd have:
+`foo -> bar -> baz -> bar -> baz ...`.  However, since the folder
+structure is: `foo/node_modules/bar/node_modules/baz`, there's no need to
+put another copy of bar into `.../baz/node_modules`, since when it calls
+require("bar"), it will get the copy that is installed in
+`foo/node_modules/bar`.
+
+This shortcut is only used if the exact same
+version would be installed in multiple nested `node_modules` folders.  It
+is still possible to have `a/node_modules/b/node_modules/a` if the two
+"a" packages are different versions.  However, without repeating the
+exact same package multiple times, an infinite regress will always be
+prevented.
+
+Another optimization can be made by installing dependencies at the
+highest level possible, below the localized "target" folder.
+
+#### Example
+
+Consider this dependency graph:
+
+    foo
+    +-- blerg@1.2.5
+    +-- bar@1.2.3
+    |   +-- blerg@1.x (latest=1.3.7)
+    |   +-- baz@2.x
+    |   |   `-- quux@3.x
+    |   |       `-- bar@1.2.3 (cycle)
+    |   `-- asdf@*
+    `-- baz@1.2.3
+        `-- quux@3.x
+            `-- bar
+
+In this case, we might expect a folder structure like this:
+
+    foo
+    +-- node_modules
+        +-- blerg (1.2.5) <---[A]
+        +-- bar (1.2.3) <---[B]
+        |   +-- node_modules
+        |   |   `-- baz (2.0.2) <---[C]
+        |   |       `-- node_modules
+        |   |           `-- quux (3.2.0)
+        |   `-- asdf (2.3.4)
+        `-- baz (1.2.3) <---[D]
+            `-- node_modules
+                `-- quux (3.2.0) <---[E]
+
+Since foo depends directly on bar@1.2.3 and baz@1.2.3, those are
+installed in foo's `node_modules` folder.
+
+Even though the latest copy of blerg is 1.3.7, foo has a specific
+dependency on version 1.2.5.  So, that gets installed at [A].  Since the
+parent installation of blerg satisfie's bar's dependency on blerg@1.x,
+it does not install another copy under [B].
+
+Bar [B] also has dependencies on baz and asdf, so those are installed in
+bar's `node_modules` folder.  Because it depends on `baz@2.x`, it cannot
+re-use the `baz@1.2.3` installed in the parent `node_modules` folder [D],
+and must install its own copy [C].
+
+Underneath bar, the `baz->quux->bar` dependency creates a cycle.
+However, because `bar` is already in `quux`'s ancestry [B], it does not
+unpack another copy of bar into that folder.
+
+Underneath `foo->baz` [D], quux's [E] folder tree is empty, because its
+dependency on bar is satisfied by the parent folder copy installed at [B].
+
+For a graphical breakdown of what is installed where, use `npm ls`.
+
+### Publishing
+
+Upon publishing, npm will look in the `node_modules` folder.  If any of
+the items there are not in the `bundledDependencies` array, then they will
+not be included in the package tarball.
+
+This allows a package maintainer to install all of their dependencies
+(and dev dependencies) locally, but only re-publish those items that
+cannot be found elsewhere.  See `npm-json(1)` for more information.
+
+## SEE ALSO
+
+* npm-faq(1)
+* npm-json(1)
+* npm-install(1)
+* npm-pack(1)
+* npm-cache(1)
+* npm-config(1)
+* npm-publish(1)

deps/npm/doc/cli/index.md

@@ -46,6 +46,10 @@ npm-index(1) -- Index of all npm documentation
 
  Manage the npm configuration file
 
+## npm-dedupe(1)
+
+ Reduce duplication
+
 ## npm-deprecate(1)
 
  Deprecate a version of a package
@@ -78,6 +82,10 @@ npm-index(1) -- Index of all npm documentation
 
  Folder Structures Used by npm
 
+## npm-global(1)
+
+ Folder Structures Used by npm
+
 ## npm-help-search(1)
 
  Search npm help documentation
@@ -102,7 +110,7 @@ npm-index(1) -- Index of all npm documentation
 
  Symlink a package folder
 
-## npm-list(1)
+## npm-ls(1)
 
  List installed packages
 
@@ -150,6 +158,10 @@ npm-index(1) -- Index of all npm documentation
 
  Start a package
 
+## npm-rm(1)
+
+ Remove a package
+
 ## npm-root(1)
 
  Display npm root
@@ -178,6 +190,10 @@ npm-index(1) -- Index of all npm documentation
 
  Mark your favorite packages
 
+## npm-stars(1)
+
+ View packages marked as favorites
+
 ## npm-start(1)
 
  Start a package

deps/npm/doc/cli/install.md

@@ -165,6 +165,15 @@ rather than locally.  See `npm-folders(1)`.
 The `--link` argument will cause npm to link global installs into the
 local space in some cases.
 
+The `--no-bin-links` argument will prevent npm from creating symlinks for
+any binaries the package might contain.
+
+The `--no-shrinkwrap` argument, which will ignore an available
+shrinkwrap file and use the package.json instead.
+
+The `--nodedir=/path/to/node/source` argument will allow npm to find the
+node source code so that npm can compile native modules.
+
 See `npm-config(1)`.  Many of the configuration params have some
 effect on installation, since that's most of what npm does.
 

deps/npm/doc/cli/json.md

@@ -23,6 +23,11 @@ npm will default some values based on package contents.
   If there is a `wscript` file in the root of your package, npm will
   default the `preinstall` command to compile using node-waf.
 
+* `"scripts":{"preinstall": "node-gyp rebuild"}`
+
+  If there is a `binding.gyp` file in the root of your package, npm will
+  default the `preinstall` command to compile using node-gyp.
+
 * `"contributors": [...]`
 
   If there is an `AUTHORS` file in the root of your package, npm will
@@ -113,6 +118,27 @@ you can specify the value for "bugs" as a simple string instead of an object.
 
 If a url is provided, it will be used by the `npm bugs` command.
 
+## license
+
+You should specify a license for your package so that people know how they are
+permitted to use it, and any restrictions you're placing on it.
+
+The simplest way, assuming you're using a common license such as BSD or MIT, is
+to just specify the name of the license you're using, like this:
+
+    { "license" : "BSD" }
+
+If you have more complex licensing terms, or you want to provide more detail
+in your package.json file, you can use the more verbose plural form, like this:
+
+    "licenses" : [
+      { "type" : "MyLicense"
+      , "url" : "http://github.com/owner/project/path/to/license"
+      }
+    ]
+
+It's also a good idea to include a license file at the top level in your package.
+
 ## people fields: author, contributors
 
 The "author" is one person.  "contributors" is an array of people.  A "person"
@@ -361,8 +387,8 @@ a version in the following fashion.
 For example, the following are equivalent:
 
 * `"~1.2.3" = ">=1.2.3 <1.3.0"`
-* `"~1.2" = ">=1.2.0 <2.0.0"`
-* `"~1" = ">=1.0.0 <2.0.0"`
+* `"~1.2" = ">=1.2.0 <1.3.0"`
+* `"~1" = ">=1.0.0 <1.1.0"`
 
 ### X Version Ranges
 
@@ -411,9 +437,9 @@ In this case, it's best to list these additional items in a
 `devDependencies` hash.
 
 These things will be installed whenever the `--dev` configuration flag
-is set.  This flag is set automatically when doing `npm link`, and can
-be managed like any other npm configuration param.  See `npm-config(1)`
-for more on the topic.
+is set.  This flag is set automatically when doing `npm link` or when doing
+`npm install` from the root of a package, and can be managed like any other npm
+configuration param.  See `npm-config(1)` for more on the topic.
 
 ## bundledDependencies
 
@@ -453,8 +479,7 @@ Entries in `optionalDependencies` will override entries of the same name in
 
 ## engines
 
-You can specify the version of
-node that your stuff works on:
+You can specify the version of node that your stuff works on:
 
     { "engines" : { "node" : ">=0.1.27 <0.1.30" } }
 
@@ -470,6 +495,22 @@ are capable of properly installing your program.  For example:
 
     { "engines" : { "npm" : "~1.0.20" } }
 
+Note that, unless the user has set the `engine-strict` config flag, this
+field is advisory only.
+
+## engineStrict
+
+If you are sure that your module will *definitely not* run properly on
+versions of Node/npm other than those specified in the `engines` hash,
+then you can set `"engineStrict": true` in your package.json file.
+This will override the user's `engine-strict` config setting.
+
+Please do not do this unless you are really very very sure.  If your
+engines hash is something overly restrictive, you can quite easily and
+inadvertently lock yourself into obscurity and prevent your users from
+updating to new versions of Node.  Consider this choice carefully.  If
+people abuse it, it will be removed in a future version of npm.
+
 ## os
 
 You can specify which operating systems your

deps/npm/doc/cli/link.md

@@ -16,6 +16,9 @@ symbolic link from `prefix/package-name` to the current folder.
 Next, in some other location, `npm link package-name` will create a
 symlink from the local `node_modules` folder to the global symlink.
 
+Note that `package-name` is taken from `package.json` ,
+not from directory name.
+
 When creating tarballs for `npm publish`, the linked packages are
 "snapshotted" to their current state by resolving the symbolic links.
 

deps/npm/doc/cli/ls.md

@@ -3,20 +3,26 @@ npm-ls(1) -- List installed packages
 
 ## SYNOPSIS
 
-    npm list
-    npm ls
-    npm la
-    npm ll
+    npm list [<pkg> ...]
+    npm ls [<pkg> ...]
+    npm la [<pkg> ...]
+    npm ll [<pkg> ...]
 
 ## DESCRIPTION
 
 This command will print to stdout all the versions of packages that are
 installed, as well as their dependencies, in a tree-structure.
 
-It does not take positional arguments, though you may set config flags
-like with any other command, such as `-g` to list global packages.
+Positional arguments are `name@version-range` identifiers, which will
+limit the results to only the paths to the packages named.  Note that
+nested packages will *also* show the paths to the specified packages.
+For example, running `npm ls promzard` in npm's source tree will show:
 
-It will print out extraneous, missing, and invalid packages.
+    npm@@VERSION@ /path/to/npm
+    └─┬ init-package-json@0.0.4
+      └── promzard@0.1.5
+
+It will show print out extraneous, missing, and invalid packages.
 
 When run as `ll` or `la`, it shows extended information by default.
 

deps/npm/doc/cli/npm.md

@@ -64,7 +64,7 @@ following help topics:
   Especially, installing other peoples code from the registry is done via
   `npm install`
 * adduser:
-  Create an account or log in.  Creditials are stored in the
+  Create an account or log in.  Credentials are stored in the
   user config file.
 * publish:
   Use the `npm publish` command to upload your code to the registry.

deps/npm/doc/cli/registry.md

@@ -82,9 +82,7 @@ ask for help on the <npm-@googlegroups.com> mailing list.
 
 ## Is there a website or something to see package docs and such?
 
-No, but such a thing is planned, and a tiny bit developed.
-
-Stay tuned!
+Yes, head over to <https://npmjs.org/>
 
 ## SEE ALSO
 

deps/npm/doc/cli/rm.md

@@ -0,0 +1,19 @@
+npm-rm(1) -- Remove a package
+=============================
+
+## SYNOPSIS
+
+    npm rm <name>
+    npm uninstall <name>
+
+## DESCRIPTION
+
+This uninstalls a package, completely removing everything npm installed
+on its behalf.
+
+## SEE ALSO
+
+* npm-prune(1)
+* npm-install(1)
+* npm-folders(1)
+* npm-config(1)

deps/npm/doc/cli/scripts.md

@@ -6,6 +6,11 @@ npm-scripts(1) -- How npm handles the "scripts" field
 npm supports the "scripts" member of the package.json script, for the
 following scripts:
 
+* prepublish:
+  Run BEFORE the package is published.  (Also run on local `npm
+  install` without any arguments.)
+* publish, postpublish:
+  Run AFTER the package is published.
 * preinstall:
   Run BEFORE the package is installed
 * install, postinstall:
@@ -18,10 +23,6 @@ following scripts:
   Run BEFORE the package is updated with the update command.
 * update, postupdate:
   Run AFTER the package is updated with the update command.
-* prepublish:
-  Run BEFORE the package is published.
-* publish, postpublish:
-  Run AFTER the package is published.
 * pretest, test, posttest:
   Run by the `npm test` command.
 * prestop, stop, poststop:
@@ -35,6 +36,50 @@ following scripts:
 Additionally, arbitrary scrips can be run by doing
 `npm run-script <stage> <pkg>`.
 
+## NOTE: INSTALL SCRIPTS ARE AN ANTIPATTERN
+
+**tl;dr** Don't use `install`.  Use a `.gyp` file for compilation, and
+`prepublish` for anything else.
+
+You should almost never have to explicitly set a `preinstall` or
+`install` script.  If you are doing this, please consider if there is
+another option.
+
+The only valid use of `install` or `preinstall` scripts is for
+compilation which must be done on the target architecture.  In early
+versions of node, this was often done using the `node-waf` scripts, or
+a standalone `Makefile`, and early versions of npm required that it be
+explicitly set in package.json.  This was not portable, and harder to
+do properly.
+
+In the current version of node, the standard way to do this is using a
+`.gyp` file.  If you have a file with a `.gyp` extension in the root
+of your package, then npm will run the appropriate `node-gyp` commands
+automatically at install time.  This is the only officially supported
+method for compiling binary addons, and does not require that you add
+anything to your package.json file.
+
+If you have to do other things before your package is used, in a way
+that is not dependent on the operating system or architecture of the
+target system, then use a `prepublish` script instead.  This includes
+tasks such as:
+
+* Compile CoffeeScript source code into JavaScript.
+* Create minified versions of JavaScript source code.
+* Fetching remote resources that your package will use.
+
+The advantage of doing these things at `prepublish` time instead of
+`preinstall` or `install` time is that they can be done once, in a
+single place, and thus greatly reduce complexity and variability.
+Additionally, this means that:
+
+* You can depend on `coffee-script` as a `devDependency`, and thus
+  your users don't need to have it installed.
+* You don't need to include the minifiers in your package, reducing
+  the size for your users.
+* You don't need to rely on your users having `curl` or `wget` or
+  other system tools on the target machines.
+
 ## DEFAULT VALUES
 
 npm will default some script values based on package contents.

deps/npm/doc/cli/semver.md

@@ -11,8 +11,8 @@ As a node module:
 
     $ npm install semver
 
-    semver.valid('1.2.3') // true
-    semver.valid('a.b.c') // false
+    semver.valid('1.2.3') // '1.2.3'
+    semver.valid('a.b.c') // null
     semver.clean('  =v1.2.3   ') // '1.2.3'
     semver.satisfies('1.2.3', '1.x || >=2.5.0 || 5.0.0 - 7.2.3') // true
     semver.gt('1.2.3', '9.8.7') // false
@@ -83,7 +83,7 @@ The following range styles are supported:
 * `<1.2.3` Less than
 * `1.2.3 - 2.3.4` := `>=1.2.3 <=2.3.4`
 * `~1.2.3` := `>=1.2.3 <1.3.0`
-* `~1.2` := `>=1.2.0 <2.0.0`
+* `~1.2` := `>=1.2.0 <1.3.0`
 * `~1` := `>=1.0.0 <2.0.0`
 * `1.2.x` := `>=1.2.0 <1.3.0`
 * `1.x` := `>=1.0.0 <2.0.0`

deps/npm/doc/cli/shrinkwrap.md

@@ -7,68 +7,72 @@ npm-shrinkwrap(1) -- Lock down dependency versions
 
 ## DESCRIPTION
 
-This command locks down the versions of a package's dependencies so that you can
-control exactly which versions of each dependency will be used when your package
-is installed.
+This command locks down the versions of a package's dependencies so
+that you can control exactly which versions of each dependency will be
+used when your package is installed. The "package.json" file is still
+required if you want to use "npm install".
 
