npm-registry-client@6.0.4

client.publish only sets the `access` field on the top-level publish
metadata when it is passed in as a parameter, and the `access` parameter
is now optional instead of required.

5 files changed, 21 insertions, 33 deletions

diff --git a/node_modules/npm-registry-client/lib/publish.js b/node_modules/npm-registry-client/lib/publish.js
index 24034a6b8..348648b2e 100644
--- a/node_modules/npm-registry-client/lib/publish.js
+++ b/node_modules/npm-registry-client/lib/publish.js
@@ -18,10 +18,9 @@ function publish (uri, params, cb) {
   assert(typeof cb === "function", "must pass callback to publish")
 
   var access = params.access
-  assert(access && typeof access === "string", "must pass access for package")
   assert(
-    ["public", "restricted"].indexOf(access) !== -1,
-    "access level must be either 'public' or 'restricted'"
+    (!access) || ["public", "restricted"].indexOf(access) !== -1,
+    "if present, access level must be either 'public' or 'restricted'"
   )
 
   var auth = params.auth
@@ -68,12 +67,13 @@ function putFirst (registry, data, tarbuffer, access, auth, cb) {
     { _id : data.name
     , name : data.name
     , description : data.description
-    , access : access
     , "dist-tags" : {}
     , versions : {}
     , readme: data.readme || ""
     }
 
+  if (access) root.access = access
+
   if (!auth.token) {
     root.maintainers = [{name : auth.username, email : auth.email}]
     data.maintainers = JSON.parse(JSON.stringify(root.maintainers))
diff --git a/node_modules/npm-registry-client/node_modules/npm-package-arg/node_modules/hosted-git-info/package.json b/node_modules/npm-registry-client/node_modules/npm-package-arg/node_modules/hosted-git-info/package.json
index 6dbc91850..00606f6a4 100644
--- a/node_modules/npm-registry-client/node_modules/npm-package-arg/node_modules/hosted-git-info/package.json
+++ b/node_modules/npm-registry-client/node_modules/npm-package-arg/node_modules/hosted-git-info/package.json
@@ -32,7 +32,7 @@
   "gitHead": "153325f997813ebf8a7ae07b322b4fa89aa25f7d",
   "_id": "hosted-git-info@1.5.3",
   "_shasum": "1f46e25e9c0e207852fb7a4b94422ed5f09a03f5",
-  "_from": "hosted-git-info@>=1.4.0 <2.0.0",
+  "_from": "hosted-git-info@>=1.5.3 <2.0.0",
   "_npmVersion": "2.4.0",
   "_nodeVersion": "0.10.33",
   "_npmUser": {
diff --git a/node_modules/npm-registry-client/node_modules/npm-package-arg/package.json b/node_modules/npm-registry-client/node_modules/npm-package-arg/package.json
index d5b72e01c..ad8c540f3 100644
--- a/node_modules/npm-registry-client/node_modules/npm-package-arg/package.json
+++ b/node_modules/npm-registry-client/node_modules/npm-package-arg/package.json
@@ -1,13 +1,13 @@
 {
   "name": "npm-package-arg",
-  "version": "3.0.0",
+  "version": "3.1.0",
   "description": "Parse the things that can be arguments to `npm install`",
   "main": "npa.js",
   "directories": {
     "test": "test"
   },
   "dependencies": {
-    "hosted-git-info": "^1.4.0",
+    "hosted-git-info": "^1.5.3",
     "semver": "4"
   },
   "devDependencies": {
@@ -30,11 +30,12 @@
     "url": "https://github.com/npm/npm-package-arg/issues"
   },
   "homepage": "https://github.com/npm/npm-package-arg",
-  "gitHead": "263fd43295ac8f6eca046be108782cfbf9a78bfe",
-  "_id": "npm-package-arg@3.0.0",
-  "_shasum": "84e91836fa2e4e35ae26dc984440b1e5b5aee1ee",
+  "gitHead": "3d5c7f91c5e90e4b9792d881080c462f718f4747",
+  "_id": "npm-package-arg@3.1.0",
+  "_shasum": "8ce9d8ad83ae9fcc433783ca813e4e91f885703e",
   "_from": "npm-package-arg@>=3.0.0 <4.0.0",
-  "_npmVersion": "1.4.28",
+  "_npmVersion": "2.4.1",
+  "_nodeVersion": "1.0.4",
   "_npmUser": {
     "name": "iarna",
     "email": "me@re-becca.org"
@@ -54,9 +55,9 @@
     }
   ],
   "dist": {
-    "shasum": "84e91836fa2e4e35ae26dc984440b1e5b5aee1ee",
-    "tarball": "http://registry.npmjs.org/npm-package-arg/-/npm-package-arg-3.0.0.tgz"
+    "shasum": "8ce9d8ad83ae9fcc433783ca813e4e91f885703e",
+    "tarball": "http://registry.npmjs.org/npm-package-arg/-/npm-package-arg-3.1.0.tgz"
   },
-  "_resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-3.0.0.tgz",
+  "_resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-3.1.0.tgz",
   "readme": "ERROR: No README data found!"
