Bump npm from 6.4.1 to 6.9.0

[dependabot-preview]

Bumps npm from 6.4.1 to 6.9.0.

Release notes

Sourced from npm's releases.

v6.9.0

FEATURES

• 2ba3a0f67 #90 Time traveling installs using the --before flag. (@​zkat)
• b7b54f2d1 #3 Add support for package aliases. This allows packages to be installed under a different directory than the package name listed in package.json, and adds a new dependency type to allow this to be done for registry dependencies. (@​zkat)
• 684bccf06 #146 Always save package-lock.json when using --package-lock-only. (@​aeschright)
• b8b8afd40 #139 Make empty-string run-scripts run successfully as a no-op. (@​vlasy)
• 8047b19b1 npm.community#3784 Match git semver ranges when flattening the tree. (@​larsgw)
• e135c2bb3 npm.community#1725 Re-enable updating local packages. (@​larsgw)

BUGFIXES

• cf09fbaed #153 Set modified to undefined in npm view when time is not available. This fixes a bug where npm view would crash on certain third-party registries. (@​simonua)
• 774fc26ee #154 Print out tar version in install.sh only when the flag is supported not all the tar implementations support --version flag. This allows the install script to work in OpenBSD, for example. (@​agudulin)
• 863baff11 #158 Fix typo in error message for npm stars. (@​phihag)
• a805a95ad npm.community#4227 Strip version info from pkg on E404. This improves the error messaging format. (@​larsgw)

DOCS

• 5d7633833 #160 Add npm add as alias to npm install in docs. (@​ahasall)
• 489c2211c #162 Fix link to RFC #10 in the changelog. (@​mansona)
• 433020ead #135 Describe exit codes in npm-audit docs. ([@​emilis-tm](https://github.com/emilis-tm))

DEPENDENCIES

• ee6b6746b zkat/make-fetch-happen#29 agent-base@4.2.1 (@​TooTallNate)
• 2ce23baf5 lock-verify@2.1.0: Adds support for package aliases (@​zkat)
• baaedbc6e pacote@9.5.0: Adds opts.before support (@​zkat)
• 57e771a03 #164 licensee@6.1.0 (@​kemitchell)
• 2b78288d4 add core to default inclusion tests in pack (@​zkat)
• 9b8b6513f npm.community#5382 npm-packlist@1.4.1: Fixes bug where core/ directories were being suddenly excluded. (@​zkat)

v6.9.0-next.0

This release became npm@6.9.0

v6.8.0

This release includes an implementation of [RFC #10](https://github.com/npm/rfcs/blob/latest/accepted/0010-monorepo-subdirectory-declaration.md), documenting an optional field that can be used to specify the directory path for a package within a monorepo.

NEW FEATURES

• 3663cdef2 #140 Update package.json docs to include repository.directory details. (@​greysteil)

BUGFIXES

• 550bf703a Add @types to ignore list to fix git clean -fd. (@​zkat)
• cdb059293 #144 Fix common.npm callback arguments. (@​larsgw)
• 25573e9b9 npm.community#4770 Show installed but unmet peer deps. (@​larsgw)
• ce2c4bd1a #149 Use figgy-config to make sure extra opts are there. (@​zkat)
• 3c22d1a35 npm.community#5101 Fix ls-collaborators access error for non-scoped case. (@​zkat)
• d5137091d npm.community#754 Fix issue with sub-folder local references. (@​iarna) (@​jhecking)

... (truncated)

Changelog

Sourced from npm's changelog.

v6.9.0 (2018-02-20):

FEATURES

• 2ba3a0f67
  #90
  Time traveling installs using the --before flag.
  (@​zkat)
• b7b54f2d1
  #3
  Add support for package aliases. This allows packages to be installed under a
  different directory than the package name listed in package.json, and adds a
  new dependency type to allow this to be done for registry dependencies.
  (@​zkat)
• 684bccf06
  #146
  Always save package-lock.json when using --package-lock-only.
  (@​aeschright)
• b8b8afd40
  #139
  Make empty-string run-scripts run successfully as a no-op.
  (@​vlasy)
• 8047b19b1
  npm.community#3784
  Match git semver ranges when flattening the tree.
  (@​larsgw)
• e135c2bb3
  npm.community#1725
  Re-enable updating local packages.
  (@​larsgw)

BUGFIXES

• cf09fbaed
  #153
  Set modified to undefined in npm view when time is not available. This
  fixes a bug where npm view would crash on certain third-party registries.
  (@​simonua)
• 774fc26ee
  #154
  Print out tar version in install.sh only when the flag is supported not all
  the tar implementations support --version flag. This allows the install script
  to work in OpenBSD, for example.
  (@​agudulin)
• 863baff11
  #158
  Fix typo in error message for npm stars.
  (@​phihag)
• a805a95ad
  npm.community#4227

... (truncated)

Commits

• 656bce7 6.9.0
• de0ebe1 6.9.0-next.0
• 5ac0950 update AUTHORS
• f957798 doc: update changelog for npm@6.9.0
• 96e4fa9 tap@12.5.3
• 9b8b651 npm-packlist@1.4.1
• 2b78288 test: add core to default inclusion tests in pack
• 57e771a licensee@6.1.0 (#164)
• 2ba3a0f install: add --before date support for time traveling~ (#90)
• baaedbc pacote@9.5.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

[dependabot-preview]

Superseded by #15.