-By default, "npm install" recursively installs the target's dependencies (as
-specified in package.json), choosing the latest available version that satisfies
-the dependency's semver pattern. In some situations, particularly when shipping
-software where each change is tightly managed, it's desirable to fully specify
-each version of each dependency recursively so that subsequent builds and
-deploys do not inadvertently pick up newer versions of a dependency that satisfy
-the semver pattern. Specifying specific semver patterns in each dependency's
-package.json would facilitate this, but that's not always possible or desirable,
-as when another author owns the npm package. It's also possible to check
-dependencies directly into source control, but that may be undesirable for other
-reasons.
+By default, "npm install" recursively installs the target's
+dependencies (as specified in package.json), choosing the latest
+available version that satisfies the dependency's semver pattern. In
+some situations, particularly when shipping software where each change
+is tightly managed, it's desirable to fully specify each version of
+each dependency recursively so that subsequent builds and deploys do
+not inadvertently pick up newer versions of a dependency that satisfy
+the semver pattern. Specifying specific semver patterns in each
+dependency's package.json would facilitate this, but that's not always
+possible or desirable, as when another author owns the npm package.
+It's also possible to check dependencies directly into source control,
+but that may be undesirable for other reasons.
 
 As an example, consider package A:
 
     {
-        "name": "A",
-        "version": "0.1.0",
-        "dependencies": {
-            "B": "<0.1.0"
-        }
+      "name": "A",
+      "version": "0.1.0",
+      "dependencies": {
+        "B": "<0.1.0"
+      }
     }
 
 package B:
 
     {
-        "name": "B",
-        "version": "0.0.1",
-        "dependencies": {
-            "C": "<0.1.0"
-        }
+      "name": "B",
+      "version": "0.0.1",
+      "dependencies": {
+        "C": "<0.1.0"
+      }
     }
 
 and package C:
 
     {
-        "name": "C,
-        "version": "0.0.1"
+      "name": "C,
+      "version": "0.0.1"
     }
 
-If these are the only versions of A, B, and C available in the registry, then
-a normal "npm install A" will install:
+If these are the only versions of A, B, and C available in the
+registry, then a normal "npm install A" will install:
 
     A@0.1.0
     `-- B@0.0.1
         `-- C@0.0.1
 
-However, if B@0.0.2 is published, then a fresh "npm install A" will install:
+However, if B@0.0.2 is published, then a fresh "npm install A" will
+install:
 
     A@0.1.0
     `-- B@0.0.2
         `-- C@0.0.1
 
-assuming the new version did not modify B's dependencies. Of course, the new
-version of B could include a new version of C and any number of new
-dependencies. If such changes are undesirable, the author of A could specify a
-dependency on B@0.0.1. However, if A's author and B's author are not the same
-person, there's no way for A's author to say that he or she does not want to
-pull in newly published versions of C when B hasn't changed at all.
+assuming the new version did not modify B's dependencies. Of course,
+the new version of B could include a new version of C and any number
+of new dependencies. If such changes are undesirable, the author of A
+could specify a dependency on B@0.0.1. However, if A's author and B's
+author are not the same person, there's no way for A's author to say
+that he or she does not want to pull in newly published versions of C
+when B hasn't changed at all.
 
 In this case, A's author can run
 
@@ -91,78 +95,88 @@ This generates npm-shrinkwrap.json, which will look something like this:
       }
     }
 
-The shrinkwrap command has locked down the dependencies based on what's
-currently installed in node_modules.  When "npm install" installs a package with
-a npm-shrinkwrap.json file in the package root, the shrinkwrap file (rather than
-package.json files) completely drives the installation of that package and all
-of its dependencies (recursively).  So now the author publishes A@0.1.0, and
-subsequent installs of this package will use B@0.0.1 and C@0.1.0, regardless the
-dependencies and versions listed in A's, B's, and C's package.json files.
+The shrinkwrap command has locked down the dependencies based on
+what's currently installed in node_modules.  When "npm install"
+installs a package with a npm-shrinkwrap.json file in the package
+root, the shrinkwrap file (rather than package.json files) completely
+drives the installation of that package and all of its dependencies
+(recursively).  So now the author publishes A@0.1.0, and subsequent
+installs of this package will use B@0.0.1 and C@0.1.0, regardless the
+dependencies and versions listed in A's, B's, and C's package.json
+files.
 
 
 ### Using shrinkwrapped packages
 
-Using a shrinkwrapped package is no different than using any other package: you
-can "npm install" it by hand, or add a dependency to your package.json file and
-"npm install" it.
+Using a shrinkwrapped package is no different than using any other
+package: you can "npm install" it by hand, or add a dependency to your
+package.json file and "npm install" it.
 
 ### Building shrinkwrapped packages
 
 To shrinkwrap an existing package:
 
-1. Run "npm install" in the package root to install the current versions of all
-   dependencies.
+1. Run "npm install" in the package root to install the current
+   versions of all dependencies.
 2. Validate that the package works as expected with these versions.
-3. Run "npm shrinkwrap", add npm-shrinkwrap.json to git, and publish your
-   package.
+3. Run "npm shrinkwrap", add npm-shrinkwrap.json to git, and publish
+   your package.
 
 To add or update a dependency in a shrinkwrapped package:
 
-1. Run "npm install" in the package root to install the current versions of all
+1. Run "npm install" in the package root to install the current
+   versions of all dependencies.
+2. Add or update dependencies. "npm install" each new or updated
+   package individually and then update package.json.  Note that they
+   must be explicitly named in order to be installed: running `npm
+   install` with no arguments will merely reproduce the existing
+   shrinkwrap.
+3. Validate that the package works as expected with the new
    dependencies.
-2. Add or update dependencies. "npm install" each new or updated package
-   individually and then update package.json.  Note that they must be
-   explicitly named in order to be installed: running `npm install` with
-   no arguments will merely reproduce the existing shrinkwrap.
-3. Validate that the package works as expected with the new dependencies.
-4. Run "npm shrinkwrap", commit the new npm-shrinkwrap.json, and publish your
-   package.
+4. Run "npm shrinkwrap", commit the new npm-shrinkwrap.json, and
+   publish your package.
 
-You can use npm-outdated(1) to view dependencies with newer versions available.
+You can use npm-outdated(1) to view dependencies with newer versions
+available.
 
 ### Other Notes
 
-Since "npm shrinkwrap" uses the locally installed packages to construct the
-shrinkwrap file, devDependencies will be included if and only if you've
-installed them already when you make the shrinkwrap.
+A shrinkwrap file must be consistent with the package's package.json
+file. "npm shrinkwrap" will fail if required dependencies are not
+already installed, since that would result in a shrinkwrap that
+wouldn't actually work. Similarly, the command will fail if there are
+extraneous packages (not referenced by package.json), since that would
+indicate that package.json is not correct.
 
-A shrinkwrap file must be consistent with the package's package.json file. "npm
-shrinkwrap" will fail if required dependencies are not already installed, since
-that would result in a shrinkwrap that wouldn't actually work. Similarly, the
-command will fail if there are extraneous packages (not referenced by
-package.json), since that would indicate that package.json is not correct.
+Since "npm shrinkwrap" is intended to lock down your dependencies for
+production use, `devDependencies` will not be included unless you
+explicitly set the `--dev` flag when you run `npm shrinkwrap`.  If
+installed `devDependencies` are excluded, then npm will print a
+warning.  If you want them to be installed with your module by
+default, please consider adding them to `dependencies` instead.
 
-If shrinkwrapped package A depends on shrinkwrapped package B, B's shrinkwrap
-will not be used as part of the installation of A. However, because A's
-shrinkwrap is constructed from a valid installation of B and recursively
-specifies all dependencies, the contents of B's shrinkwrap will implicitly be
-included in A's shrinkwrap.
+If shrinkwrapped package A depends on shrinkwrapped package B, B's
+shrinkwrap will not be used as part of the installation of A. However,
+because A's shrinkwrap is constructed from a valid installation of B
+and recursively specifies all dependencies, the contents of B's
+shrinkwrap will implicitly be included in A's shrinkwrap.
 
 ### Caveats
 
-Shrinkwrap files only lock down package versions, not actual package contents.
-While discouraged, a package author can republish an existing version of a
-package, causing shrinkwrapped packages using that version to pick up different
-code than they were before. If you want to avoid any risk that a byzantine
-author replaces a package you're using with code that breaks your application,
-you could modify the shrinkwrap file to use git URL references rather than
-version numbers so that npm always fetches all packages from git.
+Shrinkwrap files only lock down package versions, not actual package
+contents.  While discouraged, a package author can republish an
+existing version of a package, causing shrinkwrapped packages using
+that version to pick up different code than they were before. If you
+want to avoid any risk that a byzantine author replaces a package
+you're using with code that breaks your application, you could modify
+the shrinkwrap file to use git URL references rather than version
+numbers so that npm always fetches all packages from git.
 
 If you wish to lock down the specific bytes included in a package, for
-example to have 100% confidence in being able to reproduce a deployment
-or build, then you ought to check your dependencies into source control,
-or pursue some other mechanism that can verify contents rather than
-versions.
+example to have 100% confidence in being able to reproduce a
+deployment or build, then you ought to check your dependencies into
+source control, or pursue some other mechanism that can verify
+contents rather than versions.
 
 ## SEE ALSO
 

deps/npm/doc/cli/stars.md

@@ -0,0 +1,22 @@
+npm-stars(1) -- View packages marked as favorites
+=================================================
+
+## SYNOPSIS
+
+    npm stars
+    npm stars [username]
+
+## DESCRIPTION
+
+If you have starred a lot of neat things and want to find them again
+quickly this command lets you do just that.
+
+You may also want to see your friend's favorite packages, in this case
+you will most certainly enjoy this command.
+
+## SEE ALSO
+
+* npm-star(1)
+* npm-view(1)
+* npm-whoami(1)
+* npm-adduser(1)

deps/npm/doc/cli/update.md

@@ -3,7 +3,7 @@ npm-update(1) -- Update a package
 
 ## SYNOPSIS
 
-    npm update [<name> [<name> ...]]
+    npm update [-g] [<name> [<name> ...]]
 
 ## DESCRIPTION
 
@@ -12,6 +12,9 @@ This command will update all the packages listed to the latest version
 
 It will also install missing packages.
 
+If the `-g` flag is specified, this command will update globally installed packages.
+If no package name is specified, all packages in the specified location (global or local) will be updated.
+
 ## SEE ALSO
 
 * npm-install(1)

deps/npm/doc/cli/version.md

@@ -3,7 +3,7 @@ npm-version(1) -- Bump a package version
 
 ## SYNOPSIS
 
-    npm version <newversion> [--message commit-message]
+    npm version [<newversion> | major | minor | patch | build]
 
 ## DESCRIPTION
 
@@ -11,14 +11,32 @@ Run this in a package directory to bump the version and write the new
 data back to the package.json file.
 
 The `newversion` argument should be a valid semver string, *or* a valid
-second argument to semver.inc (one of "patch", "minor", or "major"). In 
-the second case, the existing version will be incremented by that amount.
+second argument to semver.inc (one of "build", "patch", "minor", or
+"major"). In the second case, the existing version will be incremented
+by 1 in the specified field.
 
 If run in a git repo, it will also create a version commit and tag, and
 fail if the repo is not clean.
 
-If supplied with `--message` (shorthand: `-m`) command line option, npm
-will use it as a commit message when creating a version commit.
+If supplied with `--message` (shorthand: `-m`) config option, npm will
+use it as a commit message when creating a version commit.  If the
+`message` config contains `%s` then that will be replaced with the
+resulting version number.  For example:
+
+    npm version patch -m "Upgrade to %s for reasons"
+
+If the `sign-git-tag` config is set, then the tag will be signed using
+the `-s` flag to git.  Note that you must have a default GPG key set up
+in your git config for this to work properly.  For example:
+
+    $ npm config set sign-git-tag true
+    $ npm version patch
+
+    You need a passphrase to unlock the secret key for
+    user: "isaacs (http://blog.izs.me/) <i@izs.me>"
+    2048-bit RSA key, ID 6C481CF6, created 2010-08-31
+
+    Enter passphrase:
 
 ## SEE ALSO
 

deps/npm/doc/cli/view.md

@@ -69,7 +69,9 @@ was required by each matching version of yui3:
 
 If only a single string field for a single version is output, then it
 will not be colorized or quoted, so as to enable piping the output to
-another command.
+another command. If the field is an object, it will be output as a JavaScript object literal.
+
+If the --json flag is given, the outputted fields will be JSON.
 
 If the version range matches multiple versions, than each printed value
 will be prefixed with the version it applies to.

deps/npm/html/api/bin.html

@@ -2,7 +2,7 @@
 <html>
   <title>bin</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -19,7 +19,7 @@
 <p>This function should not be used programmatically.  Instead, just refer
 to the <code>npm.bin</code> member.</p>
 </div>
-<p id="footer">bin &mdash; npm@1.1.32</p>
+<p id="footer">bin &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/bugs.html

@@ -2,7 +2,7 @@
 <html>
   <title>bugs</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,7 +14,7 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>This command tries to guess at the likely location of a package's
+<p>This command tries to guess at the likely location of a package&#39;s
 bug tracker URL, and then tries to open it using the <code>--browser</code>
 config param.</p>
 
@@ -25,7 +25,7 @@ optional version number.</p>
 <p>This command will launch a browser, so this command may not be the most
 friendly for programmatic use.</p>
 </div>
-<p id="footer">bugs &mdash; npm@1.1.32</p>
+<p id="footer">bugs &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/commands.html

@@ -2,7 +2,7 @@
 <html>
   <title>commands</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -28,7 +28,7 @@ usage, or <code>man 3 npm-&lt;command&gt;</code> for programmatic usage.</p>
 
 <ul><li><a href="../doc/index.html">index(1)</a></li></ul>
 </div>
-<p id="footer">commands &mdash; npm@1.1.32</p>
+<p id="footer">commands &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/config.html

@@ -2,7 +2,7 @@
 <html>
   <title>config</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -22,7 +22,7 @@ element in the array tells config what to do. Possible values are:</p>
 <ul><li><p><code>set</code></p><p>Sets a config parameter.  The second element in <code>args</code> is interpreted as the
 key, and the third element is interpreted as the value.</p></li><li><p><code>get</code></p><p>Gets the value of a config parameter. The second element in <code>args</code> is the
 key to get the value of.</p></li><li><p><code>delete</code> (<code>rm</code> or <code>del</code>)</p><p>Deletes a parameter from the config. The second element in <code>args</code> is the
-key to delete.</p></li><li><p><code>list</code> (<code>ls</code>)</p><p>Show all configs that aren't secret. No parameters necessary.</p></li><li><p><code>edit</code>:</p><p>Opens the config file in the default editor. This command isn't very useful
+key to delete.</p></li><li><p><code>list</code> (<code>ls</code>)</p><p>Show all configs that aren&#39;t secret. No parameters necessary.</p></li><li><p><code>edit</code>:</p><p>Opens the config file in the default editor. This command isn&#39;t very useful
 programmatically, but it is made available.</p></li></ul>
 
 <p>To programmatically access npm configuration settings, or set them for
@@ -33,7 +33,7 @@ functions instead.</p>
 
 <ul><li><a href="../api/npm.html">npm(3)</a></li></ul>
 </div>
-<p id="footer">config &mdash; npm@1.1.32</p>
+<p id="footer">config &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/deprecate.html