 }
diff --git a/node_modules/npm-registry-client/package.json b/node_modules/npm-registry-client/package.json
index 4b804454d..323836668 100644
--- a/node_modules/npm-registry-client/package.json
+++ b/node_modules/npm-registry-client/package.json
@@ -6,7 +6,7 @@
   },
   "name": "npm-registry-client",
   "description": "Client for the npm registry",
-  "version": "6.0.3",
+  "version": "6.0.4",
   "repository": {
     "url": "git://github.com/isaacs/npm-registry-client"
   },
@@ -38,14 +38,14 @@
     "npmlog": ""
   },
   "license": "ISC",
-  "gitHead": "7d3d14eb825aa376c63854a08e67d2c9b3415927",
+  "gitHead": "d0ff500fcce01ac193d4988f442b868c6dcf142f",
   "readme": "# npm-registry-client\n\nThe code that npm uses to talk to the registry.\n\nIt handles all the caching and HTTP calls.\n\n## Usage\n\n```javascript\nvar RegClient = require('npm-registry-client')\nvar client = new RegClient(config)\nvar uri = \"npm://registry.npmjs.org/npm\"\nvar params = {timeout: 1000}\n\nclient.get(uri, params, function (error, data, raw, res) {\n  // error is an error if there was a problem.\n  // data is the parsed data object\n  // raw is the json string\n  // res is the response from couch\n})\n```\n\n# Registry URLs\n\nThe registry calls take either a full URL pointing to a resource in the\nregistry, or a base URL for the registry as a whole (including the registry\npath – but be sure to terminate the path with `/`). `http` and `https` URLs are\nthe only ones supported.\n\n## Using the client\n\nEvery call to the client follows the same pattern:\n\n* `uri` {String} The *fully-qualified* URI of the registry API method being\n  invoked.\n* `params` {Object} Per-request parameters.\n* `callback` {Function} Callback to be invoked when the call is complete.\n\n### Credentials\n\nMany requests to the registry can by authenticated, and require credentials\nfor authorization. These credentials always look the same:\n\n* `username` {String}\n* `password` {String}\n* `email` {String}\n* `alwaysAuth` {Boolean} Whether calls to the target registry are always\n  authed.\n\n**or**\n\n* `token` {String}\n* `alwaysAuth` {Boolean} Whether calls to the target registry are always\n  authed.\n\n## API\n\n### client.access(uri, params, cb)\n\n* `uri` {String} Registry URL for the package's access API endpoint.\n  Looks like `/-/package/<package name>/access`.\n* `params` {Object} Object containing per-request properties.\n  * `access` {String} New access level for the package. Can be either\n    `public` or `restricted`. Registry will raise an error if trying\n    to change the access level of an unscoped package.\n  * `auth` {Credentials}\n\nSet the access level for scoped packages. For now, there are only two\naccess levels: \"public\" and \"restricted\".\n\n### client.adduser(uri, params, cb)\n\n* `uri` {String} Base registry URL.\n* `params` {Object} Object containing per-request properties.\n  * `auth` {Credentials}\n* `cb` {Function}\n  * `error` {Error | null}\n  * `data` {Object} the parsed data object\n  * `raw` {String} the json\n  * `res` {Response Object} response from couch\n\nAdd a user account to the registry, or verify the credentials.\n\n### client.deprecate(uri, params, cb)\n\n* `uri` {String} Full registry URI for the deprecated package.\n* `params` {Object} Object containing per-request properties.\n  * `version` {String} Semver version range.\n  * `message` {String} The message to use as a deprecation warning.\n  * `auth` {Credentials}\n* `cb` {Function}\n\nDeprecate a version of a package in the registry.\n\n### client.distTags.fetch(uri, params, cb)\n\n* `uri` {String} Base URL for the registry.\n* `params` {Object} Object containing per-request properties.\n  * `package` {String} Name of the package.\n  * `auth` {Credentials}\n* `cb` {Function}\n\nFetch all of the `dist-tags` for the named package.\n\n### client.distTags.add(uri, params, cb)\n\n* `uri` {String} Base URL for the registry.\n* `params` {Object} Object containing per-request properties.\n  * `package` {String} Name of the package.\n  * `distTag` {String} Name of the new `dist-tag`.\n  * `version` {String} Exact version to be mapped to the `dist-tag`.\n  * `auth` {Credentials}\n* `cb` {Function}\n\nAdd (or replace) a single dist-tag onto the named package.\n\n### client.distTags.set(uri, params, cb)\n\n* `uri` {String} Base URL for the registry.\n* `params` {Object} Object containing per-request properties.\n  * `package` {String} Name of the package.\n  * `distTags` {Object} Object containing a map from tag names to package\n     versions.