diff options
| author | isaacs <i@izs.me> | 2014-07-01 21:30:28 +0400 |
|---|---|---|
| committer | isaacs <i@izs.me> | 2014-07-01 21:30:33 +0400 |
| commit | bea190c745f10d21cce45687298b13b6d9d7a10c (patch) | |
| tree | d25ee4aa2a021a5dda3ec8b0c96417f4a0963f06 /package.json | |
| parent | 6e6aca8610459f3d125db1a460b9681ed6de777a (diff) | |
bump nopt and npmconf
Fixes #5591
The root cause here is that a change from 022 (a number in octal literal
format) to '022' (a string) caused the string to later be interpreted as
a decimal number, making for some wacky umask values.
Solution is multipart.
First, use the actual process.umask() value from the user's environment.
This is almost certainly what they want anyway.
Second, validate all default values just like we do with user- supplied
values, rather than trusting them to never be wrong. This would've
found the problem much sooner, while in dev.
This second part requires that we allow a value of null for 'path' type
args, allow 'undefined' for the 'local-address' config, and avoid
looking up a cafile of 'null', all of which are good hygenic things to
add defense-in-depth anyway.
Diffstat (limited to 'package.json')
| -rw-r--r-- | package.json | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/package.json b/package.json index e5466e3e8..dc4b3594f 100644 --- a/package.json +++ b/package.json @@ -58,12 +58,12 @@ "minimatch": "~0.3.0", "mkdirp": "~0.3.5", "node-gyp": "~0.13.0", - "nopt": "~3.0.0", + "nopt": "~3.0.1", "npm-cache-filename": "~1.0.1", "npm-install-checks": "~1.0.2", "npm-registry-client": "~2.0.2", "npm-user-validate": "~0.1.0", - "npmconf": "~1.1.2", + "npmconf": "~1.1.4", "npmlog": "~0.1.1", "once": "~1.3.0", "opener": "~1.3.0", |