@@ -2,7 +2,7 @@
 <html>
   <title>deprecate</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -17,7 +17,7 @@
 <p>This command will update the npm registry entry for a package, providing
 a deprecation warning to all who attempt to install it.</p>
 
-<p>The 'args' parameter must have exactly two elements:</p>
+<p>The &#39;args&#39; parameter must have exactly two elements:</p>
 
 <ul><li><p><code>package[@version]</code></p><p>The <code>version</code> portion is optional, and may be either a range, or a
 specific version, or a tag.</p></li><li><p><code>message</code></p><p>The warning message that will be printed whenever a user attempts to
@@ -26,11 +26,13 @@ install the package.</p></li></ul>
 <p>Note that you must be the package owner to deprecate something.  See the
 <code>owner</code> and <code>adduser</code> help topics.</p>
 
+<p>To un-deprecate a package, specify an empty string (<code>&quot;&quot;</code>) for the <code>message</code> argument.</p>
+
 <h2 id="SEE-ALSO">SEE ALSO</h2>
 
 <ul><li><a href="../api/publish.html">publish(3)</a></li><li><a href="../api/unpublish.html">unpublish(3)</a></li><li><a href="../doc/registry.html">registry(1)</a></li></ul>
 </div>
-<p id="footer">deprecate &mdash; npm@1.1.32</p>
+<p id="footer">deprecate &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/docs.html

@@ -2,7 +2,7 @@
 <html>
   <title>docs</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,7 +14,7 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>This command tries to guess at the likely location of a package's
+<p>This command tries to guess at the likely location of a package&#39;s
 documentation URL, and then tries to open it using the <code>--browser</code>
 config param.</p>
 
@@ -25,7 +25,7 @@ optional version number.</p>
 <p>This command will launch a browser, so this command may not be the most
 friendly for programmatic use.</p>
 </div>
-<p id="footer">docs &mdash; npm@1.1.32</p>
+<p id="footer">docs &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/edit.html

@@ -2,7 +2,7 @@
 <html>
   <title>edit</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,14 +14,14 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>Opens the package folder in the default editor (or whatever you've
+<p>Opens the package folder in the default editor (or whatever you&#39;ve
 configured as the npm <code>editor</code> config -- see <code>npm help config</code>.)</p>
 
 <p>After it has been edited, the package is rebuilt so as to pick up any
 changes in compiled packages.</p>
 
 <p>For instance, you can do <code>npm install connect</code> to install connect
-into your package, and then <code>npm.commands.edit(["connect"], callback)</code>
+into your package, and then <code>npm.commands.edit([&quot;connect&quot;], callback)</code>
 to make a few changes to your locally installed copy.</p>
 
 <p>The first parameter is a string array with a single element, the package
@@ -30,7 +30,7 @@ to open. The package can optionally have a version number attached.</p>
 <p>Since this command opens an editor in a new process, be careful about where
 and how this is used.</p>
 </div>
-<p id="footer">edit &mdash; npm@1.1.32</p>
+<p id="footer">edit &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/explore.html

@@ -2,7 +2,7 @@
 <html>
   <title>explore</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -22,9 +22,9 @@ immediately terminates.</p>
 <p>Note that the package is <em>not</em> automatically rebuilt afterwards, so be
 sure to use <code>npm rebuild &lt;pkg&gt;</code> if you make any changes.</p>
 
-<p>The first element in the 'args' parameter must be a package name.  After that is the optional command, which can be any number of strings. All of the strings will be combined into one, space-delimited command.</p>
+<p>The first element in the &#39;args&#39; parameter must be a package name.  After that is the optional command, which can be any number of strings. All of the strings will be combined into one, space-delimited command.</p>
 </div>
-<p id="footer">explore &mdash; npm@1.1.32</p>
+<p id="footer">explore &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/help-search.html

@@ -2,7 +2,7 @@
 <html>
   <title>help-search</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -24,7 +24,7 @@ are multiple results, the results are printed to the screen formatted and the
 array of results is returned. Each result is an object with these properties:</p>
 
 <ul><li>hits:
-A map of args to number of hits on that arg. For example, {"npm": 3}</li><li>found:
+A map of args to number of hits on that arg. For example, {&quot;npm&quot;: 3}</li><li>found:
 Total number of unique args that matched.</li><li>totalHits:
 Total number of hits.</li><li>lines:
 An array of all matching lines (and some adjacent lines).</li><li>file:
@@ -32,7 +32,7 @@ Name of the file that matched</li></ul>
 
 <p>The silent parameter is not neccessary not used, but it may in the future.</p>
 </div>
-<p id="footer">help-search &mdash; npm@1.1.32</p>
+<p id="footer">help-search &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/init.html

@@ -2,7 +2,7 @@
 <html>
   <title>init</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -17,25 +17,25 @@
 <p>This will ask you a bunch of questions, and then write a package.json for you.</p>
 
 <p>It attempts to make reasonable guesses about what you want things to be set to,
-and then writes a package.json file with the options you've selected.</p>
+and then writes a package.json file with the options you&#39;ve selected.</p>
 
-<p>If you already have a package.json file, it'll read that first, and default to
+<p>If you already have a package.json file, it&#39;ll read that first, and default to
 the options in there.</p>
 
 <p>It is strictly additive, so it does not delete options from your package.json
 without a really good reason to do so.</p>
 
-<p>Since this function expects to be run on the command-line, it doesn't work very
+<p>Since this function expects to be run on the command-line, it doesn&#39;t work very
 well as a programmatically. The best option is to roll your own, and since
 JavaScript makes it stupid simple to output formatted JSON, that is the
-preferred method. If you're sure you want to handle command-line prompting,
+preferred method. If you&#39;re sure you want to handle command-line prompting,
 then go ahead and use this programmatically.</p>
 
 <h2 id="SEE-ALSO">SEE ALSO</h2>
 
 <p><a href="../doc/json.html">json(1)</a></p>
 </div>
-<p id="footer">init &mdash; npm@1.1.32</p>
+<p id="footer">init &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/install.html

@@ -2,7 +2,7 @@
 <html>
   <title>install</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -16,16 +16,16 @@
 
 <p>This acts much the same ways as installing on the command-line.</p>
 
-<p>The 'where' parameter is optional and only used internally, and it specifies
+<p>The &#39;where&#39; parameter is optional and only used internally, and it specifies
 where the packages should be installed to.</p>
 
-<p>The 'packages' parameter is an array of strings. Each element in the array is
+<p>The &#39;packages&#39; parameter is an array of strings. Each element in the array is
 the name of a package to be installed.</p>
 
-<p>Finally, 'callback' is a function that will be called when all packages have been
+<p>Finally, &#39;callback&#39; is a function that will be called when all packages have been
 installed or when an error has been encountered.</p>
 </div>
-<p id="footer">install &mdash; npm@1.1.32</p>
+<p id="footer">install &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/link.html

@@ -2,7 +2,7 @@
 <html>
   <title>link</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -24,7 +24,7 @@ symbolic link from <code>prefix/package-name</code> to the current folder.</p>
 folder to the global symlink.</p>
 
 <p>When creating tarballs for <code>npm publish</code>, the linked packages are
-"snapshotted" to their current state by resolving the symbolic links.</p>
+&quot;snapshotted&quot; to their current state by resolving the symbolic links.</p>
 
 <p>This is
 handy for installing your own stuff, so that you can work on it and test it
@@ -34,12 +34,12 @@ iteratively without having to continually rebuild.</p>
 
 <pre><code>npm.commands.link(cb)           # creates global link from the cwd
                                 # (say redis package)
-npm.commands.link('redis', cb)  # link-install the package</code></pre>
+npm.commands.link(&#39;redis&#39;, cb)  # link-install the package</code></pre>
 
 <p>Now, any changes to the redis package will be reflected in
 the package in the current working directory</p>
 </div>
-<p id="footer">link &mdash; npm@1.1.32</p>
+<p id="footer">link &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/load.html

@@ -2,7 +2,7 @@
 <html>
   <title>load</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -27,12 +27,12 @@ config object.</p>
 <p>For example, to emulate the --dev flag, pass an object that looks like this:</p>
 
 <pre><code>{
-  "dev": true
+  &quot;dev&quot;: true
 }</code></pre>
 
 <p>For a list of all the available command-line configs, see <code>npm help config</code></p>
 </div>
-<p id="footer">load &mdash; npm@1.1.32</p>
+<p id="footer">load &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/ls.html

@@ -2,7 +2,7 @@
 <html>
   <title>ls</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -30,7 +30,7 @@ but the data will still be returned.</p>
 
 <p>Callback is provided an error if one occurred, the full data about which
 packages are installed and which dependencies they will receive, and a
-"lite" data object which just shows which versions are installed where.
+&quot;lite&quot; data object which just shows which versions are installed where.
 Note that the full data object is a circular structure, so care must be
 taken if it is serialized to JSON.</p>
 
@@ -55,11 +55,11 @@ taken if it is serialized to JSON.</p>
 <p>List packages in the global install prefix instead of in the current
 project.</p>
 
-<p>Note, if parseable is set or long isn't set, then duplicates will be trimmed.
+<p>Note, if parseable is set or long isn&#39;t set, then duplicates will be trimmed.
 This means that if a submodule a same dependency as a parent module, then the
 dependency will only be output once.</p>
 </div>
-<p id="footer">ls &mdash; npm@1.1.32</p>
+<p id="footer">ls &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/npm.html

@@ -2,7 +2,7 @@
 <html>
   <title>npm</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -10,21 +10,21 @@
 
 <h2 id="SYNOPSIS">SYNOPSIS</h2>
 
-<pre><code>var npm = require("npm")
-npm.load(configObject, function (er, npm) {
-  // use the npm object, now that it's loaded.
+<pre><code>var npm = require(&quot;npm&quot;)
+npm.load([configObject,] function (er, npm) {
+  // use the npm object, now that it&#39;s loaded.
 
   npm.config.set(key, val)
   val = npm.config.get(key)
 
-  console.log("prefix = %s", npm.prefix)
+  console.log(&quot;prefix = %s&quot;, npm.prefix)
 
-  npm.commands.install(["package"], cb)
+  npm.commands.install([&quot;package&quot;], cb)
 })</code></pre>
 
 <h2 id="VERSION">VERSION</h2>
 
-<p>1.1.32</p>
+<p>1.2.30</p>
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
@@ -32,12 +32,13 @@ npm.load(configObject, function (er, npm) {
 To find documentation of the command line
 client, see <code><a href="../doc/npm.html">npm(1)</a></code>.</p>
 
-<p>Prior to using npm's commands,
-<code>npm.load()</code> must be called with an object hash of
-top-level configs.  In the npm command line client,
-this set of configs is parsed from the command line options.  Additional
-configuration params are loaded from two configuration files.  See
-<code><a href="../doc/config.html">config(1)</a></code> for more information.</p>
+<p>Prior to using npm&#39;s commands, <code>npm.load()</code> must be called.
+If you provide <code>configObject</code> as an object hash of top-level
+configs, they override the values stored in the various config
+locations. In the npm command line client, this set of configs
+is parsed from the command line options. Additional configuration
+params are loaded from two configuration files. See <code><a href="../doc/config.html">config(1)</a></code>
+for more information.</p>
 
 <p>After that, each of the functions are accessible in the
 commands object: <code>npm.commands.&lt;cmd&gt;</code>.  See <code><a href="../doc/index.html">index(1)</a></code> for a list of
@@ -57,9 +58,9 @@ command.</p>
 
 <ul><li><p><code>npm.load(configs, cb)</code></p><p>Load the configuration params, and call the <code>cb</code> function once the
 globalconfig and userconfig files have been loaded as well, or on
-nextTick if they've already been loaded.</p></li><li><p><code>npm.config</code></p><p>An object for accessing npm configuration parameters.</p><ul><li><p><code>npm.config.get(key)</code></p></li><li><code>npm.config.set(key, val)</code></li><li><p><code>npm.config.del(key)</code></p></li></ul></li><li><p><code>npm.dir</code> or <code>npm.root</code></p><p>The <code>node_modules</code> directory where npm will operate.</p></li><li><p><code>npm.prefix</code></p><p>The prefix where npm is operating.  (Most often the current working
+nextTick if they&#39;ve already been loaded.</p></li><li><p><code>npm.config</code></p><p>An object for accessing npm configuration parameters.</p><ul><li><p><code>npm.config.get(key)</code></p></li><li><code>npm.config.set(key, val)</code></li><li><p><code>npm.config.del(key)</code></p></li></ul></li><li><p><code>npm.dir</code> or <code>npm.root</code></p><p>The <code>node_modules</code> directory where npm will operate.</p></li><li><p><code>npm.prefix</code></p><p>The prefix where npm is operating.  (Most often the current working
 directory.)</p></li><li><p><code>npm.cache</code></p><p>The place where npm keeps JSON and tarballs it fetches from the
-registry (or uploads to the registry).</p></li><li><p><code>npm.tmp</code></p><p>npm's temporary working directory.</p></li><li><p><code>npm.deref</code></p><p>Get the "real" name for a command that has either an alias or
+registry (or uploads to the registry).</p></li><li><p><code>npm.tmp</code></p><p>npm&#39;s temporary working directory.</p></li><li><p><code>npm.deref</code></p><p>Get the &quot;real&quot; name for a command that has either an alias or
 abbreviation.</p></li></ul>
 
 <h2 id="MAGIC">MAGIC</h2>
@@ -74,11 +75,11 @@ the error or results.</p>
 
 <p>For example, this would work in a node repl:</p>
 
-<pre><code>&gt; npm = require("npm")
+<pre><code>&gt; npm = require(&quot;npm&quot;)
 &gt; npm.load()  // wait a sec...
-&gt; npm.install("dnode", "express")</code></pre>
+&gt; npm.install(&quot;dnode&quot;, &quot;express&quot;)</code></pre>
 
-<p>Note that that <em>won't</em> work in a node program, since the <code>install</code>
+<p>Note that that <em>won&#39;t</em> work in a node program, since the <code>install</code>
 method will get called before the configuration load is completed.</p>
 
 <h2 id="ABBREVS">ABBREVS</h2>
@@ -89,9 +90,9 @@ method names.  Use the <code>npm.deref</code> method to find the real name.</p>
 
 <p>For example:</p>
 
-<pre><code>var cmd = npm.deref("unp") // cmd === "unpublish"</code></pre>
+<pre><code>var cmd = npm.deref(&quot;unp&quot;) // cmd === &quot;unpublish&quot;</code></pre>
 </div>
-<p id="footer">npm &mdash; npm@1.1.32</p>
+<p id="footer">npm &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/outdated.html

@@ -2,7 +2,7 @@
 <html>
   <title>outdated</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -17,9 +17,9 @@
 <p>This command will check the registry to see if the specified packages are
 currently outdated.</p>
 
-<p>If the 'packages' parameter is left out, npm will check all packages.</p>
+<p>If the &#39;packages&#39; parameter is left out, npm will check all packages.</p>
 </div>
-<p id="footer">outdated &mdash; npm@1.1.32</p>
+<p id="footer">outdated &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/owner.html

@@ -2,7 +2,7 @@
 <html>
   <title>owner</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,7 +14,7 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>The first element of the 'args' parameter defines what to do, and the subsequent
+<p>The first element of the &#39;args&#39; parameter defines what to do, and the subsequent
 elements depend on the action. Possible values for the action are (order of
 parameters are given in parenthesis):</p>
 
@@ -27,14 +27,14 @@ Remove a user from the package owner list.  This immediately revokes their
 privileges.</li></ul>
 
 <p>Note that there is only one level of access.  Either you can modify a package,
-or you can't.  Future versions may contain more fine-grained access levels, but
+or you can&#39;t.  Future versions may contain more fine-grained access levels, but
 that is not implemented at this time.</p>
 