\n  * `auth` {Credentials}\n* `cb` {Function}\n\nSet all of the `dist-tags` for the named package at once, creating any\n`dist-tags` that do not already exit. Any `dist-tags` not included in the\n`distTags` map will be removed.\n\n### client.distTags.update(uri, params, cb)\n\n* `uri` {String} Base URL for the registry.\n* `params` {Object} Object containing per-request properties.\n  * `package` {String} Name of the package.\n  * `distTags` {Object} Object containing a map from tag names to package\n     versions.\n  * `auth` {Credentials}\n* `cb` {Function}\n\nUpdate the values of multiple `dist-tags`, creating any `dist-tags` that do\nnot already exist. Any pre-existing `dist-tags` not included in the `distTags`\nmap will be left alone.\n\n### client.distTags.rm(uri, params, cb)\n\n* `uri` {String} Base URL for the registry.\n* `params` {Object} Object containing per-request properties.\n  * `package` {String} Name of the package.\n  * `distTag` {String} Name of the new `dist-tag`.\n  * `auth` {Credentials}\n* `cb` {Function}\n\nRemove a single `dist-tag` from the named package.\n\n### client.get(uri, params, cb)\n\n* `uri` {String} The complete registry URI to fetch\n* `params` {Object} Object containing per-request properties.\n  * `timeout` {Number} Duration before the request times out. Optional\n    (default: never).\n  * `follow` {Boolean} Follow 302/301 responses. Optional (default: true).\n  * `staleOk` {Boolean} If there's cached data available, then return that to\n    the callback quickly, and update the cache the background. Optional\n    (default: false).\n  * `auth` {Credentials} Optional.\n* `cb` {Function}\n\nFetches data from the registry via a GET request, saving it in the cache folder\nwith the ETag or the \"Last Modified\" timestamp.\n\n### client.publish(uri, params, cb)\n\n* `uri` {String} The registry URI for the package to publish.\n* `params` {Object} Object containing per-request properties.\n  * `metadata` {Object} Package metadata.\n  * `access` {String} Access for the package. Can be `public` or `restricted` (no default).\n  * `body` {Stream} Stream of the package body / tarball.\n  * `auth` {Credentials}\n* `cb` {Function}\n\nPublish a package to the registry.\n\nNote that this does not create the tarball from a folder.\n\n### client.star(uri, params, cb)\n\n* `uri` {String} The complete registry URI for the package to star.\n* `params` {Object} Object containing per-request properties.\n  * `starred` {Boolean} True to star the package, false to unstar it. Optional\n    (default: false).\n  * `auth` {Credentials}\n* `cb` {Function}\n\nStar or unstar a package.\n\nNote that the user does not have to be the package owner to star or unstar a\npackage, though other writes do require that the user be the package owner.\n\n### client.stars(uri, params, cb)\n\n* `uri` {String} The base URL for the registry.\n* `params` {Object} Object containing per-request properties.\n  * `username` {String} Name of user to fetch starred packages for. Optional\n    (default: user in `auth`).\n  * `auth` {Credentials} Optional (required if `username` is omitted).\n* `cb` {Function}\n\nView your own or another user's starred packages.\n\n### client.tag(uri, params, cb)\n\n* `uri` {String} The complete registry URI to tag\n* `params` {Object} Object containing per-request properties.\n  * `version` {String} Version to tag.\n  * `tag` {String} Tag name to apply.\n  * `auth` {Credentials}\n* `cb` {Function}\n\nMark a version in the `dist-tags` hash, so that `pkg@tag` will fetch the\nspecified version.\n\n### client.unpublish(uri, params, cb)\n\n* `uri` {String} The complete registry URI of the package to unpublish.\n* `params` {Object} Object containing per-request properties.\n  * `version` {String} version to unpublish. Optional – omit to unpublish all\n    versions.\n  * `auth` {Credentials}\n* `cb` {Function}\n\nRemove a version of a package (or all versions) from the registry.  When the\nlast version us unpublished, the entire document is removed from the database.\n\n### client.whoami(uri, params, cb)\n\n* `uri` {String} The base registry for the URI.\n* `params` {Object} Object containing per-request properties.\n  * `auth` {Credentials}\n* `cb` {Function}\n\nSimple call to see who the registry thinks you are. Especially useful with\ntoken-based auth.\n\n\n## PLUMBING\n\nThe below are primarily intended for use by the rest of the API, or by the npm\ncaching logic directly.\n\n### client.request(uri, params, cb)\n\n* `uri` {String} URI pointing to the resource to request.\n* `params` {Object} Object containing per-request properties.\n  * `method` {String} HTTP method. Optional (default: \"GET\").\n  * `body` {Stream | Buffer | String | Object} The request body.  Objects\n    that are not Buffers or Streams are encoded as JSON. Optional – body\n    only used for write operations.\n  * `etag` {String} The cached ETag. Optional.\n  * `lastModified` {String} The cached Last-Modified timestamp. Optional.\n  * `follow` {Boolean} Follow 302/301 responses. Optional (default: true).\n  * `auth` {Credentials} Optional.\n* `cb` {Function}\n  * `error` {Error | null}\n  * `data` {Object} the parsed data object\n  * `raw` {String} the json\n  * `res` {Response Object} response from couch\n\nMake a generic request to the registry. All the other methods are wrappers\naround `client.request`.\n\n### client.fetch(uri, params, cb)\n\n* `uri` {String} The complete registry URI to upload to\n* `params` {Object} Object containing per-request properties.\n  * `headers` {Stream} HTTP headers to be included with the request. Optional.\n  * `auth` {Credentials} Optional.\n* `cb` {Function}\n\nFetch a package from a URL, with auth set appropriately if included. Used to\ncache remote tarballs as well as request package tarballs from the registry.\n\n# Configuration\n\nThe client uses its own configuration, which is just passed in as a simple\nnested object. The following are the supported values (with their defaults, if\nany):\n\n* `proxy.http` {URL} The URL to proxy HTTP requests through.\n* `proxy.https` {URL} The URL to proxy HTTPS requests through. Defaults to be\n  the same as `proxy.http` if unset.\n* `proxy.localAddress` {IP} The local address to use on multi-homed systems.\n* `ssl.ca` {String} Certificate signing authority certificates to trust.\n* `ssl.certificate` {String} Client certificate (PEM encoded). Enable access\n  to servers that require client certificates.\n* `ssl.key` {String} Private key (PEM encoded) for client certificate.\n* `ssl.strict` {Boolean} Whether or not to be strict with SSL certificates.\n  Default = `true`\n* `retry.count` {Number} Number of times to retry on GET failures. Default = 2.\n* `retry.factor` {Number} `factor` setting for `node-retry`. Default = 10.\n* `retry.minTimeout` {Number} `minTimeout` setting for `node-retry`.\n  Default = 10000 (10 seconds)\n* `retry.maxTimeout` {Number} `maxTimeout` setting for `node-retry`.\n  Default = 60000 (60 seconds)\n* `userAgent` {String} User agent header to send. Default =\n  `\"node/{process.version}\"`\n* `log` {Object} The logger to use.  Defaults to `require(\"npmlog\")` if\n  that works, otherwise logs are disabled.\n* `defaultTag` {String} The default tag to use when publishing new packages.\n  Default = `\"latest\"`\n* `couchToken` {Object} A token for use with\n  [couch-login](https://npmjs.org/package/couch-login).\n* `sessionToken` {string} A random identifier for this set of client requests.\n  Default = 8 random hexadecimal bytes.\n",
   "readmeFilename": "README.md",
   "bugs": {
     "url": "https://github.com/isaacs/npm-registry-client/issues"
   },
   "homepage": "https://github.com/isaacs/npm-registry-client",
-  "_id": "npm-registry-client@6.0.3",
-  "_shasum": "ae19f33b1cd6b4f5e81b7614bde7b97393c57cdc",
-  "_from": "npm-registry-client@>=6.0.3 <6.1.0"
+  "_id": "npm-registry-client@6.0.4",
+  "_shasum": "34e41475f5208a0c31bb93fe4e8772fbe4c409f8",
+  "_from": "npm-registry-client@>=6.0.4 <6.1.0"
 }
diff --git a/node_modules/npm-registry-client/test/publish.js b/node_modules/npm-registry-client/test/publish.js
index 40bfdf2bb..5a87b64c0 100644
--- a/node_modules/npm-registry-client/test/publish.js
+++ b/node_modules/npm-registry-client/test/publish.js
@@ -71,19 +71,6 @@ test("publish call contract", function (t) {
     function () {
       var params = {
         metadata : METADATA,
-        body : BODY,
-        auth : AUTH
-      }
-      client.publish(URI, params, nop)
-    },
-    { name : "AssertionError", message : "must pass access for package" },
-    "params must include access for package"
-  )
-
-  t.throws(
-    function () {
-      var params = {
-        metadata : METADATA,
         access : ACCESS,
         auth : AUTH
       }
@@ -132,7 +119,7 @@ test("publish call contract", function (t) {
     },
     {
       name    : "AssertionError",
-      message : "access level must be either 'public' or 'restricted'"
+      message : "if present, access level must be either 'public' or 'restricted'"
     },
     "access level must be 'public' or 'restricted'"
   )