 <h2 id="SEE-ALSO">SEE ALSO</h2>
 
 <ul><li><a href="../api/publish.html">publish(3)</a></li><li><a href="../doc/registry.html">registry(1)</a></li></ul>
 </div>
-<p id="footer">owner &mdash; npm@1.1.32</p>
+<p id="footer">owner &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/pack.html

@@ -2,7 +2,7 @@
 <html>
   <title>pack</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,7 +14,7 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>For anything that's installable (that is, a package folder, tarball,
+<p>For anything that&#39;s installable (that is, a package folder, tarball,
 tarball url, name@tag, name@version, or name), this command will fetch
 it to the cache, and then copy the tarball to the current working
 directory as <code>&lt;name&gt;-&lt;version&gt;.tgz</code>, and then write the filenames out to
@@ -25,7 +25,7 @@ overwritten the second time.</p>
 
 <p>If no arguments are supplied, then npm packs the current package folder.</p>
 </div>
-<p id="footer">pack &mdash; npm@1.1.32</p>
+<p id="footer">pack &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/prefix.html

@@ -2,7 +2,7 @@
 <html>
   <title>prefix</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -16,12 +16,12 @@
 
 <p>Print the prefix to standard out.</p>
 
-<p>'args' is never used and callback is never called with data.
-'args' must be present or things will break.</p>
+<p>&#39;args&#39; is never used and callback is never called with data.
+&#39;args&#39; must be present or things will break.</p>
 
 <p>This function is not useful programmatically</p>
 </div>
-<p id="footer">prefix &mdash; npm@1.1.32</p>
+<p id="footer">prefix &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/prune.html

@@ -2,7 +2,7 @@
 <html>
   <title>prune</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,16 +14,16 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>This command removes "extraneous" packages.</p>
+<p>This command removes &quot;extraneous&quot; packages.</p>
 
 <p>The first parameter is optional, and it specifies packages to be removed.</p>
 
 <p>No packages are specified, then all packages will be checked.</p>
 
 <p>Extraneous packages are packages that are not listed on the parent
-package's dependencies list.</p>
+package&#39;s dependencies list.</p>
 </div>
-<p id="footer">prune &mdash; npm@1.1.32</p>
+<p id="footer">prune &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/publish.html

@@ -2,7 +2,7 @@
 <html>
   <title>publish</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -15,7 +15,7 @@
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
 <p>Publishes a package to the registry so that it can be installed by name.
-Possible values in the 'packages' array are:</p>
+Possible values in the &#39;packages&#39; array are:</p>
 
 <ul><li><p><code>&lt;folder&gt;</code>:
 A folder containing a package.json file</p></li><li><p><code>&lt;tarball&gt;</code>:
@@ -26,13 +26,13 @@ with a package.json file inside.</p></li></ul>
 current working directory.</p>
 
 <p>This command could fails if one of the packages specified already exists in
-the registry.  Overwrites when the "force" environment variable is set.</p>
+the registry.  Overwrites when the &quot;force&quot; environment variable is set.</p>
 
 <h2 id="SEE-ALSO">SEE ALSO</h2>
 
 <ul><li><a href="../doc/registry.html">registry(1)</a></li><li><a href="../doc/adduser.html">adduser(1)</a></li><li><a href="../api/owner.html">owner(3)</a></li></ul>
 </div>
-<p id="footer">publish &mdash; npm@1.1.32</p>
+<p id="footer">publish &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/rebuild.html

@@ -2,7 +2,7 @@
 <html>
   <title>rebuild</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -16,13 +16,13 @@
 
 <p>This command runs the <code>npm build</code> command on each of the matched packages.  This is useful
 when you install a new version of node, and must recompile all your C++ addons with
-the new binary. If no 'packages' parameter is specify, every package will be rebuilt.</p>
+the new binary. If no &#39;packages&#39; parameter is specify, every package will be rebuilt.</p>
 
 <h2 id="CONFIGURATION">CONFIGURATION</h2>
 
 <p>See <code>npm help build</code></p>
 </div>
-<p id="footer">rebuild &mdash; npm@1.1.32</p>
+<p id="footer">rebuild &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/restart.html

@@ -2,7 +2,7 @@
 <html>
   <title>restart</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,11 +14,11 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>This runs a package's "restart" script, if one was provided.
-Otherwise it runs package's "stop" script, if one was provided, and then
-the "start" script.</p>
+<p>This runs a package&#39;s &quot;restart&quot; script, if one was provided.
+Otherwise it runs package&#39;s &quot;stop&quot; script, if one was provided, and then
+the &quot;start&quot; script.</p>
 
-<p>If no version is specified, then it restarts the "active" version.</p>
+<p>If no version is specified, then it restarts the &quot;active&quot; version.</p>
 
 <p>npm can run tests on multiple packages. Just specify multiple packages
 in the <code>packages</code> parameter.</p>
@@ -27,7 +27,7 @@ in the <code>packages</code> parameter.</p>
 
 <ul><li><a href="../api/start.html">start(3)</a></li><li><a href="../api/stop.html">stop(3)</a></li></ul>
 </div>
-<p id="footer">restart &mdash; npm@1.1.32</p>
+<p id="footer">restart &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/root.html

@@ -2,7 +2,7 @@
 <html>
   <title>root</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -16,12 +16,12 @@
 
 <p>Print the effective <code>node_modules</code> folder to standard out.</p>
 
-<p>'args' is never used and callback is never called with data.
-'args' must be present or things will break.</p>
+<p>&#39;args&#39; is never used and callback is never called with data.
+&#39;args&#39; must be present or things will break.</p>
 
 <p>This function is not useful programmatically.</p>
 </div>
-<p id="footer">root &mdash; npm@1.1.32</p>
+<p id="footer">root &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/run-script.html

@@ -2,7 +2,7 @@
 <html>
   <title>run-script</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,12 +14,12 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>This runs an arbitrary command from a package's "scripts" object.</p>
+<p>This runs an arbitrary command from a package&#39;s &quot;scripts&quot; object.</p>
 
 <p>It is used by the test, start, restart, and stop commands, but can be
 called directly, as well.</p>
 
-<p>The 'args' parameter is an array of strings. Behavior depends on the number
+<p>The &#39;args&#39; parameter is an array of strings. Behavior depends on the number
 of elements.  If there is only one element, npm assumes that the element
 represents a command to be run on the local repository. If there is more than
 one element, then the first is assumed to be the package and the second is
@@ -29,7 +29,7 @@ assumed to be the command to run. All other elements are ignored.</p>
 
 <ul><li><a href="../doc/scripts.html">scripts(1)</a></li><li><a href="../api/test.html">test(3)</a></li><li><a href="../api/start.html">start(3)</a></li><li><a href="../api/restart.html">restart(3)</a></li><li><a href="../api/stop.html">stop(3)</a></li></ul>
 </div>
-<p id="footer">run-script &mdash; npm@1.1.32</p>
+<p id="footer">run-script &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/search.html

@@ -2,7 +2,7 @@
 <html>
   <title>search</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -19,20 +19,20 @@
 <ul><li>searchTerms:
 Array of search terms. These terms are case-insensitive.</li><li>silent:
 If true, npm will not log anything to the console.</li><li>staleness:
-This is the threshold for stale packages. "Fresh" packages are not refreshed
+This is the threshold for stale packages. &quot;Fresh&quot; packages are not refreshed
 from the registry. This value is measured in seconds.</li><li><p>callback:
 Returns an object where each key is the name of a package, and the value
-is information about that package along with a 'words' property, which is
+is information about that package along with a &#39;words&#39; property, which is
 a space-delimited string of all of the interesting words in that package.
 The only properties included are those that are searched, which generally include:</p><ul><li>name</li><li>description</li><li>maintainers</li><li>url</li><li>keywords</li></ul></li></ul>
 
 <p>A search on the registry excludes any result that does not match all of the
 search terms. It also removes any items from the results that contain an
-excluded term (the "searchexclude" config). The search is case insensitive
-and doesn't try to read your mind (it doesn't do any verb tense matching or the
+excluded term (the &quot;searchexclude&quot; config). The search is case insensitive
+and doesn&#39;t try to read your mind (it doesn&#39;t do any verb tense matching or the
 like).</p>
 </div>
-<p id="footer">search &mdash; npm@1.1.32</p>
+<p id="footer">search &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/shrinkwrap.html

@@ -2,7 +2,7 @@
 <html>
   <title>shrinkwrap</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -16,17 +16,17 @@
 
 <p>This acts much the same ways as shrinkwrapping on the command-line.</p>
 
-<p>This command does not take any arguments, but 'args' must be defined.
+<p>This command does not take any arguments, but &#39;args&#39; must be defined.
 Beyond that, if any arguments are passed in, npm will politely warn that it
 does not take positional arguments.</p>
 
-<p>If the 'silent' parameter is set to true, nothing will be output to the screen,
+<p>If the &#39;silent&#39; parameter is set to true, nothing will be output to the screen,
 but the shrinkwrap file will still be written.</p>
 
-<p>Finally, 'callback' is a function that will be called when the shrinkwrap has
+<p>Finally, &#39;callback&#39; is a function that will be called when the shrinkwrap has
 been saved.</p>
 </div>
-<p id="footer">shrinkwrap &mdash; npm@1.1.32</p>
+<p id="footer">shrinkwrap &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/start.html

@@ -2,7 +2,7 @@
 <html>
   <title>start</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,12 +14,12 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>This runs a package's "start" script, if one was provided.</p>
+<p>This runs a package&#39;s &quot;start&quot; script, if one was provided.</p>
 
 <p>npm can run tests on multiple packages. Just specify multiple packages
 in the <code>packages</code> parameter.</p>
 </div>
-<p id="footer">start &mdash; npm@1.1.32</p>
+<p id="footer">start &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/stop.html

@@ -2,7 +2,7 @@
 <html>
   <title>stop</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,12 +14,12 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>This runs a package's "stop" script, if one was provided.</p>
+<p>This runs a package&#39;s &quot;stop&quot; script, if one was provided.</p>
 
 <p>npm can run stop on multiple packages. Just specify multiple packages
 in the <code>packages</code> parameter.</p>
 </div>
-<p id="footer">stop &mdash; npm@1.1.32</p>
+<p id="footer">stop &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/submodule.html

@@ -2,7 +2,7 @@
 <html>
   <title>submodule</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -18,7 +18,7 @@
 in its package.json description then add it as a git submodule at
 <code>node_modules/&lt;pkg name&gt;</code>.</p>
 
-<p>This is a convenience only.  From then on, it's up to you to manage
+<p>This is a convenience only.  From then on, it&#39;s up to you to manage
 updates by using the appropriate git commands.  npm will stubbornly
 refuse to update, modify, or remove anything with a <code>.git</code> subfolder
 in it.</p>
@@ -33,7 +33,7 @@ dependencies into the submodule folder.</p>
 
 <ul><li>npm help json</li><li>git help submodule</li></ul>
 </div>
-<p id="footer">submodule &mdash; npm@1.1.32</p>
+<p id="footer">submodule &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/tag.html

@@ -2,7 +2,7 @@
 <html>
   <title>tag</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -17,7 +17,7 @@
 <p>Tags the specified version of the package with the specified tag, or the
 <code>--tag</code> config if not specified.</p>
 
-<p>The 'package@version' is an array of strings, but only the first two elements are
+<p>The &#39;package@version&#39; is an array of strings, but only the first two elements are
 currently used.</p>
 
 <p>The first element must be in the form package@version, where package
@@ -29,7 +29,7 @@ parameter is missing or falsey (empty), the default froom the config will be
 used. For more information about how to set this config, check
 <code>man 3 npm-config</code> for programmatic usage or <code>man npm-config</code> for cli usage.</p>
 </div>
-<p id="footer">tag &mdash; npm@1.1.32</p>
+<p id="footer">tag &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/test.html

@@ -2,7 +2,7 @@
 <html>
   <title>test</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,7 +14,7 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>This runs a package's "test" script, if one was provided.</p>
+<p>This runs a package&#39;s &quot;test&quot; script, if one was provided.</p>
 
 <p>To run tests as a condition of installation, set the <code>npat</code> config to
 true.</p>
@@ -22,7 +22,7 @@ true.</p>
 <p>npm can run tests on multiple packages. Just specify multiple packages
 in the <code>packages</code> parameter.</p>
 </div>
-<p id="footer">test &mdash; npm@1.1.32</p>
+<p id="footer">test &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/uninstall.html

@@ -2,7 +2,7 @@
 <html>
   <title>uninstall</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -16,13 +16,13 @@
 
 <p>This acts much the same ways as uninstalling on the command-line.</p>
 
-<p>The 'packages' parameter is an array of strings. Each element in the array is
+<p>The &#39;packages&#39; parameter is an array of strings. Each element in the array is
 the name of a package to be uninstalled.</p>
 
-<p>Finally, 'callback' is a function that will be called when all packages have been
+<p>Finally, &#39;callback&#39; is a function that will be called when all packages have been
 uninstalled or when an error has been encountered.</p>
 </div>
-<p id="footer">uninstall &mdash; npm@1.1.32</p>
+<p id="footer">uninstall &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/unpublish.html

@@ -2,7 +2,7 @@
 <html>
   <title>unpublish</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -26,7 +26,7 @@ is what is meant.</p>
 <p>If no version is specified, or if all versions are removed then
 the root package entry is removed from the registry entirely.</p>
 </div>
-<p id="footer">unpublish &mdash; npm@1.1.32</p>
+<p id="footer">unpublish &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/update.html

@@ -2,7 +2,7 @@
 <html>
   <title>update</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -16,9 +16,9 @@
 
 <p>Updates a package, upgrading it to the latest version. It also installs any missing packages.</p>
 
-<p>The 'packages' argument is an array of packages to update. The 'callback' parameter will be called when done or when an error occurs.</p>
+<p>The &#39;packages&#39; argument is an array of packages to update. The &#39;callback&#39; parameter will be called when done or when an error occurs.</p>
 </div>
-<p id="footer">update &mdash; npm@1.1.32</p>
+<p id="footer">update &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/version.html

@@ -2,7 +2,7 @@
 <html>
   <title>version</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -24,7 +24,7 @@ fail if the repo is not clean.</p>
 parameter. The difference, however, is this function will fail if it does
 not have exactly one element. The only element should be a version number.</p>
 </div>
-<p id="footer">version &mdash; npm@1.1.32</p>
+<p id="footer">version &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/view.html

@@ -2,7 +2,7 @@
 <html>
   <title>view</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -17,10 +17,10 @@
 <p>This command shows data about a package and prints it to the stream
 referenced by the <code>outfd</code> config, which defaults to stdout.</p>
 
-<p>The "args" parameter is an ordered list that closely resembles the command-line
+<p>The &quot;args&quot; parameter is an ordered list that closely resembles the command-line
 usage. The elements should be ordered such that the first element is
 the package and version (package@version). The version is optional. After that,
-the rest of the parameters are fields with optional subfields ("field.subfield")
+the rest of the parameters are fields with optional subfields (&quot;field.subfield&quot;)
 which can be used to get only the information desired from the registry.</p>
 
 <p>The callback will be passed all of the data returned by the query.</p>
@@ -28,51 +28,51 @@ which can be used to get only the information desired from the registry.</p>
 <p>For example, to get the package registry entry for the <code>connect</code> package,
 you can do this:</p>
 
-<pre><code>npm.commands.view(["connect"], callback)</code></pre>
+<pre><code>npm.commands.view([&quot;connect&quot;], callback)</code></pre>
 
-<p>If no version is specified, "latest" is assumed.</p>
+<p>If no version is specified, &quot;latest&quot; is assumed.</p>
 
 <p>Field names can be specified after the package descriptor.
 For example, to show the dependencies of the <code>ronn</code> package at version
 0.3.5, you could do the following:</p>
 
-<pre><code>npm.commands.view(["ronn@0.3.5", "dependencies"], callback)</code></pre>
+<pre><code>npm.commands.view([&quot;ronn@0.3.5&quot;, &quot;dependencies&quot;], callback)</code></pre>
 
 <p>You can view child field by separating them with a period.
 To view the git repository URL for the latest version of npm, you could
 do this:</p>
 
-<pre><code>npm.commands.view(["npm", "repository.url"], callback)</code></pre>
+<pre><code>npm.commands.view([&quot;npm&quot;, &quot;repository.url&quot;], callback)</code></pre>
 
 <p>For fields that are arrays, requesting a non-numeric field will return
 all of the values from the objects in the list.  For example, to get all
-the contributor names for the "express" project, you can do this:</p>
+the contributor names for the &quot;express&quot; project, you can do this:</p>
 
-<pre><code>npm.commands.view(["express", "contributors.email"], callback)</code></pre>
+<pre><code>npm.commands.view([&quot;express&quot;, &quot;contributors.email&quot;], callback)</code></pre>
 
 <p>You may also use numeric indices in square braces to specifically select
 an item in an array field.  To just get the email address of the first
 contributor in the list, you can do this:</p>
 
-<pre><code>npm.commands.view(["express", "contributors[0].email"], callback)</code></pre>
+<pre><code>npm.commands.view([&quot;express&quot;, &quot;contributors[0].email&quot;], callback)</code></pre>
 
 <p>Multiple fields may be specified, and will be printed one after another.
 For exampls, to get all the contributor names and email addresses, you
 can do this:</p>
 
-<pre><code>npm.commands.view(["express", "contributors.name", "contributors.email"], callback)</code></pre>
+<pre><code>npm.commands.view([&quot;express&quot;, &quot;contributors.name&quot;, &quot;contributors.email&quot;], callback)</code></pre>
 
-<p>"Person" fields are shown as a string if they would be shown as an
+<p>&quot;Person&quot; fields are shown as a string if they would be shown as an
 object.  So, for example, this will show the list of npm contributors in
 the shortened string format.  (See <code>npm help json</code> for more on this.)</p>
 
-<pre><code>npm.commands.view(["npm", "contributors"], callback)</code></pre>
+<pre><code>npm.commands.view([&quot;npm&quot;, &quot;contributors&quot;], callback)</code></pre>
 
 <p>If a version range is provided, then data will be printed for every
 matching version of the package.  This will show which version of jsdom
 was required by each matching version of yui3:</p>
 
-<pre><code>npm.commands.view(["yui3@'&gt;0.5.4'", "dependencies.jsdom"], callback)</code></pre>
+<pre><code>npm.commands.view([&quot;yui3@&#39;&gt;0.5.4&#39;&quot;, &quot;dependencies.jsdom&quot;], callback)</code></pre>
 
 <h2 id="OUTPUT">OUTPUT</h2>
 
@@ -86,7 +86,7 @@ will be prefixed with the version it applies to.</p>
 <p>If multiple fields are requested, than each of them are prefixed with
 the field name.</p>
 
-<p>Console output can be disabled by setting the 'silent' parameter to true.</p>
+<p>Console output can be disabled by setting the &#39;silent&#39; parameter to true.</p>
 
 <h2 id="RETURN-VALUE">RETURN VALUE</h2>
 
@@ -99,7 +99,7 @@ the field name.</p>
 
 <p>corresponding to the list of fields selected.</p>
 </div>
-<p id="footer">view &mdash; npm@1.1.32</p>
+<p id="footer">view &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/api/whoami.html

@@ -2,7 +2,7 @@
 <html>
   <title>whoami</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -16,12 +16,12 @@
 
 <p>Print the <code>username</code> config to standard output.</p>
 
-<p>'args' is never used and callback is never called with data.
-'args' must be present or things will break.</p>
+<p>&#39;args&#39; is never used and callback is never called with data.
+&#39;args&#39; must be present or things will break.</p>
 
 <p>This function is not useful programmatically</p>
 </div>
-<p id="footer">whoami &mdash; npm@1.1.32</p>
+<p id="footer">whoami &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/README.html

@@ -2,7 +2,7 @@
 <html>
   <title>README</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -12,11 +12,11 @@
 
 <p>This is just enough info to get you up and running.</p>
 
-<p>Much more info available via <code>npm help</code> once it's installed.</p>
+<p>Much more info available via <code>npm help</code> once it&#39;s installed.</p>
 
 <h2 id="IMPORTANT">IMPORTANT</h2>
 
-<p><strong>You need node v0.6 or higher to run this program.</strong></p>
+<p><strong>You need node v0.8 or higher to run this program.</strong></p>
 
 <p>To install an old <strong>and unsupported</strong> version of npm that works on node 0.3
 and prior, clone the git repo and dig through the old tags and branches.</p>
@@ -42,74 +42,46 @@ paths, etc.) then read on.</p>
 
 <h2 id="Fancy-Install-Unix">Fancy Install (Unix)</h2>
 
-<p>To install npm with one command, do this:</p>
-
-<pre><code>curl http://npmjs.org/install.sh | sh</code></pre>
-
-<p>To skip the npm 0.x cleanup, do this:</p>
-
-<pre><code>curl http://npmjs.org/install.sh | clean=no sh</code></pre>
-
-<p>To say "yes" to the 0.x cleanup, but skip the prompt:</p>
-
-<pre><code>curl http://npmjs.org/install.sh | clean=yes sh</code></pre>
-
-<p>If you get permission errors, you'll need to <strong>run</strong> the script as root.
-(Note, just putting <code>sudo</code> in front of the <code>curl</code> will <strong>fetch</strong> the script
-as root.)</p>
+<p>There&#39;s a pretty robust install script at
+<a href="https://npmjs.org/install.sh">https://npmjs.org/install.sh</a>.  You can download that and run it.</p>
 
 <h3 id="Slightly-Fancier">Slightly Fancier</h3>
 
 <p>You can set any npm configuration params with that script:</p>
 
-<pre><code>curl http://npmjs.org/install.sh | npm_config_prefix=/some/path sh</code></pre>
+<pre><code>npm_config_prefix=/some/path sh install.sh</code></pre>
 
 <p>Or, you can run it in uber-debuggery mode:</p>
 
-<pre><code>curl http://npmjs.org/install.sh | npm_debug=1 sh</code></pre>
+<pre><code>npm_debug=1 sh install.sh</code></pre>
 
 <h3 id="Even-Fancier">Even Fancier</h3>
 
 <p>Get the code with git.  Use <code>make</code> to build the docs and do other stuff.
 If you plan on hacking on npm, <code>make link</code> is your friend.</p>
 
-<p>If you've got the npm source code, you can also semi-permanently set
+<p>If you&#39;ve got the npm source code, you can also semi-permanently set
 arbitrary config keys using the <code>./configure --key=val ...</code>, and then
 run npm commands by doing <code>node cli.js &lt;cmd&gt; &lt;args&gt;</code>.  (This is helpful
 for testing, or running stuff without actually installing npm itself.)</p>
 
 <h2 id="Fancy-Windows-Install">Fancy Windows Install</h2>
 
-<p>You can download a zip file from <a href="http://npmjs.org/dist/">http://npmjs.org/dist/</a>, and unpack it
+<p>You can download a zip file from <a href="https://npmjs.org/dist/">https://npmjs.org/dist/</a>, and unpack it
 in the same folder where node.exe lives.</p>
 
-<p>If that's not fancy enough for you, then you can fetch the code with
+<p>If that&#39;s not fancy enough for you, then you can fetch the code with
 git, and mess with it directly.</p>
 
 <h2 id="Installing-on-Cygwin">Installing on Cygwin</h2>
 
 <p>No.</p>
 
-<h2 id="Dev-Install">Dev Install</h2>
-
-<p>To install the latest <strong>unstable</strong> development version from git:</p>
-
-<pre><code>git clone https://github.com/isaacs/npm.git
-cd npm
-sudo make install     # (or: `node cli.js install -gf`)</code></pre>
-
-<p>If you're sitting in the code folder reading this document in your
-terminal, then you've already got the code.  Just do:</p>
-
-<pre><code>sudo make install</code></pre>
-
-<p>and npm will install itself.</p>
-
 <h2 id="Permissions-when-Using-npm-to-Install-Other-Stuff">Permissions when Using npm to Install Other Stuff</h2>
 
 <p><strong>tl;dr</strong></p>
 
-<ul><li>Use <code>sudo</code> for greater safety.  Or don't, if you prefer not to.</li><li>npm will downgrade permissions if it's root before running any build
+<ul><li>Use <code>sudo</code> for greater safety.  Or don&#39;t, if you prefer not to.</li><li>npm will downgrade permissions if it&#39;s root before running any build
 scripts that package authors specified.</li></ul>
 
 <h3 id="More-details">More details...</h3>
@@ -122,7 +94,7 @@ to running any package build or test commands.</p>
 support uid switching, then npm will not attempt to change the userid.</p>
 
 <p>If you would like to ensure that npm <strong>always</strong> runs scripts as the
-"nobody" user, and have it fail if it cannot downgrade permissions, then
+&quot;nobody&quot; user, and have it fail if it cannot downgrade permissions, then
 set the following configuration param:</p>
 
 <pre><code>npm config set unsafe-perm false</code></pre>
@@ -142,7 +114,7 @@ set the following configuration param:</p>
 <h2 id="More-Severe-Uninstalling">More Severe Uninstalling</h2>
 
 <p>Usually, the above instructions are sufficient.  That will remove
-npm, but leave behind anything you've installed.</p>
+npm, but leave behind anything you&#39;ve installed.</p>
 
 <p>If you would like to remove all the packages that you have installed,
 then you can use the <code>npm ls</code> command to find them, and then <code>npm rm</code> to
@@ -167,16 +139,24 @@ you have chosen.</p>
 <h2 id="Using-npm-Programmatically">Using npm Programmatically</h2>
 
 <p>If you would like to use npm programmatically, you can do that.
-It's not very well documented, but it <em>is</em> rather simple.</p>
+It&#39;s not very well documented, but it <em>is</em> rather simple.</p>
 
-<pre><code>var npm = require("npm")
+<p>Most of the time, unless you actually want to do all the things that
+npm does, you should try using one of npm&#39;s dependencies rather than
+using npm itself, if possible.</p>
+
+<p>Eventually, npm will be just a thin cli wrapper around the modules
+that it depends on, but for now, there are some things that you must
+use npm itself to do.</p>
+
+<pre><code>var npm = require(&quot;npm&quot;)
 npm.load(myConfigObject, function (er) {
   if (er) return handlError(er)
-  npm.commands.install(["some", "args"], function (er, data) {
+  npm.commands.install([&quot;some&quot;, &quot;args&quot;], function (er, data) {
     if (er) return commandFailed(er)
     // command succeeded, and data might have some info
   })
-  npm.on("log", function (message) { .... })
+  npm.on(&quot;log&quot;, function (message) { .... })
 })</code></pre>
 
 <p>The <code>load</code> function takes an object hash of the command-line configs.
@@ -195,22 +175,21 @@ help config</code> to learn about all the options you can set there.</p>
 
 <h2 id="More-Docs">More Docs</h2>
 
-<p>Check out the <a href="http://npmjs.org/doc/">docs</a>,
-especially the <a href="http://npmjs.org/doc/faq.html">faq</a>.</p>
+<p>Check out the <a href="https://npmjs.org/doc/">docs</a>,
+especially the <a href="https://npmjs.org/doc/faq.html">faq</a>.</p>
 
 <p>You can use the <code>npm help</code> command to read any of them.</p>
 
-<p>If you're a developer, and you want to use npm to publish your program,
-you should
-<a href="http://npmjs.org/doc/developers.html">read this</a></p>
+<p>If you&#39;re a developer, and you want to use npm to publish your program,
+you should <a href="https://npmjs.org/doc/developers.html">read this</a></p>
 
 <h2 id="Legal-Stuff">Legal Stuff</h2>
 
-<p>"npm" and "the npm registry" are owned by Isaac Z. Schlueter.  All
+<p>&quot;npm&quot; and &quot;the npm registry&quot; are owned by Isaac Z. Schlueter.  All
 rights not explicitly granted in the MIT license are reserved. See the
 included LICENSE file for more details.</p>
 
-<p>"Node.js" and "node" are trademarks owned by Joyent, Inc.  npm is not
+<p>&quot;Node.js&quot; and &quot;node&quot; are trademarks owned by Joyent, Inc.  npm is not
 officially part of the Node.js project, and is neither owned by nor
 officially affiliated with Joyent, Inc.</p>
 
@@ -228,17 +207,17 @@ Isaac Z. Schlueter at <a href="mailto:i@izs.me">i@izs.me</a>.</p>
 
 <h3 id="In-plain-english">In plain english</h3>
 
-<p>This is mine; not my employer's, not Node's, not Joyent's, not Ryan
-Dahl's.</p>
+<p>This is mine; not my employer&#39;s, not Node&#39;s, not Joyent&#39;s, not Ryan
+Dahl&#39;s.</p>
 
-<p>If you publish something, it's yours, and you are solely accountable
+<p>If you publish something, it&#39;s yours, and you are solely accountable
 for it.  Not me, not Node, not Joyent, not Ryan Dahl.</p>
 
-<p>If other people publish something, it's theirs.  Not mine, not Node's,
-not Joyent's, not Ryan Dahl's.</p>
+<p>If other people publish something, it&#39;s theirs.  Not mine, not Node&#39;s,
+not Joyent&#39;s, not Ryan Dahl&#39;s.</p>
 
 <p>Yes, you can publish something evil.  It will be removed promptly if
-reported, and we'll lose respect for you.  But there is no vetting
+reported, and we&#39;ll lose respect for you.  But there is no vetting
 process for published modules.</p>
 
 <p>If this concerns you, inspect the source before using packages.</p>
@@ -248,10 +227,10 @@ process for published modules.</p>
 <p>When you find issues, please report them:</p>
 
 <ul><li>web:
-<a href="http://github.com/isaacs/npm/issues">http://github.com/isaacs/npm/issues</a></li><li>email:
+<a href="https://github.com/isaacs/npm/issues">https://github.com/isaacs/npm/issues</a></li><li>email:
 <a href="mailto:npm-@googlegroups.com">npm-@googlegroups.com</a></li></ul>
 
-<p>Be sure to include <em>all</em> of the output from the npm command that didn't work
+<p>Be sure to include <em>all</em> of the output from the npm command that didn&#39;t work
 as expected.  The <code>npm-debug.log</code> file is also helpful to provide.</p>
 
 <p>You can also look for isaacs in #node.js on irc://irc.freenode.net.  He
@@ -261,7 +240,7 @@ will no doubt tell you to put the output in a gist or email.</p>
 
 <ul><li><a href="../doc/npm.html">npm(1)</a></li><li><a href="../doc/faq.html">faq(1)</a></li><li><a href="../doc/help.html">help(1)</a></li><li><a href="../doc/index.html">index(1)</a></li></ul>
 </div>
-<p id="footer"><a href="../doc/README.html">README</a> &mdash; npm@1.1.32</p>
+<p id="footer"><a href="../doc/README.html">README</a> &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/adduser.html

@@ -2,7 +2,7 @@
 <html>
   <title>adduser</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -39,7 +39,7 @@ authorize on a new machine.</p>
 
 <ul><li><a href="../doc/registry.html">registry(1)</a></li><li><a href="../doc/config.html">config(1)</a></li><li><a href="../doc/owner.html">owner(1)</a></li><li><a href="../doc/whoami.html">whoami(1)</a></li></ul>
 </div>
-<p id="footer">adduser &mdash; npm@1.1.32</p>
+<p id="footer">adduser &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/bin.html

@@ -2,7 +2,7 @@
 <html>
   <title>bin</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -20,7 +20,7 @@
 
 <ul><li><a href="../doc/prefix.html">prefix(1)</a></li><li><a href="../doc/root.html">root(1)</a></li><li><a href="../doc/folders.html">folders(1)</a></li><li><a href="../doc/config.html">config(1)</a></li></ul>
 </div>
-<p id="footer">bin &mdash; npm@1.1.32</p>
+<p id="footer">bin &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/bugs.html

@@ -2,7 +2,7 @@
 <html>
   <title>bugs</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -14,7 +14,7 @@
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>This command tries to guess at the likely location of a package's
+<p>This command tries to guess at the likely location of a package&#39;s
 bug tracker URL, and then tries to open it using the <code>--browser</code>
 config param.</p>
 
@@ -22,7 +22,7 @@ config param.</p>
 
 <h3 id="browser">browser</h3>
 
-<ul><li>Default: OS X: <code>"open"</code>, others: <code>"google-chrome"</code></li><li>Type: String</li></ul>
+<ul><li>Default: OS X: <code>&quot;open&quot;</code>, Windows: <code>&quot;start&quot;</code>, Others: <code>&quot;xdg-open&quot;</code></li><li>Type: String</li></ul>
 
 <p>The browser that is called by the <code>npm bugs</code> command to open websites.</p>
 
@@ -36,7 +36,7 @@ config param.</p>
 
 <ul><li><a href="../doc/docs.html">docs(1)</a></li><li><a href="../doc/view.html">view(1)</a></li><li><a href="../doc/publish.html">publish(1)</a></li><li><a href="../doc/registry.html">registry(1)</a></li><li><a href="../doc/config.html">config(1)</a></li><li><a href="../doc/json.html">json(1)</a></li></ul>
 </div>
-<p id="footer">bugs &mdash; npm@1.1.32</p>
+<p id="footer">bugs &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/build.html

@@ -2,7 +2,7 @@
 <html>
   <title>build</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -25,7 +25,7 @@ A folder containing a <code>package.json</code> file in its root.</li></ul>
 
 <ul><li><a href="../doc/install.html">install(1)</a></li><li><a href="../doc/link.html">link(1)</a></li><li><a href="../doc/scripts.html">scripts(1)</a></li><li><a href="../doc/json.html">json(1)</a></li></ul>
 </div>
-<p id="footer">build &mdash; npm@1.1.32</p>
+<p id="footer">build &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/bundle.html

@@ -2,7 +2,7 @@
 <html>
   <title>bundle</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -20,7 +20,7 @@ install packages into the local space.</p>
 
 <ul><li><a href="../doc/install.html">install(1)</a></li></ul>
 </div>
-<p id="footer">bundle &mdash; npm@1.1.32</p>
+<p id="footer">bundle &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/cache.html

@@ -2,7 +2,7 @@
 <html>
   <title>cache</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -66,7 +66,7 @@ they do not make an HTTP request to the registry.</p>
 
 <ul><li><a href="../doc/folders.html">folders(1)</a></li><li><a href="../doc/config.html">config(1)</a></li><li><a href="../doc/install.html">install(1)</a></li><li><a href="../doc/publish.html">publish(1)</a></li><li><a href="../doc/pack.html">pack(1)</a></li></ul>
 </div>
-<p id="footer">cache &mdash; npm@1.1.32</p>
+<p id="footer">cache &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/changelog.html

@@ -2,7 +2,7 @@
 <html>
   <title>changelog</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -12,15 +12,15 @@
 
 <h3 id="1-1-3-1-1-4">1.1.3, 1.1.4</h3>
 
-<ul><li>Update request to support HTTPS-over-HTTP proxy tunneling</li><li>Throw on undefined envs in config settings</li><li>Update which to 1.0.5</li><li>Fix windows UNC busyloop in findPrefix</li><li>Bundle nested bundleDependencies properly</li><li>Alias adduser to add-user</li><li>Doc updates  (Christian Howe, Henrik Hodne, Andrew Lunny)</li><li>ignore logfd/outfd streams in makeEnv() (Rod Vagg)</li><li>shrinkwrap: Behave properly with url-installed deps</li><li>install: Support --save with url install targets</li><li>Support installing naked tars or single-file modules from urls etc.</li><li>init: Don't add engines section</li><li>Don't run make clean on rebuild</li><li>Added missing unicode replacement (atomizer)</li></ul>
+<ul><li>Update request to support HTTPS-over-HTTP proxy tunneling</li><li>Throw on undefined envs in config settings</li><li>Update which to 1.0.5</li><li>Fix windows UNC busyloop in findPrefix</li><li>Bundle nested bundleDependencies properly</li><li>Alias adduser to add-user</li><li>Doc updates  (Christian Howe, Henrik Hodne, Andrew Lunny)</li><li>ignore logfd/outfd streams in makeEnv() (Rod Vagg)</li><li>shrinkwrap: Behave properly with url-installed deps</li><li>install: Support --save with url install targets</li><li>Support installing naked tars or single-file modules from urls etc.</li><li>init: Don&#39;t add engines section</li><li>Don&#39;t run make clean on rebuild</li><li>Added missing unicode replacement (atomizer)</li></ul>
 
 <h3 id="1-1-2">1.1.2</h3>
 
 <p>Dave Pacheco (2):
-      add "npm shrinkwrap"</p>
+      add &quot;npm shrinkwrap&quot;</p>
 
 <p>Martin Cooper (1):
-      Fix #1753 Make a copy of the cached objects we'll modify.</p>
+      Fix #1753 Make a copy of the cached objects we&#39;ll modify.</p>
 
 <p>Tim Oxley (1):
       correctly remove readme from default npm view command.</p>
@@ -32,7 +32,7 @@
       update minimatch
       update request
       Experimental: single-file modules
-      Fix #2172 Don't remove global mans uninstalling local pkgs
+      Fix #2172 Don&#39;t remove global mans uninstalling local pkgs
       Add --versions flag to show the version of node as well
       Support --json flag for ls output
       update request to 2.9.151</p>
@@ -47,11 +47,11 @@
 
 <h3 id="0-3">0.3</h3>
 
-<ul><li>More correct permission/uid handling when running as root  </li><li>Require node 0.4.0  </li><li>Reduce featureset  </li><li>Packages without "main" modules don't export modules</li><li>Remove support for invalid JSON (since node doesn't support it)</li></ul>
+<ul><li>More correct permission/uid handling when running as root  </li><li>Require node 0.4.0  </li><li>Reduce featureset  </li><li>Packages without &quot;main&quot; modules don&#39;t export modules</li><li>Remove support for invalid JSON (since node doesn&#39;t support it)</li></ul>
 
 <h3 id="0-2">0.2</h3>
 
-<ul><li>First allegedly "stable" release</li><li>Most functionality implemented </li><li>Used shim files and <code>name@version</code> symlinks</li><li>Feature explosion</li><li>Kind of a mess</li></ul>
+<ul><li>First allegedly &quot;stable&quot; release</li><li>Most functionality implemented </li><li>Used shim files and <code>name@version</code> symlinks</li><li>Feature explosion</li><li>Kind of a mess</li></ul>
 
 <h3 id="0-1">0.1</h3>
 
@@ -65,7 +65,7 @@
 
 <ul><li><a href="../doc/npm.html">npm(1)</a></li><li><a href="../doc/faq.html">faq(1)</a></li></ul>
 </div>
-<p id="footer">changelog &mdash; npm@1.1.32</p>
+<p id="footer">changelog &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/coding-style.html

@@ -2,31 +2,33 @@
 <html>
   <title>coding-style</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
-<h1><a href="../doc/coding-style.html">coding-style</a></h1> <p>npm's "funny" coding style</p>
+<h1><a href="../doc/coding-style.html">coding-style</a></h1> <p>npm&#39;s &quot;funny&quot; coding style</p>
 
 <h2 id="DESCRIPTION">DESCRIPTION</h2>
 
-<p>npm's coding style is a bit unconventional.  It is not different for
-difference's sake, but rather a carefully crafted style that is
+<p>npm&#39;s coding style is a bit unconventional.  It is not different for
+difference&#39;s sake, but rather a carefully crafted style that is
 designed to reduce visual clutter and make bugs more apparent.</p>
 
 <p>If you want to contribute to npm (which is very encouraged), you should
-make your code conform to npm's style.</p>
+make your code conform to npm&#39;s style.</p>
+
+<p>Note: this concerns npm&#39;s code not the specific packages at npmjs.org</p>
 
 <h2 id="Line-Length">Line Length</h2>
 
-<p>Keep lines shorter than 80 characters.  It's better for lines to be
+<p>Keep lines shorter than 80 characters.  It&#39;s better for lines to be
 too short than to be too long.  Break up long lists, objects, and other
 statements onto multiple lines.</p>
 
 <h2 id="Indentation">Indentation</h2>
 
 <p>Two-spaces.  Tabs are better, but they look like hell in web browsers
-(and on github), and node uses 2 spaces, so that's that.</p>
+(and on github), and node uses 2 spaces, so that&#39;s that.</p>
 
 <p>Configure your editor appropriately.</p>
 
@@ -43,8 +45,8 @@ statements onto multiple lines.</p>
 
 <pre><code>function () {</code></pre>
 
-<p>If a block needs to wrap to the next line, use a curly brace.  Don't
-use it if it doesn't.</p>
+<p>If a block needs to wrap to the next line, use a curly brace.  Don&#39;t
+use it if it doesn&#39;t.</p>
 
 <p>Bad:</p>
 
@@ -61,10 +63,10 @@ while (foo) {
 
 <h2 id="Semicolons">Semicolons</h2>
 
-<p>Don't use them except in four situations:</p>
+<p>Don&#39;t use them except in four situations:</p>
 
-<ul><li><code>for (;;)</code> loops.  They're actually required.</li><li>null loops like: <code>while (something) ;</code> (But you'd better have a good
-reason for doing that.)</li><li><code>case "foo": doSomething(); break</code></li><li>In front of a leading <code>(</code> or <code>[</code> at the start of the line.
+<ul><li><code>for (;;)</code> loops.  They&#39;re actually required.</li><li>null loops like: <code>while (something) ;</code> (But you&#39;d better have a good
+reason for doing that.)</li><li><code>case &quot;foo&quot;: doSomething(); break</code></li><li>In front of a leading <code>(</code> or <code>[</code> at the start of the line.
 This prevents the expression from being interpreted
 as a function call or property access, respectively.</li></ul>
 
@@ -74,9 +76,9 @@ as a function call or property access, respectively.</li></ul>
 ;[a, b, c].forEach(doSomething)
 for (var i = 0; i &lt; 10; i ++) {
   switch (state) {
-    case "begin": start(); continue
-    case "end": finish(); break
-    default: throw new Error("unknown state")
+    case &quot;begin&quot;: start(); continue
+    case &quot;end&quot;: finish(); break
+    default: throw new Error(&quot;unknown state&quot;)
   }
   end()
 }</code></pre>
@@ -91,15 +93,15 @@ across multiple lines, put the comma at the start of the next
 line, directly below the token that starts the list.  Put the
 final token in the list on a line by itself.  For example:</p>
 
-<pre><code>var magicWords = [ "abracadabra"
-                 , "gesundheit"
-                 , "ventrilo"
+<pre><code>var magicWords = [ &quot;abracadabra&quot;
+                 , &quot;gesundheit&quot;
+                 , &quot;ventrilo&quot;
                  ]
-  , spells = { "fireball" : function () { setOnFire() }
-             , "water" : function () { putOut() }
+  , spells = { &quot;fireball&quot; : function () { setOnFire() }
+             , &quot;water&quot; : function () { putOut() }
              }
   , a = 1
-  , b = "abc"
+  , b = &quot;abc&quot;
   , etc
   , somethingElse</code></pre>
 
@@ -108,8 +110,8 @@ final token in the list on a line by itself.  For example:</p>
 <p>Put a single space in front of ( for anything other than a function call.
 Also use a single space wherever it makes things more readable.</p>
 
-<p>Don't leave trailing whitespace at the end of lines.  Don't indent empty
-lines.  Don't use more spaces than are helpful.</p>
+<p>Don&#39;t leave trailing whitespace at the end of lines.  Don&#39;t indent empty
+lines.  Don&#39;t use more spaces than are helpful.</p>
 
 <h2 id="Functions">Functions</h2>
 
@@ -125,12 +127,12 @@ methodology.</p>
 <p>The callback should always be the last argument in the list.  Its first
 argument is the Error or null.</p>
 
-<p>Be very careful never to ever ever throw anything.  It's worse than useless.
+<p>Be very careful never to ever ever throw anything.  It&#39;s worse than useless.
 Just send the error message back as the first argument to the callback.</p>
 
 <h2 id="Errors">Errors</h2>
 
-<p>Always create a new Error object with your message.  Don't just return a
+<p>Always create a new Error object with your message.  Don&#39;t just return a
 string message to the callback.  Stack traces are handy.</p>
 
 <h2 id="Logging">Logging</h2>
@@ -140,18 +142,18 @@ utility.</p>
 
 <p>Please clean up logs when they are no longer helpful.  In particular,
 logging the same object over and over again is not helpful.  Logs should
-report what's happening so that it's easier to track down where a fault
+report what&#39;s happening so that it&#39;s easier to track down where a fault
 occurs.</p>
 
 <p>Use appropriate log levels.  See <code><a href="../doc/config.html">config(1)</a></code> and search for
-"loglevel".</p>
+&quot;loglevel&quot;.</p>
 
 <h2 id="Case-naming-etc">Case, naming, etc.</h2>
 
 <p>Use <code>lowerCamelCase</code> for multiword identifiers when they refer to objects,
 functions, methods, members, or anything not specified in this section.</p>
 
-<p>Use <code>UpperCamelCase</code> for class names (things that you'd pass to "new").</p>
+<p>Use <code>UpperCamelCase</code> for class names (things that you&#39;d pass to &quot;new&quot;).</p>
 
 <p>Use <code>all-lower-hyphen-css-case</code> for multiword filenames and config keys.</p>
 
@@ -162,17 +164,17 @@ and are rarely used.</p>
 
 <p>Use a single uppercase letter for function names where the function
 would normally be anonymous, but needs to call itself recursively.  It
-makes it clear that it's a "throwaway" function.</p>
+makes it clear that it&#39;s a &quot;throwaway&quot; function.</p>
 
 <h2 id="null-undefined-false-0">null, undefined, false, 0</h2>
 
 <p>Boolean variables and functions should always be either <code>true</code> or
-<code>false</code>.  Don't set it to 0 unless it's supposed to be a number.</p>
+<code>false</code>.  Don&#39;t set it to 0 unless it&#39;s supposed to be a number.</p>
 
 <p>When something is intentionally missing or removed, set it to <code>null</code>.</p>
 
-<p>Don't set things to <code>undefined</code>.  Reserve that value to mean "not yet
-set to anything."</p>
+<p>Don&#39;t set things to <code>undefined</code>.  Reserve that value to mean &quot;not yet
+set to anything.&quot;</p>
 
 <p>Boolean objects are verboten.</p>
 
@@ -180,7 +182,7 @@ set to anything."</p>
 
 <ul><li><a href="../doc/developers.html">developers(1)</a></li><li><a href="../doc/faq.html">faq(1)</a></li><li><a href="../doc/npm.html">npm(1)</a></li></ul>
 </div>
-<p id="footer">coding-style &mdash; npm@1.1.32</p>
+<p id="footer">coding-style &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/completion.html

@@ -2,7 +2,7 @@
 <html>
   <title>completion</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -26,14 +26,14 @@ such as <code>/usr/local/etc/bash_completion.d/npm</code> if you have a system
 that will read that file for you.</p>
 
 <p>When <code>COMP_CWORD</code>, <code>COMP_LINE</code>, and <code>COMP_POINT</code> are defined in the
-environment, <code>npm completion</code> acts in "plumbing mode", and outputs
+environment, <code>npm completion</code> acts in &quot;plumbing mode&quot;, and outputs
 completions based on the arguments.</p>
 
 <h2 id="SEE-ALSO">SEE ALSO</h2>
 
 <ul><li><a href="../doc/developers.html">developers(1)</a></li><li><a href="../doc/faq.html">faq(1)</a></li><li><a href="../doc/npm.html">npm(1)</a></li></ul>
 </div>
-<p id="footer">completion &mdash; npm@1.1.32</p>
+<p id="footer">completion &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/config.html

@@ -2,7 +2,7 @@
 <html>
   <title>config</title>
   <meta http-equiv="content-type" value="text/html;utf-8">
-  <link rel="stylesheet" type="text/css" href="../style.css">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
 
   <body>
     <div id="wrapper">
@@ -25,7 +25,7 @@ npm set &lt;key&gt; &lt;value&gt; [--global]</code></pre>
 <h3 id="Command-Line-Flags">Command Line Flags</h3>
 
 <p>Putting <code>--foo bar</code> on the command line sets the
-<code>foo</code> configuration parameter to <code>"bar"</code>.  A <code>--</code> argument tells the cli
+<code>foo</code> configuration parameter to <code>&quot;bar&quot;</code>.  A <code>--</code> argument tells the cli
 parser to stop reading flags.  A <code>--flag</code> parameter that is at the <em>end</em> of
 the command will be given the value of <code>true</code>.</p>
 
@@ -42,18 +42,22 @@ work the same.</p>
 
 <p><code>$HOME/.npmrc</code> (or the <code>userconfig</code> param, if set above)</p>
 
-<p>This file is an ini-file formatted list of <code>key = value</code> parameters.</p>
+<p>This file is an ini-file formatted list of <code>key = value</code> parameters.
+Environment variables can be replaced using <code>${VARIABLE_NAME}</code>. For example:</p>
+
+<pre><code>prefix = ${HOME}/.npm-packages</code></pre>
 
 <h3 id="Global-config-file">Global config file</h3>
 
 <p><code>$PREFIX/etc/npmrc</code> (or the <code>globalconfig</code> param, if set above):
-This file is an ini-file formatted list of <code>key = value</code> parameters</p>
+This file is an ini-file formatted list of <code>key = value</code> parameters.
+Environment variables can be replaced as above.</p>
 
 <h3 id="Built-in-config-file">Built-in config file</h3>
 
 <p><code>path/to/npm/itself/npmrc</code></p>
 
-<p>This is an unchangeable "builtin"
+<p>This is an unchangeable &quot;builtin&quot;
 configuration file that npm keeps consistent across updates.  Set
 fields in here using the <code>./configure</code> script that comes with npm.
 This is primarily for distribution maintainers to override default
@@ -74,7 +78,7 @@ defaults if nothing else is specified.</p>
 
 <p>Sets the config key to the value.</p>
 
-<p>If value is omitted, then it sets it to "true".</p>
+<p>If value is omitted, then it sets it to &quot;true&quot;.</p>
 
 <h3 id="get">get</h3>
 
@@ -105,7 +109,7 @@ global config.</p>
 
 <p>The following shorthands are parsed on the command-line:</p>
 
-<ul><li><code>-v</code>: <code>--version</code></li><li><code>-h</code>, <code>-?</code>, <code>--help</code>, <code>-H</code>: <code>--usage</code></li><li><code>-s</code>, <code>--silent</code>: <code>--loglevel silent</code></li><li><code>-q</code>, <code>--quiet</code>: <code>--loglevel warn</code></li><li><code>-d</code>: <code>--loglevel info</code></li><li><code>-dd</code>, <code>--verbose</code>: <code>--loglevel verbose</code></li><li><code>-ddd</code>: <code>--loglevel silly</code></li><li><code>-g</code>: <code>--global</code></li><li><code>-l</code>: <code>--long</code></li><li><code>-m</code>: <code>--message</code></li><li><code>-p</code>, <code>--porcelain</code>: <code>--parseable</code></li><li><code>-reg</code>: <code>--registry</code></li><li><code>-v</code>: <code>--version</code></li><li><code>-f</code>: <code>--force</code></li><li><code>-l</code>: <code>--long</code></li><li><code>-desc</code>: <code>--description</code></li><li><code>-S</code>: <code>--save</code></li><li><code>-D</code>: <code>--save-dev</code></li><li><code>-O</code>: <code>--save-optional</code></li><li><code>-B</code>: <code>--save-bundle</code></li><li><code>-y</code>: <code>--yes</code></li><li><code>-n</code>: <code>--yes false</code></li><li><code>ll</code> and <code>la</code> commands: <code>ls --long</code></li></ul>
+<ul><li><code>-v</code>: <code>--version</code></li><li><code>-h</code>, <code>-?</code>, <code>--help</code>, <code>-H</code>: <code>--usage</code></li><li><code>-s</code>, <code>--silent</code>: <code>--loglevel silent</code></li><li><code>-q</code>, <code>--quiet</code>: <code>--loglevel warn</code></li><li><code>-d</code>: <code>--loglevel info</code></li><li><code>-dd</code>, <code>--verbose</code>: <code>--loglevel verbose</code></li><li><code>-ddd</code>: <code>--loglevel silly</code></li><li><code>-g</code>: <code>--global</code></li><li><code>-l</code>: <code>--long</code></li><li><code>-m</code>: <code>--message</code></li><li><code>-p</code>, <code>--porcelain</code>: <code>--parseable</code></li><li><code>-reg</code>: <code>--registry</code></li><li><code>-v</code>: <code>--version</code></li><li><code>-f</code>: <code>--force</code></li><li><code>-desc</code>: <code>--description</code></li><li><code>-S</code>: <code>--save</code></li><li><code>-D</code>: <code>--save-dev</code></li><li><code>-O</code>: <code>--save-optional</code></li><li><code>-B</code>: <code>--save-bundle</code></li><li><code>-y</code>: <code>--yes</code></li><li><code>-n</code>: <code>--yes false</code></li><li><code>ll</code> and <code>la</code> commands: <code>ls --long</code></li></ul>
 
 <p>If the specified configuration param resolves unambiguously to a known
 configuration parameter, then it is expanded to that configuration
@@ -127,13 +131,13 @@ npm ls --global --parseable --long --loglevel info</code></pre>
 <h2 id="Per-Package-Config-Settings">Per-Package Config Settings</h2>
 
 <p>When running scripts (see <code><a href="../doc/scripts.html">scripts(1)</a></code>)
-the package.json "config" keys are overwritten in the environment if
+the package.json &quot;config&quot; keys are overwritten in the environment if
 there is a config param of <code>&lt;name&gt;[@&lt;version&gt;]:&lt;key&gt;</code>.  For example, if
 the package.json has this:</p>
 
-<pre><code>{ "name" : "foo"
-, "config" : { "port" : "8080" }
-, "scripts" : { "start" : "node server.js" } }</code></pre>
+<pre><code>{ &quot;name&quot; : &quot;foo&quot;
+, &quot;config&quot; : { &quot;port&quot; : &quot;8080&quot; }
+, &quot;scripts&quot; : { &quot;start&quot; : &quot;node server.js&quot; } }</code></pre>
 
 <p>and the server.js is this:</p>
 
@@ -152,9 +156,20 @@ the package.json has this:</p>
 <p>Force npm to always require authentication when accessing the registry,
 even for <code>GET</code> requests.</p>
 
+<h3 id="bin-links">bin-links</h3>
+
+<ul><li>Default: <code>true</code></li><li>Type: Boolean</li></ul>
+
+<p>Tells npm to create symlinks (or <code>.cmd</code> shims on Windows) for package
+executables.</p>
+
+<p>Set to false to have it not do this.  This can be used to work around
+the fact that some file systems don&#39;t support symlinks, even on
+ostensibly Unix systems.</p>
+
 <h3 id="browser">browser</h3>
 
-<ul><li>Default: OS X: <code>"open"</code>, others: <code>"google-chrome"</code></li><li>Type: String</li></ul>
+<ul><li>Default: OS X: <code>&quot;open&quot;</code>, Windows: <code>&quot;start&quot;</code>, Others: <code>&quot;xdg-open&quot;</code></li><li>Type: String</li></ul>
 
 <p>The browser that is called by the <code>npm docs</code> command to open websites.</p>
 
@@ -165,7 +180,7 @@ even for <code>GET</code> requests.</p>
 <p>The Certificate Authority signing certificate that is trusted for SSL
 connections to the registry.</p>
 
-<p>Set to <code>null</code> to only allow "known" registrars, or to a specific CA cert
+<p>Set to <code>null</code> to only allow &quot;known&quot; registrars, or to a specific CA cert
 to trust only that specific signing authority.</p>
 
 <p>See also the <code>strict-ssl</code> config.</p>
@@ -174,7 +189,25 @@ to trust only that specific signing authority.</p>
 
 <ul><li>Default: Windows: <code>%APPDATA%\npm-cache</code>, Posix: <code>~/.npm</code></li><li>Type: path</li></ul>
 
-<p>The location of npm's cache directory.  See <code><a href="../doc/cache.html">cache(1)</a></code></p>
+<p>The location of npm&#39;s cache directory.  See <code><a href="../doc/cache.html">cache(1)</a></code></p>
+
+<h3 id="cache-lock-stale">cache-lock-stale</h3>
+
+<ul><li>Default: 60000 (1 minute)</li><li>Type: Number</li></ul>
+
+<p>The number of ms before cache folder lockfiles are considered stale.</p>
+
+<h3 id="cache-lock-retries">cache-lock-retries</h3>
+
+<ul><li>Default: 10</li><li>Type: Number</li></ul>
+
+<p>Number of times to retry to acquire a lock on cache folder lockfiles.</p>
+
+<h3 id="cache-lock-wait">cache-lock-wait</h3>
+
+<ul><li>Default: 10000 (10 seconds)</li><li>Type: Number</li></ul>
+
+<p>Number of ms to wait for cache lock files to expire.</p>
 
 <h3 id="cache-max">cache-max</h3>
 
@@ -188,7 +221,7 @@ explicitly used, and that only GET requests use the cache.</p>
 
 <h3 id="cache-min">cache-min</h3>
 
-<ul><li>Default: 0</li><li>Type: Number</li></ul>
+<ul><li>Default: 10</li><li>Type: Number</li></ul>
 
 <p>The minimum time (in seconds) to keep items in the registry cache before
 re-checking against the registry.</p>
@@ -198,9 +231,9 @@ explicitly used, and that only GET requests use the cache.</p>
 
 <h3 id="color">color</h3>
 
-<ul><li>Default: true on Posix, false on Windows</li><li>Type: Boolean or <code>"always"</code></li></ul>
+<ul><li>Default: true on Posix, false on Windows</li><li>Type: Boolean or <code>&quot;always&quot;</code></li></ul>
 
-<p>If false, never shows colors.  If <code>"always"</code> then always shows colors.
+<p>If false, never shows colors.  If <code>&quot;always&quot;</code> then always shows colors.
 If true, then only prints color codes for tty file descriptors.</p>
 
 <h3 id="coverage">coverage</h3>
@@ -234,11 +267,19 @@ set.</p>
 
 <h3 id="editor">editor</h3>
 
-<ul><li>Default: <code>EDITOR</code> environment variable if set, or <code>"vi"</code> on Posix,
-or <code>"notepad"</code> on Windows.</li><li>Type: path</li></ul>
+<ul><li>Default: <code>EDITOR</code> environment variable if set, or <code>&quot;vi&quot;</code> on Posix,
+or <code>&quot;notepad&quot;</code> on Windows.</li><li>Type: path</li></ul>
 
 <p>The command to run for <code>npm edit</code> or <code>npm config edit</code>.</p>
 
+<h3 id="engine-strict">engine-strict</h3>
+
+<ul><li>Default: false</li><li>Type: Boolean</li></ul>
+
+<p>If set to true, then npm will stubbornly refuse to install (or even
+consider installing) any package that claims to not be compatible with
+the current Node.js version.</p>
+
 <h3 id="force">force</h3>
 
 <ul><li>Default: false</li><li>Type: Boolean</li></ul>
@@ -247,9 +288,37 @@ or <code>"notepad"</code> on Windows.</li><li>Type: path</li></ul>
 
 <ul><li>lifecycle script failure does not block progress.</li><li>publishing clobbers previously published versions.</li><li>skips cache when requesting from the registry.</li><li>prevents checks against clobbering non-npm files.</li></ul>
 
+<h3 id="fetch-retries">fetch-retries</h3>
+
+<ul><li>Default: 2</li><li>Type: Number</li></ul>
+
+<p>The &quot;retries&quot; config for the <code>retry</code> module to use when fetching
+packages from the registry.</p>
+
+<h3 id="fetch-retry-factor">fetch-retry-factor</h3>
+
+<ul><li>Default: 10</li><li>Type: Number</li></ul>
+
+<p>The &quot;factor&quot; config for the <code>retry</code> module to use when fetching
+packages.</p>
+
+<h3 id="fetch-retry-mintimeout">fetch-retry-mintimeout</h3>
+
+<ul><li>Default: 10000 (10 seconds)</li><li>Type: Number</li></ul>
+
+<p>The &quot;minTimeout&quot; config for the <code>retry</code> module to use when fetching
+packages.</p>
+
+<h3 id="fetch-retry-maxtimeout">fetch-retry-maxtimeout</h3>
+
+<ul><li>Default: 60000 (1 minute)</li><li>Type: Number</li></ul>
+
+<p>The &quot;maxTimeout&quot; config for the <code>retry</code> module to use when fetching
+packages.</p>
+
 <h3 id="git">git</h3>
 
-<ul><li>Default: <code>"git"</code></li><li>Type: String</li></ul>
+<ul><li>Default: <code>&quot;git&quot;</code></li><li>Type: String</li></ul>
 
 <p>The command to use for git commands.  If git is installed on the
 computer, but is not in the <code>PATH</code>, then set this to the full path to
@@ -259,12 +328,12 @@ the git binary.</p>
 
 <ul><li>Default: false</li><li>Type: Boolean</li></ul>
 
-<p>Operates in "global" mode, so that packages are installed into the
+<p>Operates in &quot;global&quot; mode, so that packages are installed into the
 <code>prefix</code> folder instead of the current working directory.  See
 <code><a href="../doc/folders.html">folders(1)</a></code> for more on the differences in behavior.</p>
 
-<ul><li>packages are installed into the <code>prefix/node_modules</code> folder, instead of the
-current working directory.</li><li>bin files are linked to <code>prefix/bin</code></li><li>man pages are linked to <code>prefix/share/man</code></li></ul>
+<ul><li>packages are installed into the <code>{prefix}/lib/node_modules</code> folder, instead of the
+current working directory.</li><li>bin files are linked to <code>{prefix}/bin</code></li><li>man pages are linked to <code>{prefix}/share/man</code></li></ul>
 
 <h3 id="globalconfig">globalconfig</h3>
 
@@ -279,7 +348,7 @@ current working directory.</li><li>bin files are linked to <code>prefix/bin</cod
 <p>The config file to read for global ignore patterns to apply to all users
 and all projects.</p>
 
-<p>If not found, but there is a "gitignore" file in the
+<p>If not found, but there is a &quot;gitignore&quot; file in the
 same directory, then that will be used instead.</p>
 
 <h3 id="group">group</h3>
@@ -298,13 +367,13 @@ user.</p>
 
 <h3 id="user-agent">user-agent</h3>
 
-<ul><li>Default: npm/{npm.version} node/{process.version}</li><li>Type: String</li></ul>
+<ul><li>Default: node/{process.version} {process.platform} {process.arch}</li><li>Type: String</li></ul>
 
 <p>Sets a User-Agent to the request header</p>
 
 <h3 id="ignore">ignore</h3>
 
-<ul><li>Default: ""</li><li>Type: string</li></ul>
+<ul><li>Default: &quot;&quot;</li><li>Type: string</li></ul>
 
 <p>A white-space separated list of glob patterns of files to always exclude
 from packages when building tarballs.</p>
@@ -320,27 +389,27 @@ for more information, or <a href="../doc/init.html">init(1)</a>.</p>
 
 <h3 id="init-version">init.version</h3>
 
-<ul><li>Default: "0.0.0"</li><li>Type: semver</li></ul>
+<ul><li>Default: &quot;0.0.0&quot;</li><li>Type: semver</li></ul>
 
 <p>The value <code>npm init</code> should use by default for the package version.</p>
 
 <h3 id="init-author-name">init.author.name</h3>
 
-<ul><li>Default: ""</li><li>Type: String</li></ul>
+<ul><li>Default: &quot;&quot;</li><li>Type: String</li></ul>
 
-<p>The value <code>npm init</code> should use by default for the package author's name.</p>
+<p>The value <code>npm init</code> should use by default for the package author&#39;s name.</p>
 
 <h3 id="init-author-email">init.author.email</h3>
 
-<ul><li>Default: ""</li><li>Type: String</li></ul>
+<ul><li>Default: &quot;&quot;</li><li>Type: String</li></ul>
 
-<p>The value <code>npm init</code> should use by default for the package author's email.</p>
+<p>The value <code>npm init</code> should use by default for the package author&#39;s email.</p>
 
 <h3 id="init-author-url">init.author.url</h3>
 
-<ul><li>Default: ""</li><li>Type: String</li></ul>
+<ul><li>Default: &quot;&quot;</li><li>Type: String</li></ul>
 
-<p>The value <code>npm init</code> should use by default for the package author's homepage.</p>
+<p>The value <code>npm init</code> should use by default for the package author&#39;s homepage.</p>
 
 <h3 id="json">json</h3>
 
@@ -368,13 +437,13 @@ being installed locally.</li></ul>
 
 <h3 id="loglevel">loglevel</h3>
 
-<ul><li>Default: "http"</li><li>Type: String</li><li>Values: "silent", "win", "error", "warn", "http", "info", "verbose", "silly"</li></ul>
+<ul><li>Default: &quot;http&quot;</li><li>Type: String</li><li>Values: &quot;silent&quot;, &quot;win&quot;, &quot;error&quot;, &quot;warn&quot;, &quot;http&quot;, &quot;info&quot;, &quot;verbose&quot;, &quot;silly&quot;</li></ul>
 
 <p>What level of logs to report.  On failure, <em>all</em> logs are written to
 <code>npm-debug.log</code> in the current working directory.</p>
 
 <p>Any logs of a higher level than the setting are shown.
-The default is "http", which shows http, warn, and error output.</p>
+The default is &quot;http&quot;, which shows http, warn, and error output.</p>
 
 <h3 id="logstream">logstream</h3>
 
@@ -387,6 +456,9 @@ The default is "http", which shows http, warn, and error output.</p>
 programmatically, you may wish to send logs to somewhere other than
 stderr.</p>
 
+<p>If the <code>color</code> config is set to true, then this stream will receive
+colored output if it is a TTY.</p>
+
 <h3 id="long">long</h3>
 
 <ul><li>Default: false</li><li>Type: Boolean</li></ul>
@@ -395,17 +467,17 @@ stderr.</p>
 
 <h3 id="message">message</h3>
 
-<ul><li>Default: "%s"</li><li>Type: String</li></ul>
+<ul><li>Default: &quot;%s&quot;</li><li>Type: String</li></ul>
 
 <p>Commit message which is used by <code>npm version</code> when creating version commit.</p>
 
-<p>Any "%s" in the message will be replaced with the version number.</p>
+<p>Any &quot;%s&quot; in the message will be replaced with the version number.</p>
 
 <h3 id="node-version">node-version</h3>
 
 <ul><li>Default: process.version</li><li>Type: semver or false</li></ul>
 
-<p>The node version to use when checking package's "engines" hash.</p>
+<p>The node version to use when checking package&#39;s &quot;engines&quot; hash.</p>
 
 <h3 id="npat">npat</h3>
 
@@ -427,6 +499,14 @@ stderr.</p>
 <p>A node module to <code>require()</code> when npm loads.  Useful for programmatic
 usage.</p>
 
+<h3 id="optional">optional</h3>
+
+<ul><li>Default: true</li><li>Type: Boolean</li></ul>
+
+<p>Attempt to install packages in the <code>optionalDependencies</code> hash.  Note
+that if these packages fail to install, the overall installation
+process is not aborted.</p>
+
 <h3 id="parseable">parseable</h3>
 
 <ul><li>Default: false</li><li>Type: Boolean</li></ul>
@@ -436,7 +516,7 @@ standard output.</p>
 
 <h3 id="prefix">prefix</h3>
 
-<ul><li>Default: node's process.installPrefix</li><li>Type: path</li></ul>
+<ul><li>Default: see <a href="../doc/folders.html">folders(1)</a></li><li>Type: path</li></ul>
 
 <p>The location to install global items.  If set on the command line, then
 it forces non-global commands to run in the specified folder.</p>
@@ -445,10 +525,10 @@ it forces non-global commands to run in the specified folder.</p>
 
 <ul><li>Default: false</li><li>Type: Boolean</li></ul>
 
-<p>Set to true to run in "production" mode.</p>
+<p>Set to true to run in &quot;production&quot; mode.</p>
 
 <ol><li>devDependencies are not installed at the topmost level when running
-local <code>npm install</code> without any arguments.</li><li>Set the NODE_ENV="production" for lifecycle scripts.</li></ol>
+local <code>npm install</code> without any arguments.</li><li>Set the NODE_ENV=&quot;production&quot; for lifecycle scripts.</li></ol>
 
 <h3 id="proprietary-attribs">proprietary-attribs</h3>
 
@@ -531,31 +611,48 @@ hash.</p>
 
 <h3 id="searchopts">searchopts</h3>
 
-<ul><li>Default: ""</li><li>Type: String</li></ul>
+<ul><li>Default: &quot;&quot;</li><li>Type: String</li></ul>
 
 <p>Space-separated options that are always passed to search.</p>
 
 <h3 id="searchexclude">searchexclude</h3>
 
-<ul><li>Default: ""</li><li>Type: String</li></ul>
+<ul><li>Default: &quot;&quot;</li><li>Type: String</li></ul>
 
 <p>Space-separated options that limit the results from search.</p>
 
 <h3 id="searchsort">searchsort</h3>
 
-<ul><li>Default: "name"</li><li>Type: String</li><li>Values: "name", "-name", "date", "-date", "description",
-"-description", "keywords", "-keywords"</li></ul>
+<ul><li>Default: &quot;name&quot;</li><li>Type: String</li><li>Values: &quot;name&quot;, &quot;-name&quot;, &quot;date&quot;, &quot;-date&quot;, &quot;description&quot;,
+&quot;-description&quot;, &quot;keywords&quot;, &quot;-keywords&quot;</li></ul>
 
 <p>Indication of which field to sort search results by.  Prefix with a <code>-</code>
 character to indicate reverse sort.</p>
 
 <h3 id="shell">shell</h3>
 
-<ul><li>Default: SHELL environment variable, or "bash" on Posix, or "cmd" on
+<ul><li>Default: SHELL environment variable, or &quot;bash&quot; on Posix, or &quot;cmd&quot; on
 Windows</li><li>Type: path</li></ul>
 
 <p>The shell to run for the <code>npm explore</code> command.</p>
 
+<h3 id="shrinkwrap">shrinkwrap</h3>
+
+<ul><li>Default: true</li><li>Type: Boolean</li></ul>
+
+<p>If set to false, then ignore <code>npm-shrinkwrap.json</code> files when
+installing.</p>
+
+<h3 id="sign-git-tag">sign-git-tag</h3>
+
+<ul><li>Default: false</li><li>Type: Boolean</li></ul>
+
+<p>If set to true, then the <code>npm version</code> command will tag the version
+using <code>-s</code> to add a signature.</p>
+
+<p>Note that git requires you to have set up GPG keys in your git configs
+for this to work properly.</p>
+
 <h3 id="strict-ssl">strict-ssl</h3>
 
 <ul><li>Default: true</li><li>Type: Boolean</li></ul>
@@ -569,7 +666,7 @@ registry via https.</p>
 
 <ul><li>Default: latest</li><li>Type: String</li></ul>
 
-<p>If you ask npm to install a package and don't tell it a specific version, then
+<p>If you ask npm to install a package and don&#39;t tell it a specific version, then
 it will install the specified tag.</p>
 
 <p>Also the tag that is added to the package@version specified by the <code>npm
@@ -577,7 +674,7 @@ tag</code> command, if no explicit tag is given.</p>
 
 <h3 id="tmp">tmp</h3>
 
-<ul><li>Default: TMPDIR environment variable, or "/tmp"</li><li>Type: path</li></ul>
+<ul><li>Default: TMPDIR environment variable, or &quot;/tmp&quot;</li><li>Type: path</li></ul>
 
 <p>Where to store temporary files and folders.  All temp files are deleted
 on success, but left behind on failure for forensic purposes.</p>
@@ -606,7 +703,7 @@ instead of complete help when doing <code><a href="../doc/help.html">help(1)</a>
 
 <h3 id="user">user</h3>
 
-<ul><li>Default: "nobody"</li><li>Type: String or Number</li></ul>
+<ul><li>Default: &quot;nobody&quot;</li><li>Type: String or Number</li></ul>
 
 <p>The UID to set to when running package scripts as root.</p>
 
@@ -635,7 +732,7 @@ that will be used instead.</p>
 
 <ul><li>Default: 022</li><li>Type: Octal numeric string</li></ul>
 
-<p>The "umask" value to use when setting the file creation mode on files
+<p>The &quot;umask&quot; value to use when setting the file creation mode on files
 and folders.</p>
 
 <p>Folders and executables are given a mode which is <code>0777</code> masked against
@@ -654,18 +751,18 @@ this value.  Thus, the defaults are <code>0755</code> and <code>0644</code> resp
 
 <ul><li>Default: false</li><li>Type: boolean</li></ul>
 
-<p>If true, output the npm version as well as node's <code>process.versions</code>
+<p>If true, output the npm version as well as node&#39;s <code>process.versions</code>
 hash, and exit successfully.</p>
 
 <p>Only relevant when specified explicitly on the command line.</p>
 
 <h3 id="viewer">viewer</h3>
 
-<ul><li>Default: "man" on Posix, "browser" on Windows</li><li>Type: path</li></ul>
+<ul><li>Default: &quot;man&quot; on Posix, &quot;browser&quot; on Windows</li><li>Type: path</li></ul>
 
 <p>The program to use to view help content.</p>
 
-<p>Set to <code>"browser"</code> to view html help content in the default web browser.</p>
+<p>Set to <code>&quot;browser&quot;</code> to view html help content in the default web browser.</p>
 
 <h3 id="yes">yes</h3>
 
@@ -674,14 +771,14 @@ hash, and exit successfully.</p>
 <p>If set to <code>null</code>, then prompt the user for responses in some
 circumstances.</p>
 
-<p>If set to <code>true</code>, then answer "yes" to any prompt.  If set to <code>false</code>
-then answer "no" to any prompt.</p>
+<p>If set to <code>true</code>, then answer &quot;yes&quot; to any prompt.  If set to <code>false</code>
+then answer &quot;no&quot; to any prompt.</p>
 
 <h2 id="SEE-ALSO">SEE ALSO</h2>
 
 <ul><li><a href="../doc/folders.html">folders(1)</a></li><li><a href="../doc/npm.html">npm(1)</a></li></ul>
 </div>
-<p id="footer">config &mdash; npm@1.1.32</p>
+<p id="footer">config &mdash; npm@1.2.30</p>
 <script>
 ;(function () {
 var wrapper = document.getElementById("wrapper")

deps/npm/html/doc/dedupe.html

@@ -0,0 +1,92 @@
+<!doctype html>
+<html>
+  <title>dedupe</title>
+  <meta http-equiv="content-type" value="text/html;utf-8">
+  <link rel="stylesheet" type="text/css" href="../static/style.css">
+
+  <body>
+    <div id="wrapper">
+<h1><a href="../doc/dedupe.html">dedupe</a></h1> <p>Reduce duplication</p>
+
+<h2 id="SYNOPSIS">SYNOPSIS</h2>
+
+<pre><code>npm dedupe [package names...]</code></pre>
+
+<h2 id="DESCRIPTION">DESCRIPTION</h2>
+
+<p>Searches the local package tree and attempts to simplify the overall
+structure by moving dependencies further up the tree, where they can
+be more effectively shared by multiple dependent packages.</p>
+
+<p>For example, consider this dependency graph:</p>
+
+<pre><code>a
++-- b &lt;-- depends on c@1.0.x
+|   `-- c@1.0.3
+`-- d &lt;-- depends on c@~1.0.9
+    `-- c@1.0.10</code></pre>
+
+<p>In this case, <code><a href="../doc/dedupe.html">dedupe(1)</a></code> will transform the tree to:</p>
+
+<pre><code>a
++-- b
++-- d
+`-- c@1.0.10</code></pre>
+
+<p>Because of the hierarchical nature of node&#39;s module lookup, b and d
+will both get their dependency met by the single c package at the root
+level of the tree.</p>
+
+<p>If a suitable version exists at the target location in the tree
+already, then it will be left untouched, but the other duplicates will
+be deleted.</p>
+
+<p>If no suitable version can be found, then a warning is printed, and
+nothing is done.</p>
+
+<p>If any arguments are supplied, then they are filters, and only the
+named packages will be touched.</p>
+
+<p>Note that this operation transforms the dependency tree, and may
+result in packages getting updated versions, perhaps from the npm
+registry.</p>
+
+<p>This feature is experimental, and may change in future versions.</p>
+
+<h2 id="SEE-ALSO">SEE ALSO</h2>
+
+<ul><li><a href="../doc/ls.html">ls(1)</a></li><li><a href="../doc/update.html">update(1)</a></li><li><a href="../doc/install.html">install(1)</a></li></ul>
+</div>
+<p id="footer">dedupe &mdash; npm@1.2.30</p>
+<script>
+;(function () {
+var wrapper = document.getElementById("wrapper")
+var els = Array.prototype.slice.call(wrapper.getElementsByTagName("*"), 0)
+  .filter(function (el) {
+    return el.parentNode === wrapper
+        && el.tagName.match(/H[1-6]/)
+        && el.id
+  })
+var l = 2
+  , toc = document.createElement("ul")
+toc.innerHTML = els.map(function (el) {
+  var i = el.tagName.charAt(1)
+    , out = ""
+  while (i > l) {
+    out += "<ul>"
+    l ++
+  }
+  while (i < l) {
+    out += "</ul>"
+    l --
+  }
+  out += "<li><a href='#" + el.id + "'>" +
+    ( el.innerText || el.text || el.innerHTML)
+    + "</a>"
+  return out
+}).join("\n")
+toc.id = "toc"
+document.body.appendChild(toc)
+})()
+</script>
+</body></html>